Adding Cisco ISE to deployment

Technology: Network Security
Area: Access and Identity Management
Vendor: Cisco
Software: 2.1
Platform: ISE Virtual Appliance, ISE Physical Appliance

• Adding nodes to ISE deployment
  • For successful registration ISE nodes FQDNs need to be resolvable by DNS and system certificates with Admin purpose have to be known and trusted between each other. If ISE nodes use self-signed certificates you need to exchange the certificates between nodes that you want to add to deployment. Self-signed certificates need to be added to Trusted Certificates store of ISE. If you have enrolled nodes with your internal / corporate CA whole issuer’s chain need to be added to Trusted store.
  • Registration is performed from PAN level – making the PAN to become Primary

• Registration process – provide FQDN of the registered node

• Registration process – if node is found node settings appear. Now the necessary roles and personas must be choosen

• Registration process – after registration, new node is being synchronized with deployment. It will take several minutes.

• Registration process – synchronization is done when status on both nodes is Connected