cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
795
Views
0
Helpful
4
Replies

ISE- Identity service engine ???

manuelricardo
Level 1
Level 1

Hi There , I would like to know wether the indentity service engine (ISE) is hardware based or software based ?

and if it is part of Cisco ASA as a service ??

and what exactly can it do , can it act as a NAC (network access controller) ?

Your input as most welcome 

4 Replies 4

Joseph Johnson
Level 1
Level 1

Cisco ISE is software that can run either as a VM or on hardware (SNS server). It is not a part of ASA. It can be used in conjunction with an ASA as an authentication source.

Cisco ISE is used for authentication and authorization (network access control). For example: You can do either basic authentication and authorization (802.1x/AAA), guest access, or full posture assessment using an agent (system checks before full access allowed).

You can find more information about what it can do here:

http://www.cisco.com/c/en/us/products/security/identity-services-engine/index.html

Hi Joseph,

The VM can be installed on any vendor server like HP, Dell etc or it just runs on cisco UCS systems ? the SNS server , what is it ? is it part of Cisco ? last but not least can you please provide me some documentation on actual deployment of ISE , the link you provided it only specifies the features and benefits I want the actual technical deployment features ..what will be the consideration as I planning to use ISE as a NAC at my midsized network infrastruture !

Manuel,

An ISE VM can be installed on any vendor's hardware that meets the system requirements (VMware ESX version, CPU, memory and disk). Those requirements are in the installation guide on the ISE product support page. You will also find there dozens of detailed documents on technical deployment details for many use cases.

http://www.cisco.com/c/en/us/support/security/identity-services-engine/tsd-products-support-series-home.html

See especially the design guides section of that page.

"SNS" means Secure Network Server. It is a Cisco product line that includes both large and small size options (SNS-3515 or SNS-3595 - the older SNS-3400 series will also be sold through this summer while the even older 3300 series (based on IBM hardware) is past end of sales). It is currently based on the Cisco UCS C220 hardware (a 1 rack-unit server) and comes configured with the product of choice (ISE or ACS) pre-installed 

Thanks Marvin ,