Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1212
Views
0
Helpful
0
Replies

virtual IPS appliance inline in VMware HA/DRS clusters

alberto mischi
Level 1
Level 1

‎04-08-2015 02:57 AM - edited ‎03-12-2019 05:39 AM

To summarize, we are trying to implement a FirePower 5.4 virtual appliance on a VMware cluster. The device is placed between a load balancer and 4 application servers. 
 
-          Whenever all devices reside on the same ESX host, the traffic flows between the load balancer and the servers.
-          When any of these 3 components - LBs, IPS, Servers - are moved away from the ESX host (traffic hits the physical switch), it stops working.

The current documentation of the product only shows the configuration when running all components in a single ESXi host and that configuration stops working when more ESXi nodes are involved.

is it possible to use a single virtual appliance in a VMware HA/DRS Cluster environment?
Having multiple appliances, one per host, is not exactly cost effective nor scalable...

I couldn't find details about best practices on setting up each component of this solution (IPS appliance, virtual port groups, physical switch ports) to make the solution stable when the involved components migrate freely between ESXi hosts. 

Labels:
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card