If you receive helpful answer on this forum, please show thanks to the poster by clicking "LIKE" link for the answer that you found helpful.
Click the link above to access ADSM.ORG Acceptable Use Policy and forum rules which should be observed when using this website. Violators may be banned from this website. This notice will disappear after you have made at least 3 posts.
Thank you!The biggest one is the security changes introduced in 8.1.2:
Review information about the enhanced security features in the IBM Spectrum Protect server and the requirements for updating your environment.www.ibm.com
And why 8.1.8? Why not a recent release? You are missing out on security fixes, apar fixes and new features. All the Security Bulletins listed here are fixed in the latest version: https://www.ibm.com/support/home/se...e_avl:CT792,CT555,CT755&sortby=-dcdate&ct=fab
self-signed certs are fine. What about the encryption stuff?Agreed that SSL certificates are the most significant feature that needs to be considered. You'll want to do some research within your organization whether self-signed certs are ok, or does your org require Root CA signed certs.
Thanks for your feedback. I have proposed to upgrade to latest version.The N-2 or N-1 approach doesn't really work anymore. It used to be that only major releases (6.3.0, 7.1.0, 8.1.0) included new features and fixpacks (8.1.1.000, 8.1.2.000, 8.1.3.000) only include apar fixes. But now with agile development, fixpacks include both new features and apar fixes. So every new fixpacks includes new features that the previous version didn't have. So regardless which level you pick, you will have new features that were not in the previous version, so if you go with 8.1.9 (which is N-2), you would still have new features never present in an earlier release. It's probably a better approach to run the latest to get fixes for known issues, and not implement new features until they have been out for 2 versions.
If office politics forces you to stick to N-2, at least go to 22.214.171.1240 in order to get fixes to issues present in 8.1.9.000.
Thanks for your feedbackI know you said n-2, but have a look at 126.96.36.199. It's been rock stable for me. I had some issues with 8.1.8 and had to take several efixes not published.
*Edit: and there were some some high cve's fixed in 8.1.10 as well. Haven't looked at .11 yet so can't offer insight. Too new for my blood