Kelli, thanks for your reply. In the data sheet doensn't show the performance (In Mbps, Gbps or per users), so I'm still having a sizing problem :-P

Hi Alejandro,

I found the following in the FireSIGHT Virtual Installation Guide http://www.cisco.com/c/en/us/td/docs/security/firesight/541/virtual-install-guide/FireSIGHT-Virtual-Installation-Guide.pdf

Virtual Appliance Performance

It is not possible to accurately predict throughput and processing capacity for virtual appliances. A number of factors heavily influence performance, such as the:

• amount of memory and CPU capacity of the ESXi host

• number of total virtual machines running on the ESXi host

• number of sensing interfaces, network performance, and interface speed

• amount of resources assigned to each virtual appliance

• level of activity of other virtual appliances sharing the host

• complexity of policies applied to a virtual device

VMware provides a number of performance measurement and resource allocation tools. Use these tools on the ESXi host while you run your virtual appliance to monitor traffic and determine throughput. If the throughput is not satisfactory, adjust the resources assigned to the virtual appliances that share the ESXi host.

It is in the bottom of this document.

http://www.cisco.com/web/TH/assets/docs/seminar/Sourcefire_FirePOWER_and_SSL_Appliance_Specifications.pdf

The NGIPSv has nothing to do with the ASAv.

The NGFWv (also called FTDv) has the ASAv functionality built in.

NGIPSv requires 4 CPUs but you are allowed to change this to 8 cores.

NGFWv is locked at 4 CPUs.

Ok can you run ASAv and NGIPSv on the same VM along with amp for private cloud?

Sure

AMP is a part of NGIPSv. You should check if the private cloud appliance will integrate with this. (It should)

Ok so basically if we were designing a hosted firewall for our customers basically we don't need amp separately we can get away with ASAv and NGIPSv? So basically for 150-200 Megs of performance for NGIPSv we need to allow for 4 vCores and 8 gigs of vRAM? Plus the compute resources for the ASAv?

And will ssd storage give better throughput then regular virtual storage?

Definitely. ASAv and NGIPSv will fit your AMP needs.

The NGIPSv will give you 150-200Mbit/s inspection on 4 to 8 cores (and 8 gigs of memory). So when the sun is shining, and the traffic is going down hill, you can inspect 1,600Mbit/s of traffic.

Then you will need the ASAv to segment the traffic and this of cause also takes up resources.

SSD storage will probably not help too much on the NGIPSv, and definitely not on the ASAv, because we use the RAM for the live data and running application code. ASAv is limited in the code it self to not run faster than the license you pay for.

SSD will be great for the Firepower Management Center as it needs to make large queries in the databases on disk.

So 8 Cores and 8 gb of RAM should give us 1000 mgbs of throughput even in stormy sea's?

It should yes. I have my faith in that

As long as you do not configure the NGIPSv wrongly and do not install it on a host server with low powered (low GHz) CPU cores.

2.4ghz CPUs we would basically use either M5 UCS C series or Hyperflex 220 M5's. Or if we went with the cloud provider resource pool it would 2.0ghz