Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3430
Views
5
Helpful
7
Replies

ISE Bandwidth Requirement

Go to solution
hanguye3
Cisco Employee
Cisco Employee

‎11-12-2018 08:38 PM

Hi bros,

 

Our customer is asking us on the ISE bwd requirements for with some specific cases below:

  • The number of EUs are 5000 from many branches, connect to DC/DR through WAN link.
  • How much minimum bwd needed for one user authenticate successfully and get the ip from DHCP?
  • How much minimum bwd needed for the AnyConnect check the compliance policies on the PC, such as: version of AV/OS/Patch…?
  • How much minimum bwd need for the SCCM update OS/AV patch to user? I know it is not abt ISE but i need your experiences to advise.

 

I found that KB: https://community.cisco.com/t5/security-documents/ise-latency-and-bandwidth-calculators/ta-p/3641112 but it does not cover all the qns.

 

Highly appreciate for your advise. Thanks in advance.

 

Br,

hainm

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Jason Kunst
Cisco Employee
Cisco Employee

‎11-13-2018 05:27 AM

Recommend also looking at



https://community.cisco.com/t5/security-documents/ise-performance-amp-scale/ta-p/3642148


Also the training on that page



Look at Cisco life for performance and scale slides as well


https://community.cisco.com/t5/security-documents/ise-training/ta-p/3619944

View solution in original post

0 Helpful
7 Replies 7

Go to solution
nspasov
Cisco Employee
Cisco Employee

‎11-12-2018 09:41 PM

The link with the bandwidth calculator that you listed is the only validated calculator out there. With that said, I have done several successful ISE deployments where the endpoints were pretty far away with 300+ ms RTT. The most important part here is to ensure that there is enough bandwidth in the pipe so you don't end up starving the dot1x traffic. Otherwise, you will run into nasty issues with DHCP timing out, dot1x timing out, etc. Thus, if the links are small, then they will either need to upgrade them or have a very well deployed QoS.


Lastly, several ISE versions ago, the documentations used to list bandwidth requirements. Those are no longer included in the docs but I had saved them for future reference:

Description

Bandwidth

Minimum bandwidth between monitoring and policy service

1 Mbps

Minimum bandwidth between monitoring and admin

256 Kbps

Minimum bandwidth between client and policy service with posture

125 bps per endpoint

Minimum bandwidth between monitoring and monitoring (redundant)

256 Kbps

Minimum bandwidth between admin and policy service (redundant admin)

256 Kbps

 

I hope this helps!

 

Thank you for rating helpful posts!

Go to solution
ecanogut
Cisco Employee
Cisco Employee
In response to nspasov

‎11-23-2018 11:10 AM

Hello  Neno,

Wondering if the table provided is still valid for newest ISE version (2.3/2.4) I have a customer who wants to know the BW required for communications between ISE personas and PSNs-NADs, I think this table is the most accurate answer. 
 
Regards. 
0 Helpful

Go to solution
Jason Kunst
Cisco Employee
Cisco Employee
In response to ecanogut

‎11-23-2018 11:21 AM

Yes
0 Helpful

Go to solution
toyip
Cisco Employee
Cisco Employee
In response to ecanogut

‎11-23-2018 12:17 PM

Thanks! Good to know.

0 Helpful

Go to solution
Jason Kunst
Cisco Employee
Cisco Employee

‎11-13-2018 05:27 AM

Recommend also looking at



https://community.cisco.com/t5/security-documents/ise-performance-amp-scale/ta-p/3642148


Also the training on that page



Look at Cisco life for performance and scale slides as well


https://community.cisco.com/t5/security-documents/ise-training/ta-p/3619944

0 Helpful

Go to solution
luisitolazo
Level 1
Level 1
In response to Jason Kunst

‎04-15-2024 03:40 PM

HI Jason, please do you have a calculator for ISe 3.0 bandwidth?

0 Helpful

Go to solution
luisitolazo
Level 1
Level 1
In response to Jason Kunst

‎04-15-2024 03:42 PM

Hi Jason, do you have the minimun bandwidth requeriments for ISE 3.0 ?

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents