I have one ISA 2006 still in production. It’s job is to run the site-to-site VPN connection between my remote backup site in Bollnäs and my main site in Söderhamn. It has now been running for more than 479 days and I do not see any reason for it to not continue running for many days to come.
One might think that I should patch this guy once in a while. But this is in my opionion a good example of… If it aint broken don’t fix it!.
The only allowed traffic in this ISA is the site-to-site VPN connecting my remote backup site to my main office. I don’t in this case feel that this ISA is insecure.