cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
3361
Views
10
Helpful
5
Replies

Secure Network Servers (SNS) in ISE version 1.1.4

johannesluther
Level 1
Level 1

Hi board,

I'm quite confused about the supported ISE versions for the new Cisco Secure Network Server 3415 and 3495.

In nearly all documents it is stated, that the support for this HW will be introduced with ISE 1.2

For example ISE Q&A

http://www.cisco.com/en/US/prod/collateral/vpndevc/ps5712/ps11637/ps11195/qa_c67-658591.html

What else is being released with ISE 1.2*?

A. Two new hardware platforms called the Cisco Network Secure Servers*. These new servers bring scalability improvement as they are based on the powerful Cisco UCS® C220 Rack Server platform and configured to support the Cisco Identity Services Engine* (ISE), Network Admission Control (NAC), and Access Control System (ACS)  security applications. The multiuse Cisco Secure Network Servers offer  many improvements over current ISE, ACS, and NAC appliances, and are the  platform recommended to deploy newer versions of these applications.  During ordering, customers can specify which security application they  would like to have installed. See the Product Details section for more  information.

On the other hand, in the 1.1.x release notes it's stated, that the HW is supported in the current 1.1.4 release

http://www.cisco.com/en/US/docs/security/ise/1.1.1/release_notes/ise111_rn.html#wp417581

New Features in Cisco ISE, Release 1.1.4

Cisco ISE, Release 1.1.4 provides support for the Cisco SNS 3400 Series  appliance. For details on the installing and configuring the Cisco SNS  3400 Series appliance, refer to the ISE 1.1.4 Installation Guide at the  following location:


What is true now? What HW appliance do I chose, if I want to order today?

I don't want to order the old appliances (33xx), because they are already EoL announced:

http://www.cisco.com/en/US/prod/collateral/vpndevc/ps5712/ps11640/eol_C51-728424.html

Thanks!

5 Replies 5

stojanr
Level 1
Level 1

Hello,

You can already order the new servers with 1.1.4 pre-loaded, so I'd say it's officialy supported. 1.2 is running a bit late, so a new 1.1.x was released to support the new servers.


Sent from Cisco Technical Support Android App

S M85
Level 4
Level 4

Hi Johanne,

Be aware that the pre-loaded config of ISE isn't correct. The interfaces are wrong, hell i even got a wrong bootloader. The bootloader changed when installing the ISO 1.1.4.

As said 1.1.4 is compatible with the new SNS appliances.Download the iso and burn a DVD. Just use a portable DVD drive to get everything working. I also got problems with the script that Cisco published for the "ISO-to-USB" procedure. Script is failing in every way ;-) So burning a DVD saves you the time. If you got the fix please inform us

manjeets
Level 3
Level 3

Kindly find the attached

Shaoqin Li
Level 3
Level 3

SNS support 1.2

Sent from Cisco Technical Support iPad App

Anas Naqvi
Level 1
Level 1

Hi Johanne,

Cisco ISE software is packaged with your appliance  or image for installation. Cisco ISE, Release 1.2 is shipped on the  following platforms. After installation, you can configure Cisco ISE  with specified component personas (Administration, Policy Service, and  Monitoring) or as an Inline Posture node on the platforms.

Supported Hardware and Personas:

Hardware Platform
Persona
Configuration

Cisco SNS-3415-K9

(small)

Any

Cisco UCS 1 C220 M3

Single socket Intel E5-2609 2.4-GHz CPU, 4 total cores, 4 total threads

16-GB RAM

1 x 600-GB disk

Embedded Software RAID 0

4 GE network interfaces

Cisco SNS-3495-K92

(large)

Administration

Policy Service

Monitor

Cisco UCS C220 M3

Dual socket Intel E5-2609 2.4-GHz CPU, 8 total cores, 8 total threads

32-GB RAM

2 x 600-GB disk

RAID 0+1

4 GE network interfaces

Cisco ISE-3315-K9 (small)

Any

1x Xeon 2.66-GHz quad-core processor

4 GB RAM

2 x 250 GB SATA3 HDD4

4x 1 GB NIC5

Cisco ISE-3355-K9 (medium)

Any

1x Nehalem 2.0-GHz quad-core processor

4 GB RAM

2 x 300 GB 2.5 in. SATA HDD

RAID6 (disabled)

4x 1 GB NIC

Redundant AC power

Cisco ISE-3395-K9 (large)

Any

2x Nehalem 2.0-GHz quad-core processor

4 GB RAM

4 x 300 GB 2.5 in. SAS II HDD

RAID 1

4x 1 GB NIC

Redundant AC power

Cisco ISE-VM-K9 (VMware)

Stand-alone Administration, Monitoring, and Policy Service (no Inline Posture)

For CPU and memory recommendations, refer to the "VMware Appliance Sizing Recommendations" section in the Cisco Identity Services Engine Hardware Installation Guide, Release 1.2.7

Hard Disks (minimum allocated memory):

Stand-alone—600 GB

Administration—200 GB

Policy Service and Monitoring—600 GB

Monitoring—500 GB

Policy Service—100 GB

NIC—1 GB NIC interface required (You can install up to 4 NICs.)

Supported VMware versions include:

ESX 4.x

ESXi 4.x and 5.x

1 Cisco Unified Computing System (UCS)

2 Inline  posture is a 32-bit system and is not capable of symmetric  multiprocessing (SMP). Therefore, it is not available on the SNS-3495  platform.

3 SATA = Serial Advanced Technology Attachment

4 HDD = hard disk drive

5 NIC = network interface card

6 RAID = Redundant Array of Independent Disks

7 Memory  allocation of less than 4GB is not supported for any VMware appliance  configuration. In the event of a Cisco ISE behavior issue, all users  will be required to change allocated memory to at least 4GB prior to  opening a case with the Cisco Technical Assistance Center.

Please check the following link for fruther information.

https://supportforums.cisco.com/message/3986953#3986953