System Recommendations and Requirements
For optimum performance, you must match the minimum recommendations for the deployment.
Recommendations for the Platform Deployment
Brick Size | Cores required for 2.1 GHz CPU | Cores required for 2.3 GHz CPU | Cores required for 2.6 GHz CPU | RAM | Disk |
|---|---|---|---|---|---|
Medium | 10 | 9 | 8 | 32 GB | 1 TB |
Large | 15 | 14 | 12 | 48 GB | 1 TB |
Extra Large | 20 | 18 | 16 | 64 GB | 2 TB |
- The reservation for the CPU speed and RAM for each node must be 100% of the value specified above.
- If the disk in any of the platform nodes exceeds 95% of the capacity,VMware Aria Operations for NetworksUI will not be accessible.
- To match your setup to all the specifications, you might have to add the resources (RAM, Disk, CPU). See https://kb.vmware.com/s/article/53550 and Increase the Brick Size of Your Setup.
Brick Size | *Number of VMs (K = Thousand) | Flows per Day (M = Million) | Total Flows (M = Million) | Flow Planning (M = Million) | Number of Network Rules for Network Map and Intents (K = Thousand) | *Number of Edges for VMware SD-WAN (K = Thousand) | Number of VMs for Flow Based Application Discovery | Number of UI Entities in the Network Map Topology |
|---|---|---|---|---|---|---|---|---|
Medium | 4K | 1M | 4M | 2M | Not Applicable | 2K | Not Supported | Not Supported |
Large | 6K | 2M | 8M | 4M | Not Applicable | 2K | Not Supported | Not Supported |
Extra Large | 10K | 2M | 8M | 4M | 170K | 4K | 3K | 5K |
- The Network Verification and Assurance (Network Map and Intents) and Flow Based Application Discovery (Flows) features are available only for Extra Large brick size only.
- * The count of VMs and edges mentioned in the table is the maximum individual limit for a single deployment. So, if you have edges in your setup, you might have to reduce the VM count.
- The count of VMs includes the templates on theVMware vCenteras well.
- Total Flows is the maximum count of flows the system can store for the retention period.
- Flow Planning is the total flows for which the system can perform security planning.
Deployment Scenario | Brick Size | Cluster Size | *Number of VMs (K = Thousand) | Flows per Day (M = Million) | Total Flows (M = Million) | Flow Planning (M = Million) | Number of Network Rules for Network Map and Intents (K = Thousand) | *Number of Edges for VMware SD-WAN (K = Thousand) | Number of VMs for Flow Based Application Discovery | Number of UI Entities in the Network Map Topology |
|---|---|---|---|---|---|---|---|---|---|---|
Scenario 1 | Large | 3 | 10K | 2M | 8M | 4M | Not Applicable | 4K | Not Supported | 5K |
Extra Large | 3 | 18K | 6M | 24M | 6M | 170K | 6K | 3K | 5K | |
Extra Large | 5 | 30K | 10M | 40M | 10M | 170K | 10K | 3K | 5K | |
Extra Large | 7 | 58K | 12M | 48M | 10M | 170K | 10K | 3K | 5K | |
Extra Large | 10 | 100K | 15M | 60M | 10M | 170K | 10K | 3K | 5K | |
Extra Large | 15 | 150K | 20M | 80M | 10M | 170K | 10K | 3K | 5K | |
Scenario 2 | Extra Large | 3 | 12K | 3M | 12M | 4M | 2M | 6K | 12K | 100K |
Extra Large | 5 | 18K | 6M | 24M | 6M | 5M | 10K | 24K | 100K | |
Extra Large | 7 | 30K | 10M | 40M | 10M | 5M | 10K | 24K | 100K | |
Extra Large | 10 | 72K | 13M | 52M | 10M | 5M | 10K | 24K | 100K | |
Extra Large | 15 | 130K | 18M | 72M | 10M | 5M | 10K | 24K | 100K |
- Scenario 1 focuses on VMs and flows while running automated Application Discovery and Network Assurance and Verification features with limited capacity. Scenario 2 is for an environment that needs to run automated Application Discovery and Network Assurance and Verification feature with full capacity.
- The Network Verification and Assurance (Network Map and Intents) and Flow Based Application Discovery (Flows) features are available only for Extra Large brick size only.
- The number of UI entities means the sum of nodes and edges supported in the Network Map topology.
- The number of rules includes all forwarding entries, including layer 3, layer 2, access control, and NAT.
- * The count of VMs and edges mentioned in the table is the maximum individual limit for a single deployment. So, if you have edges in your setup, you might have to reduce the VM count.
- The number of VMs includes the templates on theVMware vCenteras well.
- Cluster size is the total number of nodes in the cluster.
- Total Flows is the count of flows in the system for the retention period.
- The query to determine the Total Flows iscount of flows in last 31 days, assuming the retention period as 31 days.
- Flow Planning is the total flows for which the system can perform security planning.
- VMware Aria Operations for Networkssupports maximum 10,000 security groups and 10,000 IPSets for a cluster deployment of 10 XL.
Recommendation for the Collector Deployment
Brick Size | Cores required for 2.1 GHz CPU | Cores required for 2.3 GHz CPU | Cores required for 2.6 GHz CPU | RAM | Disk |
|---|---|---|---|---|---|
Medium | 5 | 5 | 4 | 12 GB | 200 GB |
Large | 10 | 9 | 8 | 16 GB | 200 GB |
Extra Large | 10 | 9 | 8 | 24 GB | 200 GB |
2X Large | 20 | 18 | 16 | 48 GB | 300 GB |
The reservation for the CPU speed and RAM for each node must be 100% of the value specified above.
Collector Size | Number of VMs (K = Thousand) | Flows per Day (M = Million) | Flow count in 4 days (M = Million) | Number of Edges for VMware SD-WAN (K = Thousand) |
|---|---|---|---|---|
Medium | 4K | 2.5M | 3.25M | 4K |
Large | 10K | 5M | 6.5M | 6K |
Extra Large | 35K | 10M | 13M | 10K |
2X Large | 45K | 17M | 22M | 10K |
- The count of VMs and edges mentioned in the table is the maximum individual limit for a single deployment. So, if you have edges in your setup, you might have to reduce the VM count.
- The count of VMs includes the templates on theVMware vCenteras well.
- For a single deployment with more than one collector, the limitation on the total flows across collectors is based on the capacity of the platform.
Other Requirements and Considerations
- The maximum time skew between the platform nodes has to be lesser than 30 seconds.
- The availability of the NTP service is critical to system operations. Ensure that you do not reboot the platform node or the collector node when the NTP service is not available.
- When the existing compute resources are completely used by the other processes on the platform,VMware Aria Operations for Networkscrashes and does not recover automatically. If the services fail to recover, reboot the platform node.
- If the network latency between platform node and upgrade server is greater than 500ms, theVMware Aria Operations for Networksupgrade might encounter an error. So, the network latency must be less than 500ms.
- The recommended network latency between platform VMs for optimal performance is up to 3ms. The system performance might degrade beyond the limit.
- The recommended network latency between platform and collector VMs for optimal performance is up to 150ms. The system performance might degrade beyond this limit.
- The recommended disk latency for optimal performance is up to 5ms. If the disk latency is greater than 5ms, the system performance degrades.
- The recommended disk IOPS is 7500.
- For optimum performance, the recommended bandwidth usage between the collector and the platform is 15 Megabytes per second (MBps) or 120 Megabits per second (Mbps).These bandwidth recommendations are made considering the largest collector and the largest platform brick sizes mentioned in this topic.
- For Network Map, the maximum supported firewall rules per VMware NSX-T Manager (including of DFW and edge rules) is 5000.
- To use the Assurance and Verification feature inVMware Aria Operations for Networks, you must enable Link Layer Discovery Protocol (LLDP) and Cisco Discovery Protocol (CDP) (if supported) on the network devices.
- As IPv6 addresses occupy more space in memory and disk, enabling IPv6 flow processing can reduce the platform and the collector capacity by up to 20%.
Supported TLS Versions
VMware Aria
Operations for Networks
supports
Transport Layer Security (TLS) versions 1.2 and 1.3.Supported Web Browser
- Google Chrome: The latest two versions.
- Mozilla Firefox: The latest two versions.
Recommendations to Support High Availability
You can customize vSphere HA options to enable vSphere high availability.
- Host Failure- Restart VMs
- Host Isolation- Deactivated
- Guest not heartbeating- Deactivated