10-24-2017 06:14 AM - edited 02-21-2020 10:36 AM
Hello
we are planning to setup standalone (all personas in same node) Cisco ISE with 2 redundant nodes. the main purpose is device administration.
1. we have around 1000 non-cisco network devices, so RADIUS is used for login and accounting of device administrators. since we dont have all the devices logged in by administrators concurrently, I want to know if we go for lower base license package (for example L-ISE-BSE-500= license) would it be enough for our scenario.
2. in case wee need more base licenses in future, can we order additional base package and append it to the existing one?
3. we will go for two R-ISE-VM-K9= , is it the right part number for above scenario?
4. finally, for cisco devices, "Device Administration" package will be ordered.
I would appreciate if you let me know if the above specification is correct
Thanks
10-24-2017 09:07 AM
That's what we call a 2-node deployment since the redundant nodes are joined together and the policy replicates between them.
1.For RADIUS authentication, only active sessions count against the license so you are fine with fewer than your number of devices. You could even start with the smallest (100 device) base license.
2. Yes.
3. That's correct for the VMs. There's also an associated term support contract number that varies according to the support level you purchase.
4. Yes - that covers all your Cisco device authentication.
10-25-2017 03:35 AM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide