cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

New Hall of Fame Member-Peter PAluch

150
Views
5
Helpful
2
Replies
Highlighted
Beginner

FMC Appliance vs Virtual

Hi Team

 

WHat would be the reason for choosing the FMC appliance over the FMC virtual if i have 2 FPR4120 firewalls

 

the datasheet just says the below

 

Deployment Options

The Cisco Firepower Management Center can be deployed as a physical or virtual appliance, or from the cloud (Table 2). You can choose which options work best for your environment. The physical appliances generally manage a higher number of sensors and provide greater event storage capabilities than their virtual counterparts. The virtual appliances provide the convenience of being able to use your existing VM infrastructure. You can also use cloud computing services to host the Management Center. These services can help you manage security without your having to invest in computing power and database storage. And they will give you the flexibility to scale quickly as needs change.

1 ACCEPTED SOLUTION

Accepted Solutions
VIP Advocate

Re: FMC Appliance vs Virtual

The FMC virtual is limited in terms of resources you can assign to it. It can only scale up to 250GB of disk space and 8 CPU's. If you are sending events to the FMC's at a high rate, you will find out that the FMC event storage lasts for only a short while (maybe hours). Also, UI response can be very sluggish when you send a lot of data to the FMC. In my experience, the FMCv can just about manage the 4100 firewalls if you do not do much with it (like event analysis and reporting). For better performance and scale, I usually suggest a hardware FMC for my customers today. I would recommend talking to your Cisco account team to help size the right FMC for your use case.

2 REPLIES
VIP Engager

Re: FMC Appliance vs Virtual

If you have only 2, i suggest to use Virtual FMC to save the costing - easy migration DC to DC other advantages.

 

But if this VM infrastructure managed by other department then this is dependent with other team for any issues, since network and security do not have access.

 

Physical Appliance, Power, physical space , not easy move - required lift and shift. required hardware maintenance.

Advantage, network and security have full control on the device.

 

Hope you are not looking clustering FMC ?

 

BB
*** Rate All Helpful Responses ***
VIP Advocate

Re: FMC Appliance vs Virtual

The FMC virtual is limited in terms of resources you can assign to it. It can only scale up to 250GB of disk space and 8 CPU's. If you are sending events to the FMC's at a high rate, you will find out that the FMC event storage lasts for only a short while (maybe hours). Also, UI response can be very sluggish when you send a lot of data to the FMC. In my experience, the FMCv can just about manage the 4100 firewalls if you do not do much with it (like event analysis and reporting). For better performance and scale, I usually suggest a hardware FMC for my customers today. I would recommend talking to your Cisco account team to help size the right FMC for your use case.

CreatePlease to create content
Content for Community-Ad

This widget could not be displayed.
Blog-Cisco Community Designated VIP Class of 2019