Planning your upgrade path and order is especially important for large deployments, high availability/clustering, multi-hop upgrades, and
situations where you need to coordinate chassis, hosting environment, or other
upgrades.
Supported Upgrades
This table shows the supported direct upgrades for
management center and threat defense
software. You can upgrade directly
to major (first and second-digit) and maintenance (third-digit)
releases.
For the Firepower 4100/9300, the table also lists companion FXOS versions. If a
chassis upgrade is required, threat
defense upgrade is blocked. In most cases we recommend the latest build in each version;
for minimum builds see the Cisco Secure Firewall
Threat Defense Compatibility Guide.
Table 1. Supported Direct Upgrades for Major and
Maintenance Releases
Current Version
|
Target Software Version
|
to 7.7
|
7.6
|
7.4
|
7.3
|
7.2
|
7.1
|
7.0
|
6.6
|
6.4
|
Firepower 4100/9300 FXOS Version for Chassis
Upgrades
|
to 2.17
|
2.16
|
2.14
|
2.13
|
2.12
|
2.11
|
2.10
|
2.8
|
2.6
|
from 7.7
|
YES
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
7.6
|
YES
|
YES
|
—
|
—
|
—
|
—
|
—
|
—
|
—
|
7.4
|
YES
|
YES
|
YES *
|
—
|
—
|
—
|
—
|
—
|
—
|
7.3
|
YES
|
YES
|
YES
|
YES
|
—
|
—
|
—
|
—
|
—
|
7.2
|
YES
|
YES
|
YES
|
YES
|
YES
|
—
|
—
|
—
|
—
|
7.1
|
—
|
YES
|
YES
|
YES
|
YES
|
YES
|
—
|
—
|
—
|
7.0
|
—
|
—
|
YES
|
YES
|
YES
|
YES
|
YES
|
—
|
—
|
6.6
|
—
|
—
|
—
|
—
|
YES
|
YES
|
YES
|
YES
|
—
|
6.4
|
—
|
—
|
—
|
—
|
—
|
—
|
YES
|
YES
|
—
|
* You cannot
upgrade threat defense to Version 7.4.0, which is available as a fresh install on
the Secure Firewall 4200 only. Instead, upgrade your
management center and devices to Version 7.4.1+.
Supported Patches
Patches change the fourth digit only. You cannot upgrade directly to a patch from a
previous major or maintenance release. Although a patched device (fourth-digit) can
be managed with an unpatched management center, fully patched deployments undergo enhanced testing.
Choosing a Maintenance Release
You can upgrade directly to major (first and second-digit) and maintenance
(third-digit) releases. However, features, enhancements, and critical fixes included
in maintenance releases can skip future releases, depending on release date, release
type (short term vs. long term), and other factors. To minimize upgrade and other
impact, do not upgrade to a release that deprecates features or fixes.

Important
|
In most cases, we recommend you go directly to the latest maintenance release in
your chosen major
version.
|
If you cannot go to the latest maintenance release, at least make sure your target
version was released on a date after your current
version.
That is, if your current version is not listed next to your target
version in the following table, choose a later
target.
Table 2. Released Before Version 7.2.x, by Date
Target Version
|
Current Version: Is yours listed?
|
from 6.6
|
6.7
|
7.0
|
7.1
|
7.2
|
to 7.2.10
|
2025-05-22
|
6.6.0–6.6.7
|
6.7.0
|
7.0.0–7.0.7
|
7.1.0
|
7.2.0–7.2.9
|
7.2.9
|
2024-10-22
|
6.6.0–6.6.7
|
6.7.0
|
7.0.0–7.0.6
|
7.1.0
|
7.2.0–7.2.8
|
7.2.8
|
2024-06-24
|
6.6.0–6.6.7
|
6.7.0
|
7.0.0–7.0.6
|
7.1.0
|
7.2.0–7.2.7
|
7.2.7
|
2024-04-29
|
6.6.0–6.6.7
|
6.7.0
|
7.0.0–7.0.6
|
7.1.0
|
7.2.0–7.2.6
|
7.2.6 *
|
2024-03-19
|
—
|
—
|
—
|
—
|
—
|
7.2.5
|
2023-07-27
|
6.6.0–6.6.7
|
6.7.0
|
7.0.0–7.0.6
|
7.1.0
|
7.2.0–7.2.4
|
7.2.4
|
2023-05-03
|
6.6.0–6.6.7
|
6.7.0
|
7.0.0–7.0.5
|
7.1.0
|
7.2.0–7.2.3
|
7.2.3
|
2023-02-27
|
6.6.0–6.6.7
|
6.7.0
|
7.0.0–7.0.5
|
7.1.0
|
7.2.0–7.2.2
|
7.2.2
|
2022-11-29
|
6.6.0–6.6.7
|
6.7.0
|
7.0.0–7.0.5
|
7.1.0
|
7.2.0–7.2.1
|
7.2.1
|
2022-10-03
|
6.6.0–6.6.7
|
6.7.0
|
7.0.0–7.0.4
|
7.1.0
|
7.2.0
|
7.2.0
|
2022-06-06
|
6.6.0–6.6.5
|
6.7.0
|
7.0.0–7.0.2
|
7.1.0
|
—
|
* Version 7.2.6 is longer available.
If you are running a patch, you may also want to check that the patch was also
released after your target version, depending on the included fixes. For a full list
of release dates including patches, see Cisco Secure Firewall
Management Center New Features by
Release.