With the release of new firmware, come new release notes. And while I try to remain technologically agnostic, I'm very aware that this blog has a heavy Fortinet focus. This is the result of my day to day work, however today's topic - while it may use Fortinet references - carries weight across the technology spectrum.
Release notes, you know, that document that many of us read right after we read the End User License Agreement to a particular product (Read: Never). I am guilty of this earlier in my career "XYZ Release has been released, I want it!" not knowing what it changes or what the potential drawbacks are; as an example, after upgrading to FortiOS 7.0.x APs might not come back up after the upgrade, this could be anticipated prior to upgrade if the release notes are read and understood.
Another example of why you should read the release notes is to understand what known issues, or resolved issues may be present in a particular software/firmware release. One such example I wrote about recently with Microsoft patches, a patch was released to correct a CVE with the Windows Event Tracer, and it caused issues with how 3rd party apps accessed event logs, and outright blocked communication unless both systems were at the same patch level. On the "known issues" side of things, it may be important what you're "getting yourself into", is that new feature really worth assuming the risk on a known issue with a feature that's vital to how your organization operates?
One last example I'll offer is something I found recently - see I told you I am guilty of not fully reading the release notes - is the order in which you should upgrade your Security Fabric, if you own more than a FortiGate, chances are you've asked this question. This has been present for some time, I just haven't seen it.
So ask yourself, why aren't you reading the release notes?
Madman out.