Skip navigation

Log in to create and rate content, and to follow, bookmark, and share content with other members.

000031056 - ECAT 4.x Sizing Guideline

Document created by RSA Customer Support

on Jun 14, 2016•Last modified by RSA Customer Support

on Apr 21, 2017

Version 4Show Document

Like • Show 0 Likes0
Comment • 0
View in full screen mode

Article Content

Article Number	000031056
Applies To	RSA Product Set: ECAT RSA Product/Service Type: ECAT RSA Version/Condition: 4.x Platform: Windows
Issue	This article provides general sizing information for RSA ECAT 4.X
Notes	In the ECAT 4.0.0.3 User Guide see the "Recommended Hardware and Software for the Server(s)", (Page 19). This configuration may be referenced as a general guideline for anywhere from 5k-10k agents, depending on use. ECAT use dependencies include: Scan frequency, a single server can support effectively up to 5K scans per day (hardware permitting). There is the assumption that there will be 1 scan per day per agent. Quick scan vs Full scan. It is assumed Full scans (fetching files off disk) are run infrequently. Running Full scans frequently will reduce the total number of agents that can be supported on a given hardware config. Full scans should not be run more frequently than weekly, and is recommended only for machines under investigation when everything else fails. Files storage. In a large environment you can exclude (in ‘options’) signed files, and files that have a hash match from being downloaded. Including these files will increase substantially the storage requirements in a large, mixed environment. SQL Server setup. Most of the job is done by the SQL Server, so it is assumed the SQL Server is tuned per Microsoft recommendations for performance. Additional Notes: The ECAT 4.1 Installation Guide, "Recommended Hardware and Software for the Server(s) (Page 6), increases a couple of the above recommendations, with double the memory, and dual Quad-cores. The multiserver environment is generally useful for 50k+ agents, and is not a solution for performance issues. When adding a Secondary the recommended minimum setup is 2 Secondaries and 1 Primary. Where the Secondaries are dedicated to Agent connections, and the Primary aggregates all data. The Primary would have Agent discovery disabled.

Attachments

Outcomes

0 Comments

Recommended Content