Have you seen this Data Sheet?
Please post back to this thread if you don't find the information you are seeking.
Moderator for Cisco Customer Communities
Kelli, thanks for your reply. In the data sheet doensn't show the performance (In Mbps, Gbps or per users), so I'm still having a sizing problem :-P
I found the following in the FireSIGHT Virtual Installation Guide http://www.cisco.com/c/en/us/td/docs/security/firesight/541/virtual-install-guide/FireSIGHT-Virtual-Installation-Guide.pdf
Virtual Appliance Performance
It is not possible to accurately predict throughput and processing capacity for virtual appliances. A number of factors heavily influence performance, such as the:
• amount of memory and CPU capacity of the ESXi host
• number of total virtual machines running on the ESXi host
• number of sensing interfaces, network performance, and interface speed
• amount of resources assigned to each virtual appliance
• level of activity of other virtual appliances sharing the host
• complexity of policies applied to a virtual device
VMware provides a number of performance measurement and resource allocation tools. Use these tools on the ESXi host while you run your virtual appliance to monitor traffic and determine throughput. If the throughput is not satisfactory, adjust the resources assigned to the virtual appliances that share the ESXi host.
I once found an old Sourcefire document that stated that the virtual Firepower Sensor could perform 150-200Mbit/core.
They recommended at least 6GB RAM but the requirement is 8GB these days. You may choose in between 4 and 8 cores for your virtual appliance.
It is in the bottom of this document.
Ok if I'm reading this right basically in order to do NGIPSv you need 4 vCPU's and 8 gigs of vRam for every 150-200 Megs of throughput? Plus whatever compute resources the ASAv uses?
The NGIPSv has nothing to do with the ASAv.
The NGFWv (also called FTDv) has the ASAv functionality built in.
NGIPSv requires 4 CPUs but you are allowed to change this to 8 cores.
NGFWv is locked at 4 CPUs.
Ok so basically if we were designing a hosted firewall for our customers basically we don't need amp separately we can get away with ASAv and NGIPSv? So basically for 150-200 Megs of performance for NGIPSv we need to allow for 4 vCores and 8 gigs of vRAM? Plus the compute resources for the ASAv?
And will ssd storage give better throughput then regular virtual storage?
Definitely. ASAv and NGIPSv will fit your AMP needs.
The NGIPSv will give you 150-200Mbit/s inspection on 4 to 8 cores (and 8 gigs of memory). So when the sun is shining, and the traffic is going down hill, you can inspect 1,600Mbit/s of traffic.
Then you will need the ASAv to segment the traffic and this of cause also takes up resources.
SSD storage will probably not help too much on the NGIPSv, and definitely not on the ASAv, because we use the RAM for the live data and running application code. ASAv is limited in the code it self to not run faster than the license you pay for.
SSD will be great for the Firepower Management Center as it needs to make large queries in the databases on disk.
It should yes. I have my faith in that
As long as you do not configure the NGIPSv wrongly and do not install it on a host server with low powered (low GHz) CPU cores.
2.4ghz CPUs we would basically use either M5 UCS C series or Hyperflex 220 M5's. Or if we went with the cloud provider resource pool it would 2.0ghz