Cisco Cisco Identity Services Engine 1.3 백서

 

 

© 2015 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. 

Page 2 of 13 

At the end of July 2014, we had deployed several primary capabilities for ISE. We have a guest infrastructure 

managed by two VMs (the primary in our San Jose data center and the secondary in our data center in Western 

Europe). These VMs manage global guest services for more than 60,000 guest accounts that are created monthly. 

The guest infrastructure was fully deployed at the end of December 2013 and runs ISE 1.2 Patch 7 (see Table 1). 

The production cluster runs on 28 VMs and also uses ISE 1.2 Patch 7. On the production cluster, we run all other 

capabilities. To date we have deployed Wireless Authentication to ISE, 802.1X Monitor Mode and Profiling, at 83 

sites globally. We have also deployed Wireless Authentication to ISE on more than 10,000 (of 30,000) Cisco Virtual 

Office (CVO) systems (these typically run on Cisco 800 Series Routers and Cisco SOHO Routers). And we are 

running a limited deployment of Wireless Posture Enforcement to two extranet partners for nearly 1000 devices 

connecting and authenticating successfully. Our profiled endpoint count is currently 550,000 devices, and our 

maximum concurrent connections at any given time are 55,000. 

IT Deployment Roadmap 

 

We took a staged approach regarding ISE, to avoid 

the “Big Bang” of deploying many capabilities simultaneously. 

To manage capability deployment and adoption, we are implementing ISE capabilities in bundles (see Figure 1). 

Bundling helps ensure that the requisite steps for success of each capability are completed properly.