Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
757
Views
0
Helpful
2
Replies

Cisco ISE Patches

Go to solution
ghermocilla
Level 1
Level 1

‎10-07-2019 06:28 PM

Hi,

 

Is it required to install every patch version or we can install just a certain patch version?

For example, we'll just install patch 1,3,5,7 rather install every patch version.

I'm using ISE 2.4

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Damien Miller
VIP Alumni
VIP Alumni

‎10-07-2019 07:47 PM

The only time this was required was on version 2.1, there was a bug that required identical patches be installed on nodes in order to perform an upgrade from the GUI. This did not impact upgrades from the CLI which would be a better way if going inline.

As Dinesh said, the most recent fix includes all the other patch fixes, they are cumulative. I would recommenced you don't install every patch even if you could. Each patch you install requires disk space, and on nodes that only have 200 GB, this has the potential to become an issue during inline upgrades.

View solution in original post

0 Helpful
2 Replies 2

Go to solution
Dinesh Moudgil
Cisco Employee
Cisco Employee

‎10-07-2019 07:22 PM

Is there a specific reason you would install the said patches ?

Ideally speaking, latest patch would include the fix for previous patches as well.

From ISE admin guide "You can install the required patch version directly. For example, if you are currently using Cisco ISE 2.x and would like to install Cisco ISE 2.x patch 5, you can directly install Cisco ISE 2.x patch 5, without installing the previous patches (in this example, Cisco ISE 2.x patches 1 – 4)."
Ref: https://www.cisco.com/c/en/us/td/docs/security/ise/2-4/admin_guide/b_ise_admin_guide_24/b_ise_admin_guide_24_new_chapter_0100.html#ID262

Regards,
Dinesh Moudgil

P.S. Please rate helpful posts.
Cisco Network Security Channel - https://www.youtube.com/c/CiscoNetSec/
0 Helpful

Go to solution
Damien Miller
VIP Alumni
VIP Alumni

‎10-07-2019 07:47 PM

The only time this was required was on version 2.1, there was a bug that required identical patches be installed on nodes in order to perform an upgrade from the GUI. This did not impact upgrades from the CLI which would be a better way if going inline.

As Dinesh said, the most recent fix includes all the other patch fixes, they are cumulative. I would recommenced you don't install every patch even if you could. Each patch you install requires disk space, and on nodes that only have 200 GB, this has the potential to become an issue during inline upgrades.
0 Helpful
Customers Also Viewed These Support Documents