This guide describes the basic requirements of a Security Analytics deployment and outlines optional scenarios to address needs of your enterprise. You can use distributed networks to install Brokers, Concentrator, Decoders, and Log Decoders in diverse geographical locations before the Security Analytics Server is installed and brought online. Even in small networks, planning can ensure that all goes smoothly when you are ready to bring the hosts online.
There are many factors you must consider before you deploy Security Analytics. The following items are just some of these factors. You need to estimate growth and storage requirements when you consider these factors.
- The size of your enterprise (that is, the number of locations and people that will use Security Analytics.
- The volume of packets and logs you need to process.
- The performance each Security Analytics user role needs to do their jobs effectively.
- The prevention of downtime (that is, how to avoid a single point of failure).
The following terminology changes were made 10.6 that affect this guide.