We have AMDs that due to SPAM config get more data than necessary,even double because some measure before and after firewalls.
Basically we would only are interested in certain VLANs. For this we could of course place a network packet broker (NPB) in front. But filtering on the AMD should also be possible. In 12.4 this can be done by defining Tenants, with specified VLANs.
If we would configure such Tenants, and doing that by only filtering out the right traffic, would the amount of traffic on the interfaces (pre-tenant filter) still count for the AMD HS license required (..5/5/20G), or does the license cover the post-tenant filtering. The traffic actually being processed and entering the CAS?
For example if a Tenant with VLAN filter is defined and the filtered traffic amounts to approx. 2Gb/s data, out of more than 10Gb/s. Would the base (5Gb) AMD be sufficient?
Besides using NPB or tenants, are there other VLAN filtering options in 12.4 / DCRUM 2017?
Solved! Go to Solution.
Under the capacity-based licensing model, all traffic received counts against AMD capacity used. Filtered out traffic is included into the overall capacity consumption, in this license model the premise is that if AMD does something with the traffic, like categorizing it for filtering out or de-duplicating - AMD code is already engaged, so this traffic has to count against AMD capacity licnsed.
So under this licensing model filtering traffic out or dissecting it by tenants doesn't matter from the licensing standpoint,
This is different than in component licensing model, where there's simply no threshold to count the traffic against and AMD can either filter, dissect or analyze the traffic up to the level that saturates its software architecture throughput (filtered vs analyzed ratios would depend on traffic and analysis mix and resulting ways its tasking the AMD).
Regarding filtering options in general, AMD can filter out traffic by IP addresses of clients and servers (in TCP sense), but it can't filter out by VLAN. However, AMD can dissect traffic by VLANs (tenants that you mentioned) for shared environments and it can also report on traffic by VLAN if this is needed.
Hope this helps