Updated: Oct 6, 2020
Taking the backup is one of the basic but important task for any system including Cisco ISE.
Performing Cisco ISE backup, will be done in four steps. These are:
▸ Creating a Repository;
▸ Adding crypto key;
▸ Backing up ISE;
▸ Backing Up ISE Certificates.
▸ Creating a Repository:
Cisco ISE allow to create Disk, FTP, SFTP, TFTP, NFS, HTTP, HTTPS repository. We will choose SFTP, it’s because SFTP is secure and most of the organization allows SFTP.
To create the repository, we need to go Administration >> System >> Maintenance >> Repository and click Add.
▸ Adding crypto key:
Now we need to create host key to work with SFTP repository. To create the host key, login to ISE using cli and run the command below:
▸ Backing up ISE:
To take the backup, we need to go Administration >> System >> Backup & Restore >> and click Backup Now.
Here, we can take two types of backup, one Configuration backup and other Operational backup:
> Configuration backup: It contains configuration data; > Operational backup: It contains monitoring & troubleshooting data.
We need to take backup for both. To do that (after clicking Backup Now), we need to add Backup Name, Type, Repository Name, Encryption key and then click Start Backup.
Within next few minutes you will be able to see Cisco ISE backup files in your SFTP root directory.
How much time it will take? It depends on the configuration of the ISE!
▸ Backing Up ISE Certificates:
To perform ISE certification backup, you need to login CLI and type the command below:
That's all folks :)