10-11-2018 06:06 AM - edited 02-21-2020 08:20 AM
Hi Team
WHat would be the reason for choosing the FMC appliance over the FMC virtual if i have 2 FPR4120 firewalls
the datasheet just says the below
Deployment Options
The Cisco Firepower Management Center can be deployed as a physical or virtual appliance, or from the cloud (Table 2). You can choose which options work best for your environment. The physical appliances generally manage a higher number of sensors and provide greater event storage capabilities than their virtual counterparts. The virtual appliances provide the convenience of being able to use your existing VM infrastructure. You can also use cloud computing services to host the Management Center. These services can help you manage security without your having to invest in computing power and database storage. And they will give you the flexibility to scale quickly as needs change.
Solved! Go to Solution.
10-11-2018 12:52 PM
The FMC virtual is limited in terms of resources you can assign to it. It can only scale up to 250GB of disk space and 8 CPU's. If you are sending events to the FMC's at a high rate, you will find out that the FMC event storage lasts for only a short while (maybe hours). Also, UI response can be very sluggish when you send a lot of data to the FMC. In my experience, the FMCv can just about manage the 4100 firewalls if you do not do much with it (like event analysis and reporting). For better performance and scale, I usually suggest a hardware FMC for my customers today. I would recommend talking to your Cisco account team to help size the right FMC for your use case.
10-11-2018 12:40 PM
If you have only 2, i suggest to use Virtual FMC to save the costing - easy migration DC to DC other advantages.
But if this VM infrastructure managed by other department then this is dependent with other team for any issues, since network and security do not have access.
Physical Appliance, Power, physical space , not easy move - required lift and shift. required hardware maintenance.
Advantage, network and security have full control on the device.
Hope you are not looking clustering FMC ?
10-11-2018 12:52 PM
The FMC virtual is limited in terms of resources you can assign to it. It can only scale up to 250GB of disk space and 8 CPU's. If you are sending events to the FMC's at a high rate, you will find out that the FMC event storage lasts for only a short while (maybe hours). Also, UI response can be very sluggish when you send a lot of data to the FMC. In my experience, the FMCv can just about manage the 4100 firewalls if you do not do much with it (like event analysis and reporting). For better performance and scale, I usually suggest a hardware FMC for my customers today. I would recommend talking to your Cisco account team to help size the right FMC for your use case.
03-05-2019 05:19 AM
any info when and if a ftd-cluster is planned and may be available in a virtual fmc (6.x) ?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide