Occasional Contributor II

CPPM - profiling + ingress event processing, performance issue ?



I'm going to deploy a 2xCPVA-5K cluster, for a network of approximatly 6-8k clients, with authentication and Guest access.


I plan on balancing tasks between the two nodes as follows :


Publisher (handling all write operations) :

- Config changes and replication

- Insight, Insight master

- Profiling (active)

- Ingress events (syslog) processing from a Palo Alto FW


Subscriber (worker node handling client requests) :

- RADIUS requests handling

- HTTP requests handling

- Insight


I'm concernend about performance issues arising from the fact that profiling and event processins are both activated on the same node (strongly discourage by technotes I've read).


Does anybody have experience in that matter, that they could share ?

Should I plan on adding a third node to the cluster ?

Sould I go for a diffrent blancing ?


Thanks for your advice.


Sacha B.
Guru Elite

Re: CPPM - profiling + ingress event processing, performance issue ?

This is one of the reasons we decoupled licensing from hardware in 6.7. The new licensing model in 6.7 will allow you to stand up another box for very little cost and use it as a dedicated node for profiling, Insight, AirGroup authorization, Ingress Event Engine, etc without having to purchase a set of policy manager licenses.

| Tim Cappalli | Aruba Security | @timcappalli | |

NOTE: Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba or Hewlett Packard Enterprise.
Search Airheads
Showing results for 
Search instead for 
Did you mean: