Recently Viewed Topics
Follow these hardware requirements and guidelines to maximize your SecurityCenter performance. Always consider the specific needs of your organization.
Recommended Minimum Physical Hardware Requirements
For specific physical hardware recommendations, see the General Requirements Guide. SecurityCenter is not supported in cloud-based environments.
Network Interface Requirements
Gigabit or faster network cards are recommended for use on the SecurityCenter server. This is to increase the overall performance of web sessions, emails, LCE queries, and other network activities.
If Nessus is deployed on the same server as SecurityCenter, consider configuring the server with multiple network cards and IP addresses. Nessus uses default routes when scanning target networks and will correctly scan a system from the appropriate interface.
You must install SecurityCenter on direct-attached storage (DAS) devices. SecurityCenter does not support storage area networks (SANs) or network-attached storage (NAS) configurations.
Disk Space Requirements
Adequate disk space is critical to a successful SecurityCenter deployment. An important consideration is that SecurityCenter can be configured to save a snapshot of vulnerability archives each day. In addition, the size of the vulnerability data stored by SecurityCenter depends on the number and types of vulnerabilities, not just the number of hosts. For example, 100 hosts with 100 vulnerabilities each could consume as much data as 1,000 hosts with 10 vulnerabilities each. In addition, the output for vulnerability check plugins that do directory listings, etc. is much larger than Open Port plugins from discovery scans.
For networks of 35,000 to 50,000 hosts, Tenable has encountered data sizes of up to 25 GB. That number is based on storage of 50,000 hosts and approximately 500 KB per host.
Additionally, during active scanning sessions, large scans and multiple smaller scans have been reported to consume as much as 150 GB of disk space as results are acquired. Once a scan has completed and its results are imported, that disk space is freed up.
Disk Partition Requirements
SecurityCenter is installed into
/opt/sc by default. Tenable highly recommends that the
/opt directory be created on a separate disk partition. For higher performance, using two disks, one for the operating system and one for the system deployed to
/opt, can be more efficient.
Note: If required disk space exists outside of the
/opt file system, mount the desired target directory using the command
mount –-bind <olddir> <newdir>. Make sure that the file system is automatically mounted on reboot by editing the
/etc/fstab file appropriately.
Deploying SecurityCenter on a server configured with RAID disks can also dramatically boost performance.
Note: SecurityCenter does not require RAID disks for even our largest customers. However, in one instance, response times for queries with a faster RAID disk for a customer with more than 1 million managed vulnerabilities moved from a few seconds to less than a second.