Security Center in Tenable Enclave Security System Requirements

Tenable Security Center in Kubernetes Requirements

Note: Tenable recommends using an empty Kubernetes cluster for Tenable Security Center deployments. These requirements assume that the Kubernetes cluster where you install Tenable Security Center has nothing else installed.

Tenable strongly recommends using high-performance disks when you deploy Tenable Security Center in a Kubernetes cluster. Tenable Security Center is a disk-intensive application and using disks with high read/write speeds (for example, SSDs or NVMe SSDs) results in the best performance. The requirements in the following tables are based on AWS M5 or better processor specifications. Using slower processors, like those found in AWS M5a instances, will impact performance for your Tenable Security Center in Kubernetes deployment.

For supported Kubernetes environments and installation instructions, see Tenable Security Center in Kubernetes.

Requirements When Running Basic Network Scans + Local Checks

# of Hosts Managed by Tenable Security Center

CPU

Memory

Disk Space used for Vulnerability Trending

1 to 2,500 active IPs

8000 m

32 GiB

90 days: 125 GB

180 days: 250 GB

2,501 to 10,000 active IPs

16000 m

64 GiB

90 days: 450 GB

180 days: 900 GB

10,001 to 25,000 active IPs

32000 m

128 GiB

90 days: 2.4 TB

180 days: 5 TB

25,001 to 50,000 active IPs

48000 m

192 GiB

90 days: 4.5 TB

180 days: 9 TB

Requirements When Running Basic Network Scans + Local Checks + 1 Configuration Audit

# of Hosts Managed by Tenable Security Center

CPU

Memory

Disk Space used for Vulnerability Trending

1 to 2,500 active IPs

16000 m

64 GiB

90 days: 225 GB

180 days: 450 GB

2,501 to 10,000 active IPs

32000 m

128 GiB

90 days: 900 GB

180 days: 1.8 TB

10,001 to 25,000 active IPs

32000 m

128 GiB

90 days: 4.5 TB

180 days: 9 TB

25,001 to 50,000 active IPs

48000 m

192 GiB

90 days: 9 TB

180 days: 18 TB

External PostgreSQL Requirements

You can install Tenable Security Center configured to work with a PostgreSQL instance managed by you. PostgreSQL is required for certain features introduced in Tenable Security Center 6.5.0. For more information about connecting a PostgreSQL database, see Connect an External PostgreSQL Server.

This is a required configuration if you have more than 100K hosts. Tenable Security Center requires PostgreSQLversion 16 or laterversions 13 through 17.Tenable Security Center 6.5.x requires PostgreSQL version 16 or later. Tenable Security Center 6.6.x and later supports PostgreSQL versions 13 through 17.It is also recommended that wal_segment_size is set to be at least 64MB.

If you set up your PostgreSQL instance in a cloud environment, the following are guidelines for choosing your instance size. Note that the disk space in the following table is only for PostgreSQL data, and does not include any other OS or other dependencies you have.

Version

# of Hosts Managed by Tenable Security Center

AWS

Azure Google Cloud Platform (GCP)

Minimum Disk Space Required for PostgreSQL Data

6.7.x and later

2,500 active IPs

m6g.xlarge

D4s_v3

t2a-standard-4

20 GB

10,000 active IPs

m6g.2xlarge

D16s_v3

t2a-standard-8

50 GB

25,000 active IPs

m6g.4xlarge

D32s_v3

t2a-standard-16

100 GB

100,000 active IPs

m6g.8xlarge

D48s_v3

t2a-standard-32

400GB

250,000 active IP

m6g.16xlarge

D64s_v3

t2a-standard-48

1 TB

6.6.x and earlier

2,500 active IPs

r6g.xlarge

E4ps

t2a-standard-4

10 GB

10,000 active IPs

r6g.2xlarge

E8ps

t2a-standard-8

40 GB

25,000 active IPs

r6g.4xlarge

E16ps

t2a-standard-16

100 GB

100,000 active IPs

r6g.8xlarge

E32ps

t2a-standard-32

400 GB