Appliance Requirements
Before you add a secondary appliance to your JSA host, you must review the hardware configuration differences between your primary and secondary appliances.
Appliances that you order as primary and secondary HA pairs are matched to ensure compatibility. However, replacing an appliance or adding HA to an older host with a different hardware configuration can lead to data replication issues. Data replication issues can occur when you replace end-of-life hardware or create primary and secondary HA pairs that have appliances from different manufacturers.
Partition requirements for /store
The combined size of the /store and /transient partitions on the secondary host must be equal to or larger than the /store partition on the primary host.
For example, do not pair a primary host that uses a 4 TB /store partition to a secondary host that has a 2 TB /store partition and a 1 TB /transient partition.
Storage Requirements
Follow these storage requirements when you replace an appliance:
Ensure that the replacement appliance includes storage capacity that is equal to or greater than the original hardware you replace, and be at least 130 gigabytes (GB).
Secondary replacement appliances can have larger storage capacity than the primary appliance. If so, partitions on the secondary are resized to match the storage capacity of the primary appliance when you configure the HA pair.
Primary replacement appliances can have larger storage capacity than the secondary appliance. If so, partitions on the primary are resized to match the storage capacity of the secondary appliance when you configure the HA pair.
If you replace both primary and secondary appliances, then the system resizes the storage partition that is based on the appliance with the smallest capacity.
Managed Interfaces
The primary host does not contain more physical interfaces than the secondary.
If there is a failover, the network configuration of the primary is replicated to the secondary host. If the primary is configured with more interfaces, any additional interfaces cannot be replicated to the secondary during a failover.
The secondary host must use the same management interface as the primary HA host.
If the primary HA host uses ens192, for example, as the management interface, the secondary HA host must also use ens192.
The management interface supports one cluster virtual IP address.
TCP port 7789 must be open and allow communication between the primary and secondary for Distributed Replicated Block Device (DRBD) traffic.
DRBD traffic is responsible for disk replication and is bidirectional between the primary and secondary host.
You must ensure the JSA software version is identical between the primary and secondary host before you pair a primary to a secondary appliance for the first time.
If the JSA version between your primary and secondary differ, you must patch either the primary or secondary appliance to ensure both appliances use the same software version.
After the primary and secondary appliances are paired together, disk replication ensures that any additional software updates are also applied to the secondary.
Software and Virtual Appliance Requirements
If you use JSA software on virtual appliances, review the following requirements before you attempt to configure High-availability (HA).
System Requirements for Virtual Appliances
To ensure that JSA works correctly, ensure that virtual appliance that you use meets the minimum software and hardware requirements.
Your virtual appliance must have at least 256 GB of storage available.
The following table describes the minimum memory requirements for virtual appliances.
Appliance |
Minimum memory requirement |
Suggested memory requirement |
---|---|---|
JSA Flow Processor Virtual 1299 |
6 GB |
6 GB |
JSA Flow Processor Virtual |
16 GB |
64 GB |
JSA Event Collector Virtual |
12 GB |
16 GB |
JSA Event Processor Virtual up to 20,000 EPS |
16 GB |
64 GB |
JSA Event Processor Virtual 1699 20,000 EPS or higher |
128 GB |
128 GB |
JSA Flow Processor Virtual 1799 up to 1,200,000 FPM |
16 GB |
64 GB |
JSA Flow Processor Virtual 1799 1,200,000 FPM or higher |
128 GB |
128 GB |
JSA Event and Flow Processor Combo 5,000 EPS or less 200,000 FPM or less |
16 GB |
64 GB |
JSA Event and Flow Processor Combo 30,000 EPS or less 1,000,000 FPM or less |
128 GB |
128 GB |
Virtual
JSA All-in-One or Virtual JSA Console
5,000 EPS or less 200,000 FPM or less |
32 GB |
64 GB |
Virtual JSA All-in-One or Virtual JSA Console 30,000 EPS or less 1,000,000 FPM or less |
64 GB |
128 GB |
Virtual JSA Log Manager |
24 GB |
48 GB |
JSA Risk Manager |
24 GB |
48 GB |
JSA Vulnerability Manager Processor |
32 GB |
32 GB |
JSA Vulnerability Manager Scanner |
16 GB |
16 GB |
JSA App Host |
12 GB |
64 GB or more for a medium sized App Host 128 GB or more for a large sized App Host |
The following table describes the minimum CPU requirements for virtual appliances.
Appliance |
Threshold |
Minimum number of CPU cores |
Suggested number of CPU cores |
---|---|---|---|
JSA Flow Processor Virtual 1299 |
10,000 FPM or less |
4 |
4 |
JSA Event Collector Virtual 1599 |
5,000 EPS or less |
8 |
16 |
20,000 EPS or less |
19 |
19 |
|
JSA Event Processor Virtual 1699 |
5,000 EPS or less |
8 |
24 |
20,000 EPS or less |
16 |
32 |
|
40,000 EPS or less |
40 |
48 |
|
80,000 EPS or less |
56 |
80 |
|
JSA Flow Processor Virtual 1799 |
150,000 FPM or less |
4 |
24 |
300,000 FPM or less |
8 |
24 |
|
1,200,000 FPM or less |
16 |
32 |
|
2,400,000 FPM or less |
40 |
48 |
|
3,600,000 FPM or less |
56 |
80 |
|
JSA Event and Flow Processor Combo |
200,000 FPM or less 5,000 EPS or less |
16 |
32 |
300,000 FPM or less 15,000 EPS or less |
40 |
48 |
|
1,200,000 FPM or less 30,000 EPS or less |
56 |
80 |
|
Virtual JSA All-in-One or Virtual JSA Console |
25,000 FPM or less 500 EPS or less |
4 |
24 |
50,000 FPM or less 1,000 EPS or less |
8 |
24 |
|
100,000 FPM or less 1,000 EPS or less |
12 |
24 |
|
200,000 FPM or less 5,000 EPS or less |
16 |
32 |
|
300,000 FPM or less 15,000 EPS or less |
40 |
48 |
|
1,200,000 FPM or less 30,000 EPS or less |
56 |
80 |
|
Virtual JSA Log Manager |
2,500 EPS or less |
4 |
16 |
5,000 EPS or less |
8 |
16 |
|
JSA Vulnerability Manager Processor |
4 |
4 |
|
JSA Vulnerability Manager Scanner |
4 |
4 |
|
JSA Risk Manager |
8 |
8 |
|
JSA Flow Processor Virtual |
4 |
16 |
|
JSA App Host |
4 |
12 or more for a medium sized App Host 24 or more for a requirements for virtual appliances large sized App Host |