Hardware and software requirements

Deploying the application on a virtual platform requires installing the VMware ESXi™ 6.5, 6.7 or 7.0 hypervisor.

For the application to work correctly in a virtual environment, you must install an up-to-date patch for the hypervisor.

The configuration of the Kaspersky Sandbox servers depends on the volume of data to be processed by the application and the throughput of the network link.

Kaspersky Sandbox is not supported on AMD™ processors.

Hardware and software requirements of the Kaspersky Sandbox physical server

The Kaspersky Sandbox solution supports physical server configurations listed in the following table.

Configurations supported by the Kaspersky Sandbox solution

Physical server configuration	Number of workstations with Kaspersky Endpoint Agent/Kaspersky Endpoint Security	Workload when receiving files via API (objects per hour)
CPU: 4 cores with Hyper-Threading support (8 threads), 2.1 GHz RAM: 32 GB Two hard drives in a RAID 1 array: volume: 600 GB each rotation speed: 10,000 rpm Two network adapters with 1 Gbit/s data transfer rate.	250	75
CPU: 8 cores with Hyper-Threading support (16 threads), 2.2 GHz. RAM: 48 GB Two hard drives in a RAID 1 array: volume: 600 GB each rotation speed: 10,000 rpm Two network adapters with 1 Gbit/s data transfer rate.	500	150
CPU: 12 cores with Hyper-Threading support (24 threads), 2.2 GHz. RAM: 64 GB Two hard drives in a RAID 1 array: volume: 600 GB each rotation speed: 10,000 rpm Two network adapters with 1 Gbit/s data transfer rate.	750	225
CPU: 16 cores with Hyper-Threading support (32 threads), 2.2 GHz. RAM: 64 GB Two hard drives in a RAID 1 array: volume: 600 GB each rotation speed: 10,000 rpm Two network adapters with 1 Gbit/s data transfer rate.	1000	305
CPU: 14 cores with Hyper-Threading support (28 threads), 2.6 GHz. RAM: 64 GB Two hard drives in a RAID 1 array: volume: 600 GB each rotation speed: 10,000 rpm Two network adapters with 1 Gbit/s data transfer rate.	1000	305
2 CPUs: 18 cores with Hyper-Threading support (72 threads), 2.2 GHz RAM: 196 GB Two hard drives in a RAID 1 array: volume: 600 GB each rotation speed: 10,000 rpm Two network adapters with 1 Gbit/s data transfer rate.	5000	910

Example of Kaspersky Sandbox performance: Physical server configuration: CPU: 4 cores with Hyper-Threading support (8 threads), 2.1 GHz RAM: 32 GB Two hard drives in a RAID 1 array: volume: 600 GB each rotation speed: 10,000 rpm Two network adapters with 1 Gbit/s data transfer rate. On a server with the specified configuration, Kaspersky Sandbox can: Process objects received from workstations with Kaspersky Endpoint Security or Kaspersky Endpoint Agent. Maximum number of workstations: 250. Process objects received from external systems via the API. Maximum objects per hour: 75.

For example, if you want to double the performance of Kaspersky Sandbox (to receive objects from 500 workstations or 150 objects per hour from external systems via the API), you can combine 2 servers into a cluster.

Hardware and software requirements of Kaspersky Sandbox virtual machine

The Kaspersky Sandbox application supports the following virtual machine configuration:

• CPU: 12 cores (6 sockets, 2 cores each), 2.2 GHz or higher.
• RAM: 32 GB.
• HDD volume: 600 GB.
• Two network adapters with 1 Gbit/s data transfer rate.

Virtual machine settings:

1. Expose hardware assisted virtualization to the guest OS check box selected.
2. Latency Sensitivity option set to High.
3. Entire RAM reserved (32 GB).
4. Entire CPU clock rate reserved.

   You can use the following formula to calculate the entire CPU clock rate: 12 * <clock rate in MHz>.

When configuring the virtual machine, your configuration must match the description above. Only the CPU clock rate can be varied: you can configure a value of 2.2 GHz or higher. If the configuration of your virtual machine deviates from the description above, correct installation and operation of Kaspersky Sandbox is not guaranteed.

Installed on a virtual machine, Kaspersky Sandbox can process objects from up to 250 workstations or 100 objects per hour received using the API.

Throughput requirements for the link between workstations with the EPP application and the Kaspersky Sandbox server

Minimum requirements for the link between workstations that have the Kaspersky Endpoint Security application installed and the Kaspersky Sandbox server are listed in the following table.

Minimum requirements for the link between the Kaspersky Sandbox server and workstations with the EPP application

Number of workstations with Kaspersky Endpoint Agent/Kaspersky Endpoint Security	Required link throughput to be reserved for Kaspersky Endpoint Agent/Kaspersky Endpoint Security (Mbps)
10	2
20	2
30	2
40	2
50	3
100	4
150	4
200	5
250	5
500	6
750	8
1000	9
1500	11
2000	13
500	15
3000	18
3500	20
4000	22
4500	24
5000	27

Compatibility of the Kaspersky Sandbox solution version 2.0 with other applications

Kaspersky Sandbox version 2.0 is compatible with the following Kaspersky software:

• EPP applications:
  • Kaspersky Endpoint Security for Windows 11.7.0 and later.
  • Kaspersky Security for Windows Server 11.0.1.
  • Kaspersky Security for Virtualization Light Agent 5.2
• Kaspersky Endpoint Agent 3.13 or later for Windows.
• Kaspersky Security Center Windows 13.2 or later.

  We recommend using versions of Kaspersky Security Center specified above. If you use an older version of Kaspersky Security Center, automatic creation of IOC scanning tasks is not available.

  To manage Kaspersky Sandbox 2.0 using Kaspersky Security Center Web Console, you must install the Kaspersky Sandbox management plug-in.

See also What's New Distribution kit Limitations of the current version Application licensing

Page top