cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
575
Views
1
Helpful
4
Replies

Server Sizing Question

darryldigsit
Cisco Employee
Cisco Employee

We are needing to rebuild one of our policy nodes in our deployment(2 Admin, 2 Monitoring and 5 Policy Service Nodes) which raised the question about hardware requirements and OVA versions.  When examining this document(https://www.cisco.com/c/en/us/td/docs/security/ise/2-2/install_guide/b_ise_InstallationGuide22/b_ise_InstallationGuide22_chapter_01.html#vmwarevmrequirements) under the OVA Template Reservations, we noticed two fields for the Virtual SNS-3595 OVA that listed 64GB and 256GB of RAM.  Currently, we have built all of our nodes with the 3495 version and we are running 64GB of RAM for all of the nodes, but we were looking at upgrading all of our nodes to the 3595 version.  In sizing of new servers we did not know if we needed to run 256GB for all of our nodes or only certain nodes with certain personas? Other details about our deployment are as follows: around 40000 wireless endpoints, another 20,000-30,000 wired endpoints and we run PxGrid on one of our Policy Servers to send Secure Group Tags to our WSA’s for filtering policies.  Lastly, we are currently running version 2.2 Patch 7.

1 Accepted Solution

Accepted Solutions

Yes, either way there would have likely been confusion.  Since we are not at a point in time to announce any new hardware appliance changes, we could not simply reference some new model number.

Note that only difference in VM is the RAM.  The licensing info may add confusion since it talsk about > 8 cores, but the reality is that the

  • 3515 (Small VM) requires 6 cores (12 logical CPUs)
  • 3595 (Medium VM) requires 8 cores (16 logical CPUs)
  • 3595 (Large VM) <<same as above>>

View solution in original post

4 Replies 4

Damien Miller
VIP Alumni
VIP Alumni

Hi Darryl,

The 3595 - 256GB node size was introduced in v2.4 as the "Large" VM template.  At this point the only nodes you would configure with 256GB of RAM are the MnT's.  This is optional and these nodes are now referred to Super Mnt's. They currently only provide faster reporting and live logs but this may change in the future.

You can still still scale to 500,000 total active endpoints on the 64GB "Medium" 3595 templates. The same 20,000 active endpoints per PSN still applies regardless of 3595 node size.

I must admit, I wish Cisco had named the 256GB 3595 large ISE node something other than 3595.

The Large VM is not a 3595, but the resource equivalent of 3595 with 256GB RAM.  Certainly the transition from Small and Large appliance (3515 vs 3595) will cause confusion, but we did not want to proceed on a path where you have Small, Large, and Super Large.

It is correct that the Large (super-sized 3595) is intended to super-charge the MnT node.  Once you take a ride on the larger MnT, you will not want to drive anything else!   Equate admin wait times to dollars and it will make economical sense.

I think the unfortunate part is that it has already been referred to as the 3595 in documentation as well as the downloads section.  From a licensing and deployment standpoint we now have a small 3515, medium 3595, and in some cases a large 3595.  The differentiation is very slight between medium and large since the only difference is ram and/or greater than 8 cpu cores. 

3595.PNG

Yes, either way there would have likely been confusion.  Since we are not at a point in time to announce any new hardware appliance changes, we could not simply reference some new model number.

Note that only difference in VM is the RAM.  The licensing info may add confusion since it talsk about > 8 cores, but the reality is that the

  • 3515 (Small VM) requires 6 cores (12 logical CPUs)
  • 3595 (Medium VM) requires 8 cores (16 logical CPUs)
  • 3595 (Large VM) <<same as above>>
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: