• Please help support our sponsors by considering their products and services.
    Our sponsors enable us to serve you with this high-speed Internet connection and fast webservers you are currently using at ADSM.ORG.
    They support this free flow of information and knowledge exchange service at no cost to you.

    Please welcome our latest sponsor Tectrade . We can show our appreciation by learning more about Tectrade Solutions
  • Community Tip: Please Give Thanks to Those Sharing Their Knowledge.

    If you receive helpful answer on this forum, please show thanks to the poster by clicking "LIKE" link for the answer that you found helpful.

  • Community Tip: Forum Rules (PLEASE CLICK HERE TO READ BEFORE POSTING)

    Click the link above to access ADSM.ORG Acceptable Use Policy and forum rules which should be observed when using this website. Violators may be banned from this website. This notice will disappear after you have made at least 3 posts.

Spectrum Protect upgrade from 8.1 to 8.1.8

rpandey

ADSM.ORG Member
Joined
Feb 2, 2009
Messages
74
Reaction score
1
Points
0
Location
Australia
Hi
I am planning to upgrade Spectrum Protect server from 8.1 to 8.1.8 on Linux Redhat OS. Will there be any issues? What consideration do i need to take?
 

marclant

ADSM.ORG Moderator
Joined
Jun 16, 2006
Messages
3,703
Reaction score
611
Points
0
Location
Canada
Website
www.ibm.com
The biggest one is the security changes introduced in 8.1.2:

And why 8.1.8? Why not a recent release? You are missing out on security fixes, apar fixes and new features. All the Security Bulletins listed here are fixed in the latest version: https://www.ibm.com/support/home/se...e_avl:CT792,CT555,CT755&sortby=-dcdate&ct=fab
 

booman55

ADSM.ORG Senior Member
Joined
Feb 21, 2007
Messages
252
Reaction score
11
Points
0
Agreed that SSL certificates are the most significant feature that needs to be considered. You'll want to do some research within your organization whether self-signed certs are ok, or does your org require Root CA signed certs.
 

rpandey

ADSM.ORG Member
Joined
Feb 2, 2009
Messages
74
Reaction score
1
Points
0
Location
Australia
The biggest one is the security changes introduced in 8.1.2:

And why 8.1.8? Why not a recent release? You are missing out on security fixes, apar fixes and new features. All the Security Bulletins listed here are fixed in the latest version: https://www.ibm.com/support/home/se...e_avl:CT792,CT555,CT755&sortby=-dcdate&ct=fab
Thank you!
My organisation policy is N-2, that's why i am planning to upgrade to v8.1.8
 

rpandey

ADSM.ORG Member
Joined
Feb 2, 2009
Messages
74
Reaction score
1
Points
0
Location
Australia
Agreed that SSL certificates are the most significant feature that needs to be considered. You'll want to do some research within your organization whether self-signed certs are ok, or does your org require Root CA signed certs.
self-signed certs are fine. What about the encryption stuff?
 

marclant

ADSM.ORG Moderator
Joined
Jun 16, 2006
Messages
3,703
Reaction score
611
Points
0
Location
Canada
Website
www.ibm.com
The N-2 or N-1 approach doesn't really work anymore. It used to be that only major releases (6.3.0, 7.1.0, 8.1.0) included new features and fixpacks (8.1.1.000, 8.1.2.000, 8.1.3.000) only include apar fixes. But now with agile development, fixpacks include both new features and apar fixes. So every new fixpacks includes new features that the previous version didn't have. So regardless which level you pick, you will have new features that were not in the previous version, so if you go with 8.1.9 (which is N-2), you would still have new features never present in an earlier release. It's probably a better approach to run the latest to get fixes for known issues, and not implement new features until they have been out for 2 versions.

If office politics forces you to stick to N-2, at least go to 8.1.9.300 in order to get fixes to issues present in 8.1.9.000.
 

RecoveryOne

ADSM.ORG Senior Member
Joined
Mar 15, 2017
Messages
307
Reaction score
68
Points
0
I know you said n-2, but have a look at 8.1.10.100. It's been rock stable for me. I had some issues with 8.1.8 and had to take several efixes not published.
*Edit: and there were some some high cve's fixed in 8.1.10 as well. Haven't looked at .11 yet so can't offer insight. Too new for my blood :)
 

rpandey

ADSM.ORG Member
Joined
Feb 2, 2009
Messages
74
Reaction score
1
Points
0
Location
Australia
The N-2 or N-1 approach doesn't really work anymore. It used to be that only major releases (6.3.0, 7.1.0, 8.1.0) included new features and fixpacks (8.1.1.000, 8.1.2.000, 8.1.3.000) only include apar fixes. But now with agile development, fixpacks include both new features and apar fixes. So every new fixpacks includes new features that the previous version didn't have. So regardless which level you pick, you will have new features that were not in the previous version, so if you go with 8.1.9 (which is N-2), you would still have new features never present in an earlier release. It's probably a better approach to run the latest to get fixes for known issues, and not implement new features until they have been out for 2 versions.

If office politics forces you to stick to N-2, at least go to 8.1.9.300 in order to get fixes to issues present in 8.1.9.000.
Thanks for your feedback. I have proposed to upgrade to latest version.
 

rpandey

ADSM.ORG Member
Joined
Feb 2, 2009
Messages
74
Reaction score
1
Points
0
Location
Australia
I know you said n-2, but have a look at 8.1.10.100. It's been rock stable for me. I had some issues with 8.1.8 and had to take several efixes not published.
*Edit: and there were some some high cve's fixed in 8.1.10 as well. Haven't looked at .11 yet so can't offer insight. Too new for my blood :)
Thanks for your feedback
 

RecoveryOne

ADSM.ORG Senior Member
Joined
Mar 15, 2017
Messages
307
Reaction score
68
Points
0
Any time. 8.1.9.300 was good as well, but I know .10 fixed those CVE's. So guess it needs to be ran by your infosec team. I myself am looking here at .11 soonish. Just as soon as I get some time to dig in deeper past the announcement.
 

rpandey

ADSM.ORG Member
Joined
Feb 2, 2009
Messages
74
Reaction score
1
Points
0
Location
Australia
Any time. 8.1.9.300 was good as well, but I know .10 fixed those CVE's. So guess it needs to be ran by your infosec team. I myself am looking here at .11 soonish. Just as soon as I get some time to dig in deeper past the announcement.
Thank you
 

Advertise at ADSM.ORG

If you are reading this, so are your potential customer. Advertise at ADSM.ORG right now.

UpCloud high performance VPS at $5/month

Get started with $25 in credits on Cloud Servers. You must use link below to receive the credit. Use the promo to get upto 5 month of FREE Linux VPS.

The Spectrum Protect TLA (Three-Letter Acronym): ISP or something else?

  • Every product needs a TLA, Let's call it ISP (IBM Spectrum Protect).

    Votes: 20 19.0%
  • Keep using TSM for Spectrum Protect.

    Votes: 63 60.0%
  • Let's be formal and just say Spectrum Protect

    Votes: 13 12.4%
  • Other (please comement)

    Votes: 9 8.6%

Forum statistics

Threads
31,828
Messages
135,735
Members
21,789
Latest member
Fred49
Top