Re: Alternatives to ISE?

[Eriks Rugelis <eriks () netideainc ca>]

$dayjob is a university where we use PacketFence to support .1x for a population of approx. 28K concurrent Wi-Fi 
devices.

It took us a couple of iterations but we now have a clustered deployment (of VM’s) model which routinely handles >1200 
logins per second, has a fair bit of headroom left over and can scale larger as required.

We have been very satisfied with the responsiveness and capabilities of tech support by Inverse.ca.   All this and the 
price point is hard to beat.

I have no personal interest in Inverse other than as a satisfied customer.

Our presentation on the scalable deployment model for PF may be found by searching the web for “Authentication for big 
Wi-Fi”.

Eriks
---
Eriks Rugelis
Sr. Consultant
Netidea Inc.
T: +1.416.876.0740

> On Dec 3, 2017, at 10:06, Jean | ddostest.me via NANOG <nanog () nanog org> wrote:
>
> I'm about to try this one.
>
> https://packetfence.org/
>
> Not sure if it covers all the features you need though, but it seems
> promising. In case you give it a try, could you share your experience
> please?
>
> Thanks
> Jean
>
> > On 17-12-03 09:48 AM, segs wrote:
> > Forescout but if you want something simpler with SNMP authentication of
> > switches and Domain Controller of authorized PCs you can have a look at
> > Portnox. Done couple of deployments with Portnox.
> >
> > On Sun, Dec 3, 2017 at 3:39 PM, Christopher J. Wolff <cjwolff () nola gov>
> > wrote:
> >
> > > I've about reached my limit with the dumpster fire that is Cisco's
> > > Identity Service Engine.  Are there any reliable alternatives that do
> > > endpoint classification, central web auth, and .1x auth?
> > >
> > > Thanks in advance,
> > > Christopher