Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

802.1X , wired network, 40k clients, 250k devices

Hi,

We are about to start a project that shall secure an organisations wired network.

This organisation has 40k clients and around 250k network attached devices (clients, printers, cams, medical equipment, environmental equipment ...)

There are about 3000 Cisco switches connecting the  clients.

802.1x  and Cisco ISE are used for the wireless network (10k clients).

Is Cisco ISE the way to go for the wired network as well? Does it scale?

Things to think about when designing the solution?

/Jorgen

Everyone's tags (4)
3 REPLIES
Cisco Employee

802.1X , wired network, 40k clients, 250k devices

ISE 1.2 can suport up to 250,000 conrurrent endpoints.

http://www.cisco.com/c/en/us/td/docs/security/ise/1-2/release_notes/ise12_rn.html

With that being said, you will have to use multiple PSN nodes in a distributed deployment.

**Thank you for rating helpful posts**

Thank you for rating helpful posts!

802.1X , wired network, 40k clients, 250k devices

System Scale (Per Identity

System Scale (Per Identity Services Engine deployment)

Description

Number

Maximum number of NADs

30,000

Maximum number of Network Device Groups

100

Maximum number of Internal users

25,000

Maximum number of Internal guests

50,000 (Total number of guest account per year is 1,000,000 as accounts get purged)

Maximum number of EndPoints

1,000,000

Maximum number of Authentication Rules

25 when Simple mode is used

100 combined rules when Policy Set mode is used

Maximum number of Authorization Rules

600 (Best Practice to keep it below 100. With 100+ rules rendering of GUI and user access will be negatively impacted.)

TrustSec Security Group Tags (SGT)

4,000

TrustSec Security Group ACLs (SGACLs)

2,500

165
Views
0
Helpful
3
Replies
CreatePlease to create content