NetScaler Times newsletter for Week 2 - 2025

Hello Everyone

It’s Andrew again over at Cloud Software Group. This NetScaler Times update aims to keep you up-to-date! 🚀Why read this? The idea is to pull together events, firmware releases, support articles, and anything else I think is relevant into a single email. Some say, email is the future, others tell the truth!

High-level agenda according to Gemini, other AI tools are available too:-)

• The NetScaler Times newsletter provides updates on firmware releases, security bulletins, and events.
• There are no new NetScaler builds this week, but NetScaler 12.1 NDcPP is now EOL.
• The latest security bulletin addresses CVE-2024-8534 and CVE-2024-8535, and NetScaler WAF Signatures Update v142 is available.
• January events have not yet been posted.
• Feedback on the newsletter is welcome.

1. The latest firmware builds.

The details for the various builds have been listed below, as this helps plan for new releases in your environment. This support document has a lot more details on the various release cycles.

The NetScaler has multiple form factors to support different environments. NetScaler is built on a single operating system with a software-based architecture, so the behaviour will be the same no matter which is used — hardware, virtual machine, bare metal, or container. Pick one that works for you…

Latest Build Versions:

No new builds this week…

NetScaler 12.1 NDcPP EOL

I see that this is marked as EOL from the end of last month. I have asked for verification. However, the lifecycle matrix has it as EOL.

Which release should I use?

The release families are designed such that 14.1 has more elements changing with each update, hence the feature phase designation. There will be less change in 13.1, so unless you need a capability only available in the 14.1 release, the advice is to choose 13.1 for most production deployments.

End Of Sale Appliances

These appliances are End of Sale (unavailable to buy new now), they will live and run for 5 more years from 2024.

EOL Appliances

Here is a table showing the significant EOL appliance events for the next 12 months. April looks to have a few appliances that will reach their end of life.

2. Recent security bulletin

NetScaler ADC and NetScaler Gateway Security Bulletin for CVE-2024-8534 and CVE-2024-8535 is the most recent I can see on the support portal.

CTX Number: CTX691608

Article Type: Security Bulletin: Created Date: 12/Nov/2024

Last Modified Date: 14/Nov/2024: Severity: High

Pre-requisites for CVE-2024-8534

The appliance must be configured as a Gateway (VPN Vserver) with RDP Feature enabled OR The appliance must be configured as a Gateway (VPN Vserver) and RDP Proxy Server Profile is created and set to Gateway (VPN Vserver) OR The appliance must be configured as a Auth Server (AAA Vserver) with RDP Feature enabled

Pre-requisites for CVE-2024-8535

The appliance must be configured as a Gateway (SSL VPN, ICA Proxy, CVPN, RDP Proxy) with KCDAccount configuration for Kerberos SSO to access backend resources OR The appliance must be configured as an Auth Server (AAA Vserver)  with KCDAccount configuration for Kerberos SSO to access backend resources

NetScaler WAF Signatures Update v142

The latest version of its integrated Web App Firewall signatures to help customers mitigate several CVEs with varying CVSS scores. Link to details

3. Events

It looks like the events for Jan have yet to be posted..

Labs

Go here for the hands-on labs. Link

4. Feedback for this newsletter

Naturally, if something you feel should be added/removed or called out, drop me a note; Andrew.Scott@cloud.com. All mistakes are mine.

I would happily get feedback on what you could do with seeing more of or what you find hard to set up. You can get all the previous newsletters plus other articles here:

NetScaler Substack portal

Have a great week!