Cisco Secure Workload
Software Agent Support Policy
Event |
Date |
Policy Published |
April 15th, 2020 |
Policy Effective Date |
May 15th, 2020 |
Policy Updated |
March 9th, 2021 |
Rebrand from Tetration to Secure Workload |
September, 2021 |
This policy applies to all Cisco Secure Workload (formerly Cisco Tetration) software agents deployed to work with the on-premises cluster or Software-as-a-Service options.
Cisco Secure Workload software has major, minor and patch release versions. Each of these software releases includes bug fixes and/or enhancements for software agents. Hence it is important to run the latest release of the software and agent version. In addition, these releases may also include support for newer versions of the operating system(s).
Release version numbering follows the pattern Major.Minor.Patch.Build (for example, 3.5.1.1).
Cisco will provide technical support, bug fixes, and agent enhancements for the latest Major.Minor release, and technical support and critical bug fixes for the previous Major.Minor release of the software agent.
Table 3. Examples: Supported releases
If the latest release is: |
Tech Support, bug fixes, and agent enhancements are provided for these releases: |
Tech support and critical bug fixes are provided for these releases: |
3.4.1.1 |
3.4.x.x |
3.3.x.x |
3.5.1.1 |
3.5.x.x |
3.4.x.x |
3.6.1.1 |
3.6.x.x |
3.5.x.x |
All patch releases (represented as x.x in these examples) for a supported Major.Minor version are supported.
Cisco TAC support will continue to be available for customers with an active Cisco Secure Workload software subscription. If you experience a problem with a Secure Workload software agent, you may be asked to validate whether the most current minor or patch release resolves your issue. Such a request may involve an upgrade to the cluster software, as required. If your agent version goes out of support, you may need to upgrade your Secure Workload software to get to a supported agent version.
· Beta and Alpha versions of a software agent
Any Secure Workload software agent marked as alpha or beta does not follow the standard support Policy.
· Troubleshooting Releases
Cisco TAC will occasionally provide customers a one-off Secure Workload software agent release to perform additional troubleshooting or validate bug fixes. These agent versions are not official public releases and are not supported for full production deployment. Customers receiving these releases must work closely with their support representative to validate their deployment and testing.
· One-off Removal
While Cisco will make every attempt to avoid this case, it may necessary to remove a released version of the Secure Workload software agent due to the severity or frequency of issues seen in the field, or to address security concerns. In that event, we may remove and either 1) make available a new version that address the issues, or 2) provide a recommendation on which version customers should upgrade to.
Cisco Secure Workload software agents will only be tested and supported on operating systems with regular or extended support from the operating system vendor. Cisco’s standard end of support of the software agent for an operating system, which includes ending of Cisco TAC technical support, bug fixes, and product enhancements, will align with the operating system’s published end of support, or extended end of support schedule.
Support policy for cases where vendors offer extended security updates option beyond end of support date for a particular operating system version will follow the schedule specified in the following table.
Table 3. Support policy for OS versions with extended security updates
Operating System / Version |
Secure Workload software agent – last version |
Secure Workload agent enhancements/bug fixes |
Technical support (TAC) end date |
Microsoft Windows Server 2008 (Also referred to as Windows server 2008 R1) |
No new agent version for this operating system version beyond Secure Workload software release 3.3. |
No enhancements or bug fixes will be available for this operating system starting January 14, 2020. |
Technical support is no longer available. |
Microsoft Windows Server 2008 R2 |
Not applicable |
Except for critical security fixes, no enhancements or other bug fixes are planned for this operating system starting January 14, 2020. |
Technical support will be available till Jan 14, 2023 for customers who have a valid extended security updates agreement from Microsoft, and are running a supported agent version. |
Microsoft Windows 7 (Professional, Enterprise) |
Not applicable |
Except for critical security fixes, no enhancements or other bug fixes are planned for this operating system starting January 14, 2020. |
Technical support will be available till Jan 14, 2023 for customers who have a valid extended security updates from Microsoft and are running a supported agent version. |
Q: When will the Support Policy go into effect?
A: The Support Policy was announced on April 15, 2020 and took effect on May 15, 2020. The policy was updated on March 10, 2021.
Q: Will Secure Workload software agents continue to function after they are no longer supported by the Support Policy?
A: Yes. Secure Workload software agents will continue to connect to the Secure Workload platform (on-premises or SaaS) and function as usual. They may not support features available with latest release, and may contain unaddressed bugs or security issues. We recommend you upgrade to the latest version of the Secure Workload software agent to ensure you can use the latest features and are up-to-date for security patches.
Q: Will I have access to Secure Workload agent versions that have extended past the Support Policy?
A: On-premises customers who upgrade to a new Secure Workload software release will continue to have access to the older agent versions. As always, any new deployment will only provide access to corresponding agent versions. Secure Workload SaaS customers will also continue to have access to older agent versions if they need to use it.
Q: Can I still deploy an older Secure Workload agent version if I absolutely have to?
A: Yes. Older Secure Workload agent versions can still be deployed; however, deployment of an unsupported version is not recommended because it lack new product features and important security patches. In addition, technical support will not be provided, and you may be required to upgrade to a currently supported version before receiving technical support for those agent versions.
Q: How do I find out which versions of the Secure Workload agents are deployed in my environment?
A: The Secure Workload user interface provides several ways to determine the Secure Workload agent versions deployed in your environment. Most users can go to Monitoring > agents page to see the distribution of agent versions, and also to drill down to a list of individual servers running these versions.
Q: How are alpha or beta Secure Workload software agent versions supported with the Support Policy?
A: This policy is applicable only for software agents that are generally available. Any software agent that is tagged as “alpha” or “beta” will not follow this policy.
Q: Which Secure Workload software agent versions are affected by this Support Policy?
A: The Support Policy will impact Windows, Linux and universal (light-weight) software agents. Table-2 and Table-3 of this document provides the list of Secure Workload software agent versions that are immediately affected by this Support Policy.