Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1850
Views
0
Helpful
0
Replies

ISE Passive-ID Agent VS WMI on distributed DCs

Antho_Balitrand
Level 1
Level 1

‎09-22-2020 08:38 AM

Hello Cisco community ! 

 

I'm currently working on Passive-ID integration on our ISE deployment. 

As there is not a lot of documentation on it, I would like to have your feedback on this feature on large infrastructures. 

- AD agent installed on every DC ? (Is it necessary to install the agent on each and every DC ? Some parts of the doc mention about a given agent being able to monitor 10 DCs... that's not clear to me)

- AD agent VS WMI ? I guess it's just a matter of "does your AD team allows you to install an agent on all the DC" ? 

- Is there a significant increase of load on the DC, either using the AD agent or WMI integration ? 

- Does all the PSNs (with Passive-ID probe enabled) need to be joined to each DC ? (kind of "full-mesh"). 

 

Thanks a lot for your answers and advices ! 

0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents