ISE VMware Requirements

Welcome back Ziglets!!

Today I have another Zigbit for you!! This Zigbit is going to be on Cisco Identity Services Engine..  That’s right its “ISE ISE baby” time again!!  For this session on ISE, we will be reviewing the VMware requirements for Cisco ISE!!

ISE VMware Requirements

My personal advice for ISE VMs is to use the OVA that best fits the size of your deployment.  In doing this, you will received the same performance and scalability of the corresponding hardware appliance the OVA is built from.  The hardware appliance data sheet can be found here if you need more information on those.

In my opinion these resource reservations are hard requirements.  If a customer doesn’t have a virtual environment that can handle these requirements, removing the reservations might be an option but I always tell the customer they may suffer degraded performance by doing this.  In addition to performance issues, your ISE deployment may not be supported by Cisco so do it at your own risk.

Here is the link to the Cisco ISE 2.0 installation guide. Inside there is a table with OVA version and associated VM resource reservations.  I’ve taken the liberty to show this table below:

 

ISE OVA Template Resources

If you are not aware yet, but can see above, Cisco has come out with a couple new ISE platforms, the SNS3515 and SNS3595.  I believe these two platforms will eventually be replacing their current counterparts SNS3415 and SNS3495 respectively.  Both of the new platforms have better CPU than the older models.  The SNS3515 and SNS3415 come with the same amount of memory (16GBs), while the SNS3595 now comes with 64GBs versus the 32GBs with the SNS3495.  While the physical appliances have more resources, now the VM OVAs have higher reservation limits so keep this in the back of your mind.

I don’t know about other engineers out there but I get hit on this a lot.  Usually, I finish deploying the OVA and the VM wont boot.  When I talk to the customer, the presales engineer never had a resource requirements discussion with them and I have to be the bearer of bad news.  Traditionally, removing the resource reservations is the avenue the customer choices to go even after my advisements stated above.

Alright, until next time Ziglets keep it nerdy, and I promise the next Zigbit is coming soon!

Michael “Zig” Zsiga II, CCDE™ 2016::32, CCIE™ #44883 has been in the networking industry a little over 15 years. He is currently a Lead Technical Architect at ePlus in the New England region of the United States. Zig holds an active CCDE and two CCIE certifications, one in Routing and Switching and the second in Service Provider. Zig also holds a Bachelor’s of Science in Computer Science from Park University. Zig is a father, a husband, a United States Marine, a gamer, a nerd, a geek and a big soccer fan. Zig loves all technology and can usually be found in the lab learning and teaching others. Zig is a co-organizer of The Boston Network Operators Group (www.bosnog.org), runs multiple CCIE Study groups, and is a newly published author. Zig lives in New Hampshire, USA with his wife, Julie and their son Gunnar.