Firewall Analyzer - Sizing Guide

    This section lists the minimum system requirements for installing and working with Firewall Analyzer. Please refer our website for recommended system requirements.

    Firewall Analyzer Version 12 onwards

    1. Hard disk space required
    2. Firewall Configurations Storage Requirement
    3. Performance tuning - Hard disk requirements for more months

    Hard disk space required

    Firewall Analyzer (For every 500 logs/sec & to maintain 1 day archive logs) 25 GB

    *The disk space and RAM size requirements depends on the number of devices sending log information to Firewall Analyzer, the number of firewall log records received per second by Firewall Analyzer. 

    Hard disk space requirement

    The table below shows the total storage requirements for the database and log storage (archives and index logs).

    These values represent PostgreSQL storage requirements specifically for Syslog data.

    Log Records Rate For 1 Day For 1 Week For 1 Month For 3 Months For 6 Months For 1 Year
    100 Logs/sec 10 GB 15 GB 20 GB 45 GB 90 GB 120 GB
    500 Logs/sec 25 GB 50 GB 120 GB 310 GB 600 GB 1.15 TB
    1000 Logs/sec 35 GB 70 GB 225 GB 640 GB 1.25 TB 2.45 TB
    2000 Logs/sec 50 GB 130 GB 450 GB 1.25 TB 2.5 TB 4.95 TB
    3000 Logs/sec 70 GB 185 GB 675 GB 1.9 TB 3.7 TB 7.4 TB
    Note:
    • When Archive Encryption is enabled under Settings -> Security Settings, it requires more storage than the values shown in the above table.
    • When Enabling the Index Traffic Security logs under Search -> RAW Settings, it requires more storage than the values shown in the above table.

    Firewall Configurations Storage Requirement

    When a device rule is configured, configuration or rule changes are fetched from the firewall devices. These configuration changes are stored in the database.

    For example, assume the firewall configuration file size is 10 MB and 10 configuration changes occur per day.

    In this case:

    • One row consumes 15 MB
    • 10 changes per day = 150 MB
    • Add buffer size = 10 MB
    • Total = 175 MB per day

    This data will be stored in the database and will contribute to the overall DB size.

    Firewall Count For 1 Day For 1 Week For 1 Month For 3 Months For 6 Months For 1 Year
    1 Firewall 175 MB 1.2 GB 5.30 GB 15.72 GB 31.45 GB 62.55 GB
    2 Firewall 350 MB 2.39 GB 10.60 GB 31.45 GB 62.89 GB 125.10 GB
    5 Firewall 875 MB 5.98 GB 26.49 GB 78.61 GB 157.23 GB 312.74 GB
    10 Firewall 1.71 GB 11.96 GB 52.98 GB 157.23 GB 314.45 GB 625.49 GB
    10 Firewall 3.42 GB 23.93 GB 105.96 GB 314.45 GB 628.91 GB 1.22 TB

    Performance tuning

    Hard disk requirements for more months

    Note: The Log Records Per Second is the total log records received per second by Firewall Analyzer from all the configured devices.
    Where to find the log flow rate steps to identify logs/sec?
    •  Dedicated machine has to be allocated to process more than 200 logs per second.
    • Dual core processors are needed to process more than 500 logs per second.
    • Quadra core processors are needed to process more than 1000 logs second.
    • Number of firewalls handled by the Firewall Analyzer will increase the requirement of the above RAM values. So it is better to have RAM value higher than the suggested value in case of having more than 5 firewalls.
    • Firewall Analyzer server and PostgreSQL database can be installed in separate machines, in case of higher log rate with low-end CPU machines.
    • The above Hard Disk space requirement projected is for one month. If you need to archive the logs for more number of months, multiply the above requirements with the number of months based on your requirement.

    Thank you for your feedback!

    Was this content helpful?

    We are sorry. Help us improve this page.

    How can we improve this page?
    Do you need assistance with this topic?
    By clicking "Submit", you agree to processing of personal data according to the Privacy Policy.