Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1110
Views
0
Helpful
3
Replies

ACS 5.7 - Virtual Machine Requirements

Go to solution
Nicola Adustini
Level 1
Level 1

‎09-07-2015 09:09 AM - edited ‎03-10-2019 11:02 PM

Hi all,
in a customer site we have 4 ACS 4.2 (one in each of the 4 main campus) synchronized in the old way.
We have upgrade almost all the network environment, and now it's time to replace AAA system.
I'm planning to install an ACS 5.7 in a VMware Virtual Machine as primary and an another one as secondary.

But i've some trouble reading the datasheet.

In our scenario at the moment we have about 2000 concurrent users (802.1x + admin + VPN): can you help me with the hardware requirements?
RAM: 4 to 64 GB ... what is the right amount of RAM?
Disk: must it be 500 GB on each server, or just for the secondary, that should be del log collector? Is 500 GB too much for "only" 2000 users?
Thanks in advance,
N

 

 

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Ivan Gonzalez
Cisco Employee
Cisco Employee

‎09-07-2015 10:38 AM

Hi Nicola,

Please check bellow the answers to your concerns:

 

1)In our scenario at the moment we have about 2000 concurrent users (802.1x + admin + VPN): can you help me with the hardware requirements?
RAM: 4 to 64 GB ... what is the right amount of RAM?

 

Just by allocating 4GB of RAM it will work fine, however, the most you could add it would be better.

 

2)Disk: must it be 500 GB on each server, or just for the secondary, that should be del log collector? Is 500 GB too much for "only" 2000 users?

 

The log collector must be allocated with 500 GB of disk space, independently if it will have primary or secondary role.

However, I would suggest if possible to allocate 500 GB on both servers even if the other will not be running as log collector.

 

Note: Please mark it as answered if applicable.

 

 

View solution in original post

0 Helpful
3 Replies 3

Go to solution
Ivan Gonzalez
Cisco Employee
Cisco Employee

‎09-07-2015 10:38 AM

Hi Nicola,

Please check bellow the answers to your concerns:

 

1)In our scenario at the moment we have about 2000 concurrent users (802.1x + admin + VPN): can you help me with the hardware requirements?
RAM: 4 to 64 GB ... what is the right amount of RAM?

 

Just by allocating 4GB of RAM it will work fine, however, the most you could add it would be better.

 

2)Disk: must it be 500 GB on each server, or just for the secondary, that should be del log collector? Is 500 GB too much for "only" 2000 users?

 

The log collector must be allocated with 500 GB of disk space, independently if it will have primary or secondary role.

However, I would suggest if possible to allocate 500 GB on both servers even if the other will not be running as log collector.

 

Note: Please mark it as answered if applicable.

 

 

0 Helpful

Go to solution
Nicola Adustini
Level 1
Level 1
In response to Ivan Gonzalez

‎09-07-2015 11:48 PM

Thank you very much for answering.

In the docs i've read, it is written that it is not so simple to resize partitions: something like a new installation... so it is import the right sizing everything.

For sure, as you've written, log collector will be with 500 GB.

I'll ask for a 500 even for the primary, but in case of trouble finding resources (it is a "concrete" possibility) what are the disadvantage to have a primary with, for example, 250 GB?

Thanks again,

N

0 Helpful

Go to solution
Ivan Gonzalez
Cisco Employee
Cisco Employee
In response to Nicola Adustini

‎09-08-2015 10:17 AM

Hello Nicola,

 

You are very welcome.

That is right, resize partitions always ends up on rebuilding the VMware machine in which your ACS is running.

Related to the disadvantage of building your Primary with less than 500 GB is that if your secondary running as log collector goes down by any reason, all view services will be moved to the primary ( with 250 GB ) which we could say it is not really prepare to run the view services, and depending on the amount of messages your devices are generating against the ACS it will be overloaded quickly.

Additionally, as you mentioned, if at certain point you want to allocate the 500 GB to it, you will need to rebuild the VMware machine.

 

Something really important is to make sure to use "Think provisioning" and not "Thin provisioning" mode on the VMware machines that the ACS will be running, because it will cause performance issues as well:

http://www.cisco.com/c/en/us/td/docs/net_mgmt/cisco_secure_access_control_system/5-7/installation/guide/csacs_book/csacs_vmware.html#pgfId-1098669

 

Extracted from link:

NoteDo not choose VMware thin provisioning as a storage type because ACS supports only thick provisioning on all supported VMware servers.

 

Best regards,

 

You rating is highly appreciate it.

0 Helpful
Customers Also Viewed These Support Documents