Software version life cycle

Software version management mode

System versions on Stormshield Network Security devices change over time. Changes may be made for 3 main reasons:

Following a functional upgrade:

  • Updates to the operating system,

  • Modifications to existing features (improvements),

  • Addition of new features (disruptive or incremental features):

    • "Disruptive" features radically change the way the system is used or operated, either fully or partially. In addition, they can change the behavior of the system and significantly change the appearance of the user interface.

    • "Incremental" features extend the system's capacities without making any major impact on its overall behavior.

Following a fix:

  • Security patch,

  • Functional patch (bug fix).

Following a hardware upgrade:

  • Compatibility with new firewalls,

  • Withdrawal of end-of-life firewalls.

Updates to security databases (antivirus, IPS, URL filtering, antispam, IP Reputation, vulnerabilities and root certificates) are not considered system upgrades, as they do not depend on the system and are automatically run (if the product is able to connect to Stormshield update servers).

These updates are available to firewalls that still have a valid maintenance contract and on which the relevant optional services have been subscribed.

Stormshield Network Security products offer 3 types of system versions and a label.

System versions of Stormshield Network Security products are represented by three numbers:

Major releases

These versions include disruptive versions and may also include fixes, incremental features and enhancements. "Disruptive" features radically change the way the system is used or operated, either fully or partially. In addition, they can change the behavior of the system and significantly change the appearance of the user interface.

To update to a major version, you may need to change configuration components or launch a dedicated upgrade procedure. During updates to major versions, obsolete features may also be removed.

Major releases are always named as follows:
X.0.0 (for example: 3.0.0)

  • The first number identifies the major version,

  • The next two numbers are 0.

A major release branch includes all minor releases and patch versions relating to a major release.

For example, versions 3.0.1, 3.1.0 and 3.1.3 all belong to major release branch 3.

Minor releases

These versions generally include enhancements to features, but may also contain incremental features and patches. Minor releases can be used to ensure compatibility with new firewalls.

Minor releases are always named as follows:
X.Y.0 (for example: 3.1.0)

  • The second number (higher than 0) identifies the minor version,

  • The last number is 0.

For example, versions 3.1.0 and 3.3.0 are both minor versions of major release branch 3.

Throughout their life cycles (defined in detail below), major and minor versions may include functional or security patches.

Patch versions

These versions include only functional patches or vulnerability patches.

Patch versions are always named as follows:
X.Y.Z (for example: 3.1.3)

  • The last number (higher than 0) identifies the patch version.

For example, versions 3.5.1 and 3.5.2 are both patch versions of minor version 3.5.

"LTSB" (Long-Term Support Branch) label

Major or minor versions with this label are considered versions that will be stable over a long term, and will be supported for at least 12 months. These versions are recommended for clients whose priority is stability instead of new features and optimizations. These versions may only be updated with patch versions.

LTSB versions always contain the LTSB suffix at the end of the version number:
X.Y.Z.LTSB (for example: 3.1.0.LTSB)

  • The LTSB label designates versions that are stable over the long term, and which are supported for at least 12 months from version "X.Y.0" onwards.

  • A minimum 6-month overlap, during which only security patches are applied, is expected between each LTSB version, to allow clients to migrate their installations to the next LTSB version.

  • During the life cycle of the LTSB version, patch versions will provide only vulnerability or functional patches.

The list of all active LTSB versions and their end of support is given in this document. These dates may be changed when the duration of support needs to be extended.

"EA" (Early Adopter) label

Minor or major versions with this label include new important features that have yet to be deployed among our clients on a large scale in a production environment. If none of these new features are essential to your production environment, we recommend that you choose a standard or LTSB version for better stability.

The EA label is not attached to any version over the long term and is removed once the next fix version is published.

Version maintenance

For every major release branch, only LTSB versions and the latest minor published release can be patched or receive functional upgrades.

All active LTSB versions can receive patches during their life cycles (no additions or functional updates will be applied to these versions).

Example (fictitious version numbers)

The LTSB version branches that are currently active:

  • 8.1.x LTSB

  • 8.3.x LTSB

The latest published versions are:

  • 8.1.5 LTSB

  • 8.3.1 LTSB

  • 8.4.3

The next patches will therefore be included in the following future versions:

  • Patch version 8.1.6 LTSB. Version 8.1.5 LTSB will no longer be supported.

  • Patch version 8.3.2 LTSB. Version 8.3.1 LTSB will no longer be supported.

  • Patch version 8.4.4 or a new minor version 8.1.x LTSB, if there are functional additions with patches. In both cases, version 8.4.3 will no longer be supported.

  • New minor version 8.5.0, if there are functional additions with patches.

    • In an 8.5.0 version labeled "Early Adopter" (8.5.0 EA), the 8.4 branch will be kept. During the next 8.5.x patch version, the EA label will be removed from the 8.5 branch and the 8.4 branch will no longer be kept.

    • In an 8.5.0 version without an "Early Adopter" label (8.5.0), maintenance for the 8.4 branch will cease immediately.

To find out more on which versions are managed by our technical support departments, please refer to the support charter found in your secure area.