Cisco Cisco Security Manager 4.11 Installation Guide
17
Deployment Planning Guide for Cisco Security Manager 4.11
Recommended Hardware and Software Specifications
Hard drive space
Use a suitable combination of HDDs to achieve the disk space required, which
is as follows:
is as follows:
•
100 GB for the OS partition is recommended by Cisco.
•
150 GB for the application (Security Manager) partition is recommended
by Cisco. The minimum free disk space required for the Security Manager
installation alone is 7 GB. If this is not met, then the installation will be
aborted.
by Cisco. The minimum free disk space required for the Security Manager
installation alone is 7 GB. If this is not met, then the installation will be
aborted.
Note
Cisco strongly recommends installing the OS and application on
separate partitions.
separate partitions.
Note
The application partition mentioned above and any other event store
partitions may not be relevant when using Veritas in HA (high
availability) mode. Please refer to the applicable Security Manager
high availability documentation
(
partitions may not be relevant when using Veritas in HA (high
availability) mode. Please refer to the applicable Security Manager
high availability documentation
(
) and Veritas documentation for
further details.
•
An additional 1.0 TB for log storage for the Event Viewer on a separate
partition: This is a requirement, but ONLY if you plan to use Event
Viewer. Cisco recommends creating this separate partition on a directly
attached storage device.
partition: This is a requirement, but ONLY if you plan to use Event
Viewer. Cisco recommends creating this separate partition on a directly
attached storage device.
•
An additional 1.0 TB or more: This is a requirement, but ONLY if you
plan to enable Event Archival. Event Archival functionality creates a
secondary storage of events when log storage is required beyond primary
storage capacity (for long term preservation etc.). The Secondary Event
Store size is required to be bigger than the configured primary storage
size, so an additional 1.0 TB or more of disk space is required to use
Event Archival. Both primary & secondary event stores can be on a SAN
but it is recommended to create the primary store partition on a directly
attached storage (DAS) for optimum performance.
plan to enable Event Archival. Event Archival functionality creates a
secondary storage of events when log storage is required beyond primary
storage capacity (for long term preservation etc.). The Secondary Event
Store size is required to be bigger than the configured primary storage
size, so an additional 1.0 TB or more of disk space is required to use
Event Archival. Both primary & secondary event stores can be on a SAN
but it is recommended to create the primary store partition on a directly
attached storage (DAS) for optimum performance.
Cisco recommends RAID 10 for better performance. RAID 5 can be used if
desired. Set the write policy for sequential operation (which is not most cases)
to write back; otherwise, set the write policy to write through always. Setting
the write policy to write through will improve performance as well.
desired. Set the write policy for sequential operation (which is not most cases)
to write back; otherwise, set the write policy to write through always. Setting
the write policy to write through will improve performance as well.
Tips
A sustained 10,000 events per second (EPS) consumes about 86 GB of
compressed disk space per day. Log rollover happens when 90% of the disk
space allocated for event store (primary/secondary) is filled. Smaller disk size
causes quicker rollovers. Based on your expected EPS rate and rollover
requirements, you can increase or decrease the minimum disk size when using
Event Management.
compressed disk space per day. Log rollover happens when 90% of the disk
space allocated for event store (primary/secondary) is filled. Smaller disk size
causes quicker rollovers. Based on your expected EPS rate and rollover
requirements, you can increase or decrease the minimum disk size when using
Event Management.
Network adapter
1 Gbps