Achieving Policy Services Node Redundancy

B.

In Cisco Identity Services Engine (ISE), policy services node redundancy is achieved by deploying both primary and secondary nodes, which is option B.

The primary node is the first node that is installed in the deployment and is responsible for performing all the policy services. The secondary node is a backup node that takes over policy services in the event of a failure of the primary node.

When the primary node fails, the secondary node automatically takes over policy services, ensuring that network access policies and enforcement continue uninterrupted.

To achieve this redundancy, both primary and secondary nodes should be deployed in the deployment. These nodes should be configured to synchronize all their data, such as configuration data, certificates, and endpoint profiles, to ensure that the secondary node is always up-to-date and ready to take over in the event of a failure.

Other options mentioned in the question are not correct:

Option A, by creating a node group, is not related to achieving policy services node redundancy. A node group is used to distribute the load of policy services across multiple nodes, which helps to ensure high availability and scalability.

Option C, by enabling VIP (Virtual IP Address), is a method for load balancing incoming requests across multiple nodes, but it is not related to achieving policy services node redundancy.

Option D, by utilizing RADIUS server list on the NAD (Network Access Device), is a method for configuring redundancy in the RADIUS server, which is used for authentication and authorization, but it is not related to achieving policy services node redundancy in ISE.