Product docs

Firewall Analyzer System Requirements

This section lists the minimum system requirements for installing and working with EventLog Analyzer - Distributed and Standalone editions

  • Hardware Requirements

    The minimum hardware requirements for installing and working with Firewall Analyzer (Standalone and Distributed Editions) are given below.

    • 1GHz Pentium Dual Core processor or equivalent
    • 1 GB of RAM*
    • 1 GB of disk space*
    • Monitor that supports 1024x768 resolution
    • For installing OpManager v12.0, following are the recommended hardware and software requirements. 

      Hardware Requirement for Firewall Analyzer v12.0 : 

      Firewall Processor RAM Size
      OS Windows
      OS Linux DataBase
      500 logs/sec Intel Xeon
      Quad Core, 3.5 GHz
      8     GB 2012 R2 / 2012 / 2008 R2 / 2008 / 2003 Server / Vista / v7 / 2000 Professional SP4 RedHat 4.x and above, Debian 3.0, Suse, Fedora and Mandrake MS SQL 2000, 2005, 2008 and 2012 Or OpManager bundled PostgreSQL
      More than 500 logs/sec Intel Xeon Quad Core 3.5 GHz 16 GB 2008 R2 64 bit / 2012 R2 CentOS 64 bit or any linux distribution with glibc >= 2.3 and X libraries installed MSSQL 2008 and 2012 or OpManager bundled PostgreSQL

      *The following table recommends the disk space and RAM size requirements of the system where Firewall Analyzer is installed. The disk space and RAM size requirements depends on the number of devices sending log information to Firewall Analyzer, the number of firewall log records received per second or the firewall log data received per day by Firewall Analyzer.

       

      Recommended Minimum RAM Requirement

      Log Records RateRAM Size
      Up to 100 Logs/sec1 GB
      100 - 500 Logs/sec2 GB
      500 - 1000 Logs/sec4 GB
      Above 1000 Logs/sec4 GB (64 Bit)
      Above 1000 Logs/sec8 GB

      Hard Disk Space Requirement

      The split up is: Archive+Index+MySQL=Total
      Log Records RateFor 1 DayFor 1 WeekFor 1 Month
      50 Logs/sec 1+0.5+10.5=12GB 5+3+30=38 GB 18+7+75=100 GB
      100 Logs/sec 2+1+15=18 GB 10+5+50=65 GB 35+15+100=150 GB
      300 Logs/sec 6+3+31=40 GB 30+15+105=150 GB 100+45+295=440 GB
      500 Logs/sec 10+5+75=90 GB50+25+225=300 GB 170+70+480=720 GB
      1000 Logs/sec 20+10+150=180 GB 95+45+500=640 GB 325+125+950=1.4 TB
      Log Records Rate For 3 Months For 6 Months For 1 Year
      50 Logs/sec 60+25+125=210 GB 120+40+160=320 GB 240+90+300=630 GB
      100 Logs/sec 110+50+240=400 GB 220+80+320=720 GB 450+170+580=1.2 TB
      300 Logs/sec 280+120+600=1 TB 500+200+800=1.5 TB 900+350+1250=2.5 TB
      500 Logs/sec 470+230+1100=1.8 TB 900+400+2100=3.4 TB 1700+700+3600=6 TB
      1000 Logs/sec 920+480+2100=3.5 TB 1750+750+4200=6 TB 2850+1250+6400=10.5 TB

      Hard Disk Space Requirement for Firewall Analyzer v12.0 : 

      Firewall (up to 500 logs/sec)
      (To maintain 1 day archive logs)
      Firewall (More than 500 logs/sec)
      90 GB 
      To process every 500 logs/sec in addition, at least we need 90 GB in addition

      CPU Requirements

      • Dedicated machine has to be allocated to process more than 200 logs per second.
      • Dual core processors are needed to process more than 500 logs per second.
      • Quadra core processors are needed to process more than 1000 logs second.

      RAM Requirements

      • Number of firewalls handled by the Firewall Analyzer will increase the requirement of the above RAM values. So it is better to have RAM value higher than the suggested value in case of having more than 5 firewalls.

      Separate Installation

      • Firewall Analyzer server and MySQL database can be installed in separate machines, in case of higher log rate with low-end CPU machines.

      Hard Disk Requirements for more months

      • The above Hard Disk space requirement projected is for one month. If you need to archive the logs for more number of months, multiply the above requirements with the number of months based on your requirement.

      Note:The Log Records Per Second is the total log records received per second by Firewall Analyzer from all the configured devices.

    • PostgreSQL Performance Improvement Parameters

      PostgreSQL Performance Improvement Parameters (for Firewall Analyzer version 7.5 Build 7500 onwards)

      For better performance, we recommend replacing the existing PostgreSQL parameters mentioned in postgres_ext.conf available under <Firewall Analyzer Home>\pgsql\data\ directory

      ParametersComments
      port = 33336This change requires Firewall Analyzer Appplication/Service restart
      shared_buffers = 128 MBMinimum requirement is 128 KB. This change requires Firewall Analyzer Appplication/Service restart
      work_mem = 12 MBMinimum requirement is 64 KB.
      maintenance_work_mem = 100 MBMinimum requirement is 1 MB.
      checkpoint_segments = 15Logfile segments minimum 1 and 16 MB each
      checkpoint_timeout = 11 minutesRange: 30 seconds to 1 hour
      checkpoint_completion_target = 0.9checkpoint target duration is 0.0 - 1.0
      seq_page_cost = 1.0This parameter is measured in an arbitrary scale
      random_page_cost = 2.0This parameter is measured in same scale as above
      effective_cache_size = 512MB 
      synchronous_commit=off 
    • Supported Operating Systems

      Firewall Analyzer has been tested to run on the following operating systems and versions:

      WindowsR

      • Windows 8
      • Windows 7
      • Windows NT
      • Windows 2000
      • Windows XP
      • Windows Vista
      • Windows 2000 Server
      • Windows 2003 Server
      • Windows 2008 Server
      • Windows 2012 Server

      Linux

      • Ubuntu 9.1.10
      • Fedora 12
      • OpenSuSE 11.2
      • CentOS 5.5
      • Red Hat RHEL
      • Mandrake
      • Mandriva
      • Debian

      VMware

      Note: For Distributed Edition - Admin Server only

      For Firewall Analyzer version 7.4 Build 7400 or earlier

      If Firewall Analyzer Distributed Edition Admin Server is installed in SuSE Linux, then

      • Locate and open mysql-ds.xml file in <Firewall_Analyzer_Home>/server/default/deploy
      • Find the following line and replace localhost, with corresponding IP Address/DNS resolvable name of the current system where Firewall Analyzer Distributed Edition Admin server is installed.

      <connection-url?jdbc:mysql://localhost:33336/firewall>/connection-url>

    • Supported Web Browsers

      Firewall Analyzer has been tested to support the following browsers and versions:

      • Internet Explorer 8 and later
      • Firefox 4 and later
      • Chrome 8 and later
    • Supported Databases

      Bundled with the product

      • PostgreSQL

      External Databases

      • MS SQL 2000
      • MS SQL 2005
      • MS SQL 2008
      • MS SQL 2012
    • MySQL Performance Improvement Parameters

      MySQL Performance Improvement Parameters (for Firewall Analyzer version 7.4 Build 7400 or earlier)

      For better performance, we recommend replacing the existing MySQL parameters mentioned in startDB.bat/sh, available under <FirewallAnalyzerHome>\bin directory, with the following MySQL parameters changes for the corresponding RAM Size.

      RAM SizeMySQL Parameters For Windows InstallationMySQL Parameters For Linux Installation
      512 MBDefault configuration as given in startDB.batDefault configuration as given in startDB.sh
      1 GB--innodb_buffer_pool_size=300M --key-buffer-size=150M --max_heap_table_size=150M --tmp_table_size=100M --table-cache=512--innodb_buffer_pool_size=300M --key-buffer-size=150M --max_heap_table_size=150M --tmp_table_size=100M --table-cache=512
      2 GB--innodb_buffer_pool_size=900M --key-buffer-size=600M --max_heap_table_size=350M --tmp_table_size=100M --table-cache=512--innodb_buffer_pool_size=900M --key-buffer-size=600M --max_heap_table_size=350M --tmp_table_size=100M --table-cache=512
      3 GB--innodb_buffer_pool_size=900M --key-buffer-size=600M --max_heap_table_size=350M --tmp_table_size=100M --table-cache=512--innodb_buffer_pool_size=1400M --key-buffer-size=1000M --max_heap_table_size=350M --tmp_table_size=100M --table-cache=512
      4 GB--innodb_buffer_pool_size=900M --key-buffer-size=600M --max_heap_table_size=350M --tmp_table_size=100M --table-cache=512--innodb_buffer_pool_size=1800M --key-buffer-size=1200M --max_heap_table_size=350M --tmp_table_size=100M --table-cache=512
Customer Speaks
 
"The implementation was so easy and the Firewall Analyzer immediately started showing me how much inbound and outbound traffic was passing through our firewalls.I now use Firewall Analyzer daily !"
-Phil Avella,
Manager,Information Systems,
Thunder Bay District Health Unit
 
A single platter for comprehensive Network Security Device Management