01-26-2023 03:45 PM
I am implementing Cisco ISE 3.1 and would appreciate any tips for a successful deployment. I am planning to start with basic discovery, enforcement, compliance and posture.
Any useful tips will be appreciated.
Regards.
Solved! Go to Solution.
01-26-2023 04:06 PM
@Yemmy... If you are new to ISE, you might want to start by checking out some of the various training videos available at https://cs.co/ise-webinars.
03-14-2023 04:23 AM
I have recently installed two 3.1 nodes, patched them with patch 5 and they are working fine. My tips would be:
1. Try to set correct details from the first time, IP, subnet mask, hostname, domain, ntp,...etc it's not that you can't change them later, but this will save time and efforts.
2. Make sure they have correct resources (if they are VMs).
3. Don't enable any feature that you don't intent to use. This will improve ISE performance.
4. If you are using profiling, make sure to have only the needed attributes sent from NADs (switches, wireless controllers). profiling affects ISE resources heavily if not configured correctly.
5. Make sure to have correct DNS records for your ISE nodes, both forward and revers records are needed.
6. Don't overwhelm ISE with certificates, just keep those that you use and remove expired and those which are not in use.
04-02-2023 08:34 PM - edited 04-02-2023 08:35 PM
⭑
⭑ ISE Webinars: https://cs.co/ise-webinars : First week of every month!
⭑ ISE YouTube Channel: https://cs.co/ise-videos : ISE Webinar archive and more!
⭑ ISE Training: https://cs.co/ise-training : YouTube, Cisco Live, and more!
⭑ ISE Community: https://cs.co/ise-community | How to Ask The Community for Help
01-26-2023 03:54 PM
Hello Yemmy, the design of the same really depends on your requirements, but you can refer to the following useful guides to achieve the implementation:
Posture/Compliance:
https://community.cisco.com/t5/security-knowledge-base/ise-posture-prescriptive-deployment-guide/ta-p/3680273
01-26-2023 04:06 PM
@Yemmy... If you are new to ISE, you might want to start by checking out some of the various training videos available at https://cs.co/ise-webinars.
03-24-2023 04:24 PM
Please anyone with a step by step guide for cisco ISE, Having issues traffic from my switch is not getting to ISE.
I know I am not doing something right but what that is, I don't know. My network guy has done all the configurations recommended on the switch yet we are stalked
A step by step guide will be appreciated.
01-26-2023 10:15 PM
Adding to other posts - Follow the link for planning :
also suggested webinars help you use cases.
03-13-2023 11:13 AM
Thank you all for your contributions. Currently we have installed the cisco ISE but the patch upgrade 5 is breaking the application. After the patch installation the cisco ISE keeps initializing perpetually. Has anyone seen this kind of error before?
03-14-2023 04:23 AM
I have recently installed two 3.1 nodes, patched them with patch 5 and they are working fine. My tips would be:
1. Try to set correct details from the first time, IP, subnet mask, hostname, domain, ntp,...etc it's not that you can't change them later, but this will save time and efforts.
2. Make sure they have correct resources (if they are VMs).
3. Don't enable any feature that you don't intent to use. This will improve ISE performance.
4. If you are using profiling, make sure to have only the needed attributes sent from NADs (switches, wireless controllers). profiling affects ISE resources heavily if not configured correctly.
5. Make sure to have correct DNS records for your ISE nodes, both forward and revers records are needed.
6. Don't overwhelm ISE with certificates, just keep those that you use and remove expired and those which are not in use.
03-25-2023 01:02 AM
Currently we have installed the cisco ISE but the patch upgrade 5 is breaking the application. After the patch installation the cisco ISE keeps initializing perpetually
First to fix the issue if this is a major - i will go and roll back to see work as expected.
If time permits - i go to TAC (to troubleshoot) - since you not have any logs to prove here that what is going wrong here. ?
Run the debug on the switch ( Having issues traffic from my switch is not getting to ISE.)
04-02-2023 08:34 PM - edited 04-02-2023 08:35 PM
⭑
⭑ ISE Webinars: https://cs.co/ise-webinars : First week of every month!
⭑ ISE YouTube Channel: https://cs.co/ise-videos : ISE Webinar archive and more!
⭑ ISE Training: https://cs.co/ise-training : YouTube, Cisco Live, and more!
⭑ ISE Community: https://cs.co/ise-community | How to Ask The Community for Help
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide