When upgrading the service packs from 6.0(2)E1 to 6.0(3)E1 should I prepare for "disaster recovery" with the system image ready on TFTP server etc? Or is this overkill for just doing a service pack upgrade?
Depends on your comfort level. In the past, I have had both good and bad experiences. Very little consistency. I have had it where out of 25 sensors all on the same build/patch level 20 take the upgrade fine, but 5 are left in an unsuable state. TFTP the image and start from scratch. Then I have had times where all of the sensors work fine with the upgrade, but I have also had it where all sensors fail on the upgrade. It is much less likely for all to fail however. After the first occurence of this, we developed a new strategy to deploy all sensor patches and signature update on a test sensor, let it run for two days and ensure it is still functioning as normal. Should we have to do this, probably not, but with my history with Cisco's quality assurance we have to.
So in short, is it overkill, yes probably. But at the same time I would make sure I have the files readily avilable just in case.
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...