Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2513
Views
10
Helpful
6
Replies

ISE ERS API Rate/Payload Limiting

Go to solution
Damien Miller
VIP Alumni
VIP Alumni

‎01-10-2019 08:37 AM

Hello All,

 

I am wondering if there is any documentation pertaining to the ISE API's handling limits.  We are testing out an automated inventory integration and every now and then the dev is reporting that there is a connection error. The similar set up we are migrating from is currently running against ACS without issue. 

 

I know firepower has a limitation of 120 messages per second before you get a 429 too many messages error. It also provides a 422 back if you send messages greater than 2 MB. Does ISE have any similar limitations that we have to work with? Has any one here run in to similar issues when trying to add/change NADs?

In this link I found the following.
https://community.cisco.com/t5/security-documents/ise-ers-api-examples/ta-p/3622623
Known issues - If you're processing more than 100 records. These are enhancements.
CSCve05681 ERS Get-All takes very long time for response
CSCvg64354 ENH ISE ERS calls should be processed much faster

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Jason Kunst
Cisco Employee
Cisco Employee

‎01-10-2019 11:34 AM

Please get your feedback into our Product managers using the feedback in the upper right of ISE. Not sure if we're going to have any more guidance than that right now

View solution in original post

0 Helpful
6 Replies 6

Go to solution
Jason Kunst
Cisco Employee
Cisco Employee

‎01-10-2019 11:34 AM

Please get your feedback into our Product managers using the feedback in the upper right of ISE. Not sure if we're going to have any more guidance than that right now

0 Helpful

Go to solution
Nidhi
Cisco Employee
Cisco Employee

‎01-11-2019 01:07 AM - edited ‎01-11-2019 01:10 AM

Damien,

We do not have anything published for ERS performance. 

 

Thanks,

Nidhi

0 Helpful

Go to solution
Nidhi
Cisco Employee
Cisco Employee

‎01-11-2019 08:55 AM

Also, just to add here, we are currently in process of evaluating performance matrix for API calls and will update the community once we have confirmed results. 

 

Thanks,

Nidhi

Go to solution
dhook
Level 5
Level 5
In response to Nidhi

‎04-03-2020 08:42 AM - edited ‎04-03-2020 08:56 AM

Hello,

 

Just posted this in another thread: (just noticed that it was marked as spam, notified the moderator and hopefully it will be fixed).

 

https://community.cisco.com/t5/cisco-bug-discussions/cscvg64354-ise-ers-calls-should-be-processed-much-faster-2/m-p/4058458#M10737

 

The amount of data that usually is needed from the API is very small. The current design, although quite beautiful, is not very efficient. If you could add enhanced filtering and the availability to export a file, or a JSON/XML blob with the data that would make it a lot easier to work with the ERS API. It would not go all the way, but it would certainly make it a lot easier to extract information from the ISE.

 

Kind Regards,

 

//Dan

0 Helpful

Go to solution
Damien Miller
VIP Alumni
VIP Alumni
In response to dhook

‎04-03-2020 12:10 PM

This was an old thread. Since I first asked the question the BU has published ERS API scaling numbers for us, have you seen this?
https://community.cisco.com/t5/security-documents/ise-performance-amp-scale/ta-p/3642148#toc-hId-1926029291

Are your results not consistent with the calls per second they are indicating?

Go to solution
Roberto.Carmona
Level 1
Level 1
In response to Damien Miller

‎05-19-2020 02:46 PM - edited ‎05-19-2020 02:50 PM

As per this thread and the post from the BU, do you know what does number within the parenthesis means?

 

I assume the number the number outside, is the TPS, but not sure what's the meaning for the one within the parenthesis. Thoughts?

oncurrent ERS Connections2.4= 102.6= 30

 

Operation2.4 (3515) 2.4 (3595)2.6 (3515)2.6 (3595)2.6
(3615)		2.6 (3655)2.6 (3695)
EP Bulk create  361 (250K)362 (250K)351 (200K)533 (200K)351 (200K)  581 (200K)598 (200K)


Regards,

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents