CLEANACCESS Archives

July 2012

CLEANACCESS@LISTSERV.MIAMIOH.EDU
Options: Use Monospaced Font
Show Text Part by Default
Show All Mail Headers

Message: [<< First] [< Prev] [Next >] [Last >>]
Topic: [<< First] [< Prev] [Next >] [Last >>]
Author: [<< First] [< Prev] [Next >] [Last >>]

Print Reply
Subject:
Re: Is 4.9.1 stable?
From:
Nick Recchia <[log in to unmask]>
Reply To:
Cisco Clean Access Users and Administrators <[log in to unmask]>
Date:
Wed, 25 Jul 2012 08:30:33 -0700
Content-Type:
text/plain
Parts/Attachments:
text/plain (72 lines) 
We recently upgraded from 4.9 to 4.9.1 and things are well. We did
have issues upgrading from 4.8.x to 4.9 last year; however, Cisco
discovered a bug regarding orphan data that is now addressed in their
release notes [1]. It is my understanding that because this said issue
was not discovered prior to us - and others at the time - upgrading to
4.9, many Cisco NAC shops who did upgrade, and were running NAC for
years, ran into issues.

Hope this may be of help to you.

Sincerely,
-Nick
-- 
Nicholas Recchia, Ed.D.
Security Administrator
ITS - Security Services
infosec.usfca.edu


[1] http://www.cisco.com/en/US/docs/security/nac/appliance/release_notes/49/491rn.html#wp65900

excerpt:

While upgrading to Cisco NAC Appliance Release 4.9 or later, there is
a possibility of the existing CAM database containing orphan data. The
orphan data may be present in dm_report_av and dm_report_soft database
tables. The presence of orphan data causes failure in upgrading to
Release 4.9(x). You must remove the orphan data before upgrading to
Release 4.9(x). Refer to Known Issue While Upgrading to NAC Appliance
Release 4.9(x).
http://www.cisco.com/en/US/docs/security/nac/appliance/release_notes/49/491rn.html#wp1284960

On Jul 25, 2012, at 7:01 AM, "King, Ronald A." <[log in to unmask]> wrote:

> Make sure your hardware is compatible.  We found ours was not and destroyed
> the database.
>
>
> Ronald King
> Security Engineer
> http://security.nsu.edu
>
> -----Original Message-----
> From: Cisco Clean Access Users and Administrators
> [mailto:[log in to unmask]] On Behalf Of Chris Bradshaw
> Sent: Wednesday, July 25, 2012 7:24 AM
> To: [log in to unmask]
> Subject: Is 4.9.1 stable?
>
> Hi....
>
> I have been wanting to upgrade our CAS and CAM for quite a while
> now....we are on 4.7.1....but on this mailing list every new release
> is subsequently accompanied by a number of posts which list various
> problems with the release (eg: I have seen 4.9.0 described as a train
> wreck ;-)....
>
> Our setup is provides in band NAC services for VPN access and nothing
> else. It works well on 4.7.1, so unless I can be reasonably sure
> upgrading won't screw everything up, I'd rather stick with what works
> than risk the upgrade.
>
> I was just wondering if anyone reading this would know or could
> comment on whether 4.9.1 is sufficiently stable enough for me to
> upgrade to? And more importantly, is there any possibility that some
> features or functionality in 4.7.1 might be lost or messed up by
> upgrading to 4.9.1?
>
> Thanx muchly in advance.
>
> Chris Bradshaw.

ATOM RSS1 RSS2