Infrastructure building and sizing

details_hoverNOTE

Before installing ESET Security Management Center, it is important to understand the architecture and what affects the performance of ESMC Server and your SQL database:

Hardware used for ESMC Server

We strongly recommend that you review the minimum hardware requirements before proceeding. Based on our Practical deployment examples and the following table, you can spec your hardware for optimal performance of ESET Security Management Center.

Sizing table for small and medium businesses

Clients

ESMC Server + SQL database server

CPUs

RAM (GB)

HDD (GB)

Up to 1,000

2

4

100

1,000 - 5,000

4

4 - 8

150

5,000 - 10,000

4

4 - 8

200

These recommendations are for a configuration with an appropriate client connection interval.

Sizing table for medium business and enterprise solutions

Clients

ESMC Server

 SQL database server*

CPUs

RAM (GB)

HDD (GB)

CPUs

RAM (GB)

HDD (GB)

10,000 - 50,000

4+

4+

40

8+

8+

250+

50,000 - 100,000

8+

4+

80

8+

16+

250+

100,000+

8+

8+

80

8+

32+

250+

These recommendations are for a configuration with an appropriate client connection interval.

* SQL server instance can share resources with ESMC Server to maximize utilization and minimize latency. In that case, the sum of recommended values for CPU and RAM must be used.

** Enterprise grade SSD with high IOPS is necessary.

 

Web Console configuration for enterprise solutions

The default Web Console configuration can suffer from instability when working with a high number of objects (for example, resolving 100,000 threats). Change the Tomcat settings to prevent memory shortages.

Windows

1.Open the tomcat7w.exe or run the Configure Tomcat application.

2.Switch to Java tab.

3.Change the values Initial memory pool to 2048 and Maximum memory pool to 16384.

4.Restart the Tomcat service.

 

ESMC Virtual Appliance / CentOS Linux

1.Open the virtual machine and open the Terminal.

2.Open the file /etc/sysconfig/tomcat

3.Add the following line to the file:
JAVA_OPTS="-Xms2048m -Xmx16384m"

4.Save the file and restart the Tomcat service.
service tomcat restart

 

Debian Linux

1.Open the Terminal as root or use sudo.

5.Open the file /etc/default/tomcat8

6.Add the following line to the file:
JAVA_OPTS="-Xms2048m -Xmx16384m"

7.Save the file and restart the Tomcat service.
service tomcat restart

 

SQL database server

Although the database hardware requirements for ESET Security Management Center are defined, you need to decide whether to install an SQL database server on the same machine as ESMC Server, or to use a dedicated server for installation of a SQL database server.

We recommend that you use a dedicated machine(s) with reserved resources if you wish to manage more than 10,000 clients.

Database

SMB customer

Enterprise customer

Clients limit

Windows

Linux

MS SQL Express

(optional)

5,000

 

MS SQL Server

None (up to 100,000)

 

MySQL

10,000

Network architecture and speed of your Internet connection

See Network requirements and Differences between Apache HTTP Proxy, Mirror Tool and direct connectivity.

Client connection interval

The time between client connections to ESMC Server (or ERA Proxy) affects performance as well. See Client connection interval for more details on how to configure these settings.

Average number of events reported by clients

If a server is overloaded or there is a malware outbreak (for example, we connect 20,000 clients to a server only able to service 10,000 clients at an interval of every ten minutes), it will skip some of the connected clients. Not connected clients will try to connect to ESMC Server later.

Network traffic impact by ESMC Server and ESET Management Agent communication

Applications on client machines do not communicate with ESMC Server directly, ESET Management Agent facilitates this communication. This solution is easier to manage and less demanding on data transferred over network. Network traffic depends on the client connection interval and types of tasks performed by clients. Even if no task is executed or scheduled on a client, ESET Management Agent communicates with ESMC Server once in each connection interval. Each connection generates traffic. See the table below for examples of traffic:

Action type

Traffic in a single connection interval

Client Task: Scan without cleaning

4 kB

Client Task: Modules update

4 kB

Client Task: SysInspector Log Request

300 kB

Policy: Antivirus - Maximum security

26 kB

ESET Management Agent replication interval

Daily traffic generated by idle ESET Management Agent

1 minute

16 MB

15 minutes

1 MB

30 minutes

0.5 MB

1 hour

144 kB

1 day

12 kB

To estimate the overall traffic generated by ESET Management Agents, use the following formula:

Number of clients * (Daily traffic of idle agent + (Traffic for certain task * daily occurrence of the task))

Number of ESET Management Agents and endpoints on your network

See Deployment scenarios - best practices.