topic Re: Upgrading 2.1 patch 1 to 2.2 in Network Access Control

Upgrading 2.1 patch 1 to 2.2

hammeljch — Mon, 04 Dec 2017 17:33:04 GMT

I was wondering if this is a good plan to upgrade 2.1 patch 1 to 2.2

Patch ISE 2.1 to patch 6

back up items(ISE config, data, certs & private keys)

upgrade to 2.2

apply struts 2 fix

Install ISE 2.2 patch 4

Just wondering about the struts patch does that need to be done? Or does the 2.2 patch 4 fix the struts 2? After reading the docs it looks like, I need to do the upgrade in the order that I have listed. Just wanted to confirm that I'm reading the docs correctly for upgrading.

Thanks in advance,

john

Re: Upgrading 2.1 patch 1 to 2.2

Arne Bier — Mon, 04 Dec 2017 22:02:22 GMT

I would not bother with 2.2 - it's buggy. Although it depends what features you're using.

ISE 2.3 introduced the URT (Upgrade Readiness Tool) that you can run to check the integrity of your data. It's quite handy.

I have yet to see an upgrade go through smoothly on the entire deployment. In most cases the Sec PAN upgrades, but then the remaining personas die from various causes. Your mileage may vary ..

I would not upgrade - I would restore config onto a clean build. Makes a small mess with licenses on VM. But that's one advantage to move to Smart Licensing

Re: Upgrading 2.1 patch 1 to 2.2

kthiruve — Tue, 05 Dec 2017 02:00:13 GMT

Hi,

Thanks for reaching out.

It will be good to know what deployment version you are in.

Features that you are using etc.

Also good to know if you are upgrading for a specific reason etc( for eg: looking for new features in ISE 2.2 etc)?

Do you have a timeframe to migrate ? I can make suggestions based on this.

Thanks
Krishnan

Re: Upgrading 2.1 patch 1 to 2.2

hammeljch — Tue, 05 Dec 2017 12:13:48 GMT

Well, I'm on 2.1.0.474 patch 1 so I was wondering if I have to patch to latest patch for 2.1 which is patch 6.

Couple of items that we will be implementing which is not currently configured is:

guestaccess

trustsec

client provisioning

MDM

From those current functions which is better 2.2 or 2.3?

Thanks,

John

Re: Upgrading 2.1 patch 1 to 2.2

Jason Kunst — Tue, 05 Dec 2017 12:38:30 GMT

Yes you will need to apply latest patch before upgrading.

There are also subtle differences between 2.2 and 2.3 with respect to posture, please reference the release notes for each

2.3 has Facebook for guest registration

If you’re going to make the move would recommend going to 2.3 so that you don’t have to update later

Many partners in the community have customers running 2.3