05-30-2023 11:47 PM
Hi All ,
I try to find information about Maximum Mac Address can create in endpoint identity on Cisco ISE 2.7 or 3.x
My deployment is 2 Cisco ISE HA (Admin+PSN+Monitor) Primary and Secondary .
I see link below but not found the exact maximum number of mac address can create in endpoint identity.
Please advise me .
Solved! Go to Solution.
06-05-2023 12:44 PM
The concurrent sessions are well documented on the performance and scale page.
https://www.cisco.com/c/en/us/td/docs/security/ise/performance_and_scalability/b_ise_perf_and_scale.html
The total known endpoints has turned in to tribal knowledge, there used to be stated scale in the performance and scale guide but the number is no longer published. You can look at the 2.6+ endpoint scale on an archive of this old scale document. Search for "maximum endpoints" in this table and you will find the 2 million number on the far right column. This was increased from 1.5 million that 2.4 or older supported.
https://web.archive.org/web/20210710140104mp_/https://community.cisco.com/t5/security-documents/ise-performance-amp-scale/ta-p/3642148#toc-hId--1312516075
05-31-2023 09:58 PM
I still waiting someone to help.
06-01-2023 03:46 PM
I don't believe there is a theoretical maximum for the number of MAC addresses that can be stored in the endpoint database, but the maximum validated is 2 million.
With your 2 node cluster, the number you would need to be concerned about would be the supported concurrent sessions based on the platform specs you are using (which you have not mentioned).
06-01-2023 07:57 PM
Thank you for information. I deploy VM Small Type If reference from concurrent sessions VM Small type support 10000 concurrent . Can I use this value for mac address (endpoint ) store in database ?
06-01-2023 08:12 PM
Yes, you can store 2 million mac address entries in the context visibility database.
A small VM will support up to 10,000 unique endpoint/macs being online and active on the network at any given point in time. This number is up to 10,000 though, there are many variables that can impact this like rate of auth, auth type, etc.
I've had customers exceed the 2 million total macs, one just under 5 million without issue. The scale for this used to be stated as 2 million, for some reason that specific scale number is no longer reported.
06-01-2023 08:26 PM
@Damien Miller
Can you provide official document to me ? or Can I refer from concurrent session? Because If a small VM support 10k concurrent but we add mac address greater than 10k ISE still handle 10K current also. Please advise me.
06-05-2023 12:44 PM
The concurrent sessions are well documented on the performance and scale page.
https://www.cisco.com/c/en/us/td/docs/security/ise/performance_and_scalability/b_ise_perf_and_scale.html
The total known endpoints has turned in to tribal knowledge, there used to be stated scale in the performance and scale guide but the number is no longer published. You can look at the 2.6+ endpoint scale on an archive of this old scale document. Search for "maximum endpoints" in this table and you will find the 2 million number on the far right column. This was increased from 1.5 million that 2.4 or older supported.
https://web.archive.org/web/20210710140104mp_/https://community.cisco.com/t5/security-documents/ise-performance-amp-scale/ta-p/3642148#toc-hId--1312516075
06-05-2023 10:03 PM
Thank you so much for information .
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: