Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1669
Views
10
Helpful
6
Replies

PXGrid and SXP Nodes

Go to solution
GRANT3779
Spotlight
Spotlight

‎06-23-2022 03:13 AM

Hi CSC,

 

I currently have the following Deployment of ISE (3.x)

NODE 1 - Admin(p) MnT(s)

NODE 2 - Admin(s) MnT(p)

Node 3 - PSN

Node 4 - PSN

 

I'm looking to add some PxGrid and SXP services to the deployment. I do have 2 x spare ISE VMs with licenses I could use. Would spinning up these 2 new VMs and running PXG / SXP on dedicated nodes be an option? Looks like it is a supported design based around the small multi-node deployment model.

If I were to instead run PxGrid on the current deployment with no new VMs is it best placed on the Admin Nodes or PSNs?
Thanks

 

Thanks

0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
balaji.bandi
Hall of Fame
Hall of Fame
In response to GRANT3779

‎06-23-2022 04:21 AM

I suggest to run those on spare VM

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

View solution in original post

Go to solution
Rob Ingram
VIP
VIP
In response to GRANT3779

‎06-23-2022 04:47 AM

@GRANT3779 yes utilise the spare nodes, to future proof.

ISE scale and performance guide below shows different deployment options. With only 15k connections, that not a huge amount (depending on your ISE hardware/VM spec). https://www.cisco.com/c/en/us/td/docs/security/ise/performance_and_scalability/b_ise_perf_and_scale.html

 

View solution in original post

0 Helpful
6 Replies 6

Go to solution
balaji.bandi
Hall of Fame
Hall of Fame

‎06-23-2022 03:34 AM

as per my notes you can dedicated PXgrid if you have spare VM as below :

 

image.png

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

Go to solution
GRANT3779
Spotlight
Spotlight
In response to balaji.bandi

‎06-23-2022 03:46 AM

Thanks Balaji,

 

For the SXP service, is this best placed on the existing PSNs? I understand SXP needs to be on a Node which is acting as a PSN

0 Helpful

Go to solution
balaji.bandi
Hall of Fame
Hall of Fame
In response to GRANT3779

‎06-23-2022 04:21 AM

I suggest to run those on spare VM

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Go to solution
Rob Ingram
VIP
VIP

‎06-23-2022 03:42 AM - edited ‎06-23-2022 03:50 AM

@GRANT3779 what is the scale of the design, how many concurrent users/bindings etc?

Adding more roles (pxGrid and SXP) to the existing PSN nodes might cause issues, if heavily loaded.

There is no problem running pxGrid and SXP on separate pair of dedicated ISE PSN nodes.

Go to solution
GRANT3779
Spotlight
Spotlight
In response to Rob Ingram

‎06-23-2022 04:25 AM

Hi Rob,

 

At the moment I'd say there won't ever be more than 15,000 combined of "everything". I think it is probably wise however to utilize the 2 spare nodes as going forward we will be bringing on some SDA sites also. Provide a bit more scalability.

0 Helpful

Go to solution
Rob Ingram
VIP
VIP
In response to GRANT3779

‎06-23-2022 04:47 AM

@GRANT3779 yes utilise the spare nodes, to future proof.

ISE scale and performance guide below shows different deployment options. With only 15k connections, that not a huge amount (depending on your ISE hardware/VM spec). https://www.cisco.com/c/en/us/td/docs/security/ise/performance_and_scalability/b_ise_perf_and_scale.html

 

0 Helpful
Customers Also Viewed These Support Documents