When designing a virtual environment for Security Center, follow these best practices to ensure that the system is properly dimensioned for your needs.
Virtual machines have a small decrease in performance when compared to real hardware. The performance loss due to virtualization is typically under 20% of the overall machine performance, but can vary depending on the selected hardware and the hypervisor configuration. The following recommendations are based on internal testing and field experience, and helps minimize the performance impact.
For more information about virtualization, refer to Archiver Redundancy Performance in Security Center.
Provisioning
- Virtual Machine (VM)
- Do not exceed six total VMs per host and a maximum of four video-intensive VMs per host
(Video-intensive VMs run Archiver, Auxiliary Archiver, Media Gateway, or Privacy Protector
roles).
Make sure that Security Center is installed on a dedicated host.
- CPU
- Although hyperthreaded virtual cores can be used in a VM deployment, only the physical cores should be considered in the design when computing capacity.
- Memory
- Assign at least 16 GB of RAM to each VM and keep 16 GB of RAM unallocated for the hypervisor. The total amount of memory allocated to the VMs and the hypervisor should not exceed the total amount of physical memory available from the host.
- Storage
- Storage configurations depend on the hardware vendor’s best practices and the system
environment.
For the operating system:
- Install Microsoft® Windows and Microsoft SQL databases on a dedicated, high-performance drive, usually on an SSD or a Storage Area Network (SAN) with SSD or hybrid storage.
- Do not use the OS drive for archived video.
- Make the OS partition at least 120 GB.
For archived video, configure Archiver video disks inside one of the following:
- A data store (VMDK or VHD)
- Raw Device Mapping (RDM) for fiber channel
- In-Guest iSCSI
NOTE: Other configurations might result in degraded performance. - Network
-
- Send video traffic on a different VLAN from storage traffic.
- Preferred configuration is at least one 40 GbE or 10 GbE network card for shared traffic (management, video, and storage) with a Virtual Switch. Otherwise, dedicate a 1GbE network card per VM for video traffic.
NOTE: Alternate network configurations might result in multicast traffic being sent to all hosted VMs simultaneously. Depending on the host or its configuration, this might impact the overall performance.
Security Center
- Archiver
- When provisioning multiple archiving VMs on a host, do not exceed the following data
transmission rates:
- 300 Mbps for incoming and outgoing video on each VM.
- 1200 Mbps for incoming video and outgoing playback on each host.
- Directory
- Use static MAC addresses when installing a Directory on a VM. Changing this value invalidates the system license.