SD Access Migration License (ISE)

Tarik Admani — Tue, 05 Feb 2019 03:14:27 GMT

Team,

I wanted to know how to handle the discussion regarding a customer who has ISE enabled for a non-SDA campus, and how to migrate their environment from a licensing perspective to a new SDA network. For some customers this may be a multi-year engagement as they start to phase out their existing infrastructure.

Re: SD Access Migration License (ISE)

Damien Miller — Tue, 05 Feb 2019 15:15:33 GMT

I'll break this in to three separate scenarios.

Licensing of ISE for traditional networking and SD Access fabric is the same, it depends on the features you are using to authenticate and authorize endpoints. If you leverage the same instance of ISE for sites moving to SDA at the same time as supporting the legacy infrastructure, then you shouldn't require licensing changes.

If you want a separate instance of ISE to support SDA, you could switch both deployments to smart licensing, pool the endpoint licenses (base, plus, apex), and buy some extra VM node licensing.

Licensing from a network hardware perspective does have changes, they need to be licensed to support SDA. This isn't dependent on ISE at all though.

topic Re: SD Access Migration License (ISE) in Network Access Control

SD Access Migration License (ISE)

Re: SD Access Migration License (ISE)