Recently Viewed Topics
This section describes SecurityCenter’s minimum requirements for hardware, network, and disk storage. Note that the particular needs of your organization must be factored into this guideline.
Recommended Minimum Hardware Requirements
The following chart outlines the minimum hardware requirements for operating the SecurityCenter.
Minimum Recommended Hardware
SecurityCenter managing 500 to 2,500 active IPs
CPU: 2 dual-core 2 GHz or greater
Memory: 4 GB RAM
Hard drive: 120 GB at 7,200 rpm (320 GB at 10,000 rpm recommended)
SecurityCenter managing 2,500 to 10,000 active IPs
CPU: 4 dual-core 3 GHz CPU
Memory: 16 GB RAM
Hard drive: 160 GB at 7,200 rpm (500 GB at 10,000 rpm recommended)
SecurityCenter managing 10,000 to 25,000 active IPs
CPU: 8 dual-core 3 GHz CPU
Memory: 32 GB RAM
Hard drive: 500 GB at 10,000 rpm (1 TB at 15,000 rpm with striped RAID recommended)
SecurityCenter managing more than 25,000 active IPs
CPU: 8+ quad-core 3 GHz CPU
Memory: 32+ GB RAM
Hard drive: 1 TB at 15,000 rpm (3 TB at 15,000 rpm with striped RAID recommended)
In addition to the above guidelines, please consider the following suggestions:
- If the Nessus scanner is deployed on the same system as SecurityCenter, there will be less CPU and memory available during scans, causing slower performance. Use multi-core and/or multiple CPU servers to alleviate this. It is strongly recommended that the scanner is placed on a secondary machine.
- For deployments of SecurityCenter with more than 25 active users, add additional memory or CPUs to improve performance.
- As a general rule, use the aggregate of the individual software product resource requirements for determining total hardware system requirements. Hosting multiple Tenable products on the same server is not recommended due to potential memory and CPU constraints.
Gigabit or faster network cards are recommended for use on the SecurityCenter server. This is to increase the overall performance of web sessions, emails, LCE queries, and other network activities.
If Nessus is deployed on the same server as SecurityCenter, consider configuring the server with multiple network cards and IP addresses. Nessus uses default routes when scanning target networks and will correctly scan a system from the appropriate interface.
Adequate disk space is critical to a successful SecurityCenter deployment. An important consideration is that SecurityCenter can be configured to save a snapshot of vulnerability archives each day. In addition, the size of the vulnerability data stored by SecurityCenter depends on the number and types of vulnerabilities, not just the number of hosts. For example, 100 hosts with 100 vulnerabilities each could consume as much data as 1,000 hosts with 10 vulnerabilities each. In addition, the output for vulnerability check plugins that do directory listings, etc. is much larger than “Open Port” plugins from discovery scans.
For networks of 35,000 to 50,000 hosts, Tenable has encountered data sizes of up to 25 GB. That number is based on storage of 50,000 hosts and approximately 500 KB per host.
Additionally, during active scanning sessions, large scans and multiple smaller scans have been reported to consume as much as 150 GB of disk space as results are acquired. Once a scan has completed and its results are imported, that disk space is freed up.
SecurityCenter is installed into
/opt/sc by default. Tenable highly recommends that the
/opt directory be created on a separate disk partition. For higher performance, using two disks, one for the operating system and one for the system deployed to
/opt, can be more efficient.
Note: If required disk space exists outside of the
/opt file system, mount the desired target directory using the command
mount –-bind <olddir> <newdir>. Make sure that the file system is automatically mounted on reboot by editing the
/etc/fstab file appropriately.
Deploying SecurityCenter on a server configured with RAID disks can also dramatically boost performance.
Note: SecurityCenter does not require RAID disks for even our largest customers. However, in one instance, response times for queries with a faster RAID disk for a customer with more than 1 million managed vulnerabilities moved from a few seconds to less than a second.