Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
895
Views
10
Helpful
9
Replies

ISE 1.2 upgrade time

Stephen Brady
Level 1
Level 1

‎09-12-2013 09:52 AM - edited ‎03-10-2019 08:53 PM

If someone has done a 1.2 upgrade, can you let me know about how long it took?

Thanks!

Sent from Cisco Technical Support iPhone App

1 person had this problem
Labels:
0 Helpful
9 Replies 9

faisalkhan
Level 4
Level 4

‎09-12-2013 01:41 PM

For me it took around 2.5 hours. But this was in a lab scenario with minimal devices.

0 Helpful

muhammk2
Level 1
Level 1

‎09-12-2013 02:36 PM

Hello,

We have tried it in our lab too and it takes 40-80 minutes approximately.

0 Helpful

Stephen Brady
Level 1
Level 1

‎09-13-2013 04:55 AM

Thank, I was able to mock up a lab yesterday and it took exactly 2 hours.

Sent from Cisco Technical Support iPhone App

0 Helpful

aqjaved
Level 3
Level 3

‎09-13-2013 07:01 AM

Upgrade Time Estimation

The following table provides an estimate of the amount of time it might take to upgrade to Release 1.2. Actual time taken for upgrade varies depending on a number of factors. Your production network continues to function without any downtime during the upgrade process. The data presented here is from a deployment with 44 Cisco ISE nodes (2 Administration nodes, 2 Monitoring nodes, and 40 Policy Service nodes). This deployment comprises 100,000 endpoints; 12,500 users; 25,000 guest users; 100 user groups (with 5 attributes per user). The Profiling service was enabled and the following probes were turned on: DHCP, HTTP, RADIUS, Network Scan (NMAP), DNS, SNMPQUERY.

Type   of Deployment

Node   Persona

Time   Taken for Upgrade

Standalone   (2000 endpoints)

Administration,   Policy Service, Monitoring

1 hour 20   minutes

Distributed   (12,500 users and 25,000 endpoints)

Secondary Administration

7 hours

Monitoring

4 hours

Policy Service

1.5 hours

Administration,   Monitoring

2 hours

Factors That Affect Upgrade Time

  • Number      of endpoints in your network
  • Number      of users and guest users in your network
  • Profiling      service, if enabled

Tarik Admani
VIP Alumni
VIP Alumni

‎09-13-2013 06:07 PM

If you are not looking to retain any monitoring logs you should take an application only backup from your admin node, backup your certs and have your licenses handy and then reset the ise database. You can then run the upgrade to 1.2.

When you restore your database ise will do the upgrade.

For all your psn nodes do the same but do not restore. It will grab the database from the primary admin node.


Sent from Cisco Technical Support Android App

harvisin
Level 3
Level 3

‎09-17-2013 03:07 PM

Hello,

I have just completed my upgradation o ISE 1.2 and it took me approximately 1 hour 40minutes and I think this is the minimum amount of time it normally takes.

0 Helpful

RSundstrom
Level 1
Level 1

‎12-17-2013 08:40 AM

We are using Cisco ISE 1.1.4 with the final patch for that series. We have a two-admin node setup. No other nodes at all. How long do you think an upgrade to 1.2 will take?

Also, I note that there is a Cumulative Patch 4 for ISE 1.2. Does this have to be installed immediately after upgrading to 1.2? If so, how long should I set aside for this patch to install?

0 Helpful

Tarik Admani
VIP Alumni
VIP Alumni
In response to RSundstrom

‎12-17-2013 09:28 PM

It's hard to judge because of how large the monitoring database is. Most cases the node that is the log collector (monitoring node) is what takes the bulk of the time to upgrade. If you are not in need of the logs, your best bet is to take an ise application only backup, backup your certs, and have your licenses handy. Reset one of the nodes and run the upgrade, once the upgrade is finished you can restore your backup and ISE will upgrade it much faster.

Thanks

Tarik Admani
*Please rate helpful posts*

0 Helpful

Naresh Ginjupalli
Cisco Employee
Cisco Employee
In response to RSundstrom

‎12-17-2013 09:32 PM

Hi Robert,

Upgrade time will vary from Node personas like Administration nodes will take more time when compared to policy service nodes and MNT nodes will take around approx of 4 hours if you have MNT data to get updated as well.

Also the upgrade times will vary based on the number of endpoints and number of users and guest users and also the profiling services that were enabled on ISE.

It is strongly recommended to take the backup of ISE before you start the upgrade.

For best practises please refer to below upgrade guide.

http://www.cisco.com/en/US/docs/security/ise/1.2/upgrade_guide/b_ise_upgrade_guide_chapter_01.html

It is not required to install ISE 1.2 cumulative Patch 4 right immediately after the upgrade. All these patches have got few defects addressed and you can refer to release notes for the list of defects that were addressed. If you feel you were impacted by those defects you can goahead and install the patches.

The release notes is as follows:

http://www.cisco.com/en/US/docs/security/ise/1.2/release_notes/ise12_rn.html

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents