RSA Security Analytics Licensing Storage Clarification
I am a little bit confused in the selection of devices, when preparing a BoM for RSA Security Analytics – Network Monitoring (Packets).
For example we have a client who has expected line rate of around 700Mbps and peak line rate of around 800Mbps. We need to give them a retention for 21 days.
If we calculate the Daily aggregate throughput in TBs’ it is 8.24TB per day.
For 21 days we need atleast (8.24 * 21) = 173.04TB storage.
If we go with the old licensing methodology and look at the AIO box it has internal capacity of 4.2TB and if we add external DAC as well of 32TB it has 28TB for packets i.e. it is going to be 32.2TB altogether. Since it is an AIO box, we can’t add another DAC with it. Similar is the case with Hybrid. So this means that we have to go with the distributed environment.
So if we now look at the BoM it is going to be somewhat like this:
Security Analytics Server
SA-DACHD-P (46TB HD DAC) Qty=04 (Because it is going to be 184TB fulfilling our requirement of 173.04TB)
How is this going to be calculated
So basically what I want to know is that my BoM and my concept on this are correct or not? and what is the procedure to calculate the Concentrator capacity?
I hope I was able to convey my question.