View Cart
0 Items | Total: US$0.00
Welcome,      Register

You are here

SEC0030 - ISE 1.1 Node Registration with Self-Signed Certificate

Rating: 
5
Average: 5 (3 votes)
Difficulty Level: 
0
Lab Document: 
<Please login to see the content>

The video demonstrates how to register a Policy Service node to a primary Admin node using self-signed certificate. The same process applies to registering a secondary Admin node. This step is required when implementing an ISE distributed design for high scalability. The other option is to use trusted CA-signed certificate, which will be looked at in a separate video.

Pros
  • PKI is not required
  • Fast deployment
Cons
  • Certificate is not trusted by client during authentication
  • Certificate re-install to all nodes is required after each certificate expiration and renewal

About Author

Metha Chiewanichakorn, CCIE#23585 (Ent. Infra, Sec, SP), is a Cisco networking enthusiast with years of experience in the industry. He is currently working as a consulting engineer for a Cisco partner. As a founder of and an instructor at labminutes.com, Metha enjoys learning and challenges himself with new technologies.

2 comments

WE MOVED ONE NODE TO NODE GROUP- POLICY NODE.
NOW ADMIN NODE IS IN WHICH GROUP- IS IT IN SAME GROUP I MEAN NODE GROUP 1

Node group makes PSNs communicate more efficiently and it is not really for Admin or Monitoring nodes.