cancel
Showing results for 
Search instead for 
Did you mean: 
cancel

Cisco ISE Deployment

490
Views
0
Helpful
5
Comments

Hello, I am implementing the Cisco ISE solution (two virtual applications). I wonder if the best practices were to deploy the OVAs on the normal cluster with the other virtual machines or dedicate two servers (cluster) to the appliance in order to have maximum performance? I think that depends on the number of clients to manage as well as the current workload of the cluster, right?

 

Thx !!

Comments
VIP Advisor

As per i know they do not give high availability unlike FW as per my understanding, deploy them as separate nodes.

 

Look up deployment guide and sizing :

 

https://www.cisco.com/c/en/us/td/docs/security/ise/1-2/installation_guide/ise_ig/ise_deploy.html

 

here good to start all documents are here for your reference :

 

https://community.cisco.com/t5/security-documents/ise-community-resources/ta-p/3621621#Implement

Beginner

Hello,

I have already created a deployment node with my two ISE servers, the solution is functional.

I just want to see if the best and to dedicate two servers to the ISE appliance or if I can leave them with other
VM on a classic cluster.

Hall of Fame Guru

Coexisting within clusters with other VMs is by far the most prevalent way ISE VMs are deployed.

As long as you have adequate resources for your VMs allocated they should be fine. ISE will periodically check disk IOPS and alert you if that parameter is becoming troublesome.

Beginner

Once fully operational, the ISE will be used as a RADIUS network access control, to make dynamic VLAN
and the TrestSec function will also be used.
A total of 3000 connections will be checked.

The CPU, disk and network loads of ISE servers will not be significant? I want to be sure to guarantee maximum performance
at the ISE node.

VIP Advisor

what version of ISE you have in place:

 

here is ISE 2.4 VM requirement -

 

https://www.cisco.com/c/en/us/td/docs/security/ise/2-4/install_guide/b_ise_InstallationGuide24/b_ise_InstallationGuide24_chapter_01.html

 

3000 end devices you mean, you need to look and design multiple PSN and MGMT, so you have high availability.

 

Did you get a chance to read the documents i have posted before?   VM Performance varies depends on your IOPS - what kind of disk you have.