Currently we're running Pulse Connect Secure 9.1R14.3 and our clients are a mix of 9.1R13 and 9.1R14. Overall, for the functionality we need, it works well enough such that we haven't been following the latests and greatests releases. However when looking at the Granular Software Release EOL timelines and Support Matrix we get the feeling we're lagging more and more behind and might soon be running an obsolete and potentially insecure release with a wide upgradegap. But we also don't really know what the best upgrade strategy would be as the following questions keep coming up:
Thanks for replying and providing insights.
Solved! Go to Solution.
end of engineering means that there is no additional feature work; security fixes may, or may not, be applied depending on what is available on the physical platform (e.g. 7.1 was the last release to support the SA appliances and received security fixes well-beyond when no features were being added; however, it stopped receiving security fixes after the hardware was no longer supported). it is recommended to stay on the latest release for security.
end of support means that support will provide best effort support; but one of the first solutions/requests will be to test newer versions to rule out any unexpected fixes
Thanks for the reply!
Regarding the client and server compatibility how far does this extend generally? I'm just trying to get a grasp about how much of a version gap in practice (and looking at the track record of Pulse Secure software) can exist between the two as 99% of our clients are managed but there are some manual installs that don't really get kept up to date and might lag behind quite a bit as time goes by.
It's quite understandable that bugs happen but as an admin we do also have an obligation to our users/org to provide a working service. So if picking the right version at the right time helps to prevent outages or downtime even better. With some vendors we feel we can upgrade without to much worry, even to newer .0 releases while with others it's quite a minefield to know when it's ok to upgrade or not if you don't want (or have the resources) to do QA testing for the vendor.
It seems the official support window has been narrowed quite a bit then, previously 4 years, now maybe 1 year going on the recent release cadence. But understandable in view of the ever increasing complexity and possible interactions between server and client.
I guess also the "release early, release often" and "fail fast, fail often" mantras are making their way everywhere.