Virtualization design guidelines for Security Center - Security Center 5.9

Security Center System Requirements Guide 5.9

Applies to
Security Center 5.9
Last updated
2020-11-05
Content type
System requirements
Language
English (United States)
Product line
Security Center unified platform > Security Center
Version
5.9

When designing a virtual environment for Security Center, follow these best practices to ensure that the system is properly dimensioned for your needs.

IMPORTANT: Contact your Systems Engineer if your system does not follow the virtualization design guidelines.

Virtual machines have a small decrease in performance when compared to real hardware. The performance loss due to virtualization is typically under 20% of the overall machine performance, but can vary depending on the selected hardware and the hypervisor configuration. The following recommendations are based on internal testing and field experience, and will help minimize the performance impact.

For more information about virtualization, refer to Archiver Redundancy Performance in Security Center.

Provisioning

Virtual Machine (VM)
Do not exceed 6 total VMs per host and a maximum of 4 video-intensive VMs per host (Video-intensive VMs run Archiver, Auxiliary Archiver, Media Gateway, or Privacy Protector roles).

Make sure Security Center is installed on a dedicated host.

CPU
Do not assign more vCPUs to your VMs than the number of physical cores on the host machine. Hyperthreaded virtual cores should not be provisioned.
Memory
Assign at least 16 GB of RAM to each VM and keep 16 GB of RAM unallocated for the hypervisor. The total amount of memory allocated to the VMs and the hypervisor should not exceed the total amount of physical memory available from the host.
Storage
Storage configurations depend on the hardware vendor’s best practices and the system environment.

For the operating system:

  • Install Microsoft Windows and Microsoft SQL databases on a dedicated, high performance drive, usually on an SSD or a Storage Area Network (SAN) with SSD or hybrid storage.
  • Do not use the OS drive for archived video.
  • Make the OS partition at least 120 GB.

For archived video, configure Archiver video disks inside one of the following:

  • a data store (VMDK or VHD)
  • Raw Device Mapping (RDM) for fiber channel
  • In-Guest iSCSI
NOTE: Other configurations might result in degraded performance.
Network
  • Send video traffic on a different VLAN from storage traffic.
  • Preferred configuration is at least one 40 GbE or 10 GbE network card for shared traffic (management, video and storage) with a Virtual Switch. Otherwise, dedicate a 1GbE network card per VM for video traffic.
NOTE: Alternate network configurations might result in multicast traffic being sent to all hosted VMs simultaneously. Depending on the host or its configuration, this might impact the overall performance.

Security Center

Archiver
When provisioning multiple archiving VMs on a host, do not exceed the following data transmission rates:
  • 300 Mbps for incoming and outgoing video on each VM.
  • 1200 Mbps for incoming video and outgoing playback on each host.
Directory
Use static MAC addresses when installing a Directory on a VM. Changing this value will invalidate the system license.