We plan to buy ISE. Please, find below some details
- The number of users is about 800 and i am a bit confused if we should order SNS 3415 or SNS 3495 (I see in some documents that the max user for SNS 3415 is 200 and I would like to have confirmation if SNS 3415 is fine for 800 users).
- Some users will connect with wireless and others wired.In this case, do I need to use inline node and have to use SNS 3415?
- Can I use SNS 3415 and 3495in the same network? (for ex. SNS 3415 for wireless, SNS 3495 for wiredand administration) ?
I don't know where you got 200 as the max number of endpoints. The 3415 can handle up to 5000 endpoints. See this screenshot from the ordering guide:
You only need an Inline Posture Node if you have users connecting to your network through an off-site VPN Connection. THE IPN handles the CoA behind the ASA. ASA 9.2.1 (not yet released) will be able to handle C0A and at that time, no IPN will be needed.
SNS-3415 and SNS-3495 can definitely be used together in the same network, but your deployment plans will not. You license the ISE deployment-wide. For example, you can license for wireless only, but that would make the entire deployment wireless only. To have 2 separate deployments of ISE in a network is NOT supported and will create issues.
Please Rate Helpful posts and mark this question as answered if, in fact, this does answer your question. Otherwise, feel free to post follow-up questions.
So the timeframe for deployment is still six months or more away? In that case, 2 SNS-3415s running in High Availability mode will be all you need. The software for the ASA will hopefully be released by then and the need for the Inline Posture Node will be relieved.
In order to become an ISE ATP Partner, you have to work with your Account Manager and request an invitation to the program.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...