cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1220
Views
5
Helpful
3
Replies

ISE DR site deployment option

ammahend
VIP
VIP

This is a small deployment with 100 managed devices through TACACS and 900 radius authentications.

I have a central site and a DR site, whats the best way to deploy this, I am writing 2 options, please let me know your opinion.

 

option 1

======

At central Site - 4 nodes

node 1 - primary admin and Mnt

node 2 -  secondary admin and MnT

node 3 -  PSN 1

node 4 - PSN 2

At DR site - 1 node

node 5 - PSN 3

(All 5 nodes in same deployment, latency and other dependencies is already taken care)

 

option 2

======

At central site - 2 nodes

node 1 - primary admin, MnT and PSN1

node 2 - secondary admin MnT and PSN2

At DR site - 1 node

node 3 - PSN 3

(all 3 nodes in same deployment, but I am not sure if this will work or is best practices)

I always rate good comments !

-hope this helps-
3 Replies 3

Francesco Molino
VIP Alumni
VIP Alumni

Hi 

I would do something like option 1 as per best practice as you guarantee that latency isn't an issue: 

option 1 bis

======

At central Site - 3 nodes

node 1 - primary admin and secondary Mnt

node 2 - PSN 1

node 3 - PSN 2

At DR site - 2 nodes

node 4 - secondary admin and primary Mnt

node 5 - PSN 3

This will allow to always have an admin and monitoring node in case 1 DC goes down. 

Thanks 

PS: Please don't forget to rate and mark as correct answer if this answered your question


Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question

Thanks for your inputs.

-hope this helps-

You're welcome. This is what I used quite all of the time for small and medium design.

You can also use Cisco ISE HLD document on how to build the design and all the design documentation around it:

https://communities.cisco.com/docs/DOC-63812

Thanks 

PS: Please don't forget to rate and mark as correct answer if this answered your question


Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question