Manage Software Upgrades

The Software Upgrade Planner helps you evaluate and choose the right version for your Firewall Threat Defense device software upgrades. The centralized dashboard displays comprehensive upgrade recommendations for your Firewall Threat Defense devices, including their current and three recommended versions, along with details on security vulnerability fixes and bug fixes.

Before you begin

Ensure that Software Upgrade Planner is enabled under Settings > Operations. For more information, see AIOps Settings.

Procedure

Step 1	In the left pane, click Monitor > Insights & Reports > AIOps Insights > Software Upgrade Planner. The Device summary tile displays the number of Firewall Threat Defense devices in your network having upgrade recommendations. The displayed data is automatically updated every hour.
Step 2	Click Go to product upgrade to navigate to the Product Upgrades page for upgrade actions on the Cloud-Delivered Firewall Management Center. This page allows you to: View available upgrade packages. Perform an upgrade by clicking Upgrade in the Actions column. For more information, see  Cisco Secure Firewall Threat Defense Upgrade Guide for Cloud-delivered Firewall Management Center.
Step 3	Click Download report to export the Software Upgrade Planner report in PDF format.
Step 4	The Security vulnerability and bug fixes section displays the total number of available fixes, categorized into Security vulnerability fixes and Bug fixes. Click View all. The page displays a table listing all the available fixes for your devices, including security vulnerabilities and bug fixes in separate tabs. The security vulnerability fixes tab Use the Search text box to find specific security vulnerabilities and filter the results by Severity. CVE ID: Displays the unique identifier for the security vulnerability. Click on a CVE ID to view detailed information in the panel on the right-hand side, including CVE details, Description and Impacted devices. Expand CVE details and click Open Security Advisory to navigate to the official Cisco security advisory page. The advisories provide details such as affected products, workarounds, fixed software, revision history, and other public announcements. You can view all published security advisories at Cisco Security Advisories. Title: Name of the vulnerability. Impact: Severity level of the vulnerability. Description: A brief explanation of the vulnerability. Impacted devices: List of devices affected by the vulnerability. CVSS score: The Common Vulnerability Scoring System (CVSS) score, a standardized method for rating vulnerability severity. Available fixes: List of the software versions or patches that address the vulnerability. The bug fixes tab Use the Search text box to find specific bugs and filter the results by Severity. Bug ID: Displays the unique identifier for each bug. Click on a Bug ID to view detailed information in the panel on the right-hand side, including Bug details, Description and Impacted devices. Expand Bug details and click Open in bug Search Tool to navigate to the details on the Bug Search Tool. Title: Name of the bug. Severity: Severity level of the bug. Description: A brief explanation of the bug. Impacted devices: List of devices affected by the bug. Available fixes: List of the software versions or patches that address the bug.
Step 5	In the Software Upgrade Planner page, click on a device name to view more details about the upgrade options. Multiple upgrade options are available based on vulnerabilities, bugs, and new features. The Cisco-suggested version is indicated by a gold star. Choose the version that suits your requirements. The Recommended upgrades section displays: Recommended version 1 Recommended version 2 Golden version You can access release highlights by clicking on the Release Notes link associated with each recommended version. Additionally, this page provides details on Security vulnerability fixes and Bug fixes relevant to the current version of the device.