"
Hello!
We use OPNsense Community Edition within the GlobaLeaks project, and we are opening this questions because we believe these questions are relevant not only to us but also to many users whose OPNsense appliances are managed by external organizations.
Clear guidance can help reduce operational costs and avoid the risks of updating too early from a stable setup, or staying too long on a version that is no longer adequately supported.
Our questions:
Thank you!
We use OPNsense Community Edition within the GlobaLeaks project, and we are opening this questions because we believe these questions are relevant not only to us but also to many users whose OPNsense appliances are managed by external organizations.
Clear guidance can help reduce operational costs and avoid the risks of updating too early from a stable setup, or staying too long on a version that is no longer adequately supported.
Our questions:
- Does OPNsense have a formal LTS or extended-support policy, or is only the latest major CE release supported with security updates? For example, if 25.12 is the last release of the 25.x series and is presumably more stable than an early 26.1 release, when should users consider upgrading to 26.x?
- Is a "security-only" or frozen-stable branch available, or are all CE users expected to follow the regular feature + security update cycle? We understand the latter is currently the case. From an end-user perspective, it would be helpful if each release clearly indicated whether it includes security fixes, for example via a "security-update" tag.
- What update cadence or version-selection strategy do you recommend for CE users seeking maximum security and stability, while avoiding premature upgrades or outdated releases? We hope the answers will help both our project and the wider OPNsense community adopt safer, more predictable deployment practices.
Thank you!
