Awesome ISE resources

Cisco LIVE Presentations (These are money)

PXGRID

ISE 2.4

  • Details on VMs – small, medium, large tshirt sizes
  • License Details-
  • Quick Read on ISE 2.4 Licensing
  • Please read before upgrading to 2.4 🙂 –

    Device Administration Licenses

    For Cisco ISE 2.3 and earlier versions, a perpetual Device Administration license is required per deployment, regardless of the number of device administration nodes in the deployment. Starting from Cisco ISE 2.4, the number of Device Administration licenses must be equal to the number of device administration nodes (PSNs configured for device administration service) in a deployment.

    If you are currently using a Device Administration license and plan to upgrade to Release 2.4, TACACS+ features will be supported for 50 Device Administration nodes in Release 2.4.

    If you install a PAK generated from a new PID, Device Administration license count is displayed as per the quantity available in the PAK file. You can add multiple Device Administration licenses to your deployment based on the number of Device Administration nodes that you require. Evaluation license supports one Device Administration node.

    Licenses for VM nodes

    Cisco ISE is also sold as a virtual appliance. For Release 2.4, it is recommended that you install appropriate VM licenses for the VM nodes in your deployment. You must install the VM licenses based on the number of VM nodes and each VM node’s resources such as CPU and memory. Otherwise, you will receive warnings and notifications to procure and install the VM license keys in Release 2.4, however, the services are not interrupted.

    VM licenses are offered under three categories—Small, Medium, and Large. For instance, if you are using 3595 equivalent VM node with 8 cores and 64 GB RAM, you might need a Medium category VM license, if you want to replicate the same capabilities on the VM. You can install multiple VM licenses based on the number of VMs and their resources as per your deployment requirements.

    VM licenses are Infrastructure licenses, therefore, you can install VM licenses irrespective of the endpoint licenses available in your deployment. You can install a VM license even if you have not installed any Evaluation, Base, Plus, or Apex license in your deployment. However, in order to use the features enabled by the Base, Plus, or Apex licenses, you must install the appropriate licenses.

    After installing or upgrading to Release 2.4, if there is any mismatch between the number of deployed VM nodes and installed VM licenses, alarms are displayed in the Alarms dashlet for every 14 days. Alarms are also displayed if there are any changes in the VM node’s resources or whenever a VM node is registered or deregistered.

    VM licenses are perpetual licenses. VM licensing changes are displayed every time you log in to the Cisco ISE GUI, until you check the “Do not show this message again” check box in the notification popup.

    If you have not purchased any ISE VM license before, refer to the ISE Ordering Guide to choose the appropriate VM license to be purchased. If you have purchased ISE VM licenses with no Product Authorization Key (PAK) associated, you can request VM PAKs by reaching out to ise-vm-license@cisco.com with Sales Order numbers that reflect the ISE VM purchase. This request will be processed to provide one medium VM license key for each ISE VM purchase you made in the past.”