Is it recommended to remove old ISE patches? Cisco states that,"Patches are cumulative such that any patch version also includes all fixes delivered in the preceding patch versions." I've just installed Patch 8 for 2.4 and would like to remove the old Patch 5 if possible.
I have been meaning to ask this question for some time now - glad someone beat me to it. I have been deleting the files from the CLI of the nodes - that's as far as you can go. There is no other user accessible "cleanup" to remove old stuff. Rebuilding a PAN is the only way I know to get rid of legacy patches.
I have poked around the Linux filesystem though and noticed that the old patch files are lying around. Removing them makes a VM a lot smaller (after you compress the VM with vm-tools). I am not advocating this for production systems - but for labs where SSD is scarce, I remove all the junk lying around (including upgrade files, patch files and old logs).