Performance recommendations
The performance of the Authentication Server may vary and depends on several factors.
Most important factors:
•Number or authentication requests per defined interval (average, but also peaks)
•Number of total user count
•Integration mode (Active Directory Integration or Standalone)
•Authentication method used
•Number of Authentication Servers used
•External databases used in case of Standalone integration mode
•HW and SW (OS) used in the whole ecosystem
It is impossible to define some single number representing the performance, but we tried to narrow the range of possible answers based on our tests.
Testing environment
Reference HW used for the Authentication Server (AS):
•CPU: 2,5 GHz, 8 Cores,
•RAM: 32GB
•Hard disk: SSD
Further details:
•One Authentication Server used
•External database on separate HW (similar to HW used for AS) when testing Standalone deployment type with an external database
•When testing Active Directory Integration mode, Domain Controller (DC) was on separate HW (similar to HW used for AS)
•Reporting Engine was not used during these tests
When comparing speed, the Active Directory Integration mode was the slowest in our tests, though it also depends on DC performance and some other parameters.
Standalone mode with a built-in database was as fast as if using an external database; however, a built-in database does not allow multiple Authentication Servers.
Standalone mode with external database is the most suitable for very large user bases.
Considering the performance described above, we have to consider what number of clients authenticate in what time interval.
For example, if all clients authenticate within one minute, then the Standalone mode with external database in our environment is ready to manage ~4800 clients.
Deployment type |
Requests per second |
|---|---|
Active Directory Integration mode |
30 |
Standalone mode with built-in database |
80 |
Standalone mode with an external database |
80 |
However, if they authenticate evenly within one hour, it can theoretically manage more than 100.000.
The table below is based on the assumption that 10% of all clients authenticate in one minute and consider other deployment constraints.
If there is no ✔ in the table below, you may expect some performance issues unless you tune-up your environment.
User range |
AD Integration mode |
Standalone mode with built-in database |
Standalone mode with an external database |
Memory |
HDD Storage |
|---|---|---|---|---|---|
up to 5000 |
✔ |
✔ |
✔ |
450 MB |
800 MB |
5000 - 20000 |
|
✔ |
✔ |
1 GB |
2 GB |
more |
|
|
✔ |
|
|
*Assuming multiple Authentication Servers are used