Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
978
Views
4
Helpful
3
Replies

ISE PAN and MnT VM Disk Requirements

Go to solution
dsserubi
Level 1
Level 1

‎04-09-2018 09:19 AM

I have a question about the VM disk requirements for the ISE PAN and MnT nodes that are in production. In the guides, the recommendation is to provision a minimum of 600GB for the MnT due to increased log retention and at least 200 GB for PAN only persona VM.  (https://communities.cisco.com/docs/DOC-68347). The disk requirements are stated as "recommended" and NOT "required".

The recommendations are mostly based on disk log retention for a deployment that would require a given sized virtual appliance. This means that 600GB is recommended for the 3315 OVA for PAN and MnT and 1200GB for the 3595 OVA for PAN and MnT. It's apparent that the notable difference between the appliances is compute capacity and concurrent session support which means that additional disk space is because of additional logging required for a larger deployment.

If all the logs and operational data are exported to an external system and don't need a few days of on-disk operational logging since only a few of days of logs are needed for troubleshooting, what would be the actual disk requirements (NOT recommendation) for a production PAN and MnT running on separate VMs without considering increased log retention?

1 Accepted Solution

Accepted Solutions

Go to solution
gbekmezi-DD
Level 5
Level 5

‎04-09-2018 10:03 AM

I would look here and evaluate your situation against the Table 3 and 4:

https://www.cisco.com/c/en/us/td/docs/security/ise/2-3/install_guide/b_ise_InstallationGuide23/b_ise_InstallationGuide23_chapter_01.html#ID-1417-000000d9

George

View solution in original post

3 Replies 3

Go to solution
gbekmezi-DD
Level 5
Level 5

‎04-09-2018 10:03 AM

I would look here and evaluate your situation against the Table 3 and 4:

https://www.cisco.com/c/en/us/td/docs/security/ise/2-3/install_guide/b_ise_InstallationGuide23/b_ise_InstallationGuide23_chapter_01.html#ID-1417-000000d9

George

Go to solution
Craig Hyps
Level 10
Level 10
In response to gbekmezi-DD

‎04-09-2018 04:06 PM

The default OVAs reflect ther hardware equivalents.  For MnT it is rare/never that you would get by with 200GB in production.  Also realize that the PAN and MnT perform critical functions so if there was an unexpected disk consumption issue (transaction or other log files/core files/debug, etc) that was not getting cleaned up, or could not be purged fast enough, then expect more thrashing of disk and potential issues impacting production deployment.  Also remember that disk cannot be expanded on the fly and requires reimage.

Disk is generally cheap relative to other costs.  What is one hour of your time, or that of multiple persons that may get engaged to troubleshoot a disk capacity issue?  What is the cost of a few hours of impact to product deployment?  Or time to expand, or performance due to continuous purge? 

With only two MnT nodes and two PAN nodes, sparing the additional disk is usually worth the upfront expense.  PSNs are not as critical in terms of survivability and can more easily be respun as needed without risk to Config or Event database.

$.02.

Craig

Go to solution
dsserubi
Level 1
Level 1

‎04-16-2018 08:17 AM

Thanks all for the inputs. Very helpful and much appreciated

0 Helpful
Customers Also Viewed These Support Documents