With IOS, I'm accustomed to looking at releases and choosing one that is GD(General Deployment), avoiding LD releases or other special branches. With the ASA software, I can't find anything specifying whether it is considered ready for general deployment. I have a new firewall to put in place, and I'm wondering if I should bring it up to 8.x(It shipped with 7.06) before I deploy, just to eliminate an upgrade cycle.
I have been very happy with 8.0(2) code and 6.0(2) on both PIXes (well 515+) and ASAs.
There are some newer scanning threat detsction possibilities with the newer software, I have currently been watching these with an alert action as opposed to a drop action. I havent quite decided if I like the IPS capabilities just yet.
Although I really dislike monitoring a device from the device as I would rather use SNMP and some type of monitoring package, the ADSM 6.0(2) code really gives you some nice charts and graphs that may assist with trouble shooting. I really think the charts and graphs are there to give management personel something to watch.
Defintiely get off 7.0 and at least go with 7.2 minimum, in regards to 8.x, I have it run on many of my customers ASA's with no problems to date, the GUI is better for sure IMO but CLI is my preferred way.
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...