In a Cisco ISE split deployment model, which load is split between the nodes?
Click on the arrows to vote for the correct answer
A. B. C. D.A.
In a Cisco Identity Services Engine (ISE) split deployment model, the load is split between the nodes for different tasks.
The split deployment model refers to the deployment of Cisco ISE nodes in separate physical locations. It provides redundancy and high availability for network authentication, authorization, and accounting (AAA) services.
The two types of nodes in a split deployment model are the Primary Administration Node (PAN) and the Monitoring and Troubleshooting (MnT) node.
The PAN node handles the configuration, management, and policy creation for the entire deployment. It stores the configuration database, manages the certificates, and handles the authentication and authorization requests from the network devices.
The MnT node provides monitoring and troubleshooting services. It receives and stores the logs and events generated by the PAN and network devices. The MnT node also provides advanced reporting and troubleshooting features.
In a split deployment model, the load is split between the PAN and MnT nodes as follows:
AAA (Authentication, Authorization, and Accounting) load is handled by the PAN node. It receives the authentication and authorization requests from network devices and applies the policies configured on the PAN node. It also logs the accounting data.
Network Admission load is handled by both PAN and MnT nodes. The network admission load includes the initial device profiling, device registration, and endpoint identity management. The PAN node is responsible for the initial policy creation, and the MnT node collects the profiling data and logs.
Device Admission load is handled by the PAN node. It authorizes and authenticates the network devices, registers them to the deployment, and enforces the policies for network access.
Log Collection load is handled by the MnT node. It collects and stores the logs generated by the PAN and network devices. The MnT node also provides the advanced reporting and troubleshooting features based on the collected logs.
In summary, in a Cisco ISE split deployment model, the load is split between the nodes for different tasks. The PAN node handles AAA and device admission load, while the MnT node handles log collection and provides advanced reporting and troubleshooting features. Both nodes handle the network admission load.