Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
415
Views
2
Helpful
4
Replies

ISE Tacacs licenses

Go to solution
manvik
Level 3
Level 3

‎09-12-2024 03:19 AM

What all license are required in Cisco ISE 3.x.x for Tacacs AAA alone to work for Network switches/Devices.
Currently I have 2500 Network devices, am planning to increase it to 4500. 
Should I buy any additional license for this or Change VM capacity.

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Rob Ingram
VIP
VIP

‎09-12-2024 03:22 AM - edited ‎09-12-2024 03:24 AM

@manvik you would need a Device Administration license on each PSN. https://www.cisco.com/c/en/us/products/collateral/security/identity-services-engine/ise-licensing-guide-og.html If you already have these licenses and are just increasing the number of NADs you don't need to purchase additional licenses.

What VM spec do you have configured? Check the performance and scale guide to determine if you need to increase spec - https://www.cisco.com/c/en/us/td/docs/security/ise/performance_and_scalability/b_ise_perf_and_scale.html

 

View solution in original post

4 Replies 4

Go to solution
Rob Ingram
VIP
VIP

‎09-12-2024 03:22 AM - edited ‎09-12-2024 03:24 AM

@manvik you would need a Device Administration license on each PSN. https://www.cisco.com/c/en/us/products/collateral/security/identity-services-engine/ise-licensing-guide-og.html If you already have these licenses and are just increasing the number of NADs you don't need to purchase additional licenses.

What VM spec do you have configured? Check the performance and scale guide to determine if you need to increase spec - https://www.cisco.com/c/en/us/td/docs/security/ise/performance_and_scalability/b_ise_perf_and_scale.html

 

Go to solution
manvik
Level 3
Level 3
In response to Rob Ingram

‎09-12-2024 03:48 AM

from this downloads which ova file shd i download (Medium, Small or large) for 5000 endpoints.

https://software.cisco.com/download/home/283801620/type/283802505/release/3.3.0

0 Helpful

Go to solution
Rob Ingram
VIP
VIP
In response to manvik

‎09-12-2024 04:00 AM

@manvik the small (for PSN) image should be fine for 5000 devices, but check the TACACS authentication rates in regard to Transactions per second as per link.

 

Go to solution
Aref Alsouqi
VIP
VIP

‎09-12-2024 09:26 AM

TACACS has many advantages over RADIUS for NADs management, but if for any reason you would want to use RADIUS to manage your NADs without buying TACACS licenses then please check this post of mine to see how you can do it:

Privilege Level 15 with Cisco ISE | Blue Network Security (bluenetsec.com)

0 Helpful
Customers Also Viewed These Support Documents