You are here: System Requirements

System Requirements

This section describes SecurityCenter’s minimum requirements for hardware, network, and disk storage. Note that the particular needs of your organization must be factored into this guideline.

Recommended Minimum Hardware Requirements

The following chart outlines the minimum hardware requirements for operating the SecurityCenter.

Scenario

Minimum Recommended Hardware

SecurityCenter managing 500 to 2,500 active IPs

CPU: 2 dual-core 2 GHz or greater

Memory: 4 GB RAM

Hard drive: 120 GB at 7,200 rpm (320 GB at 10,000 rpm recommended)

SecurityCenter managing 2,500 to 10,000 active IPs

CPU: 4 dual-core 3 GHz CPU

Memory: 16 GB RAM

Hard drive: 160 GB at 7,200 rpm (500 GB at 10,000 rpm recommended)

SecurityCenter managing 10,000 to 25,000 active IPs

CPU: 8 dual-core 3 GHz CPU

Memory: 32 GB RAM

Hard drive: 500 GB at 10,000 rpm (1 TB at 15,000 rpm with striped RAID recommended)

SecurityCenter managing more than 25,000 active IPs

CPU: 8+ quad-core 3 GHz CPU

Memory: 32+ GB RAM

Hard drive: 1 TB at 15,000 rpm (3 TB at 15,000 rpm with striped RAID recommended)

In addition to the above guidelines, please consider the following suggestions:

Network Interfaces

Gigabit or faster network cards are recommended for use on the SecurityCenter server. This is to increase the overall performance of web sessions, emails, LCE queries, and other network activities.

If Nessus is deployed on the same server as SecurityCenter, consider configuring the server with multiple network cards and IP addresses. Nessus uses default routes when scanning target networks and will correctly scan a system from the appropriate interface.

Disk Space

Adequate disk space is critical to a successful SecurityCenter deployment. An important consideration is that SecurityCenter can be configured to save a snapshot of vulnerability archives each day. In addition, the size of the vulnerability data stored by SecurityCenter depends on the number and types of vulnerabilities, not just the number of hosts. For example, 100 hosts with 100 vulnerabilities each could consume as much data as 1,000 hosts with 10 vulnerabilities each. In addition, the output for vulnerability check plugins that do directory listings, etc. is much larger than “Open Port” plugins from discovery scans.

For networks of 35,000 to 50,000 hosts, Tenable has encountered data sizes of up to 25 GB. That number is based on storage of 50,000 hosts and approximately 500 KB per host.

Additionally, during active scanning sessions, large scans and multiple smaller scans have been reported to consume as much as 150 GB of disk space as results are acquired. Once a scan has completed and its results are imported, that disk space is freed up.

Disk Partitions

SecurityCenter is installed into /opt/sc by default. Tenable highly recommends that the /opt directory be created on a separate disk partition. For higher performance, using two disks, one for the operating system and one for the system deployed to /opt, can be more efficient.

Note: If required disk space exists outside of the /opt file system, mount the desired target directory using the command mount –-bind <olddir> <newdir>. Make sure that the file system is automatically mounted on reboot by editing the /etc/fstab file appropriately.

Deploying SecurityCenter on a server configured with RAID disks can also dramatically boost performance.

Note: SecurityCenter does not require RAID disks for even our largest customers. However, in one instance, response times for queries with a faster RAID disk for a customer with more than 1 million managed vulnerabilities moved from a few seconds to less than a second.

Copyright © 2016. Tenable Network Security, Inc. All rights reserved. Tenable Network Security and Nessus are registered trademarks of Tenable Network Security, Inc. SecurityCenter Continuous View, Passive Vulnerability Scanner, and Log Correlation Engine are trademarks of Tenable Network Security, Inc. All other products or services are trademarks of their respective owners.