05-31-2019 02:48 AM
Hi Guys,
I have a question regarding ISE sizing in context of maximum supported authentications per second. ISE Performance and Scale provides unidirectional numbers for different authentication types (PAP/EAP-TLS etc... ) but does not provide a recommendation on number of PSN's.
One of my customers challenged my why not to use a single pair of SNS-3695's running PAN+MnT+PSN for an SDA deployment which according to papers should support up to 50K sessions in 2.6. I think that it is a risky approach due to PAN and MnT load and potential RADIUS congestion (in case of spike like WLC reload or major outage-recovery situation) but with data on ISE Performance and Scale I don't have solid arguments to defend my position to recommend hybrid/distributed deployment with more than 2 PSNs.
Could you please let me know what are the recommendations for number of PSNs with regards to auth/second rate? This dimension of ISE scaling seem to be a grey zone with no clear recommendations...
Cheers,
Chris
Solved! Go to Solution.
05-31-2019 07:32 AM
05-31-2019 07:32 AM
06-04-2019 08:02 AM
Thanks Jason!
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide