Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
896
Views
2
Helpful
3
Replies

Hardware Migration from 36xx to 37xx

Go to solution
santhoshkdhanapal
Level 1
Level 1

‎08-11-2024 11:21 PM - edited ‎08-11-2024 11:38 PM

Hi All,

   Kindly suggest the prequiste to be considered when migrating ISE hardware from 36xx to 37xx and current ISE version is 3.0 . Which version is the stable version ? I worked in ISE 3.2 but with TAC cases ,they recommend so many patch to update. Please share any documents or your previous experience with respect to migration of ISE hardware and backup restore. I appreciate in advance. 

 

Cheers,

Santhosh

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Mark Elsen
Hall of Fame
Hall of Fame

‎08-12-2024 01:32 AM - edited ‎08-12-2024 01:51 AM

 

                        >...Which version is the stable version ?
         https://software.cisco.com/download/home/283801620/type/283802505/release/3.3%20Patch%202
         Is currently recommended version ; note that link is only summary you must first install and or upgrade to 'full'
        3.3  and then install patch2.

      Note that your question consists of two parts, upgrading and moving to new hardware  , for upgrading
      consult : https://www.cisco.com/c/en/us/td/docs/security/ise/3-3/upgrade_guide/Upgrade_Journey/Cisco_ISE_3-3_Upgrade_Journey.html
    (edited/added)https://www.cisco.com/c/en/us/td/docs/security/ise/3-3/upgrade_guide/Upgrade_Journey/PDF/b_ise_upgrade_guide_3_3_pdf.pdf)

        For the new hardware : possibly a configuration backup and restore on that can be done from your current ISE
                                            version ; check the previous document (link) mentioned for info's on that.
       My advices : take the whole project out of a production environment and test first when finished (e.g.)
                           Consider building it from scratch and configuring the policies manually
                           Test before 'returning' the new hardware device(s) to production!

  (edited2/added) : Appendix : https://www.ciscolive.com/c/dam/r/ciscolive/emea/docs/2024/pdf/BRKSEC-2889.pdf
  (edited3/added)                     https://www.cisco.com/c/en/us/td/docs/security/ise/3-3/release_notes/b_ise_33_RN.html

  Also note from the above : https://www.cisco.com/c/en/us/td/docs/security/ise/3-3/release_notes/b_ise_33_RN.html#concept_vlf_w5f_rsb
  

 M.



-- Let everything happen to you  
       Beauty and terror
      Just keep going    
       No feeling is final
Reiner Maria Rilke (1899)

View solution in original post

3 Replies 3

Go to solution
Mark Elsen
Hall of Fame
Hall of Fame

‎08-12-2024 01:32 AM - edited ‎08-12-2024 01:51 AM

 

                        >...Which version is the stable version ?
         https://software.cisco.com/download/home/283801620/type/283802505/release/3.3%20Patch%202
         Is currently recommended version ; note that link is only summary you must first install and or upgrade to 'full'
        3.3  and then install patch2.

      Note that your question consists of two parts, upgrading and moving to new hardware  , for upgrading
      consult : https://www.cisco.com/c/en/us/td/docs/security/ise/3-3/upgrade_guide/Upgrade_Journey/Cisco_ISE_3-3_Upgrade_Journey.html
    (edited/added)https://www.cisco.com/c/en/us/td/docs/security/ise/3-3/upgrade_guide/Upgrade_Journey/PDF/b_ise_upgrade_guide_3_3_pdf.pdf)

        For the new hardware : possibly a configuration backup and restore on that can be done from your current ISE
                                            version ; check the previous document (link) mentioned for info's on that.
       My advices : take the whole project out of a production environment and test first when finished (e.g.)
                           Consider building it from scratch and configuring the policies manually
                           Test before 'returning' the new hardware device(s) to production!

  (edited2/added) : Appendix : https://www.ciscolive.com/c/dam/r/ciscolive/emea/docs/2024/pdf/BRKSEC-2889.pdf
  (edited3/added)                     https://www.cisco.com/c/en/us/td/docs/security/ise/3-3/release_notes/b_ise_33_RN.html

  Also note from the above : https://www.cisco.com/c/en/us/td/docs/security/ise/3-3/release_notes/b_ise_33_RN.html#concept_vlf_w5f_rsb
  

 M.



-- Let everything happen to you  
       Beauty and terror
      Just keep going    
       No feeling is final
Reiner Maria Rilke (1899)

Go to solution
santhoshkdhanapal
Level 1
Level 1
In response to Mark Elsen

‎08-12-2024 03:55 AM - edited ‎08-12-2024 04:01 AM

Hi @Mark Elsen ,

Thanks for the response. In new hardware ie 37xx we restore the configuration backup. what's the status of old hardware when i do migration ? Do i keep both hardware appliance up in production or how does it work ? And the certificates backup need to be restored separately , is it correct and how about license?

0 Helpful

Go to solution
Mark Elsen
Hall of Fame
Hall of Fame
In response to santhoshkdhanapal

‎08-12-2024 04:08 AM

 

         >.... In new hardware ie 37xx we restore the configuration backup. 
  - First , it's better to have ise 3.3 with patch2 installed first and then restore a configuration backup from the 3.0 environment
     to have an easy work flow

                         >...Do i keep both hardware appliance up in production or how does it work ? 
   - In whatever topology concerning management and policy server nodes (PAN,PSN,MNT) , you can't have mixed versions.

  M.



-- Let everything happen to you  
       Beauty and terror
      Just keep going    
       No feeling is final
Reiner Maria Rilke (1899)
Customers Also Viewed These Support Documents