Cisco Cisco Identity Services Engine 1.3 릴리즈 노트
20
Release Notes for Cisco Identity Services Engine, Release 1.3
New Features in Cisco ISE, Release 1.3
•
Joined domain is unavailable
•
EAP Session Allocation Failed
•
RADIUS Context Allocation Failed
•
License About to Expire
•
License Expired
•
Endpoint certificates expired
•
Endpoint certificates purged
•
OCSP Transaction Threshold Reached
•
Certificate Provisioning Initialization Error
•
Certificate Replication Failed
•
Certificate Replication Temporarily Failed
VLAN Change Support Dropped
Cisco ISE has never supported VLAN change for mobile devices. It only supports Java or ActiveX agent
for VLAN change; however, this is applicable only for Windows OS, Mac OSX, and Linux devices.
When a device completes guest flow without VLAN, a CoA Reauth is performed to refresh the session.
for VLAN change; however, this is applicable only for Windows OS, Mac OSX, and Linux devices.
When a device completes guest flow without VLAN, a CoA Reauth is performed to refresh the session.
The Admin should create two separate guest policies for mobile devices and workstations.
•
For mobile devices, an authorization policy rule that includes EndPoints:LogicalGroups EQUALS
mobiledevices as one of the validation conditions should be created and assigned to the mobile
device guest authorization policy.
mobiledevices as one of the validation conditions should be created and assigned to the mobile
device guest authorization policy.
•
For workstations that support VLAN changes, an authorization policy rule that includes
EndPoints:LogicalGroups NOT EQUALS mobiledevices should be created and assigned to the
workstation guest authorization policy.
EndPoints:LogicalGroups NOT EQUALS mobiledevices should be created and assigned to the
workstation guest authorization policy.
Upgrade Enhancements
Cisco ISE, Release 1.3 includes the following enhancements that include several preupgrade checks to
ensure that you have a seamless upgrade experience.
ensure that you have a seamless upgrade experience.
•
Virtual Machine Resource Checks: The upgrade software now checks if the virtual machine’s
hardware (such as hard disk size, CPU speed, etc.) meets the recommended specifications before it
begins the upgrade. If the VM resources do not meet the recommended specification, the upgrade
fails without making any changes to the existing ISE installation. The console will display a message
stating the minimum resource requirements and that the upgrade can be retried after the virtual
machine’s hardware has been updated to meet those requirements.
hardware (such as hard disk size, CPU speed, etc.) meets the recommended specifications before it
begins the upgrade. If the VM resources do not meet the recommended specification, the upgrade
fails without making any changes to the existing ISE installation. The console will display a message
stating the minimum resource requirements and that the upgrade can be retried after the virtual
machine’s hardware has been updated to meet those requirements.
•
Upgrade Bundle SHA-256 Checksum Verification: The upgrade software verifies the SHA-256
checksum of the upgrade bundle before starting the upgrade process. This check ensures that
upgrade does not fail because of corrupt upgrade software leaving the system in a corrupt state. If
the upgrade bundle is corrupted, the console displays a message asking the administrator to
re-download the upgrade bundle and try the upgrade again.
checksum of the upgrade bundle before starting the upgrade process. This check ensures that
upgrade does not fail because of corrupt upgrade software leaving the system in a corrupt state. If
the upgrade bundle is corrupted, the console displays a message asking the administrator to
re-download the upgrade bundle and try the upgrade again.