Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1003
Views
20
Helpful
7
Replies

Advise seek for choosing between ISE SNS-3615-K9 appliance model or VM

Go to solution
byme88
Level 1
Level 1

‎02-09-2023 11:44 PM

Hi everyone,

Can someone familiar with the Cisco SNS-3615-K9 Appliance version vs. the VM version?

I have a decision to make to choose between the 2. 

Any suggestion with pro and con is very much appreciated.

thanks,

Byme88

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
adamscottmaster2013
Level 3
Level 3

‎02-15-2023 10:13 AM

Stay with appliances if you can for the following reasons:

1- both hardware and software are supported by Cisco.  This is huge.  When there are issues, you don't want to have too many chefs in the kitchen.  They are pointing fingers at each other.

I am going that issue at the moment and ISE in AWS.  you're at the mercy of different vendors.  Stay with appliances for as long as you can.

View solution in original post

7 Replies 7

Go to solution
marce1000
VIP
VIP

‎02-10-2023 12:25 AM

 

 - Usually appliance will provide higher capacities and support more clients and NADs versus VM solution(s) , checkout : https://www.cisco.com/c/en/us/td/docs/security/ise/performance_and_scalability/b_ise_perf_and_scale.html

 M.



-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
    When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '

Go to solution
balaji.bandi
Hall of Fame
Hall of Fame

‎02-10-2023 12:30 AM

I prefer to go with appliance, since Cisco tweaked hardware work as expected

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Go to solution
james.king14
Level 1
Level 1

‎02-10-2023 08:36 AM

PROs:

Lower power consumption and no need to add space for new unit. No need to
do another cabling instance.

Same accessibility once installed.

I found that the VM works a lot better if and when there is an issue with
the system. I can access the VM core information a lot faster. I can do
backups of the entire server in a small amount of time. (SNAPshot) if a
failure happens I have redundancy of the entire server instead of just the
parts and it also allow for me to create a lab on the same Core server
without touching the prime device.

CONs: cost is about the same

Depends on systems administration structure. Access maybe denied to make
changes to core device.

Go to solution
Arne Bier
VIP
VIP

‎02-12-2023 12:35 PM

One thing to consider with Cisco SNS- servers, is that they are single purpose only. Once they are end of life (no more Cisco support, and ISE versions refuse to run on them), you cannot deploy any other software (like a hypervisor) on them. At that point you have an expensive brick.

0 Helpful

Go to solution
PradeepSingh
Level 1
Level 1

‎02-15-2023 04:49 AM

In addition to all above inputs I can share experience using VMs on VMWare environment and it works without issues. Also there is flexibility to scale up and down with number of VMs. For upgrades a fresh VM can be build in parallel and replace an existing, which is an optional thing for disposal.

0 Helpful

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame

‎02-15-2023 05:32 AM

Performance-wise an equivalently provisioned VM will be the same as the hardware appliance.

ISE VM specs are pretty steep though so if your hypervisor environment is resource-constrained, it may not be a good choice to run VMs.

If you have the resources, VMs are much easier to spin up and you have more options with upgrade paths.

Some customers choose hardware appliances since the operations teams don't mix well (i.e. VMware admins not wanting or not knowing how to give ISE admins the necessary access to manage the VMs).

The downside of hardware is that it will eventually go end of sales and you also have to pay annual support costs on it. For instance, the 37xx series is expected out later this year at which point the 36xx will be end of sales. If you had VMs, you can just spin up a new one matching the specs and have a 37xx equivalent the same day. Also, the hardware obviously takes up space and power.

0 Helpful

Go to solution
adamscottmaster2013
Level 3
Level 3

‎02-15-2023 10:13 AM

Stay with appliances if you can for the following reasons:

1- both hardware and software are supported by Cisco.  This is huge.  When there are issues, you don't want to have too many chefs in the kitchen.  They are pointing fingers at each other.

I am going that issue at the moment and ISE in AWS.  you're at the mercy of different vendors.  Stay with appliances for as long as you can.

Customers Also Viewed These Support Documents