PVS Hardware Requirements

Enterprise networks can vary in performance, capacity, protocols, and overall activity. Resource requirements to consider for PVS deployments include raw network speed, the size of the network being monitored, and the configuration of PVS.

The following chart outlines some basic hardware requirements for operating PVS:

Scenario Minimum Recommended Hardware
Passive Vulnerability Scanner managing up to 50,000 hosts * (**)

CPU: 1 dual-core 2GHz CPU

Memory: 2 GB RAM (4 GB RAM recommended)

Passive Vulnerability Scanner managing more than 50,000 hosts **

CPU: 1 dual-core 3 GHz CPU (2 dual-core recommended)

Memory: 4 GB RAM (8 GB RAM recommended)

Passive Vulnerability Scanner running in High Performance mode

CPU: 10 CPUs, with hyper-threading enabled

Memory: 16 GB RAM

HugePages memory: 2 GB

*The ability to monitor a given number of hosts depends on the bandwidth, memory, and processor power available to the system running PVS.

**For optimal data collection, PVS needs to be connected to the network segment via a hub, spanned port, or network tap to have a full, continuous view of the network traffic.

Note: Please research your VM software vendor for comparative recommendations, as VMs typically see up to a 30% loss in efficiency compared with dedicated servers.

Processor requirements will increase with greater throughput and higher number of network interfaces. Memory requirements will increase for networks with more hosts. The requirements for both of these components are affected by configurable options, like setting a long report lifetime.

Disk space requirements for PVS vary depending on the amount of data and length of time that data is stored on the system.

High Performance Mode

To run PVS in High Performance mode, a minimum of two of the following types of Intel NICs are required; one as a management interface and at least one as a monitoring interface:

  • e1000 (82540, 82545, 82546)

  • e1000e (82571. 82574, 82583, ICH8..ICH10, PCH..PCH2)

  • igb (82575..82576, 82580, I210, I211, I350, I354, DH89xx)

  • ixgbe (82598..82599, X540, X550)

  • i40e (X710, XL710)

Copyright © 2017. Tenable Network Security, Inc. All rights reserved. Tenable Network Security, Nessus, SecurityCenter Continuous View, Passive Vulnerability Scanner, and Log Correlation Engine are registered trademarks of Tenable Network Security, Inc. All other products or services are trademarks of their respective owners.