Deploying the application on a virtual platform requires 10 percent more CPU resources than deploying the application on a physical server. In virtual disk settings, a Thick Provision disk type must be selected.
To avoid possible performance degradation when deploying the application on a virtual platform, you need to do the following:
Hardware requirements for a Central Node server with Embedded Sensor
Hardware requirements for a Central Node server with Embedded Sensor depend on the following conditions:
To determine the volume of processed decrypted traffic for calculating the load on the server, use the following formula:
<volume of decrypted traffic transmitted by ArtX TLSProxy 1.9.1> = 5 * <volume of unencrypted traffic>
To determine the volume of traffic processed on the ICAP server for calculating the load on the server, use the following formula:
<volume of traffic processed on the ICAP server> = 5 * <volume of traffic that is not processed on the ICAP server>
If the volume of processed traffic is greater than 1 Gbps, you must install Central Node and Sensor components on standalone servers.
The hardware requirements for the Central Node server depending on the functionality being used are listed in the tables below.
Hardware requirements for the server with the Central Node component when using КАТА functionality
Maximum number of email messages per second |
Maximum volume of traffic from SPAN ports on the server with the Central Node component |
Maximum volume of traffic from SPAN ports on servers with the Sensor component (Mbps) |
Minimum RAM (GB) |
Minimum number of logical cores at 3 GHz |
First disk subsystem (RAID 1 or RAID 10) |
|||
|---|---|---|---|---|---|---|---|---|
ROPS (read operations per second) |
WOPS (write operations per second) |
Disk array size (TB) |
The number of disks in the array |
|||||
2 |
500 |
Not processed |
72 |
28 |
100 |
1000 |
2 |
4 |
2 |
1000 |
Not processed |
80 |
40 |
100 |
1000 |
2 |
4 |
5 |
Not processed |
2000 |
56 |
36 |
100 |
1000 |
2 |
2 |
20 |
Not processed |
4000 |
80 |
56 |
100 |
1000 |
3 |
2 |
20 |
Not processed |
7000 |
112 |
88 |
100 |
1500 |
4 |
2 |
20 |
Not processed |
10,000 |
112 |
120 |
100 |
1500 |
4 |
2 |
If you want to install the Central Node component on the "Brest" or "RED Virtualization" virtual platform and use the KATA functionality, you need to increase the minimum number of logical cores by 30%. If you want to mitigate Spectre or Meltdown type vulnerabilities at the level of the hypervisor OS, you need to additionally increase the minimum number of logical cores by 1.5 times. The other hardware requirements for virtual servers are similar to the requirements for physical servers, listed in the table above.
Hardware requirements for the server with the Central Node component when using KATA and NDR functionality
Maximum number of Endpoint Agent components |
Maximum number of email messages per second |
Maximum volume of traffic from SPAN ports on the server with the Central Node component |
Maximum volume of traffic from SPAN ports on servers with the Sensor component (Mbps) |
Minimum RAM (GB) |
Minimum number of logical cores at 3 GHz |
First disk subsystem (RAID 1.5 or RAID 10) |
|
|---|---|---|---|---|---|---|---|
Disk array size (TB) |
Disk type |
||||||
1000 |
1 |
200 |
Not processed |
96 |
32 |
4.5 |
HDD |
2000 |
2 |
500 |
Not processed |
112 |
40 |
7 |
HDD |
5000 |
1 |
1000 |
Not processed |
128 |
60 |
11 |
SSD |
10,000 |
2 |
1000 |
Not processed |
160 |
72 |
15 |
SSD |
15,000 |
20 |
1000 |
Not processed |
224 |
100 |
21 |
SSD |
5000 |
5 |
Not processed |
2000 |
80 |
48 |
11 |
SSD |
10,000 |
20 |
Not processed |
4000 |
128 |
72 |
15 |
SSD |
15,000 |
20 |
Not processed |
4000 |
128 |
76 |
21 |
SSD |
15,000 |
20 |
Not processed |
7000 |
160 |
108 |
21 |
SSD |
15,000 |
20 |
Not processed |
10,000 |
160 |
140 |
21 |
SSD |
Kaspersky Anti Targeted Attack Platform does not support operation with software RAID array.
Hardware requirements for the Central Node server when integrating with Kaspersky Secure Mail Gateway
The table below lists the hardware requirements for the Central Node server when using the KATA functionality and integrating with Kaspersky Secure Mail Gateway 2.1.1.
Hardware requirements for the Central Node server when using the KATA functionality and integrating with Kaspersky Secure Mail Gateway 2.1.1
Maximum number of email messages per second |
Maximum volume of traffic from SPAN ports (Mbps) |
Disk |
|||
|---|---|---|---|---|---|
Minimum RAM (GB) |
Minimum number of logical cores |
Logical core clock rate |
WOPS (write operations per second) |
||
1 |
10,000 |
36 |
4 |
1.15 |
200 |
2 |
10,000 |
36 |
4 |
1.15 |
200 |
5 |
10,000 |
36 |
6 |
1.15 |
200 |
10 |
10,000 |
36 |
10 |
1.15 |
200 |
20 |
10,000 |
36 |
12 |
1.5 |
200 |
30 |
10,000 |
36 |
16 |
2.7 |
200 |
50 |
10,000 |
36 |
20 |
2.7 |
200 |
100 |
10,000 |
36 |
40 |
2.7 |
200 |
Hardware requirements for the server with the Central Node component when using ICAP functionality
The AV_rps value in the table below stands for the number of files per second sent for anti-virus scanning.
On average, two anti-virus scan jobs are created per second for 1 Mbps of traffic. The total number of ICAP requests may not exceed 5000 per second.
Central Node configurations
Lite: AV_rps up to 65; 75 Mbps |
|
Minimum number of logical cores |
16 |
Minimum RAM |
64 GB |
First disk subsystem (RAID 10) |
4 drives, 1200 GB each |
Medium: AV_rps up to 250; 0.3 Gbps |
|
Minimum number of logical cores |
32 |
Minimum RAM |
80 GB |
First disk subsystem (RAID 10) |
4 drives, 1200 GB each |
High: AV_rps up to 750; 1 Gbps |
|
Minimum number of logical cores |
72 |
Minimum RAM |
96 GB |
First disk subsystem (RAID 10) |
4 drives, 1200 GB each |
Disk space requirements on the Central Node server
For the Central Node server, we recommend having 2000 GB of free space on the first disk subsystem and 2400 GB on the second disk subsystem. The amount of space required on the second disk subsystem depends on the storage policy that you want to set up.
If you have configured integration for scanning external system objects using the KATA API, the hardware requirements of the Central Node server must be increased. Additional hardware requirements are presented in the table below.
Hardware requirements for the Central Node server with integrated external systems
Maximum number of processed objects per second |
Number of additional logical cores |
Number of additional Sandbox servers |
|---|---|---|
8 |
2 |
1 |
16 |
4 |
2 |
24 |
7 |
3 |
If you configured integration to send events to an external system using the KATA API, you must increase the hardware requirements of the Central Node server by 1 logical core and 6 GB of RAM.
If you are saving network traffic, the hardware requirements of the Central Node server must be increased. For more details on hardware requirements, see Calculations for the Sensor component → Hardware requirements of the Sensor when saving raw network traffic.
Requirements for the PCN server in distributed solution mode
If you are using the distributed solution mode, you need to take into account that when connecting up to 10 SCNs, the minimum amount of RAM and the minimum logical core count on the PCN server must be 10% higher than on a Central Node server not in distributed solution mode. The load on the SCNs can vary within the limits specified in the hardware requirements for the Central Node server.
You can connect up to 150 SCNs to one PCN, as long as the hardware configuration of the PCN server satisfies the following requirements:
If you want to use the PCN without built-in Sensor, the PCN server must have the following configuration:
The hardware requirements for the Central Node server are specified in the following tables (see above):
Hardware requirements for Central Node cluster servers
A cluster must include at least 4 servers: 2 storage servers and 2 processing servers.
Each cluster server must have two network adapters to configure cluster and external subnet. The cluster subnet must be capable of up to 10 Gbps.
The cluster subnet must also meet the following requirements:
Hardware requirements for the Central Node server that performs retrospective analysis of traffic
Minimum hardware requirements for the virtual server for the installation of the Central Node component that will perform retrospective analysis of traffic: