ISE Compatibility Matrix (All Versions)

ISE Compatibility Matrix (All versions)

Contents

Introduction Prerequisites Requirements Components Used ISE- Hardware Compatibility ISE- Virtual Environment Compatibility ISE- External Identity Source LDAP Servers Token Servers Security Assertion Markup Language (SAML) Single Sign-On (SSO) Open Database Connectivity (ODBC) Identity Source

Introduction

This document describes various hardware, virtual Environment, External Identity server that each Identity Services Engine (ISE) version supports. Refer to the Release Notes, Install Guide, and compatibility guides in order to learn about all the requirements before server installation.

Prerequisites

Requirements

Cisco recommends that you have knowledge of these topics:

● ISE ● SNS Appliances ● virtual Environment ● Active Directory server

Components Used

This document is not restricted to specific software and hardware versions.

The information in this document was created from the devices in a specific lab environment. All of the devices used in this document started with a cleared (default) configuration. If your network is live, ensure that you understand the potential impact of any command.

ISE- Hardware Compatibility

Note: Look for various Elements on the x-axis and ISE version on the y-axis. In tables, X means supported.

Hardware Cisco ISE- VM-K9 ISE Cisco SNS- Cisco SNS- Cisco SNS- Cisco SNS- Cisco SNS- Cisco SNS- Cisco SNS- (VMware, Version 3415-K9 3495-K9 3515-K9 3595-K9 3615-K9 3655-K9 3695-K9 Linux KVM, (small) (large) (small) (large) (small) (medium) (large) Microsoft Hyper-V)

3.0 X1 X1 X1 X1 X1 X1 2.7 X1 X1 X1 X1 X1 X1 2.6 X1 X1 X1 X1 X1 X1 2.4 X1 X1 X1 X1 X1 X1 2.3 X1 X1 X1 X1 X1 2.2 X1 X1 X1 X1 X1 2.1 X1 X1 X1 X1 X2 2.0.1 X1 X1 X2 2.0 X1 X1 X2

1 Any persona.

2 Microsoft Hyper-V not supported.

ISE- Virtual Environment Compatibility

Virtual Environment Microsoft Hyper- ESXi 5.x (5.1 U2 V on Microsoft ISE Version KVM on QEMU KVM on RHEL KVM on RHEL and later support Windows Server 1.5.3-160 7.1, 7.3, and 7.5 7.0 RHEL 7), 6.x 2012 R2 and later 3.0 X X X 2.7 X X X 2.6 X3 X3 X3 2.4 X3 X3 X3 2.3 X3 X3 X3 2.2 X3 X3 X3 2.1 X4 X3 2.0.1 X4 X3 2.0 X4 X3

3 If you install or upgrade Cisco ISE on an ESXi 5.x server to support RHEL 7 as the Guest OS, update the VMware hardware version to 9 or later. 4 Only Vmware ESXi 5.x, 6.x.

ISE- External Identity Source

Active Directory

Microsoft Server 2008 2012 ISE Version 2003 2003(R2) & & 2016 2019 2008 (R2) 2012 (R2) 3.05 X X X X6 X X7 2.75 X X X X6 X X7 2.65 X X X X6 X X7 2.45 X X X X6 X 2.35 X X X X6 X 2.25 X X X X6 X 2.15 X X X X6 2.0.15 X X X6 2.05 X X X6

5 Supports Multi-Forest/Multi-Domain integration with Active Directory infrastructures to support authentication and attribute collection across large enterprise networks. It supports up to 50 domain join points

6 Cisco ISE supports all the legacy features in Microsoft Windows Active Directory 2012 R2; however, the new features in 2012 R2, such as Protective User Groups, are not supported.

7 Cisco ISE supports all the legacy features in Microsoft Windows Active Directory 2019, from Cisco ISE, Release 2.6.0.156 Patch 4 and above.

Note: (Applies for ISE 2.0, 2.0.1,2.1) Cisco ISE OCSP functionality is available only on Microsoft Windows Active Directory 2008, 2008 R2, 2012, and 2012 R2.

Note: (Applies for ISE 2.2, 2.3, 2.4, 2.6 & 2.7) Cisco ISE OCSP functionality is available only on Microsoft Windows Active Directory 2008 and later.

Note: (Applies only for 2.4, 2.6 & 2.7) You can only add up to 200 Domain Controllers on ISE. When the limit is exceeded, you receive this error: "Error creating - Number of DCs Exceeds allowed a maximum of 200".

Note: (Applies only for 2.0 & 2.0.1) Cisco ISE SCEP functionality is available only on Microsoft Windows Active Directory 2008 R2, 2012, and 2012 R2.

LDAP Servers

ISE Version LDAP Servers SunONE LDAP Directory OpenLDAP Directory Server Any LDAP v3 compliant server Server Version 5.2 Version 2.4.23 3.0 X X X 2.7 X X X 2.6 X X X 2.4 X X X 2.3 X X 2.2 X X 2.1 X X 2.0.1 X X 2.0 X X

Token Servers

Token Servers ISE Version RSA Authentication Manager 7. Any RADIUS RFC 2865- RSA ACE/Server 6. x Series x and 8. x Series compliant token server 3.0 X X X 2.7 X X X 2.6 X X X 2.4 X X X 2.3 X X X 2.2 X X X 2.1 X X X 2.0.1 X X X 2.0 X X X

Security Assertion Markup Language (SAML) Single Sign-On (SSO)

Servers Oracle Oracle Any PingFederat Access Identity ISE SAMLv2- Microsoft e Server PingOne Secure Manager Federation Version compliant Azure Version Cloud Auth 8.1.1 (OAM) (OIF) Identity 6.10.0.4 Version Version Provider 11.1.2.2.0 11.1.1.2.0 3.0 X X X X X X X 2.7 X X X X X X X 2.6 X X X X X X X 2.4 X X X X X X X 2.3 X X X X X X X 2.2 X X X X X X X 2.1 X X X X X X X 2.0.1 X X 2.0 X X

Open Database Connectivity (ODBC) Identity Source Servers Oracle Enterprise ISE Version Microsoft SQL MySQL Edition Release PostgreSQL 9.0 Sybase 16.0 Server 2012 6.3 12.1.0.2.0 3.0 X X X X X 2.7 X X X X X 2.6 X X X X X 2.4 X X X X X 2.3 X X X X X 2.2 X X X X X 2.1 X X X X