Hardware and software requirements
Deploying the application on a virtual platform requires installing the VMware ESXi 6.5, 6.7 or 7.0 hypervisor.
For the application to work correctly in a virtual environment, you must install an up-to-date patch for the hypervisor.
The configuration of the Kaspersky Sandbox servers depends on the volume of data to be processed by the application and the throughput of the network link.
Kaspersky Sandbox is not supported on AMD processors.
Hardware and software requirements of the Kaspersky Sandbox physical server
The Kaspersky Sandbox solution supports physical server configurations listed in the following table.
Configurations supported by the Kaspersky Sandbox solution
Physical server configuration |
Number of workstations with Kaspersky Endpoint Agent/Kaspersky Endpoint Security |
Workload when receiving files via API (objects per hour) |
---|---|---|
CPU: 4 cores with Hyper-Threading support (8 threads), 2.1 GHz RAM: 32 GB Two hard drives in a RAID 1 array:
|
250 |
75 |
CPU: 8 cores with Hyper-Threading support (16 threads), 2.2 GHz. RAM: 48 GB Two hard drives in a RAID 1 array:
|
500 |
150 |
CPU: 12 cores with Hyper-Threading support (24 threads), 2.2 GHz. RAM: 64 GB Two hard drives in a RAID 1 array:
|
750 |
225 |
CPU: 16 cores with Hyper-Threading support (32 threads), 2.2 GHz. RAM: 64 GB Two hard drives in a RAID 1 array:
|
1000 |
305 |
CPU: 14 cores with Hyper-Threading support (28 threads), 2.6 GHz. RAM: 64 GB Two hard drives in a RAID 1 array:
|
1000 |
305 |
2 CPUs: 18 cores with Hyper-Threading support (72 threads), 2.2 GHz RAM: 196 GB Two hard drives in a RAID 1 array:
|
5000 |
910 |
Example of Kaspersky Sandbox performance: Physical server configuration: CPU: 4 cores with Hyper-Threading support (8 threads), 2.1 GHz RAM: 32 GB Two hard drives in a RAID 1 array:
|
For example, if you want to double the performance of Kaspersky Sandbox (to receive objects from 500 workstations or 150 objects per hour from external systems via the API), you can combine 2 servers into a cluster.
Hardware and software requirements of Kaspersky Sandbox virtual machine
The Kaspersky Sandbox application supports the following virtual machine configuration:
- CPU: 12 cores (6 sockets, 2 cores each), 2.2 GHz or higher.
- RAM: 32 GB.
- HDD volume: 600 GB.
- Two network adapters with 1 Gbit/s data transfer rate.
Virtual machine settings:
- Expose hardware assisted virtualization to the guest OS check box selected.
- Latency Sensitivity option set to High.
- Entire RAM reserved (32 GB).
- Entire CPU clock rate reserved.
You can use the following formula to calculate the entire CPU clock rate:
12 * <clock rate in MHz>
.
When configuring the virtual machine, your configuration must match the description above. Only the CPU clock rate can be varied: you can configure a value of 2.2 GHz or higher. If the configuration of your virtual machine deviates from the description above, correct installation and operation of Kaspersky Sandbox is not guaranteed.
Installed on a virtual machine, Kaspersky Sandbox can process objects from up to 250 workstations or 100 objects per hour received using the API.
Throughput requirements for the link between workstations with the EPP application and the Kaspersky Sandbox server
Minimum requirements for the link between workstations that have the Kaspersky Endpoint Security application installed and the Kaspersky Sandbox server are listed in the following table.
Minimum requirements for the link between the Kaspersky Sandbox server and workstations with the EPP application
Number of workstations with Kaspersky Endpoint Agent/Kaspersky Endpoint Security |
Required link throughput to be reserved for Kaspersky Endpoint Agent/Kaspersky Endpoint Security (Mbps) |
---|---|
10 |
2 |
20 |
2 |
30 |
2 |
40 |
2 |
50 |
3 |
100 |
4 |
150 |
4 |
200 |
5 |
250 |
5 |
500 |
6 |
750 |
8 |
1000 |
9 |
1500 |
11 |
2000 |
13 |
500 |
15 |
3000 |
18 |
3500 |
20 |
4000 |
22 |
4500 |
24 |
5000 |
27 |
Compatibility of the Kaspersky Sandbox solution version 2.0 with other applications
Kaspersky Sandbox version 2.0 is compatible with the following Kaspersky software:
- EPP applications:
- Kaspersky Endpoint Security for Windows 11.7.0 and later.
- Kaspersky Security for Windows Server 11.0.1.
- Kaspersky Security for Virtualization Light Agent 5.2
- Kaspersky Endpoint Agent 3.13 or later for Windows.
- Kaspersky Security Center Windows 13.2 or later.
We recommend using versions of Kaspersky Security Center specified above. If you use an older version of Kaspersky Security Center, automatic creation of IOC scanning tasks is not available.
To manage Kaspersky Sandbox 2.0 using Kaspersky Security Center Web Console, you must install the Kaspersky Sandbox management plug-in.