cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.

946
Views
0
Helpful
0
Replies
Antho_Balitrand
Beginner

ISE Passive-ID Agent VS WMI on distributed DCs

Hello Cisco community ! 

 

I'm currently working on Passive-ID integration on our ISE deployment. 

As there is not a lot of documentation on it, I would like to have your feedback on this feature on large infrastructures. 

- AD agent installed on every DC ? (Is it necessary to install the agent on each and every DC ? Some parts of the doc mention about a given agent being able to monitor 10 DCs... that's not clear to me)

- AD agent VS WMI ? I guess it's just a matter of "does your AD team allows you to install an agent on all the DC" ? 

- Is there a significant increase of load on the DC, either using the AD agent or WMI integration ? 

- Does all the PSNs (with Passive-ID probe enabled) need to be joined to each DC ? (kind of "full-mesh"). 

 

Thanks a lot for your answers and advices ! 

0 REPLIES 0
Content for Community-Ad