Ray, I'm running 2.2 with 17000 endpoints in a 7 node deployment. Main Problems: -Replication slow or failed -Displaying endpoints ends up in a "Shards" error or crashes the GUI (documented Cisco bug) -Wifi Container Service (?) fails -Inaccurate license counts causing license alarms -Moments where unable to add or see network devices -Profile rules are not catching certain hosts (even when you hardcode the OUI) I'm certain I'm forgetting a few but you get the drift. Yours in service, Christopher J. Wolff | Network Operations Information Technology & Innovation City of New Orleans (o) 504.658.7817 (m) 504.265.6306 (e) cjwolff@nola.gov -----Original Message----- From: Ray Van Dolson [mailto:rvandolson@esri.com] Sent: Sunday, December 3, 2017 9:55 PM To: Christopher J. Wolff <cjwolff@nola.gov> Cc: nanog@nanog.org Subject: Re: Alternatives to ISE? On Sun, Dec 03, 2017 at 02:39:27PM +0000, Christopher J. Wolff wrote:
I've about reached my limit with the dumpster fire that is Cisco's Identity Service Engine. Are there any reliable alternatives that do endpoint classification, central web auth, and .1x auth?
What version of ISE are you running? What are your main frustrations with it? Ray