Calculations for the Central Node component

If the program is deployed to a virtual platform, CPU resource requirements are to be increased by 10 percent. In virtual disk settings, a Thick Provision disk type must be selected.

Hardware requirements for a server with the Central Node and Sensor components

The hardware requirements for a server on which the Central Node and Sensor components are installed depend on the following conditions:

If the volume of processed traffic is greater than 1 Gbps, it is recommended to install Central Node and Sensor components on separate servers.

On the server with the Central Node component, it is recommended to use two RAID disk subsystems:

The hardware requirements for the server with the Central Node component depending on the utilized functionality are presented in the table below.

Hardware requirements for the server with the Central Node component when using KEDR functionality

Maximum number of Kaspersky Endpoint Agent computers

Minimum RAM (GB)

Minimum number of logical cores

First disk subsystem

Second disk subsystem

ROPS (read operations per second)

WOPS (write operations per second)

RAID disk array size (TB)

The number of disks in a RAID disk array

ROPS (read operations per second)

WOPS (write operations per second)

RAID disk array size (TB)

The number of disks in a RAID disk array

1000

64

8

100

1000

1

4

300

200

Depends on the preferred storage policy

4

3000

80

12

100

1000

1

4

700

500

6

5000

96

12

100

1000

1

4

1000

600

6

10000

160

20

100

1000

1

4

2000

800

10

15000

192

32

100

1000

1

4

2000

800

12

Hardware requirements for the server with the Central Node component when using KATA and KEDR functionality

Maximum number of Kaspersky Endpoint Agent computers

Maximum number of email messages per second

Maximum volume of traffic from SPAN ports on the server with the Central Node component

Maximum volume of traffic from SPAN ports on servers with the Sensor component

Minimum RAM (GB)

Minimum number of logical cores

First disk subsystem

Second disk subsystem

ROPS (read operations per second)

WOPS (write operations per second)

RAID disk array size (TB)

The number of disks in a RAID disk array

ROPS (read operations per second)

WOPS (write operations per second)

RAID disk array size (TB)

The number of disks in a RAID disk array

1000

1

200

Not processed

96

12

100

1000

1.9

4

300

300

Depends on the preferred storage policy

4

2000

2

500

Not processed

128

20

100

1000

2

4

500

500

4

5000

1

1000

Not processed

160

36

100

1000

2

4

1000

600

4

10000

2

1000

Not processed

192

40

100

1000

2

4

2000

800

12

5000

5

Not processed

2000

144

20

100

1000

1.9

4

1000

600

6

10000

20

Not processed

4000

192

36

100

1000

1.9

4

2000

800

12

15000

20

Not processed

4000

256

48

100

1000

1.9

4

2000

800

12

Disk space requirements on the server with the Central Node component

When no Sensor component is used on the server with the Central Node component, it is obligatory to have at least 2000 GB of free space on the first disk subsystem and at least 2400 GB on the second disk subsystem. The amount of space required on the second disk subsystem depends on the preferred storage policy and can be calculated using the following formula:

150 GB + <number of Endpoint Agent components>/15000 * (400 GB + 240 GB * <number of days to store data>)

This formula can be used to roughly estimate the required disk space. The actual amount of stored data depends on the traffic profile of the organization and may differ from the calculated result.

The minimum free disk space requirements for each data type are presented in the table below.

Minimum requirements for disk space on the server with the Central Node component when no Sensor component is used

Data type

First disk subsystem (GB)

Second disk subsystem (GB)

Targeted Attack Analyzer database

0

1500

Database of detected objects

50

0

Queues of detection technologies

390

0

Task queue

1

0

Data received after analysis by the Sandbox component

300

0

Quarantine

300

0

Files awaiting rescan

300

0

Redis database dump file

16

0

Operating system

25

0

Temporary files

64

0

Trace files

50

100

Update packages

1

0

Total

1497

1600

When the Sensor component is used on the server with the Central Node component, it is obligatory to have at least 1900 GB of free space on the first disk subsystem and at least 3900 GB on the second disk subsystem. The minimum free disk space requirements for each data type are presented in the table below.

Minimum requirements for disk space on the server with the Central Node component when a Sensor component is used

Data type

First disk subsystem on the server with the Central Node component (GB)

Second disk subsystem on the server with the Central Node component (GB)

Disk space on a server with the Sensor component (GB)

Targeted Attack Analyzer database

0

1500

0

Database of detected objects

50

0

0

Queues of detection technologies

390

0

0

Task queue

1

0

0

Data received after analysis by the Sandbox component

300

0

0

Quarantine

300

0

0

Files awaiting rescan

300

0

0

Redis database dump file

16

0

16

Operating system

25

0

25

Temporary files

32

0

32

Trace files

50

100

150

Update packages

1

0

1

Total

1465

1600

224

If you have configured integration with the external system using REST API, you must allocate additional resources required for processing objects of this system. Additional hardware requirements are presented in the table below.

Hardware requirements for the server with the Central Node component with integrated external systems

Number of processed objects per second

Number of additional logical cores

The number of additional servers with the Sandbox component

8

2

1

16

4

2

24

7

3

Requirements for the PCN server in distributed solution mode

If the load on the SCN servers is light, hardware requirements for the PCN server are the same as for a server with Central Node component in standalone mode.

Hardware requirements for the PCN server with more than 10 SCN servers under heavy load are listed in the table below.

Hardware requirements for the PCN server

Maximum number of Kaspersky Endpoint Agent computers

Maximum number of email messages per second

Maximum volume of traffic from SPAN ports (Mbps)

Minimum RAM (GB)

Minimum number of logical cores

First disk subsystem

Second disk subsystem

ROPS (read operations per second)

WOPS (write operations per second)

RAID disk array size (TB)

The number of disks in a RAID disk array

ROPS (read operations per second)

WOPS (write operations per second)

RAID disk array size (TB)

The number of disks in a RAID disk array

10000

0

0

160

24

100

1000

1

4

800

800

4

10

1000

1

200

112

40

100

1000

1.9

4

600

600

1.3

4

5000

5

2000

160

28

100

1000

1.9

4

300

300

2.5

6

10000

20

4000

208

40

100

1000

1.9

4

1000

800

4

12

Communication channel requirements

The minimum requirements for the communication channel between computers with Kaspersky Endpoint Agent and the server with the Central Node component are presented in the table below.

Minimum requirements for the communication channel between hosts with Kaspersky Endpoint Agent and the server with the Central Node component

Maximum number of Kaspersky Endpoint Agent computers

Required bandwidth of the communication channel reserved for Kaspersky Endpoint Agent computers (Mbps)

10

1

50

2

100

3

1000

20

10000

200

Minimum requirements for the communication channel between the PCN and SCN servers in distributed solution mode are listed in the table below.

Minimum requirements for the communication channel between the PCN and SCN servers

Maximum number of Kaspersky Endpoint Agent computers

Maximum number of email messages per second

Maximum volume of traffic from SPAN ports (Mbps)

Required communication channel bandwidth (Mbps)

5000

5

2000

20

10000

20

4000

30

See also

Calculations for the Sensor component

Calculations for the Sandbox component

Page top