Cisco Cisco Identity Services Engine Software
2
Release Notes for Cisco Identity Services Engine, Release 1.1
OL-25539-01
Introduction
Introduction
The Cisco ISE platform is a comprehensive, next-generation, contextually-based access control solution.
Cisco ISE offers authenticated network access, profiling, posture, guest management, and security group
access services along with monitoring, reporting, and troubleshooting capabilities on a single physical
or virtual appliance. Cisco ISE ships on a range of physical appliances with different performance
characterization and also allows the addition of more appliances to a deployment for performance, scale,
and resiliency. Cisco ISE has a highly available and scalable architecture that supports standalone and
distributed deployments, but with centralized configuration and management. Cisco ISE also allows for
configuration and management of distinct Cisco ISE personas and services. This feature gives you the
ability to create and apply Cisco ISE services where they are needed in the network, but still operate the
Cisco ISE deployment as a complete and coordinated system.
Cisco ISE offers authenticated network access, profiling, posture, guest management, and security group
access services along with monitoring, reporting, and troubleshooting capabilities on a single physical
or virtual appliance. Cisco ISE ships on a range of physical appliances with different performance
characterization and also allows the addition of more appliances to a deployment for performance, scale,
and resiliency. Cisco ISE has a highly available and scalable architecture that supports standalone and
distributed deployments, but with centralized configuration and management. Cisco ISE also allows for
configuration and management of distinct Cisco ISE personas and services. This feature gives you the
ability to create and apply Cisco ISE services where they are needed in the network, but still operate the
Cisco ISE deployment as a complete and coordinated system.
Node Types, Personas, Roles, and Services
Cisco ISE provides a highly available and scalable architecture that supports both standalone and
distributed deployments. In a distributed environment, you configure one primary Administration node
and the rest are secondary nodes. The topics in this section provide information about Cisco ISE
terminology, supported node types, distributed deployment, and the basic architecture.
distributed deployments. In a distributed environment, you configure one primary Administration node
and the rest are secondary nodes. The topics in this section provide information about Cisco ISE
terminology, supported node types, distributed deployment, and the basic architecture.
Cisco ISE Deployment Terminology
describes some of the common terms used in Cisco ISE deployment scenarios.
Table 1-1
Cisco Cisco ISE Deployment Terminology
Term
Description
Service
A service is a specific feature that a persona provides such as network
access, profiler, posture, security group access, and monitoring.
access, profiler, posture, security group access, and monitoring.
Node
A node is an individual instance that runs the Cisco ISE software. Cisco ISE
is available as an appliance and also as a software that can be run on a
VMware server. Each instance (either running on a Cisco ISE appliance or
on a VMware server) that runs the Cisco ISE software is called a node.
is available as an appliance and also as a software that can be run on a
VMware server. Each instance (either running on a Cisco ISE appliance or
on a VMware server) that runs the Cisco ISE software is called a node.
Node type
A node can be of two types: ISE node and Inline Posture node. The node
type and persona determine the type of functionality provided by that node.
type and persona determine the type of functionality provided by that node.
Persona
The persona or personas of a node determine the services provided by a
node. A Cisco ISE node can assume any or all of the following personas:
Administration, Policy Service, and Monitoring.
node. A Cisco ISE node can assume any or all of the following personas:
Administration, Policy Service, and Monitoring.
Role
Determines if a node is a standalone, primary, or secondary node. Applies
only to Administration and Monitoring nodes.
only to Administration and Monitoring nodes.