Hello Everyone
It’s Andrew with the latest edition of the NetScaler Times, an update to keep you up-to-date on all things NetScaler-related! The idea is to pull together events, firmware releases, support articles, and anything else I think is relevant into a single email, as email is the future!
High-level agenda for this week:
The email is the "NetScaler Times newsletter for Week 24 - 2025" providing updates on NetScaler-related information.
The newsletter discusses rewarding resilient technology, the latest NetScaler firmware builds, and recent security updates, including CVE-2024-5491 and CVE-2024-5492.
It also covers web updates from Microsoft Q&A and product documentation about NetScaler, including NetScaler Console service being rebranded from NetScaler ADM service.
Feedback is requested and should be sent to Andrew.Scott@cloud.com.
0. Sausages and incentives: rewarding a resilient technology future
Why ‘thinking big’ is required to shift the dynamics of the technology market.
At this year’s CYBERUK’s Technology Plenary, the NCSC’s CTO Ollie Whitehouse sparked a debate when he proposed that the technology market does not currently reward those technology companies that invest in cyber security.
In the lively discussion that followed, the panel of industry experts – perhaps predictably – took issue with Ollie’s claim that “we have a non-functional market”. By contrast, subsequent coverage from the technology press (including this detailed analysis from The Register and an editorial from Infosecurity Magazine) was broadly supportive, and acknowledged that the current technology marketplace fails to properly reward secure development practices.
More here
1. The latest firmware builds.
Below are the details for the various builds, which can help you plan for new releases in your environment. This support document has more information on the different release cycles.
NetScaler has multiple form factors to support different environments. It is built on a single operating system with a software-based architecture, so its behavior will be the same regardless of whether it is used as hardware, a virtual machine, bare metal, or a container. Pick one that works for your environment and needs.
Latest Build Versions:
Here is a timeline for the 14.1 and 13.1 builds to show where they are within their respective release lifecycle.
Here are all the firmware builds in a table:
Notes about Builds:
The above is a summary taken from the NetScaler Section here.
For 13.1 FIPS & NDcPP builds: On the downloads page, there are two places to get the 13.1 NDcPP build. The FIPS build is dual-certified now and slightly newer than the NDcPP-only build. It's one to watch if you use those builds.
FIPS FAQ - NetScaler FIPS FAQ - Link
NetScaler Console Service 14.1-52.23 Build Release.
What is new in this release? This build/release added a bunch of fixes.
The full release notes are here
Which release should I use?
The release families are designed so that 14.1 has more elements changing with each update, hence the feature phase designation. Due to its maintenance phase, 13.1 will have fewer changes now.
An example of the move to 14.1 might be that you want to take advantage of removing the dependency of ALB in Azure with your NetScaler HA deployment. Read more here. This could save some $$$ (insert local currency).
Also, a recent customer request included plans to build a new Azure infrastructure. This was not expected to be a short-term deployment. Looking at the build cycles above, it would make sense to start looking at 14.1 for this. This would avoid re-architecting the solution next year when 13.1 moves to CVE-only support.
What about NetScaler SDX?
There are multiple NetScaler designations. VPX, MPX, SDX, BLX, and CPX all use the same firmware. The table above applies to all NetScaler types. It might not be the same download file, as appliances like the SDX do have other elements to update.
End Of Sale Appliances & End of Life Appliances
The lists below have the recent appliance status changes. These have been revised to be a bit more exhaustive.
EoS Appliances
These appliances are End of Sale (unavailable to buy new now), they will live and run for 5 more years from 2024/2023. Just add 5 years to the EoS date to get the EOL.
EOL Appliances
A table shows the EOL appliance events for the last 18 months. April had a few appliances reach their end of life and must be replaced (to get support). The MPX/SDX 16000 is the replacement in most cases.
I pulled these summary tables from the official site here. Just open and expand the NetScaler section.
2. Latest NetScaler Security updates
NetScaler ADC and NetScaler Gateway Security Bulletin for CVE-2024-5491 and CVE-2024-5492.
CTX Number: CTX677944
Article Type: Security Bulletin
Created Date: 9/Jul/2024
Last Modified Date: 12/Mar/2025
Severity: High
This was a security article released last year, it was updated on 12th March. More here
NetScaler WAF Signatures Update v153 was updated on the 6th June.
New signature rules are generated for the vulnerabilities identified in the week 2025-06-02. You can download and configure these signature rules to protect your appliance from security vulnerable attacks.
Link to details.
3. NetScaler-related web updates from…
Netscaler on newer cloud control plane - Microsoft Q&A
3 days ago — Hi, I am trying to deploy a Netscaler in Azure using the following documentation.
Stay tuned for something from me on Secondary IP’s!
NetScaler Console service - Product Documentation
3 days ago — NetScaler ADM service is now rebranded to NetScaler Console service. This documentation includes information about how to get started with the service.
About NetScaler VPX - Product Documentation
6 days ago — NetScaler VPX is a virtual appliance that provides all the functionality of a hardware-based Application Delivery Controller (ADC) in a virtual form factor.
System requirements | NetScaler Console service
6 days ago — Before you begin using NetScaler Console, you must review the software requirements, browser requirements, port information, license information, ...
4. Feedback for this newsletter
Naturally, if something you feel should be added/removed, or called out, drop me a note at Andrew.Scott@cloud.com. All mistakes are mine 🤭. All opinions expressed in this newsletter are solely my own and do not express the views or opinions of my employer. ☺️
You can get all the previous newsletters plus other articles here:
Have a great week!