Cisco Cisco Prime Network Services Controller 3.0 Livre blanc

Page 8 of 24

Figure 4. Hypervisor-Based Appliances on Generic x86S

Hypervisor-

based appliances like the Cisco VSG are sometimes referred to as “compute firewalls” and an in-line

firewall device is sometimes referred to as an “edge firewall” (see both described later in this paper).

Customers may choose to implement one or more network services appliance types. Cisco provides all those

options; for higher scale and less overhead the out-of-band option is best practice.

Cisco recommends customers to do the proper cost-effectiveness calculations and evaluate the scalability as well

as the capabilities of each services appliance type, taking into account resource consumption (CPU, memory,

traffic throughput requirements) as well as the total number of host consumption and licenses in order to scale a

certain appliance type. The total cost of ownership includes:

●

Bandwidth consumption

●

Device traffic overhead (how much traffic a device will need to handle)

●

Traffic pattern predictability (that leads to stability)

●

Total number of appliances per server/host, total number of hosts

●

Compute resources, licensing

●

Management cost and management overhead

Network Services Configurations (NSCs) are device specific. The actual configuration details of each device

depend on the device type and its deployment model. The challenge and total cost of owning a certain set of

devices and their different deployment models should drive the decision to go with a certain deployment model and

a certain device type.