ISE 3.4 Migration: Implementation

Implementation Plan

Pre-Upgrade

  • Download upgrade packages from Cisco

  • Review release notes for breaking changes

  • Backup all nodes (repository backup)

  • Document current policies and configurations

  • Test upgrade in home lab environment

  • Schedule maintenance window with CAB

Upgrade Sequence

Step Action Downtime

1

Upgrade Secondary Admin Node (if HA)

None

2

Promote Secondary to Primary

Brief

3

Upgrade original Primary

None

4

Upgrade PSNs (rolling)

None per PSN

5

Upgrade MNT nodes

Logging gap

6

Verify all services

None

Post-Upgrade

  • Verify all nodes healthy

  • Test authentication flows

  • Validate policy enforcement

  • Check integrations (AD, LDAP, pxGrid)

  • Review logs for errors

  • Update documentation

Rollback Strategy

  • Keep backup from pre-upgrade

  • Document current config exports

  • Test rollback procedure in lab

  • Maintain old version ISOs for emergency