Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
382
Views
0
Helpful
2
Replies

Is in ISE Virtualization is possible with 2 different box?

timnetwork
Level 1
Level 1

‎03-12-2017 11:00 AM - edited ‎03-11-2019 12:32 AM

Hi,

As of my knowledge till  now ISE is not successful in Virtualization is possible with 2 different box.

Its not sync the data base 100% and when primary (box1) will be fail secondary (box 2) fail to retrieve as primary..

Thanks

Subhakanta 

Labels:
0 Helpful
2 Replies 2

Karsten Iwen
VIP
VIP

‎03-12-2017 02:24 PM

Not sure what you mean, but you can build a two-node deployment with two physical, one physical and one virtual or two virtual nodes. They will sync and if the primary box fails, the second one can take over the role (with some small limits based on the design).

0 Helpful

Marvin Rhoads
Hall of Fame
Hall of Fame

‎03-13-2017 12:49 AM

I would add to what Karsten correctly said that, in a 2-node deployment, one has to manually promote the secondary PAN to primary status if and when the primary fails.

If the deployment was healthy up until the failure of the primary, databases should have been synchronized. That includes the policies and supporting bits (PAN) as well as the system logs and accounting records (MnT).

Since ISE 2.1 in a larger deployment (3+ nodes) we can promote the secondary PAN automatically by monitoring the health of the primary PAN node in the deployment from a third node.

References:

http://www.cisco.com/en/US/docs/security/ise/1.0/user_guide/ise10_dis_deploy.html#wp1087439

https://communities.cisco.com/thread/66952?start=0&tstart=0

0 Helpful
Customers Also Viewed These Support Documents