cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1563
Views
0
Helpful
7
Replies

SNS-3595-K9 and ACS

llahteen
Cisco Employee
Cisco Employee

Customer needed a new appliance for their ACS deployment.

www.cisco.com/c/en/us/td/docs/net_mgmt/cisco_secure_access_control_system/5-8/release/notes/acs_58_rn.html#pgfId-455387

says that SNS-3595-K9 is supported with ACS 5.8.1:

-- snip --

Table 1 Supported Hardware Platforms

Cisco SNS-3495-K9

-- snip --

However it appears that the SNS-3595-K9 appliance is shipped with ISE firmware and secure boot prevents running other software. Is it possible to run ACS on that appliance ?

 

Thanks,

Leo

 

 

2 Accepted Solutions

Accepted Solutions

In that case just stand up a new VM.

 

Even if they don't have an ESXi infrastructure, they could use the free ESXi server on an inexpensive server and be done with it.

View solution in original post

True. I just submitted document feedback on the release notes. In my experience the documentation teams take this feedback to heart - I have had several errata corrected via that avenue.

 

Just click the Feedback link on the top right of most documentation and you can fill out a short form with your comments. Here's what I sent just now:

 

"I realize the product is end of sales, but table 2 should be updated to note that the currently offered hardware appliances are the ones with UEFI secure boot firmware and ISE image pre-installed. Those are NOT compatible with ACS."

View solution in original post

7 Replies 7

Marvin Rhoads
Hall of Fame
Hall of Fame

The SNS-3595 can only run ACS if it has the older non-secure-boot (UEFI) firmware.

 

Is there a reason why they don't just upgrade to ISE since ACS is post-end-of-sales?

 

 

> Is there a reason why they don't just upgrade to ISE since ACS is post-end-of-sales?

I don't know but my guess is that adding a server to an ACS deployment is a significantly smaller effort than migrating an ACS deployment to ISE.

In that case just stand up a new VM.

 

Even if they don't have an ESXi infrastructure, they could use the free ESXi server on an inexpensive server and be done with it.

Technically running a VM is a viable solution, however there are OSI layer 8+ issues to consider.

 

I just wish ACS release notes would have said that only SNS-3595-ACS-K9 (now EOS) is supported. This would be closer to truth.

 

 

Since acs going away deploy a VM and move toward ise

True. I just submitted document feedback on the release notes. In my experience the documentation teams take this feedback to heart - I have had several errata corrected via that avenue.

 

Just click the Feedback link on the top right of most documentation and you can fill out a short form with your comments. Here's what I sent just now:

 

"I realize the product is end of sales, but table 2 should be updated to note that the currently offered hardware appliances are the ones with UEFI secure boot firmware and ISE image pre-installed. Those are NOT compatible with ACS."

@kegagnon has been informed as the PM

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: