Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
705
Views
0
Helpful
4
Replies

FMCv sizing

S891
Level 2
Level 2

‎11-14-2022 04:37 AM

I have existing FMCs. I have a requirement to build new FMCv after current devices retire.

 

What is the best method for sizing for future vFMCs. Basically I need to know aside from managed devices what logs/events/storage/connections I have to look at and where ? 

Also how does the FTD devices count work. Do virtual FTDs /instances also count?

Thanks in advance!

0 Helpful
4 Replies 4

Marvin Rhoads
Hall of Fame
Hall of Fame

‎11-14-2022 05:07 AM

An FMCv is licensed per number of managed devices. Multi-instance (i.e. on a 4100 or 9300 series) on a given hardware appliance counts as one device. FTDv VMs each county as one device. Your licensing for a base FMCv is for either 2, 10 or 25 devices.

You really don't have much choice when deciding on "size" with respect to events and associated storage. If you are running FMC 7.x or later, you can see the current rate of event database events by looking at the Health Monitor.

The is an FMCv300 license which allows you to have quite a bit more storage but it cots quite a bit more.

0 Helpful

S891
Level 2
Level 2
In response to Marvin Rhoads

‎11-15-2022 07:23 AM

Hi Marvin,
Apprecite your reply! Can you please tell how the connection count indicates capacity requirements? Is it number of concurrent connections identified in the Cisco document or connections in a specific period of time. Similarly for the storage how is determined?

0 Helpful

Marvin Rhoads
Hall of Fame
Hall of Fame
In response to S891

‎11-15-2022 09:02 AM

@S891 FMC doesn't care about connections or rate of connections per second on managed devices per se - only what is being logged as events.

By default an FMCv stores 1,000,000 connection events (and several other event types - see System > Configuration > Database for details). You can increase that to as much as 5,000,000 events at the cost of slower performance when querying. When the table is full, the oldest events are dropped in favor of new ones. Increasing storage allocated to the VM will not increase the capacity to store events (for a given FMCv).

0 Helpful

S891
Level 2
Level 2
In response to Marvin Rhoads

‎11-15-2022 09:10 AM

So deciding upon which license type to chose (MCv or MCv-300) is merely on the performance you want. In my case I have 3 Firewalls with one of them having 6 contexts. MCv supports 4 core vs MCv-300 supports 32 cores. For performance, I would probably have to go for MCv-300 but at a significantly high cost.  

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card