Software version life cycle

Software version management mode

System versions on Stormshield Network Security devices change over time for three main reasons:

• Adding and/or changing features,
• Functional and/or security patches,
• Compatibility with new hardware.

Following a functional upgrade:

• Updates to the operating system,

• Modifications to existing features (improvements),

• Addition of new features (disruptive or incremental features):

  • "Disruptive" features radically change the way the system is used or operated, either fully or partially. In addition, they can change the behavior of the system and significantly change the appearance of the user interface.

  • "Incremental" features extend the system's capacities without making any major impact on its overall behavior.

Updates to security databases (antivirus, IPS, antispam, IP Reputation, vulnerabilities and root certificates) are not considered system upgrades, as they do not depend on the system and are automatically run (if the product is able to connect to Stormshieldupdate servers).

These updates are available to firewalls that still have a valid maintenance contract and on which the relevant optional services have been subscribed.

Stormshield Network Security products offer three types of system versions (major, minor, and patch) and two labels (LTSB and EA).

System versions

System versions of Stormshield Network Security products are represented by three numbers:

Major releases

These versions include disruptive technical and functional changes that can radically change the way the system is used or operated, either fully or partially. In addition, they can change the behavior of the system and significantly change the appearance of the user interface.

They may also include:

• Other less disruptive functional changes,
• Compatibility with new firewalls,
• Functional or security patches.

During updates to major versions, obsolete features may also be removed.

To update to a major version, you may need to change configuration components or apply a specific procedure.

Major releases are always named as follows:
X.0.0 (for example: 3.0.0)

• The first number identifies the major version,

• The next two numbers are 0.

A major release branch includes all minor releases and patch versions relating to a major release.

For example, versions 3.0.1, 3.1.0 and 3.1.3 all belong to major release branch 3.

Minor releases

These versions include less disruptive functional changes.

They may also include:

• Compatibility with new firewalls,
• Functional or security patches.

Minor releases are always named as follows:
X.Y.0 (for example: 3.1.0)

• The second number (higher than 0) identifies the minor version,

• The last number is 0.

For example, versions 3.1.0 and 3.3.0 are both minor versions of major release branch 3.

A minor release branch includes all patch versions relating to a minor version.

For example, versions 3.4.0, 3.4.3 and 3.4.9 all belong to minor release branch 3.4.

Patch versions

These versions include only functional patches or security patches.

Patch versions are always named as follows:
X.Y.Z (for example: 3.1.3)

• The last number (higher than 0) identifies the patch version.

For example, versions 3.5.1 and 3.5.2 are both patch versions of minor release branch 3.5.

System version labels

"LTSB" (Long-Term Support Branch) label

Maintenance is guaranteed on release branches with an LTSB label for at least 12 months.

These release branches can only receive updates that contain patches; no new features will be added to these branches.

They versions are recommended for clients who prioritize stability over new features and optimizations.

LTSB release branches always contain the LTSB suffix at the end of the version number:
X.Y.Z.LTSB (for example: 3.1.0.LTSB)

• An X.Y branch with an LTSB label will benefit from maintenance for at least 12 months from the date on which the branch was declared LTSB,
• During the life cycle of the LTSB branch, patch versions will provide only functional or security patches,
• A minimum 6-month overlap, during which only security patches are provided, is expected between each LTSB release branch, to allow clients to migrate their installations to the next LTSB branch.

The list of all active LTSB branches and their End of Maintenance dates are given in this guide.

These dates may be changed when the duration of maintenance needs to be extended.

"EA" (Early Adopter) label

Minor or major versions with the “EA” label include new important features that have yet to be deployed among our clients on a large scale in a production environment.

Updates to EA versions are not essential if none of the new features are essential to your production environment.

The EA label is not attached to any release branch version over the long term, and is removed once a later fix version is published.

Version maintenance

For every major release branch, only the following release branches can benefit from maintenance in the form of functional or security patches:

• Minor LTSB releases that have not yet reached their End of Maintenance dates,
• The latest non-EA minor release branch published,
• The latest EA minor release branch published.

Example of maintenance provided on release branches over time (fictitious version numbers)

Technical support for releases

Stormshield provides technical support (opening and processing of tickets) on the latest patch version of each release branch that has not yet reached its End of Life date.

When a release branch reaches its End of Maintenance, Stormshield continues to provide technical support (opening and processing of tickets) on the latest patch version of this branch for 3 months from the End of Maintenance date.

After this period, the release branch will enter its End of Life phase: Stormshield will no longer provide technical support on releases from this branch.

To find out more on which versions our technical support departments manage, refer to the support charter found in your MyStormshield.eu personal area.