ISE Best Practice for Purging Endpoints

Maybe I haven't looked long enough or deep enough through the documents and guides, but I am wondering if there is a best practice for purging endpoints in general. For my guest endpoints, I have it set to purge those endpoints every 3 days. When i look at how many endpoints I have profiled at the current time, its a very large number of devices. I'm sure there is a large number of these that are no longer connecting to our network and probably won't in the future.
If there isn't a current best practice, would it sound logical to purge every 180 to 190 days? We are a public school district and we have 180 instructional days. Employees and students alike are able to bring their own devices. I figure with 190 day purge, it would cover the time that employees and students are in session.
Thoughts, opinions?
Thank you for your time.
Kevin

A lot of vendors will suggest also to have one SSID if possible, but the rule of thumb is 3-4 max.  The main issue is the differences required for specific WLAN's, which isn't just for Data and Voice, but you also have to look at mDNS, multicast, 802.11r, DTIM's, MFP, etc.  You can combine all devices to use one, but all the features/setting will be the same, which isn't ideal all the time.  There are attributes which you can set from ISE to push out to the WLC(s), but its the other unique values that you need to research and understand.

Similar Messages

  • Best practice for integrating oracle atg with external web service

    Hi All
    What is the best practice for integrating oracle atg with external web service? Is it using integration repository or calling the web service directly from the java class using a WS client?
    With Thanks & Regards
    Abhishek

    Using Integration Repository might cause performance overhead based on the operation you are doing, I have never used Integration Repository for 3rd Party integration therefore I am not able to make any comment on this.
    Calling directly as a Java Client is an easy approach and you can use ATG component framework to support that by making the endpoint, security credentials etc as configurable properties.
    Cheers
    R
    Edited by: Rajeev_R on Apr 29, 2013 3:49 AM

  • Best practice for distributing/releasing J2EE applications.

    Hi All,
    We are developing a J2EE application and would like some information on the best
    practices to be followed for distributing/releasing J2EE applications, in general.
    In particular, the dilemma we have is centered around the generation of stub, skeleton
    and additional classes for the application.
    Most App. Servers can generate the required classes while deploying the EJBs in the
    application i.e. at install time. While some ( BEA Weblogic and IBM Websphere are
    two that we are aware of ) allow these classes to be generated before the installation
    time and the .ear file containing the additional classes is the one that is uploaded.
    For instance, say we have assembled the application "myapp.ear" . There are two ways
    in which the classes can be generated. The first is using 'ejbc' ( assume we are
    using BEA Weblogic ), which generates the stub, skeleton and additional classes for
    the application and returns the file, say, "Deployable_myapp.ear" containing all
    the necessary classes and files. This file is the one that is then installed. The
    other option is to install the file "myapp.ear" and let the Weblogic App. server
    itself, generate the required classes at the installation time.
    If the first way, of 'pre-generating' the stubs is followed, does it require us to
    separately generate the stubs for each versions of the App. Server that we support
    ? i.e. if we generate a deployable file having the required classes using the 'ejbc'
    of Weblogic Ver5.1, can the same file be installed on Weblogic Ver6.1 or do we
    have to generate a separate file?
    If the second method, of 'install-time-generation' of stubs is used, what is the
    nature/magnitude of the risk that we are taking in terms of the failure of the installation
    Any links to useful resources as well as comments/suggestions will be appreciated.
    TIA
    Regards,
    Aasif

    Its much easier to distribute schema/data from an older version to a newer one than the other way around. Nearly all SQL Server deployment features supports database version upgrade, and these include the "Copy Database" wizard, BACKUP/RESTORE,
    detach/attach, script generation, Microsoft Sync framework, and a few others.
    EVEN if you just want to distribute schemas, you may want to distribute the entire database, and then truncate the tables to purge data.
    Backing up and restoring your database is by far the most RELIABLE method of distributing it, but it may not be pratical in some cases because you'll need to generate a new backup every time a schema change occurs, but not if you already have an automated
    backup/maintenance routine in your environment.
    As an alternative, you can Copy Database functionality in SSMS, although it may present itself unstable in some situations, specially if you are distributing across multiple subnets and/or domains. It will also require you to purge data if/when applicable.
    Another option is to detach your database, copy its files, and then attach them in both the source and destination instances. It will generate downtime for your detached databases, so there are better methods for distribution available.
    And then there is the previously mentioned method of generating scripts for schema, and then using an INSERT statement or the import data wizard available in SSMS (which is very practical and implements a SSIS package internally that can be saved for repeated
    executions). Works fine, not as practical as the other options, but is the best way for distributing databases when their version is being downgraded.
    With all this said, there is no "best practice" for this. There are multiple features, each offering their own advantages and downfalls which allow them to align to different business requirements.

  • Best Practice for Distributing Databases to Customers

    I did a little searching and was surprised to not find a best practice document for how to distribute Microsoft SQL Databases. With other database formats, it's common to distribute them as scripts. It seems that feature is rather limited with the built-in
    tools Microsoft provides. There appear to be limits to the length of the script. We're looking to distribute a database several GBs in size. We could detach the database or provide a backup, but that has its own disadvantages by limiting what versions
    of the SQL Server will accept the database.
    What do you recommend and can you point me to some documentation that handles this practice?
    Thank you.

    Its much easier to distribute schema/data from an older version to a newer one than the other way around. Nearly all SQL Server deployment features supports database version upgrade, and these include the "Copy Database" wizard, BACKUP/RESTORE,
    detach/attach, script generation, Microsoft Sync framework, and a few others.
    EVEN if you just want to distribute schemas, you may want to distribute the entire database, and then truncate the tables to purge data.
    Backing up and restoring your database is by far the most RELIABLE method of distributing it, but it may not be pratical in some cases because you'll need to generate a new backup every time a schema change occurs, but not if you already have an automated
    backup/maintenance routine in your environment.
    As an alternative, you can Copy Database functionality in SSMS, although it may present itself unstable in some situations, specially if you are distributing across multiple subnets and/or domains. It will also require you to purge data if/when applicable.
    Another option is to detach your database, copy its files, and then attach them in both the source and destination instances. It will generate downtime for your detached databases, so there are better methods for distribution available.
    And then there is the previously mentioned method of generating scripts for schema, and then using an INSERT statement or the import data wizard available in SSMS (which is very practical and implements a SSIS package internally that can be saved for repeated
    executions). Works fine, not as practical as the other options, but is the best way for distributing databases when their version is being downgraded.
    With all this said, there is no "best practice" for this. There are multiple features, each offering their own advantages and downfalls which allow them to align to different business requirements.

  • Best practice for WFMailer in a cloned environment

    Hi,
    What are the best practices to purge/clear out old notifications when we refresh dev instances from prod? Also, what steps do we need to restrict future messages going to all the users.
    I have been clearing out the email from the fnd_user table, but that doesn't seem to help.Also, I update the mail_status='SENT' in wf_notifications table.
    Thanks,
    Subroto

    Hi,
    Please refer to these documents.
    Note: 132254.1 - Speeding Up And Purging Workflow
    Note: 453137.1 - Oracle Workflow Best Practices Release 12 and Release 11i
    Note: 732713.1 - Purging Strategy for eBusiness Suite 11i
    Regards,
    Hussein

  • Best practice for OSB, OER and OSR

    Hi,
    I would like to know what are the best practices for using OSB, OER and OSR together in a run-time environment for a simple WSDL service.
    From how I see it:
    1) Create service-definition in OER
    2) Create proxy and business service in OSB
    3) Use harvester to harvest the proxy and business services in OER
    4) Use Exchange Utility to publish the proxy service to OSR
    Then the client and discover the proxy service and use OSB for invoking the operations from service.
    Kindly correct me where I am wrong.
    Some questions:
    1) Do we ever publish business service to OSR? Or is it only meant for proxy services?
    2) Is synching of OSB and OSR only meant when we are not using OER?
    Looking forward...

    Hi Anuj,
    Thanks for the links, they have been helpful.
    I understand now that OSR is only meant to contain only Proxy services. The synch facility is between OSR and OSB so that in case when you are not using OER, you can publish Proxy services to OSR from OSB. What I didn't understand was why there was a option to publish a Proxy service back to OSB and why it ended up as a Business service. From the link you provided, it mentioned that this case is for multi-domain OSBs, where one OSB wants to use the other OSB's service. It is clear now.
    Some more questions:
    1) In the design-time, in OER no Endpoints are generated for Proxy services. Then how do we publish our design-time services to OSR for testing purposes? What is the correct way of doing this?
    Thanks,
    Umar

  • Best Practice for E&C and Professional Services

    Hello Experts,
    Where do I find the Best Practice for implementing Oracle Projects, specific to Industries like E&C, Professional Services, Etc.
    Thanks

    Hi Anuj,
    Thanks for the links, they have been helpful.
    I understand now that OSR is only meant to contain only Proxy services. The synch facility is between OSR and OSB so that in case when you are not using OER, you can publish Proxy services to OSR from OSB. What I didn't understand was why there was a option to publish a Proxy service back to OSB and why it ended up as a Business service. From the link you provided, it mentioned that this case is for multi-domain OSBs, where one OSB wants to use the other OSB's service. It is clear now.
    Some more questions:
    1) In the design-time, in OER no Endpoints are generated for Proxy services. Then how do we publish our design-time services to OSR for testing purposes? What is the correct way of doing this?
    Thanks,
    Umar

  • What is the best practice for using the Calendar control with the Dispatcher?

    It seems as if the Dispatcher is restricting access to the Query Builder (/bin/querybuilder.json) as a best practice regarding security.  However, the Calendar relies on this endpoint to build the events for the calendar.  On Author / Publish this works fine but once we place the Dispatcher in front, the Calendar no longer works.  We've noticed the same behavior on the Geometrixx site.
    What is the best practice for using the Calendar control with Dispatcher?
    Thanks in advance.
    Scott

    Not sure what exactly you are asking but Muse handles the different orientations nicely without having to do anything.
    Example: http://www.cariboowoodshop.com/wood-shop.html

  • Best Practices for Accessing the Configuration data Modelled as XML File in

    Hi,
    I refer the couple of blof posts/Forum threads on How to model and access the Configuration data as XML inside OSB.
    One of the easiest and way is to
    Re: OSB: What is best practice for reading configuration information
    Another could be
    Uploading XML data as .xq file (Creating .xq file copy paste all the Configuration as XML )
    I need expert answers for following.
    1] I have .xsd file which is representing the Configuration data. Structure of XSD is
    <FrameworkConfig>
    <Config type="common" key="someKey">proprtyvalue</Config>
    <FrameworkConfig>
    2] As my project will move from one env to another the property-value will change according to the Environment...
    For Dev:
    <FrameworkConfig>
    <Config type="common" key="someKey">proprtyvalue_Dev</Config>
    <FrameworkConfig>
    For Stage :
    <FrameworkConfig>
    <Config type="common" key="someKey">proprtyvalue_Stage</Config>
    <FrameworkConfig>
    3] Let say I create the following Folder structure to store the Configuration file specific for dev/stage/prod instance
    OSB Project Folder
    |
    |---Dev
    |
    |--Dev_Config_file.xml
    |
    |---Stage
    |
    |--Stahe_Config_file.xml
    |
    |---Prod
    |
    |-Prod_Config_file.xml
    4] I need a way to load these property file as xml element/variable inside OSb message flow.?? I can't use XPath function fn:doc("URL") coz I don't know exact path of XMl on deployed server.
    5] Also I need to lookup/model the value which will specify the current server type(Dev/Stage/prod) on which OSB MF is running. Let say any construct which will act as a Global configuration and can be acccessible inside the OSb message flow. If I get the vaalue for the Global variable as Dev means I will load the xml config file under the Dev Directory @runtime containing key value pair for Dev environment.
    6] This Re: OSB: What is best practice for reading configuration information
    suggest the designing of the web application which will serve the xml file over the http protocol and getting the contents into variable (which in turn can be used in OSB message flow). Can we address this problem without creating the extra Project and adding the Dependencies? I read configuration file approach too..but the sample configuration file doesn't show entry of .xml file as resources
    Hope I am clear...I really appreciate your comments and suggestion..
    Sushil
    Edited by: Sushil Deshpande on Jan 24, 2011 10:56 AM

    If you can enforce some sort of naming convention for the transport endpoint for this proxy service across the environments, where the environment name is part of the endpoint you may able to retrieve it from $inbound in the message pipeline.
    eg. http://osb_host/service/prod/service1 ==> Prod and http://osb_host/service/prod/service2 ==> stage , then i think $inbound/ctx:transport/ctx:uri can give you /service/prod/service1 or /service/stage/service1 and applying appropriate xpath functions you will be able to extract the environment name.
    Chk this link for details on $inbound/ctx:transport : http://download.oracle.com/docs/cd/E13159_01/osb/docs10gr3/userguide/context.html#wp1080822

  • Best practices for implementing OIM

    We plan on putting OIM servers behind LB (hardware). When I develop OIM client I am required to specify OIM endpoint(s) via property java.naming.provider.url. In case of LB I'd specify a virtual host there. The question is what is the best practice for configuring LB - timeout, persistence, monitoring? I don think LB vendor is relevant, but just in case, I have a choice of F5 BigIP and Citrix Netscaler.
    My understanding is that Java class tcUtilityFactory is supposed to be instantiated once (in a web client) and maintain the connection, but LB will close the connection after timeout is exceeded. So another question is if I want to use LB I have to take care of rebuilding connection when it is expired, or open/close connection every time tcUtilityFactory is needed. Any advice will be appreciated.
    Thanks,
    Alex

    No i was not going to sync timeouts - just let it close connections after say, 5 min of inactivity. The reason is that performance data is horrible - from my desktop environment, initialization takes almost 9 sec, while reading data from OIM - only 150 milliseconds. I can't afford more than .5 sec on the whole OIM operation, as we are talking about customer experience.
    Thanks,
    Alex

  • Best Practice for starting & stopping HA msg nodes?

    Just setup a cluster and was trying to start-msg ha and getting error about watcher not being started. Does that have to be started separately? I figured start-msg ha would do both.
    For now I setup this in the startup script. Will the SMF messaging.xml work with HA? Whats the right way to do this?
    /opt/sun/comms/messaging64/bin/start-msg watcher && /opt/sun/comms/messaging64/bin/start-msg ha
    -Ray

    ./imsimta version
    Sun Java(tm) System Messaging Server 7.3-11.01 64bit (built Sep 1 2009)
    libimta.so 7.3-11.01 64bit (built 19:54:45, Sep 1 2009)
    Using /opt/sun/comms/messaging64/config/imta.cnf (not compiled)
    SunOS szuml014aha 5.10 IDR142154-02 sun4v sparc SUNW,T5240
    sun cluster 3.2. And we are following the zfs doc. I haven't actually restarted the box yet, just doing configs and testing still and noted that.
    szuml014aha# ./start-msg
    Warning: a HA configuration is detected on your system,
    use the HA start command to properly start the messaging server.
    szuml014aha# ./start-msg ha
    Connecting to watcher ...
    Warning: Cannot connect to watcher
    Critical: FATAL ERROR: shutting down now
    job_controller server is not running
    dispatcher server is not running
    sched server is not running
    imap server is not running
    purge server is not running
    store server is not running
    szuml014aha# ./start-msg watcher
    Connecting to watcher ...
    Launching watcher ... 11526
    szuml014aha# ./start-msg ha
    Connecting to watcher ...
    Starting store server .... 11536
    Checking store server status ...... ready
    Starting purge server .... 11537
    Starting imap server .... 11538
    Starting sched server ... 11540
    Starting dispatcher server .... 11543
    Starting job_controller server .... 11549
    Also I read in the zfs / msg doc about the recommendations:
    http://wikis.sun.com/display/CommSuite/Best+Practices+for+Oracle+Communications+Messaging+Exchange+Server
    If I split the messages and indices, will there be any issues should I need to imsbackup and imsrestore the messages to a different environment without the indices and messages split?
    -Ray
    Edited by: Ray_Cormier on Jul 22, 2010 7:27 PM

  • Best practices for setting up users on a small office network?

    Hello,
    I am setting up a small office and am wondering what the best practices/steps are to setup/manage the admin, user logins and sharing privileges for the below setup:
    Users: 5 users on new iMacs (x3) and upgraded G4s (x2)
    Video Editing Suite: Want to connect a new iMac and a Mac Pro, on an open login (multiple users)
    All machines are to be able to connect to the network, peripherals and external hard drive. Also, I would like to setup drop boxes as well to easily share files between the computers (I was thinking of using the external harddrive for this).
    Thank you,

    Hi,
    Thanks for your posting.
    When you install AD DS in the hub or staging site, disconnect the installed domain controller, and then ship the computer to the remote site, you are disconnecting a viable domain controller from the replication topology.
    For more and detail information, please refer to:
    Best Practices for Adding Domain Controllers in Remote Sites
    http://technet.microsoft.com/en-us/library/cc794962(v=ws.10).aspx
    Regards.
    Vivian Wang

  • Best-practice for Catalog Views ? :|

    Hello community,
    A best practice question:
    The situtation: I have several product categories (110), several items in those categories (4000) and 300 end-users.    I would like to know which is the best practice for segment the catalog.   I mean, some users should only see categories 10,20 & 30.  Other users only category 80, etc.    The problem is how can I implement this ?
    My first idea is:
    1. Create 110 Procurement Catalogs (1 for every prod.category).   Each catalog should contain only its product category.
    2. Assign in my Org Model, in a user-level all the "catalogs" that the user should access.
    Do you have any idea in order to improve this ?
    Saludos desde Mexico,
    Diego

    Hi,
    Your way of doing will work, but you'll get maintenance issues (to many catalogs, and catalog link to maintain for each user).
    The other way is to built your views in CCM, and assign these views to the users, either on the roles (PFCG) or on the user (SU01). The problem is that with CCM 1.0 this is limitated, cause you'll have to assign one by one the items to each view (no dynamic or mass processes), it has been enhanced in CCM 2.0.
    My advice:
    -Challenge your customer about views, and try to limit the number of views, with for example strategic and non strategic
    -With CCM 1.0 stick to the procurement catalogs, or implement BADIs to assign items to the views (I experienced it, it works, but is quite difficult), but with a limitated number of views
    Good luck.
    Vadim

  • Best Practice for Securing Web Services in the BPEL Workflow

    What is the best practice for securing web services which are part of a larger service (a business process) and are defined through BPEL?
    They are all deployed on the same oracle application server.
    Defining agent for each?
    Gateway for all?
    BPEL security extension?
    The top level service that is defined as business process is secure itself through OWSM and username and passwords, but what is the best practice for security establishment for each low level services?
    Regards
    Farbod

    It doesnt matter whether the service is invoked as part of your larger process or not, if it is performing any business critical operation then it should be secured.
    The idea of SOA / designing services is to have the services available so that it can be orchestrated as part of any other business process.
    Today you may have secured your parent services and tomorrow you could come up with a new service which may use one of the existing lower level services.
    If all the services are in one Application server you can make the configuration/development environment lot easier by securing them using the Gateway.
    Typical probelm with any gateway architecture is that the service is available without any security enforcement when accessed directly.
    You can enforce rules at your network layer to allow access to the App server only from Gateway.
    When you have the liberty to use OWSM or any other WS-Security products, i would stay away from any extensions. Two things to consider
    The next BPEL developer in your project may not be aware of Security extensions
    Centralizing Security enforcement will make your development and security operations as loosely coupled and addresses scalability.
    Thanks
    Ram

  • Best practice for multi-language content in common areas

    I've got a site with some text in header/footer/nav that needs to be translated between an English and Spanish site, which use the same design. My intention was to set up all the text as content to facilitate. However, if I use a standard dialog with the component's path set to a child of the current page node, I would need to re-enter the text on every page. If I use a design dialog, or a standard dialog with the component's path set absolutely, the Engilsh and Spanish sites will share the same text. If I use a standard dialog with the component's path set relatively (eg path="../../jcr:content/myPath"), the pages using the component would all need to be at the same level of the hierarchy.
    It appears that the Geometrixx demo doesn't address this situation, and leaves copy in English. Is there a best practice for this scenario?

    I'm finding that something to the effect of <cq:include path="<%= strCommonContentPath + "codeEntry" %>" resourceType ...
    works fine for most components, but not for parsys, or a component containing a parsys. When I attempt that, I get a JS error that says "design.path is null or not an object". Is there a way around this?

Maybe you are looking for

  • Need Help bad

    Hey guys, new to the forums. Joined for support questions. I have a brand new ( got it for Christmas ). Adobe Premier Pro cs3 and Sony AvCHD Camcorder. full 1080 HD quality with a 40 GB hard drive, and cant find the appropriate Fire wire for whatever

  • Speed up client activity status in SCCM console

    Hi Is it possible to speed up showing Client Activity on  machines under Devices in SCCM console? Currently even when i launch manually on client side to Hardware Inventory Cycle or Software i need to wait hours or even days until this info will show

  • How do I enter a "log-in name" and "password" in Security Tab options page; some sites block screen-sweeper?

    The data screen-sweeper in Mozilla seems to be blocked by some sites I need to log into, since Mozilla security does not input username and password data. How do I input this info thru Options/Security/Saved Passwords tab for these sites? Thanks!

  • Free books on ibooks?

    Purchased the hobbit for ibooks, then went and checked my collections and under purchased there was a whole bunch of books that I did not purchase so i clicked on one, thinking it was a sample, but turned out to be the entire book. Was I then charged

  • Communication channels error during update

    Hello, All the Communication channels of the XI QA system are showing a status "Error during Update"  Checked status of components in Runtime Workbench --> Component Monitoring. Red Alert on Adapter Engine The details of the Communication channel err