System Requirements

To install and run Tenable Core + OT Security or Tenable OT Security Sensor, your application and system must meet the following requirements.

Note: Tenable Support does not assist with issues related to your host operating system, even if you encounter them during installation or deployment.

Environment Tenable Core File Format More Information
Virtual Machine VMware .ova file

Install OT Security ICP Virtual Appliance

Hardware

Tenable-provided hardware

.iso image

Install Tenable Core on Hardware

Note: Tenable Core + OT Security requires Tenable-provided hardware. For more information, contact your Tenable representative.

Note: While you could use the packages to run Tenable Core in other environments, Tenable does not provide documentation for those procedures.

Note: Tenable does not recommend deploying multiple applications on a single instance of Tenable Core. If you want to deploy several applications on Tenable Core, deploy a unique instance for each application.

Tenable Core + OT Security ships with the latest version of OT Security included.

You can Install OT Security on a hypervisor1 or directly on user-supplied hardware running Tenable Core.

Note: Tenable strongly discourages running Tenable Core + OT Security in an environment shared with other Tenable applications. For example, installing two products on the same virtual machine, or in the same Tenable Core system.

Storage Requirements

Tenable recommends installing OT Security on direct-attached storage (DAS) devices, preferably solid-state drives (SSD), for best performance. Tenable strongly encourages the use of solid-state storage (SSS) that have a high drive-writes-per-day (DWPD) rating to ensure longevity.

Tenable does not support installing OT Security on network-attached storage (NAS) devices. Storage area networks (SAN) with a storage latency of 10 milliseconds or less, or Tenable hardware appliances, are a good alternative in such cases.

Disk Space Requirements

Enterprise networks can vary in performance, capacity, protocols, and overall activity. Resource requirements to consider for deployments include raw network speed, the size of the network to monitor, and the configuration of the application. Processors, memory, and network card selection rely heavily on these deployment configurations. Disk space requirements vary depending on usage based on the amount of data, and length of time you store data on the system.

OT Security needs to perform full packet captures of monitored traffic, and the size of the policy event data stored by OT Security depends on the number of devices and the type of environment.

You can calculate storage requirements per day (GB/day) by multiplying the traffic rate (Mbps) * 2.7 - based on a compression factor of 0.25.

In an example with two sensors receiving 23 Mbps SPAN traffic each, the storage requirements per day (GB/day) is calculated as (23*2)*2.7=124 GB of space per day for traffic storage.

Note: If compliance or security requirements require that you store up to 30 days of traffic, then you need a PCAP (Packet Capture) storage drive of 3.75 TB to accommodate this requirement. Once the stored traffic data reaches the maximum size, OT Security overwrites the oldest PCAP data and replaces it with new traffic.

ICP System Requirement Guidelines (Virtual or Tenable Core)

Maximum SPAN/TAP Throughput (Mbps) CPU Cores2 Memory (DDR4) Storage Requirements Network Interfaces
50 Mbps or less 4 16 GB RAM 128 GB Minimum 4 x 1 Gbps
50-150 Mbps 16 32 GB RAM 512 GB Minimum 4 x 1 Gbps
150-300 Mbps 32 64 GB RAM 1 TB Minimum 4 x 1 Gbps
300 Mbps to 1 Gbps 32-64 128 GB RAM or more 2 TB or more Minimum 4 x 1 Gbps

Disk Partition Requirements

OT Security uses the following mounted partitions:

Partition Content
/ operating system
/opt application and database files
/var/pcap packet captures (full packet capture, event, query)

The standard process places these partitions on the same disk. Tenable recommends moving these to partitions on separate disks to increase throughput. OT Security is a disk-intensive application and using disks with high read/write speeds, such as SSDs, results in the best performance. Tenable recommends using an SSD with high DWPD ratings on customer-supplied hardware installations when using the packet capture feature in OT Security.

Tip: Deploying OT Security on a hardware platform configured with a redundant array of independent disks (RAID 0) can dramatically boost performance.

Tip: Tenable does not require RAID disks for even our largest customers. However, in one instance, response times for queries with a faster RAID disk for a customer with more than one million managed vulnerabilities decreased from a few seconds to less than a second.

Network Interface Requirements

You must have four network interfaces present on your device before installing OT Security. Tenable recommends the use of gigabit interfaces. The VMWare OVA creates these interfaces automatically. Create these interfaces manually when you install the ISO on your own hardware.

Note: Tenable does not provide SR-IOV support for the use of 10 G network cards and does not guarantee 10 G speeds with the use of 10 G network cards.

NIC Requirements

nic0 (192.168.1.5) and nic3 (192.168.3.3) have static IP addresses when you install Tenable Core + OT Security in a hardware or virtual environment. Other network interface controllers (NICs) use DHCP.

nic3 (192.168.3.3) has a static IP address when you deploy Tenable Core + OT Security on VMware. Other NICs use DHCP. Confirm that the Tenable Corenic1 MAC address matches the NIC MAC address in your VMware passive scanning configuration. Modify your VMware configuration to match your Tenable Core MAC address if necessary.

For more information, see Manually Configure a Static IP Address, Manage System Networking and the VMware Documentation.