Chapter 6, Installing the Cisco ISE System Software on a VMware Virtual Machine
Download this chapter
Chapter 6, Installing the Cisco ISE System Software on a VMware Virtual MachineChapter 6, Installing the Cisco ISE System Software on a VMware Virtual Machine
 Feedback

Table Of Contents

Installing ISE-3300 System Software in a VMware Virtual Machine

Virtual Machine Requirements

Evaluating ISE, Release 1.0

Configuring a VMware ESX 3.x or 4.0 Server

Configuring the VM

Prerequisite

Preparing the VM for ISE System Installation

Configuring the VM Using the ISE Installation DVD

Installing the ISE System


Installing ISE-3300 System Software in a VMware Virtual Machine

This chapter describes the system requirements for installing ISE-3300 series system software in a VMware virtual machine. This section provides information about this process in the following topics:

Virtual Machine Requirements

Evaluating ISE, Release 1.0

Configuring a VMware ESX 3.x or 4.0 Server

Configuring the VM

Preparing the VM for ISE System Installation

Installing the ISE System

Virtual Machine Requirements

The minimum system requirements for the virtual machine must be similar to the ISE-3300 series appliance hardware configuration. Table 6-1 lists the minimum system requirements to install ISE-3300 series on a VMware virtual machine.

Table 6-1 Minimum VM System Requirements 

Requirement Type
Minimum Requirements

CPU

Intel Dual-Core; 2.13 GHz or faster

Memory

4 GB RAM

Hard Disks

60 to 600 GB of disk storage (size dependeds on deployment and tasks)

NIC

1 GB NIC interface

Hypervisor

Supported VMware versions include:

ESX 3.0, 3.5, or 4.0

ESXi 4.0 or 4.1


Note VMware server version 2.0 is only supported for demonstration of ISE, Release 1.0. For an evaluation or production version, the minimum disk space is 60 GB.

Note There is no distinction between the minimum disk space requirements required for VMware servers used for evaluation or a production deployment. The only distinction is in the type of license needed. The minimum supported VMware server installation of ISE requires 60 GB of disk space. For license details, see Installing a Valid License, page 8-1.

VMware hard disk space allocation guidelines include the following:

For an ISE system on a VMware server running with the Monitoring and Troubleshooting (M&T) node enabled, the recommended disk space allocation is:

Small network deployment (?? GB)

Medium network deployment (?? GB)

Large network deployment (?? GB)

Need deployment guidelines from DEV and/or TMEs for disk allocation per deployment type.

For an ISE system on a VMware server, the minimum disk space allocation is 60 GB. The 60 GB of disk space can provide full functionality for any of the following ISE node types:

PAP

PDP

Profiler

Posture

Note An ISE system running on a VMware server with 60 GB of disk space will have limited M&T functionality.

What can we specify here regarding "limited" M&T functionality?

The ISE, Release 1.0, installer is designed to make use of all disk space allocated to a VMware server, up to a maximum that is equal to the same maximum supported by the ISE hardware appliance.

This means that the maximum disk space allocation for a medium or large deployment is 600 GB. This maximum disk space cannot be exceeded, regardless of what was allocated to the VMware server. For example:

If a VMware server is created with a 200 GB disk space allocation, the ISE installer will allocate 200 GB for use.

If a VMware server is created with a 1 Terabyte (TB) disk space allocation, the ISE installer will allocate up to its maximum allowed (600 GB).

If a VMware server is created with a 40 GB disk space allocation, the ISE installer will fail because that size allocation is below the minimum supported disk space allocation.

I am making an assumption that Evaluation will closely follow the ACS model. I did not find a section in the DIG on evaluation.

Evaluating ISE, Release 1.0

For evaluation purposes, ISE, Release 1.0, can be installed in any of the supported VMware server virtual machines that meet the Virtual Machine Requirements. When evaluating ISE, Release 1.0, you can configure less disk space in the virtual machine, but you still are required to allocate a minimum disk space of 60 GB.

To download the ISE, Release 1.0, software for evaluation, perform the following:

Step 1 Go to the following link:

http://cisco.com/go/ise

Step 2 Click Download Software.

You must already have valid Cisco.com login credentials to access this link.

To download a 90-day evaluation license:

Step 1 Go to the following link:

https://tools.cisco.com/SWIFT/Licensing/PrivateRegistrationServlet?DemoKeys=Y

Step 2 Click the link available in the Licenses Not Requiring a PAK section, and select an evaluation license.

You must already have valid Cisco.com login credentials to access this link.

Note VMware server installations are supported for evaluation environments. There is no distinction between the minimum disk space requirements required for VMware servers used for evaluation or production deployments. The only distinction is in the type of license needed. The minimum supported VMware server installation of ISE requires 60 GB of disk space. For license details, see Installing a Valid License, page 8-1.

Note To migrate an ISE configuration from an evaluation system to a fully licensed production system, backup the configuration of the evaluation version, install a production deployment license, and restore the configuration to the production system.

Will this be the process, or will an admin be required to backup their database as well (or will this involve something more elegant)?

Configuring a VMware ESX 3.x or 4.0 Server

To install ISE on a supported VMware server, you must allocate a minimum disk space of 60 GB on the VM system. This section describes how to set the minimum required disk space on the VM system. To change the disk space size on the VM, log into the ESX Server. This section provides procedures for performing some important configuration-related tasks.

Note Both of these procedures require that you are logged in. For details on performing an initial login, see Logging In, page 8-3.

To verify or change disk allocation, perform the following:

Step 1 Choose Configuration > Storage, and click Properties.

If the memory size is 256 GB, you must change it to 512 GB.

Step 2 Change the memory size to 512 GB by choosing Configuration > Storage.

To remove the default configuration, perform the following:

Step 1 Click Remove.

A confirmation window appears.

Step 2 Click Yes.

The default configuration is removed.

To create a new virtual file size, perform the following:

Step 1 Choose Configuration > Storage > Add Storage Wizard.

You can find the Add Storage wizard at the upper-right corner of the configuration window.

Figure 6-1 Configuration Window

Step 2 From the Storage Type drop-down list, choose Disk/LUN and click Next.

Step 3 Choose 512 GB, 2 MB block size and click Next.

60 GB is the minimum block size required for installing VMware with ISE. However, ISE will use only up to a maximum of 600 GB, even if you assign extra space in your VM.

Step 4 Click Finish.

The new VM with a 512 GB memory and a 2 MB block size is created successfully.

To check the new file size, choose Configuration > Storage, and click Properties.

Figure 6-2 displays the properties of a disk space created with the name ds1.

Figure 6-2 Disk Space Properties Window

Configuring the VM

This section describes how to configure VMware servers using the VMware Infrastructure Client.

Prerequisite

Before installing the ISE server, verify that the VMware server has a minimum of at least 60 GB disk space allocated. For more information, see Configuring a VMware ESX 3.x or 4.0 Server.

To configure the VMware server using the VMware Infrastructure Client:

Step 1 Log in to the ESX Server.

Step 2 In the VMware Infrastructure Client, in the left pane, right-click your host container and choose New Virtual Machine.

The New Virtual Machine Wizard appears.

Step 3 In the Configuration Type dialog box, choose Typical as the VM configuration as shown in Figure 6-3, and click Next.

Figure 6-3 Virtual Machine Configuration Dialog Box

The Name and Location dialog box appears. (Figure 6-4)

Step 4 Enter a name you want for referencing the VM, and click Next.

Figure 6-4 Name and Location Dialog Box

Tip Use the hostname you want to use for your VM host.

The Datastore dialog box appears. (Figure 6-5)

Step 5 Choose a datastore that has a minimum of 60 GB free space available, and click Next.

Figure 6-5 Datastore Dialog Box

The Guest Operating System dialog box appears. (Figure 6-6)

Step 6 Click the Linux radio button and from the Version drop-down list, choose Other Linux (32-bit).

Figure 6-6 Guest Operating System Dialog Box

The Number of Virtual Processors dialog box appears. (Figure 6-7)

Step 7 From the Number of virtual processors drop-down list, choose 2 (if 2 is available); or you can choose 1. Click Next.

Figure 6-7 Number of Virtual Processors Dialog Box

The Memory Configuration dialog box appears. (Figure 6-8)

Step 8 Enter 4096 MB, and click Next.

Figure 6-8 Memory Configuration Dialog Box

The NIC Configuration dialog box appears. (Figure 6-9)

Step 9 Choose 1 NIC, and click Next.

Figure 6-9 NIC Configuration Dialog Box

The Virtual Disk Capacity dialog box appears. (Figure 6-10)

Step 10 In the Disk Size field, enter 500 GB, and click Next.

Figure 6-10 Virtual Disk Capacity Dialog Box

The Ready to Complete New Virtual Machine dialog box appears. (Figure 6-11)

Step 11 Verify the configuration details, such as Name, Guest OS, Virtual CPU, Memory, and Virtual Disk Size, of the newly created VM.

Figure 6-11 Ready to Complete Dialog Box

Step 12 Click Finish.

The VM is installed.

To activate the newly created VM, right-click the VM in the left pane and choose Power On.

Preparing the VM for ISE System Installation

After configuring the VM, you are ready to install the ISE system. To install the ISE system from your Cisco Identity Services Enginer, Release 1.0, Installation DVD, you need to configure the VM to boot from the Cisco installation DVD. This requires that the VMbe configured with a virtual DVD drive to boot from the Cisco Identity Services Enginer, Release 1.0, Installation DVD.

This can be done using different methods that are dependent upon your network environment. See Configuring the VM Using the ISE Installation DVD to configure the VM using the DVD drive of your VMware ESX server host.

Configuring the VM Using the ISE Installation DVD

This section describes how to configure the VM to boot from the Cisco Identity Services Enginer, Release 1.0, Installation DVD using the DVD drive of the VMware ESX server host.

To configure the VM using the DVD drive, perform the following:

Step 1 In the VMware Infrastructure Client, highlight the newly created VM, and choose Edit Virtual Machine Settings.

The Virtual Machine Properties window appears. Figure 6-12 displays the properties of a VM created with the name ISE1.0.

Figure 6-12 Virtual Machine Properties Dialog Box

Step 2 In the Virtual Machine Properties dialog box, choose CD/DVD Drive 1.

The CD/DVD Drive1 properties dialog box appears.

Step 3 Choose the Host Device option, and from the drop-down list, choose your DVD host device.

Step 4 Choose the Connect at Power On option, and click OK to save your settings.

You can now use the DVD drive of the VMware ESX server to install the ISE server.

When you complete the configuration, click the Console tab, right-click the VM from the left pane, and choose Send Ctrl+Alt+Del to restart the VM.

Installing the ISE System

This section describes the installation process for the ISE server on VMware ESX 3.5 or 4.0.

To install the ISE server:

Step 1 Log in to the VMware Infrastructure Client.

Step 2 Insert the Cisco Identity Services Enginer, Release 1.0, Installation DVD into the VMware ESX host CD/DVD drive, and power on the VM.

You can also download the ISE, 1.0 software from the Cisco Software Download Site at: http://www.cisco.com/public/sw-center/index.shtml.

Note After installation if you do not install a permanent license, ISE will automatically install a 90 day evaluation license that supports a maximum of 25 endpoints.

When the Cisco Identity Services Enginer, Release 1.0, Installation DVD boots, the console displays:

Welcome to Cisco Secure ISE Recovery

To boot from the hard disk press <Enter>

Available boot options:

[1] Cisco Identity Services Engine Installation (Monitor/Keyboard)

[2] Cisco Identity Services Engine Installation (Serial Console)

[3] Reset Administrator Password (Keyboard/Monitor)

[4] Reset Administrator Password (Serial Console)

<Enter> Boot from hard disk

Please enter boot option and press <Enter>.

boot: 1

You can select either the monitor and keyboard port, or the console port to perform the initial setup.

Step 3 At the system prompt, type 1 to select a monitor and keyboard port, or type 2 to select a console port, and press Enter.

This starts the installation of the ISE server on the VM.

Note Allow 20 minutes for the installation process to complete.

When the installation process finishes, the VM reboots automatically.

When the VM reboots, the console displays:

Type 'setup' to configure your appliance

localhost:

Step 4 At the system prompt, type setup, and press Enter.

The Setup Wizard appears and guides you through the initial configuration. For more information on the setup process, see Running the Setup Program, page 5-2.