Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
354
Views
1
Helpful
10
Replies

Cisco ISE and CIMC compatibility

Go to solution
LuigiDiFronzo9542
Level 1
Level 1

‎05-28-2025 03:51 PM

Hello,

An upgrade is being planned for a two-node deployment of Cisco ISE version 3.1 to version 3.3. These are SNS-3615 appliances. I have a question about the CIMC in the process.

The CIMC currently has BIOS version C220M5.4.1.3i.0_ISE; Firmware version 4.1(3b). Where can I check for compatibility? Is this version of CIMC compatible with the new version of ISE, or do I need to upgrade the CIMC firmware?

Thanks.

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Scott Fella
Hall of Fame
Hall of Fame
In response to LuigiDiFronzo9542

‎05-29-2025 06:49 AM

@LuigiDiFronzo9542 The CIMC is just related to the server itself.  You do not need to upgrade if you don't want, its not mandatory but check the release notes for bug fixes.  I personally have had to due to some issues that caused memory issues.  I have upgraded our 3655 appliances CIMC maybe once a year for the last two years.  I have also done this for the controllers and other UCS servers.  It does take a long time for it to complete, so keep that in mind if you plan on doing it.  I will be upgrading our ISE deployment later this year and in the process of upgrading the CIMC once again.

-Scott
*** Please rate helpful posts ***

View solution in original post

0 Helpful
10 Replies 10

Go to solution
Arne Bier
VIP
VIP

‎05-28-2025 11:51 PM

The only Firmware that will work on a Cisco SNS-36X5 server is listed on this ISE Software Download Page - don't try use generic UCS firmware - it will block the boot loader because ISE boot loader is signed to boot only on special BIOS images.

The HUU (Host Update Utility) includes CIMC update, BIOS update and any other adapter firmware.

ISE 3.3 can run on a SNS-36xx server - so the latest ISE SNS-36 firmware will be supported.  

0 Helpful

Go to solution
LuigiDiFronzo9542
Level 1
Level 1
In response to Arne Bier

‎05-29-2025 04:59 AM

Thank you for your response,

I've seen the compatibility of ISE 3.3 with the SNS-36xx server, but I'm still not sure if a CIMC firmware upgrade is mandatory.

Is there a compatibility matrix that shows a direct relationship between Cisco ISE 3.3 and the CIMC firmware version? In other words, is ISE 3.3 compatible with CIMC firmware 4.1(3b), or do I need to upgrade to which version?

Many thanks.

0 Helpful

Go to solution
Scott Fella
Hall of Fame
Hall of Fame
In response to LuigiDiFronzo9542

‎05-29-2025 06:49 AM

@LuigiDiFronzo9542 The CIMC is just related to the server itself.  You do not need to upgrade if you don't want, its not mandatory but check the release notes for bug fixes.  I personally have had to due to some issues that caused memory issues.  I have upgraded our 3655 appliances CIMC maybe once a year for the last two years.  I have also done this for the controllers and other UCS servers.  It does take a long time for it to complete, so keep that in mind if you plan on doing it.  I will be upgrading our ISE deployment later this year and in the process of upgrading the CIMC once again.

-Scott
*** Please rate helpful posts ***
0 Helpful

Go to solution
LuigiDiFronzo9542
Level 1
Level 1
In response to Scott Fella

‎05-29-2025 07:32 AM

Great,

Thank you so much for the explanation.

0 Helpful

Go to solution
ahollifield
VIP
VIP
In response to LuigiDiFronzo9542

‎05-29-2025 08:35 AM - edited ‎05-29-2025 08:35 AM

I would upgrade to the latest available as part of the upgrade personally. 

Also: https://www.cisco.com/c/en/us/products/collateral/security/identity-services-engine/secure-network-server-3615-3655-3695-eol.html

0 Helpful

Go to solution
LuigiDiFronzo9542
Level 1
Level 1
In response to ahollifield

‎05-29-2025 01:08 PM

Thanks ahollifield,

In that case the firmware upgrade of CIMC could be done in differents time windows, right?

0 Helpful

Go to solution
Arne Bier
VIP
VIP
In response to LuigiDiFronzo9542

‎05-29-2025 01:17 PM

Required - no. Mandatory - no. Cisco will tell you if an SNS firmware update is mandatory. But for the most part, people only upgrade the firmware if they spot an error or Cisco tells them to - or they get spooked by the CVEs in the Release Notes.

The SNS updates mostly get published because of CVE and then if your Cyber Team get hold of that news they might force you to upgrade. But you will also benefit from all the other BIOS/CIMC fixes that are bundled in there. I would schedule it in every now and then. It takes around 30-45 min per server. I had to upgrade a bunch of DNAC Gen2 servers the other day. Customer hadn't touched the firmware in 4 years. I reckon they run a bit smoother now and it wasn't such a big deal.

 

Go to solution
LuigiDiFronzo9542
Level 1
Level 1
In response to Arne Bier

‎05-29-2025 01:36 PM

Thanks.

One last thing, but now with the Cisco ISE operating system. According to Cisco documentation, Cisco ISE 3.1 is based on RHEL 8.2; however, Cisco ISE 3.3 is based on RHEL 8.4. When migrating from 3.1 to 3.3, is there anything you need to take into account regarding RHEL, or is it also updated automatically?

0 Helpful

Go to solution
Arne Bier
VIP
VIP
In response to LuigiDiFronzo9542

‎05-29-2025 01:42 PM

It's done automatically as part of the ISE upgrade.

0 Helpful
Customers Also Viewed These Support Documents