Solved: Preparing the SNS 3615 for ISE 3.4 upgrade

renzanjo-caparas · ‎06-16-2025

Hi!

While i am aware that SNS 3615 can still support ISE 3.4, I am kind of anxious whether the appliance's resources can.

Say for example the storage, memory. I cannot find any public document stating the hardware specs required for the upgrade. Or I was just overwhelmed.

Can somebody kindly advise on this?

Arne Bier · ‎06-16-2025

What is the expected workload for this node?

Will it be an all-in-one node, or will it have a dedicated persona (e.g. Admin, Monitoring, PSN)?

For a dedicated PSN, I have no doubt it can handle most small to medium deployments - e.g. up to 20,000 concurrent endpoints. And again, it depends on the workload - what is the expected requests per second? Is there a lot of complex 802.1X and AD lookups etc.?

In most wired NAC scenarios, the RADIUS auths are fairly low (no re-auth once connected) - and if Accounting is set to 2880 minutes (every 48 hours) as Cisco suggests, then those PSNs will be mostly idle, assuming that accounting requests are spread with a nice random distribution across the 48 hour window.

The biggest weakness of the SNS-3615 is that it has only one spinning hard disk - which is super slow compared to modern SSD/NVMe storage. That means the 3615 is not an ideal choice for monitoring node. But again, it can do the job ... just don't expect SSD-type speeds from it. And the HDD is limited to 600GB. Which might be more than adequate for some small use cases.

View solution in original post

Arne Bier · ‎06-16-2025

What is the expected workload for this node?

Will it be an all-in-one node, or will it have a dedicated persona (e.g. Admin, Monitoring, PSN)?

For a dedicated PSN, I have no doubt it can handle most small to medium deployments - e.g. up to 20,000 concurrent endpoints. And again, it depends on the workload - what is the expected requests per second? Is there a lot of complex 802.1X and AD lookups etc.?

In most wired NAC scenarios, the RADIUS auths are fairly low (no re-auth once connected) - and if Accounting is set to 2880 minutes (every 48 hours) as Cisco suggests, then those PSNs will be mostly idle, assuming that accounting requests are spread with a nice random distribution across the 48 hour window.

The biggest weakness of the SNS-3615 is that it has only one spinning hard disk - which is super slow compared to modern SSD/NVMe storage. That means the 3615 is not an ideal choice for monitoring node. But again, it can do the job ... just don't expect SSD-type speeds from it. And the HDD is limited to 600GB. Which might be more than adequate for some small use cases.