Hello,
I upgraded a client's NAC setup (1 CAM and CAS in HA) last week.  They were
at 4.1.x then I upgraded to 4.5 thinking the 4.7 was too new.  We ran into a
problem with the auto upgrade of the Agent because of file names?  TAC's
workaround was to go to every PC and uninstall the 4.1 Agent and manually
install the 4.5 Agent.  That wasn't acceptable.

I read somewhere in the release notes for 4.7 that the auto upgrade for the
Agent was a complete uninstall / reinstall.  So we gave it a shot.  I
followed the docs for upgrading... turned off services, disconnected from
network and upgraded the first CAS.  Upgraded it thru the serial connection
(if you do it that way, choose option 2 when the .iso boots up).  Repeated
the same for CAS2.  Then to the CAM.

Every upgrade took about 20 minutes - 1 hour for all three of my devices. 
The issue with upgrading the Agent went away!!  I've noticed the GUI
responds a lot faster!  No other problems have been experienced.  We have a
L2 IB deployment with AD SSO and VPN SSO as well.

I spoke with a Cisco SE who is in the know and he tells me that 4.7 was
mainly for FIPS stuff... the "next major release" (4.7.1) is slated for the
3rd week of Nov.  That release will support Windows 7 and Snow Leopard.


Chris Perkins, CCSP
Consulting Engineer, Security
INX, Inc. | Southwest Region
www.inxi.com