cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
 
Register for the monthly ISE Webinars to learn about ISE configuration and deployment.
Choose one of the topics below to view our ISE Resources to help you on your journey with ISE

This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.

94
Views
0
Helpful
2
Replies
Beginner

Cisco ISE Patches

Hi,

 

Is it required to install every patch version or we can install just a certain patch version?

For example, we'll just install patch 1,3,5,7 rather install every patch version.

I'm using ISE 2.4

1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted
VIP Advocate

Re: Cisco ISE Patches

The only time this was required was on version 2.1, there was a bug that required identical patches be installed on nodes in order to perform an upgrade from the GUI. This did not impact upgrades from the CLI which would be a better way if going inline.

As Dinesh said, the most recent fix includes all the other patch fixes, they are cumulative. I would recommenced you don't install every patch even if you could. Each patch you install requires disk space, and on nodes that only have 200 GB, this has the potential to become an issue during inline upgrades.
2 REPLIES 2
Cisco Employee

Re: Cisco ISE Patches

Is there a specific reason you would install the said patches ?

Ideally speaking, latest patch would include the fix for previous patches as well.

From ISE admin guide "You can install the required patch version directly. For example, if you are currently using Cisco ISE 2.x and would like to install Cisco ISE 2.x patch 5, you can directly install Cisco ISE 2.x patch 5, without installing the previous patches (in this example, Cisco ISE 2.x patches 1 – 4)."
Ref: https://www.cisco.com/c/en/us/td/docs/security/ise/2-4/admin_guide/b_ise_admin_guide_24/b_ise_admin_guide_24_new_chapter_0100.html#ID262

Regards,
Dinesh Moudgil

P.S. Please rate helpful posts.
Highlighted
VIP Advocate

Re: Cisco ISE Patches

The only time this was required was on version 2.1, there was a bug that required identical patches be installed on nodes in order to perform an upgrade from the GUI. This did not impact upgrades from the CLI which would be a better way if going inline.

As Dinesh said, the most recent fix includes all the other patch fixes, they are cumulative. I would recommenced you don't install every patch even if you could. Each patch you install requires disk space, and on nodes that only have 200 GB, this has the potential to become an issue during inline upgrades.