Dear Cisco Customers,   Earlier this year, we launched Cisco Identity Services Engine 2.6 that delivers great strides in capability, scalability, and performance. We also introduced all-new, high-performance Secure Network Server appliances: the SNS-3600 series. This new hardware is a vast improvement on our older models, so we’re encouraging everyone to consider adopting the new SNS-3600 series appliances now.   What are we announcing? Support for ISE 2.4 on the SNS-3600 appliances   Why is this important for me? Currently, you probably feel comfortable with running ISE Recommended Release in their production environments, yet SNS-3600 didn’t support ISE 2.4 (our current Recommended Release) upon its FCS. As a best practice and our normal policy, we only support the latest release (and future releases) on new hardware but not older releases – meaning that by policy, the SNS-3600 models supported only Cisco ISE 2.6 and not ISE 2.4. However, we understand that many of you still run ISE 2.4 and have asked for support on the new hardware.   You asked and we listened   - today, we’re happy to announce that Cisco ISE 2.4 is now supported on the new SNS-3600 series appliances.    Cisco ISE 2.4 remains our current Recommended Release, and ISE 2.6 is not far behind becoming the Recommended Release itself. ISE 2.6 enables the full power that comes with the SNS-3600 and includes much improvements from both stability and feature perspective, and we urge you to look into it as your next upgrade when it becomes Recommended. We will keep you updated the moment it becomes a Recommended Release.   What are my next steps? Other than buying a couple of SNS-3600s and downloading the software, probably not much :-)   ISE 2.4 can be downloaded at   https://software.cisco.com/download/home/283801620/type/283802505/release/2.4.0. In order for ISE 2.4 to correctly run on an SNS-3600,   patch 9 MUST be installed.     Respectfully,   The ISE Product Management Team ... View more

Dear Cisco Partners,   Earlier this year, we launched Cisco Identity Services Engine 2.6 that delivers great strides in capability, scalability, and performance. We also introduced all-new, high-performance Secure Network Server appliances: the SNS-3600 series. This new hardware is a vast improvement on our older models, so we’re encouraging everyone to consider adopting the new SNS-3600 series appliances now.   What are we announcing? Support for ISE 2.4 on the SNS-3600 appliances   Why is this important for me? Currently, customers feel comfortable with running ISE Recommended Release in their production environments, yet SNS-3600 didn’t support ISE 2.4 (our current Recommended Release) upon its FCS. As a best practice and our normal policy, we only support the latest release (and future releases) on new hardware but not older releases – meaning that by policy, the SNS-3600 models supported only Cisco ISE 2.6 and not ISE 2.4. However, we understand that many of you still run ISE 2.4 and have asked for support on the new hardware. You asked and we listened - today, we’re happy to announce that Cisco ISE 2.4 is now supported on the new SNS-3600 series appliances.    Cisco ISE 2.4 remains our current Recommended Release, and ISE 2.6 is not far behind becoming the Recommended Release itself. ISE 2.6 enables the full power that comes with the SNS-3600 and includes much improvements from both stability and feature perspective, and we urge you and our customers to look into it as their next upgrade. We will keep you updated the moment it becomes a Recommended Release.   What are my next steps? Communicate to your customers, mainly. Customers might be delaying deployments as they would like to use SNS-3600 appliances.   ISE 2.4 can be downloaded at https://software.cisco.com/download/home/283801620/type/283802505/release/2.4.0. In order for ISE 2.4 to correctly run on an SNS-3600, patch 9 MUST be installed.     Respectfully,   The ISE Product Management Team ... View more

It gives me great pleasure to announce the availability of Cisco Identity Services Engine (ISE) 2.6. This release is all about solving more for customers – better features and scale to deal with the Enterprise IoT era, better security and better ability to understand how your network access services and policy are deployed. Among other capabilities, being part of the Cisco DNA offer, ISE 2.6 is yet another big stride towards a better Software Defined Access.   What’s new in ISE 2.6:   Two million concurrent authentications   - Our customers deal with the proliferation of IoT devices in their Enterprise networks– and with ISE 2.6, ISE allows them to understand what’s on the network and securely connect all of these devices – up to 2 million of these endpoints in a single ISE deployment, or “ISE cube” as we fondly call it   Faster, more powerful, fault-tolerant appliances   - Managing and controlling all your user and device sessions requires some serious processing power. That’s why ISE 2.6 introduces new Cisco Secure Network Server (SNS) 36xx-Series appliances. These all-new, high-performance models are ideal for the largest deployments. While the 3615 is the 3515’s replacement and provides the same horsepower and concurrent endpoint count, the SNS-3655 handles medium-sized deployments (up to 50,000 concurrent sessions in a single PSN) and replaces the 3595. The new SNS-3695 is fully packed with 256GB memory, to be able to both act as a Policy Administration Node (PAN) and/or Monitoring and Troubleshooting Node (MnT) and can at the same time handle large-sized deployments (up to 100,000 concurrent sessions)   New ISE management support on IPv6 networks   - More and more organizations are adopting IPv6 to uniquely address the massive number of new devices on their networks. With ISE 2.6, you can now manage ISE itself on a native IPv6 network, including connecting to the ISE management interface (both web and command-line) and to Active Directory and other management protocols    Identify managed devices with dynamic MAC address   - Open seating environments with shared docking stations and ethernet dongles pose a challenge as the same MAC address is now linked to many different users and devices each day. That’s why ISE 2.6 with AnyConnect 4.7 now uses a Unique Device Identifier in order to uniquely identify the device, no matter what MAC address it uses   More flexible grace periods and custom user notifications   - While customers try to ensure that all connected endpoints are compliant, there are situations where organizations would allow endpoints to connect while they improve their posture to meet corporate compliance requirements. ISE 2.6 and AnyConnect 4.7 now offers extended grace periods to allow users to connect and update their systems while presenting a customizable message to the end explaining their compliance status   TrustSec deployment reports. ISE 2.6 reports show the propagation of TrustSec deployment after a change was made in the TrustSec matrix, and allows administrators to verify that all their TrustSec enabled network devices are up-to-date with the latest policy    Active Directory Authentication for CLI & REST API calls   - AD authentication is now available for both our REST APIs and command-line product administration   MUD Support.   Manufacturer Usage Descriptor (MUD) is an architecture for IoT devices. Based on information derived from MUD, ISE 2.6 supports increased identification of IoT devices, and automatic creation of profiling policies and Endpoint Identity Groups   Quality Improvements   – as part of our ongoing quality improvement process, ISE 2.6 includes a host of quality improvements – from customer-found defects, thru rewriting areas of code that were found to be too squeaky to improving the architecture and infrastructure of the product – all of them reinforce our commitment to providing the best in class product while ensuring best quality, resiliency and stability   Where is ISE 2.5? As we are announcing a new generation of appliances (SNS-36XX) together with ISE 2.6, we wanted to ensure that the ISE release that goes with it is a Long Term Release (LTR) as described in “Cisco Identity Services Engine Software Release Lifecycle”. As our LTR releases are typically even-numbered, we decided to just renumber the ISE 2.5 release to be called ISE 2.6. There is no difference in the release’s content – what was supposed to be part of ISE 2.5 is still there, just called ISE 2.6. EOL Announcement for legacy ISE PIDs With the release of ISE 2.6, the Mobility Upgrade PIDs, ISE Advanced PIDs, ISE Express PIDs, Legacy Plus and Apex PIDs, Legacy Base and Device Admin PIDs and Legacy Virtual Machine PIDs all reach their actual End of Sales milestone. The End of Sales announcement for these PIDs can be found   here. Furthermore, do notice End of Sales that was announced for ISE releases 2.0, 2.0.1, 2.1 and 2.3, available at   the same location.   Resources: ISE 2.6 Release Notes ISE 2.6 Download   Are you excited as we are for the new stuff in ISE 2.6? Want to learn more? Check out our ISE page at   www.cisco.com/go/ise ... View more