Hello, I upgraded a client's NAC setup (1 CAM and CAS in HA) last week. They were at 4.1.x then I upgraded to 4.5 thinking the 4.7 was too new. We ran into a problem with the auto upgrade of the Agent because of file names? TAC's workaround was to go to every PC and uninstall the 4.1 Agent and manually install the 4.5 Agent. That wasn't acceptable.
I read somewhere in the release notes for 4.7 that the auto upgrade for the Agent was a complete uninstall / reinstall. So we gave it a shot. I followed the docs for upgrading... turned off services, disconnected from network and upgraded the first CAS. Upgraded it thru the serial connection (if you do it that way, choose option 2 when the .iso boots up). Repeated the same for CAS2. Then to the CAM. Every upgrade took about 20 minutes - 1 hour for all three of my devices. The issue with upgrading the Agent went away!! I've noticed the GUI responds a lot faster! No other problems have been experienced. We have a L2 IB deployment with AD SSO and VPN SSO as well. I spoke with a Cisco SE who is in the know and he tells me that 4.7 was mainly for FIPS stuff... the "next major release" (4.7.1) is slated for the 3rd week of Nov. That release will support Windows 7 and Snow Leopard. Chris Perkins, CCSP Consulting Engineer, Security INX, Inc. | Southwest Region www.inxi.com
