Showing results for 
Search instead for 
Did you mean: 
Choose one of the topics below to view our ISE Resources to help you on your journey with ISE

This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.

Cisco Employee

ISE Passive Identity Questions

Hi Team, Can anyone help me with few questions regarding the ISE PIC which I couldn't find documentation or reference for the below items
1. Whats the scale or capacity of an AD agent? How many Events or Logs Per Second is supported on each AD agent?
2. What is the recommended Platform for the Passive ID Agent assuming a VM host running Microsoft server 2016
- RAM ?
- CPU/Cores ?
- Disk Space ?

I know agent is not heavy loaded, but my Customer is looking for some recommendations 
3. How to ensure a redundancy for logs if there is an agent failure?

4. Please confirm if we need registry key in the agent or not. 

I found a slide deck in Cisco live slide deck 3697 saying that "when agent requests come from the windows approved server, no need of registry keys". But in the admin guide its mentioned "Add Registry Keys to Allow ISE to Connect to the Domain Controller".



Thanks in advance.