cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1049
Views
0
Helpful
1
Replies

3595 ISE sizing - for 500K endpoints

Phanikumar Dharmavarapu
Cisco Employee
Cisco Employee

As I understand from ISE 2.1 Admin guide, one ISE 3595 server supports 40000 End points in standalone PSN configuration.

So in a distributed deployment (PAN, MNT, PSN running seperately) Can the deployment scale to 500 K endpoints by using 13 PSN nodes? (13 X 40000 = 500000). PAN and MNT will have seperate nodes.

Are there any caveats to be considered here.

1 Accepted Solution

Accepted Solutions

gbekmezi-DD
Contributor
Contributor

I’m sure you’ve already seen this, but just in case: https://communities.cisco.com/docs/DOC-68347

Of course there are lots and lots of caveats :). Is this just straight 802.1x/Radius? Do you have posture? Profiling? Guest? BYOD? This list can go on and on with the number of features ISE offers. That number of 40,000 per node doesn’t tell the whole story. You have to consider the types of authentications and workloads a given PSN will be handling and size it accordingly. I’d pay particular attention to these sections of that Performance & Scale document:

  • ISE PSN Performance<https://communities.cisco.com/docs/DOC-68347#jive_content_id_ISE_PSN_Performance>

  • ISE TACACS+ Performance<https://communities.cisco.com/docs/DOC-68347#jive_content_id_ISE_TACACS_Performance>

  • ISE 2.0 RADIUS Performance<https://communities.cisco.com/docs/DOC-68347#jive_content_id_ISE_20_RADIUS_Performance>

Good luck!

George

View solution in original post

1 Reply 1

gbekmezi-DD
Contributor
Contributor

I’m sure you’ve already seen this, but just in case: https://communities.cisco.com/docs/DOC-68347

Of course there are lots and lots of caveats :). Is this just straight 802.1x/Radius? Do you have posture? Profiling? Guest? BYOD? This list can go on and on with the number of features ISE offers. That number of 40,000 per node doesn’t tell the whole story. You have to consider the types of authentications and workloads a given PSN will be handling and size it accordingly. I’d pay particular attention to these sections of that Performance & Scale document:

  • ISE PSN Performance<https://communities.cisco.com/docs/DOC-68347#jive_content_id_ISE_PSN_Performance>

  • ISE TACACS+ Performance<https://communities.cisco.com/docs/DOC-68347#jive_content_id_ISE_TACACS_Performance>

  • ISE 2.0 RADIUS Performance<https://communities.cisco.com/docs/DOC-68347#jive_content_id_ISE_20_RADIUS_Performance>

Good luck!

George

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: