Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
Bookmark
|
Subscribe
|
1659
Views
9
Helpful
6
Replies

ISE Configuration in Distributed Environment

sachpednekar
Level 1
Level 1

‎10-11-2012 08:37 AM - edited ‎03-10-2019 07:39 PM

                  Hi All,

I have quick questions about  ISE deployment in Distributed environment, as i have purchased 2 X Cisco ise 3395 - For Data Center and 3 X Cisco ISE 3355 for remote location with 3500 Base licences and 500 Advance licences.

i have some questions on this deployment

i will install 1 3395 in Primary Datacenter and other 3395 in Our secondary Data center as Primary admin+Primary Monitoring and Secondary Admin+Secondary Monitoring

and each 3355 will get installed in Remote location as policy server, My Question is it this will be correct deployment?

or while configuring 3395 do i need to configure Policy server as well in addition to Primary admin and monitoring?

or please suggest me best deployment stratagy!

Thanks,

Sachin

Labels:
0 Helpful
6 Replies 6

Tarik Admani
VIP Alumni
VIP Alumni

‎10-11-2012 10:16 AM

Sachin,

How are all the sites connected (via MPLS) based on the equipment the customer must have a good WAN setup.

In most scenarios I usually position the the PSN at the central location anyways but it all depends on how the customer's network is configured.

thanks,

Tarik Admani
*Please rate helpful posts*

sachpednekar
Level 1
Level 1
In response to Tarik Admani

‎10-11-2012 10:59 AM

Thanks for the reply,

all three sites are connected in MPLS with 100MB redundant band width

we are have 2 data center one is primary and other is secondary. and all client locations are connected with 100 Meg links where i am planning to install 3355 which will act as authentication server.

but now my question is

3395 - Primary Admin+Primary Monitoring - Primary DC

3395 - Secondary Admin+ Secondary Monitoring - Secondary DC

3355- will say for one remote location(PSN)

3355- Second remote Location(PSN)

3355- third Remote location (PSN)

thanks,

Sachin

0 Helpful

Tarik Admani
VIP Alumni
VIP Alumni
In response to sachpednekar

‎10-11-2012 08:56 PM

Sachin,

i would suggest the following change:

3395 - Primary Admin+Secondary Monitoring - Primary DC

3395 - Secondary Admin+ Primary Monitoring - Secondary DC

Tarik Admani
*Please rate helpful posts*

sachpednekar
Level 1
Level 1
In response to Tarik Admani

‎10-12-2012 06:49 AM

Thanks I will do.

Can I get any installation document which is prepared at the time of real time implementation ? Like authentication and authorization policy config!

Step by step guide!

Sent from Cisco Technical Support iPhone App

0 Helpful

harvisin
Level 3
Level 3

‎09-21-2013 04:24 PM

Hello Sachin,

The below mentioned links will hep you out:-

http://www.cisco.com/en/US/docs/security/ise/1.1.1/installation_guide/ise_deploy.html#wp1151366

http://www.cisco.com/en/US/solutions/ns340/ns414/ns742/ns744/landing_DesignZone_TrustSec.html

These two links will give you a fair idea !!

0 Helpful
Top