cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
905
Views
24
Helpful
10
Replies
Highlighted
Beginner

Question about Cisco ISE

Good morning. We want to separate the access privilege of staff and students by using the same SSID. Currently, we are using free radius linked with the Active Directory. If we want to purchase Cisco ISE, could you please tell us what kind of license shall we buy (Base, advanced 5-year, or wireless 5-year)?  We have more than 50,000 staff and students, and the maximum simultaneous user is around 9,000 now. We noticed that the wireless license is quite expensive and has to be renewed every 5 years (For 10,000 licenses, it costs almost $200,000)! In our short term plan, we do not need BYOD, is the base license enough for our situation?If it's possible, could you please briefly introduce how does ISE work for our requirement?

Thank you, and have a nice day.

Yours,

Linchuan Yang

Concordia University

Everyone's tags (1)
10 REPLIES 10
Beginner

Question about Cisco ISE

Hello Linchuan,

Wireless

Capabilities: Basic network access, guest access, profiler, posture, and SGA

Network deployment support: Wireless

License prerequisite: None

Term license: 3- and 5-year terms

Licenses are available for 100, 250, 500, 1000, 1500, 2500, 3500, 5000, 10,000, 25,000, 50,000, and 100,000 endpoints

http://www.cisco.com/en/US/prod/collateral/vpndevc/ps5712/ps11637/ps11195/qa_c67-658591.html

PS: If i were you the BYOD thing should be a thing to consider in a near future

Beginner

Question about Cisco ISE

Thank you, David

Have a nice day.

VIP Mentor

Question about Cisco ISE

If you can distinguish your users based on the Authentication, then the Base-license will be fine for you. You should plan with at least four ISE-nodes. There is a 10.000 user Base-license available which should fit your needs if if have abaout 9000 simultaneous users.

-- 
Don't stop after you've improved your network! Improve the world by lending money to the working poor:
http://www.kiva.org/invitedby/karsteni

Beginner

Question about Cisco ISE

Dear Karsten

Thank you for your reply. You mentioned that we should plan with at least four ISE-nodes, do you mean we have to buy 4 ISE servers (either physical server or virtual appliance)? If yes, shall we buy 10,000 liceses for each server, or they can share with the 10,000 licenses?

Thank you.

Yours,

Linchuan

VIP Mentor

Question about Cisco ISE

The appliances (physical or virtual) have do be licensed individually, but the endpoint-licenses only have to be bought once per deployment. You find more on licensing in the ISE ordering-guide:

http://www.cisco.com/en/US/prod/collateral/vpndevc/ps5712/ps11637/ps11195/guide_c07-656177.html

-- 
Don't stop after you've improved your network! Improve the world by lending money to the working poor:
http://www.kiva.org/invitedby/karsteni

Beginner

Question about Cisco ISE

Hello,

There are Base and Advanced licenses for ISE. Base license is used  for authentication and authorization and advance licenses are used for  posturing and profiling. If you do not want to do posturing and  profiling then you can go for base licenses only.

If you buy 4 boxes they will share licenses for 10,000 endpoints. It  will be Base license for 10,000 users along with advance license for  10,000 users.

Rising star

Question about Cisco ISE

You can achieve it with base license, also you said BYOD is not needed.

Rising star

Question about Cisco ISE

Base license of 10,000 endpoints will work for you but I would recommend you to purchase advance license as well because in near future you will require BYOD stuff in your network as it is the increasing demand of current scenario.

Contributor

Question about Cisco ISE

You have to purchase licenses for the total amount of endpoints i. e. MAC addresses accessing the ISE, not for simultaneous user number. 10000 may not be sufficient.

Rising star

Question about Cisco ISE

Base license will work in your scenario. please make a note that base license only supports

  • •1.       AAA

  • •2.       Guest Provisioning

  • •3.       Link Encryption Policies

For features like-

  • •1.       Device Onboarding/Provisioning

  • •2.       Device Profiling and Feed Service*

  • •3.       Host Posture

  • •4.       Security Group Access

  • •5.       Integrated Vendor MDM Support*

You need to purchase advance license. Please do not forget to mark as answered if your query is resolved.

CreatePlease to create content
Content for Community-Ad
July's Community Spotlight Awards