In this article I would like to focus on virtual machines, in particular Cisco ISE virtual machines running on VMware. I will explain why virtual ISE deployments DO NOT support snapshots as well as the potential issues that you could face if snapshots are enabled.
So what is a snapshot?
So why doesn’t Cisco ISE support snapshots?
What happens if snapshots are taken of ISE nodes?
I don’t have access to the VMware environment so how would I know that snapshots may be affecting my ISE deployment?
The ISE node is still reachable via ping however you cannot login via SSH
AAA requests to ISE PSN’s is failing
When I try to access the GUI of the ISE node, it times out
I can access the primary PAN but some of the nodes are shown as offline when I check the deployment status
How can I maintain backups ensuring snapshots don’t affect my ISE deployment?
Ensure automatic snapshots are disabled
Ensure the relevant teams are aware that snapshots shouldn’t be taken of ISE nodes
Configure scheduled backups within ISE