Security

last person joined: yesterday 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

Undo patch clearpass

This thread has been viewed 0 times

  • 1.  Undo patch clearpass

    Posted Jun 14, 2014 02:15 PM
    Hi,<br><br>Is there a way to undo a Clearpass patch? I only see an install option.


  • 2.  RE: Undo patch clearpass

    EMPLOYEE
    Posted Jun 14, 2014 06:29 PM
    I believe you would have to work with Aruba TAC to remove a patch.


  • 3.  RE: Undo patch clearpass

    EMPLOYEE
    Posted Jun 14, 2014 06:45 PM
    You cannot undo a patch. On a version up you can role back to the second partition.

    Example: you can revert back from 6.3 to 6.2 if it was upgraded from 6.2, but you will lose any changes made in 6.3.


  • 4.  RE: Undo patch clearpass

    Posted Jun 16, 2014 02:43 AM

    Can someone from Aruba confirm this as I was told by TAC that a patch could be removed.



  • 5.  RE: Undo patch clearpass
    Best Answer

    EMPLOYEE
    Posted Jun 16, 2014 03:26 PM

    No you cannot undo a patch only a upgrade, I just confirmed with engineering. 



  • 6.  RE: Undo patch clearpass

    Posted Jun 17, 2014 02:45 AM

    Well, not very entreprise alike :mansad:  If the responsables are reading here, please implement this.  And before you ask, i already had an occurence where a patch broke working functionality.



  • 7.  RE: Undo patch clearpass

    Posted Jun 17, 2014 03:36 AM

    I too had a patch break the device which is why I specifically asked the Aruba TAC engineer whether a patch could be removed once installed and was adamant that if something went wrong it could. This was not the first time I had been assured that something could be done which turned out not to be the case. Sometimes I think TAC will tell you what you want to hear.



  • 8.  RE: Undo patch clearpass

    EMPLOYEE
    Posted Jun 17, 2014 07:56 AM
    What broke?
    Did you read the release notes?
    Did you report the issue to TAC?


  • 9.  RE: Undo patch clearpass

    Posted Jun 17, 2014 08:46 AM

    The cluster failed to sync so changes could not be pushed out amongst a number of other issues. Yes we reported it to TAC. The whole issue turned into a right circus act with Aruba having to write a bespoke patch which did not solve the issue, the TAC engineer rebooting production devices when specifically told not to, failing to follow crystal clear instructions resulting in me have to end the support session before any more damage could be done. Ultimately we had to rebuild three VMs which cost us a lot of wasted hours and much embarrasment with the customer.



  • 10.  RE: Undo patch clearpass

    EMPLOYEE
    Posted Jun 17, 2014 08:02 AM
    @pnobels wrote:

    Well, not very entreprise alike :mansad:  If the responsables are reading here, please implement this.  And before you ask, i already had an occurence where a patch broke working functionality.

    pnobels,

     

    If you have something that is broken, you should open a TAC case so that we can be aware of it.  We cannot fix it otherwise.

     

    The best thing that can be done is a full backup, because that can be installed on a version of the software without the patch and put things back to where they were.



  • 11.  RE: Undo patch clearpass

    Posted Jun 17, 2014 08:36 AM

    Hi,

     

    i did not note in detail what went wrong at that time.  Yes, we read the release notes.  We opened a ticket with our local support Quantum ICT.  They were able to fix the issue immediately.