Planning a migration where I update ISE from 2.4 to 3.0. It's a two-node environment with Active/Passive. I've reviewed the documentation and it mentions deregistering the Secondary and reimaging it. Would be a bad idea to just start standing up a new environment on 3.0 with Backup/Restore without Deregistering? I can pretty easily start just moving network device configurations to use this new environment. I would pull the backup from the active node.
Correct. How complicated is your ISE deployment? You could reconfigure your policies from scratch and then just export/import the NADs. Other option is import 2.4 backup into a 3.0 temporary VM. Backup temporary 3.0 VM and import into final 3.1 deployment.
Why not 3.1? I always opt for the parallel deployment / backup/restore approach. It also gives you an opportunity to clean up old NADs, endpoints, and policies you no longer use.
I would but it doesn't look like you can jump from 2.4 straight to 3.1. I figure I may get 3.0 stood up get a few switches on it and then update to 3.1.
Correct. How complicated is your ISE deployment? You could reconfigure your policies from scratch and then just export/import the NADs. Other option is import 2.4 backup into a 3.0 temporary VM. Backup temporary 3.0 VM and import into final 3.1 deployment.
Learn, share, save
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
