--> Cisco ISE can be deployed in following methods
i) Single Node Method:
--> It is also called as Standalone Method.
--> In this method, all the personas are available in Single Physical or Virtual ISE device.
--> Single ISE device is responsible for performing all the functions.
--> There is no redundancy if the ISE device loses network or power connectivity then the authentication/authorization won't work in the network.
--> The maximum number of devices supported by this method around 10000 depends upon the device.
--> This method is not used as it does not have redundancy.
--> Default Deployment Method of ISE.
--> Can support upto 20,000 concurrent sessions.
ii) Two Node Method:
--> This Method is also called as Distributed Deployment.
--> In this method, all the personas are divided and assigned into two personas( Like one ISE device will be acting as Primary PAN, primary PSN, Primary MNT, and another device will be acting as Secondary PAN, Primary PSN, Secondary MNT).
--> This method provides redundancy as we are using two ISE devices.
--> The maximum number of devices supported by this method around 10000 depends upon the device.
--> This method is commonly implemented.
--> Can support upto 20,000 concurrent sessions.
iii) Four Node Method:
--> This method is also the same as the Two node method but here we are using four ISE devices in the deployment.
iv) Fully Distributed Method
--> In this method each and every persona will be allocated to two or more separate ISE devices.
--> In this method we need to have separate nodes dedicated for PAN and MNT.
--> This method is used when you have more than 20,000 concurrent sessions or more than 5 PSN in the deployment.
Note: To select the deployment method we need to go to Administration > System > Deployment
Reference: Cisco.com
i) Single Node Method:
--> It is also called as Standalone Method.
--> In this method, all the personas are available in Single Physical or Virtual ISE device.
--> Single ISE device is responsible for performing all the functions.
--> There is no redundancy if the ISE device loses network or power connectivity then the authentication/authorization won't work in the network.
--> The maximum number of devices supported by this method around 10000 depends upon the device.
--> This method is not used as it does not have redundancy.
--> Default Deployment Method of ISE.
--> Can support upto 20,000 concurrent sessions.
ii) Two Node Method:
--> This Method is also called as Distributed Deployment.
--> In this method, all the personas are divided and assigned into two personas( Like one ISE device will be acting as Primary PAN, primary PSN, Primary MNT, and another device will be acting as Secondary PAN, Primary PSN, Secondary MNT).
--> This method provides redundancy as we are using two ISE devices.
--> The maximum number of devices supported by this method around 10000 depends upon the device.
--> This method is commonly implemented.
--> Can support upto 20,000 concurrent sessions.
iii) Four Node Method:
--> This method is also the same as the Two node method but here we are using four ISE devices in the deployment.
iv) Fully Distributed Method
--> In this method each and every persona will be allocated to two or more separate ISE devices.
--> In this method we need to have separate nodes dedicated for PAN and MNT.
--> This method is used when you have more than 20,000 concurrent sessions or more than 5 PSN in the deployment.
Note: To select the deployment method we need to go to Administration > System > Deployment
Reference: Cisco.com
0 comments:
Post a Comment