SECURE Web Gateway Sizing Guide



Similar documents
Securing Microsoft Office 365

Clearswift SECURE Web Gateway Evaluation Guide

IncidentMonitor Server Specification Datasheet

Essential Steps to Web Security. A Clearswift Best Practice Guide

InterScan Web Security Virtual Appliance

Hardware Configuration Guide

Ignify ecommerce. Item Requirements Notes

Performance Characteristics of VMFS and RDM VMware ESX Server 3.0.1

Stingray Traffic Manager Sizing Guide

Clearswift SECURE File Gateway

Symantec Endpoint Protection 11.0 Architecture, Sizing, and Performance Recommendations

Brainlab Node TM Technical Specifications

SYSTEM SETUP FOR SPE PLATFORMS

Improving Microsoft Exchange Performance Using SanDisk Solid State Drives (SSDs)

Enterprise Edition. Hardware Requirements

WHITE PAPER: BEST PRACTICES. Sizing and Scalability Recommendations for Symantec Endpoint Protection. Symantec Enterprise Security Solutions Group

Dragon NaturallySpeaking and citrix. A White Paper from Nuance Communications March 2009

Terminal Server Software and Hardware Requirements. Terminal Server. Software and Hardware Requirements. Datacolor Match Pigment Datacolor Tools

System Requirements. SuccessMaker 5

Gladstone Health & Leisure Technical Services

DIABLO TECHNOLOGIES MEMORY CHANNEL STORAGE AND VMWARE VIRTUAL SAN : VDI ACCELERATION

Sage SalesLogix White Paper. Sage SalesLogix v8.0 Performance Testing

Scaling out a SharePoint Farm and Configuring Network Load Balancing on the Web Servers. Steve Smith Combined Knowledge MVP SharePoint Server

Qsan Document - White Paper. Performance Monitor Case Studies

Belgacom Group Carrier & Wholesale Solutions. ICT to drive Your Business. Hosting Solutions. Datacenter Services

Milestone Solution Partner IT Infrastructure MTP Certification Report Scality RING Software-Defined Storage

How To Test For Performance And Scalability On A Server With A Multi-Core Computer (For A Large Server)

System Requirements Table of contents

Geospatial Server Performance Colin Bertram UK User Group Meeting 23-Sep-2014

DELL TM PowerEdge TM T Mailbox Resiliency Exchange 2010 Storage Solution

Tableau Server Scalability Explained

Selecting NetVanta UC Server Hypervisor and Server Platforms

ISPS & WEBHOSTS SETUP REQUIREMENTS & SIGNUP FORM LOCAL CLOUD

Evaluation Report: Accelerating SQL Server Database Performance with the Lenovo Storage S3200 SAN Array

Maximize System Performance

Parallels Cloud Storage

Certification Document macle GmbH Grafenthal-S1212M 24/02/2015. macle GmbH Grafenthal-S1212M Storage system

Pricing Guide. Overview FD Enterprise License SaaS Packages Dedicated SaaS Shared SaaS. Page 2 Page 3 Page 4 Page 5 Page 8

Minimum Hardware Specifications Upgrades

Cisco Prime Home 5.0 Minimum System Requirements (Standalone and High Availability)

StarWind iscsi SAN: Configuring Global Deduplication May 2012

msuite5 & mdesign Installation Prerequisites

Business white paper. HP Process Automation. Version 7.0. Server performance

Handling Multimedia Under Desktop Virtualization for Knowledge Workers

Arkivum's Digital Archive Managed Service

Introduction 1 Performance on Hosted Server 1. Benchmarks 2. System Requirements 7 Load Balancing 7

Content Repository Benchmark Loading 100 million documents

Microsoft Dynamics NAV 2013 R2 Sizing Guidelines for On-Premises Single Tenant Deployments

Identikey Server Performance and Deployment Guide 3.1

Hardware/Software Guidelines

Introducing the Microsoft IIS deployment guide

Frequently Asked Questions

Dell Virtual Remote Desktop Reference Architecture. Technical White Paper Version 1.0

Serving 4 million page requests an hour with Magento Enterprise

System Requirements and Configuration Options

Managed Hosting. PlusServer AG Overview

MIMEsweeper for SMTP

Redmine: A project management software tool. January, 2013

The Ultimate Business & Enterprise Hosting Solutions.

Oracle Exadata Database Machine for SAP Systems - Innovation Provided by SAP and Oracle for Joint Customers

Very Large Enterprise Network, Deployment, Users

Dell Microsoft Business Intelligence and Data Warehousing Reference Configuration Performance Results Phase III

AirWave 7.7. Server Sizing Guide

SUN ORACLE EXADATA STORAGE SERVER

OBSERVEIT DEPLOYMENT SIZING GUIDE

Analysis of VDI Storage Performance During Bootstorm

HP SN1000E 16 Gb Fibre Channel HBA Evaluation

HP ProLiant DL580 Gen8 and HP LE PCIe Workload WHITE PAPER Accelerator 90TB Microsoft SQL Server Data Warehouse Fast Track Reference Architecture

Exadata Database Machine

Infor Web UI Sizing and Deployment for a Thin Client Solution

Muse Server Sizing. 18 June Document Version Muse

10.2 Requirements for ShoreTel Enterprise Systems

Software and Hardware Requirements

Description of Application

Avid ISIS v4.7.7 Performance and Redistribution Guide

Sizing Guideline. Sophos UTM SG Series Appliances. Sophos UTM 9.2 Sizing Guide for SG Series appliances

Best Practices for Optimizing Your Linux VPS and Cloud Server Infrastructure

Benchmarking Cassandra on Violin

Trend Micro Incorporated reserves the right to make changes to this document and to the products described herein without notice.

SQL Server Business Intelligence on HP ProLiant DL785 Server

Architecture Guide. SDL Campaign Manager 4.0.0

Purpose Computer Hardware Configurations... 6 Single Computer Configuration... 6 Multiple Server Configurations Data Encryption...

Performance Analysis of Web based Applications on Single and Multi Core Servers

Windows Server ,500-user pooled VDI deployment guide

SAS Business Analytics. Base SAS for SAS 9.2

Enabling Technologies for Distributed Computing

Four reasons to upgrade from MIMEsweeper for SMTP to the Clearswift SECURE Gateway

Performance Analysis and Capacity Planning Whitepaper

AlphaTrust PRONTO - Hardware Requirements

MS EXCHANGE SERVER ACCELERATION IN VMWARE ENVIRONMENTS WITH SANRAD VXL

Performance in the Infragistics WebDataGrid for Microsoft ASP.NET AJAX. Contents. Performance and User Experience... 2

Microsoft SharePoint Server 2010

GeoCloud Project Report USGS/EROS Spatial Data Warehouse Project

Cisco UCS and Fusion- io take Big Data workloads to extreme performance in a small footprint: A case study with Oracle NoSQL database

VMware Virtual SAN Design and Sizing Guide TECHNICAL MARKETING DOCUMENTATION V 1.0/MARCH 2014

Transcription:

Technical Guide Version 02 26/02/2015

Contents Introduction... 3 Overview... 3 Example one... 4 Example two... 4 Maximum throughput... 4 Gateway Reporter... 4 Gateway Reporter server specification... 5 Virtualized deployment... 5 Future performance considerations... 6 Post deployment considerations... 6 Hardware compatibility list... 8 For further information... 9

Introduction This document helps you determine the correct server specification and appropriate number of servers required to meet the bandwidth demands of your user population. Overview Sustained bandwidth is the most reliable metric for choosing the right server specification. If you don t know what the sustained bandwidth associated with web traffic is, use the available bandwidth of the Internet connection. The table below provides guidance on selecting the correct server specification and number of servers needed based on sustained bandwidth requirements. Sustained Bandwidth (Mbps) Peak Bandwidth (Mbps) Server Specification Important: 15 Mbps 20 Mbps 45 Mbps 55 Mbps 55 Mbps 70 Mbps (A) 1 x dual core Xeon 2.8Ghz, 4GB RAM, 500GB SATA @ 7200rpm (B) 1 x quad core Xeon 2.8Ghz, 4GB RAM, 500 GB SATA @ 7200 rpm (C) 2 x quad core Xeon 2.8Ghz 6GB RAM, 3x146GB SAS @15k rpm, RAID 5 The bandwidth figures shown above are based on HTTP traffic only, using a 100 Mbps Internet pipe with off-box reporting enabled and the proxy cache disabled. When the proxy cache is enabled, an SSD drive MUST be used. In this case the bandwidth will be lower than shown above. If the sustained bandwidth required is more than the 55 Mbps delivered by server specification (C) above, multiple servers can be used to achieve the required bandwidth. The Peak Bandwidth column indicates the maximum bandwidth obtainable for short durations.

Example one Here, the initial recommendation of server specification (A) is based entirely on bandwidth. For (N+1) resilience two servers can be deployed. Example two Example two considers a scenario in which no single server is capable of achieving the desired sustained throughput of 70 Mbps. In this case, two type (C) servers are required which together provide a combined throughput of 110 Mbps. For resilience an additional server can be included. Maximum throughput Using servers equivalent to type (C), a total of nine Web Gateways can be peered together, providing a maximum sustainable throughput of 500 Mbps (630Mbps peak) in a single peered environment. Peered Web Gateways share a common interface for policy management and reporting. If more than 500 Mbps bandwidth is required, multiple Web Gateway peer groups can be deployed. Where bandwidth requirements exceed that of a single peer group, please contact Clearswift for additional advice. Gateway Reporter Whenever possible, regular reports should be scheduled for off-peak hours, avoiding times when the Web Gateway is at its busiest. Clearswift recommends deploying the Gateway Reporter to centralize auditing and reporting functions to a separate server. This reduces the overall processing load by moving the consolidation of audit log files away from the Web Gateway. The Gateway Reporter should always be deployed in instances where:

1. The audit retention period is greater than 30 days. 2. Two or more servers are needed to meet the sustained bandwidth. Audit retention period: By default, the retention period is set to 30 days. Keeping the retention period to a minimum will save disk space, reduce insertion times, make the reports run faster and improve proxy performance. For large user numbers, retaining the audit data for too long will result in an audit database hundreds of Gigabytes in size. The larger the database, the longer it takes to insert new records and run reports. Before increasing the retention period, consider the usefulness of the data. Will knowing someone accessed a particular website more than 30 days ago be useful/is it required? Gateway Reporter server specification The server specification for the Gateway Reporter is determined by the amount of storage required. Storage is calculated as the product of the number of days audit data is retained and the number of transactions audited across all Gateways. The retention period, current database size and average number of daily transactions processed during the previous seven days are all displayed under System > System settings > Report Data Settings. Each transaction stored requires approximately 600 bytes of disk space. Using the above you can estimate the disk space required. For example, 270,500 transactions per day kept for 60 days will require: 270,500 transactions * 60 days * 600 bytes = 9,738MB or 9.7GB of disk space Storage Requirement Gateway Reporter Server Specification Entry: 500 GB storage Quad Core Xeon, 4 GB RAM, 2 x 500GB RAID 1 Mid: 1.5 TB storage Quad Core Xeon, 6 GB RAM, 4 x 500GB RAID 5 High: 3 TB storage 2 x Quad Core Xeon, 8 GB RAM, 4 x 1TB RAID 5 Virtualized deployment If the Clearswift Gateway running in a virtual environment, sustained bandwidth should be reduced by 40-50% due to the inherent overheads of a virtual environment, especially where other high-intensity applications share the same physical host environment. For performance and resilience, Clearswift

recommends deploying multiple instances of the Gateway across separate virtual machines. Future performance considerations As web traffic volumes grow through increased use of web applications and changes in employee numbers, demands placed on the Web Gateway will change over time. For this reason, the original servers selected should be reviewed on a regular basis to ensure that the bandwidth demands being placed on the Web Gateway continue to be met by the servers deployed. Post deployment considerations Once deployed, there are some policy components and system configurations that can place additional processing demand on the SECURE Web Gateway, affecting performance. The following section highlights these areas and provides guidance on best practice. Lexical Analysis: The lexical analysis content rule very powerful and can be used to identify key words and phrases within web content and file attachments. This rule also allows complex regular expressions capable of identifying patterns within the text e.g. customer reference numbers to be defined. Regular expression processing requires more CPU power than searching for simple keywords such as Top Secret. The Web Gateway allows the textual searching to be targeted at particular parts of the web transfer rather than searching all the web content. By being more specific about site type, file type, location within documents and desired search direction, processing overheads and risk of identifying false positives can be reduced. For example, you only need to search outbound web traffic for sensitive phrases related to confidential business information. To reduce performance overheads associated with textual searching, consider how you can limit the areas searched to: Particular types of sites and documents

Specific file types Web page or document content, URL, HTTP header or even the header, footer and properties of the document. Note: Selecting HTTP header and/or Request URL is rarely needed. Searching every HTTP header and every URL for a phrase will impact on performance, therefore only select these after careful consideration. Direction - data only leaks out! Database Optimization: There are two aspects to database optimization: 1. Rebuilding the database indexes:

By default the index rebuilding is performed weekly, on Saturday at 21.00 hours. This day and time has been selected because it s out of hours and therefore doesn t impact the performance of the web proxy. 2. Shrinking the database: Database shrinking means releasing redundant disk space occupied by deleted rows in the database. This option should not be enabled unless explicitly instructed to do so by Clearswift Customer Support. Hardware compatibility list For a list of compatible hardware platforms see the Clearswift SECURE Web Gateway Hardware Sizing Guide which is available from the resources section of the Clearswift website within the Technical Guides section.

Contact Clearswift For further information UK - International HQ Clearswift Limited 1310 Waterside Arlington Business Park Theale Web site: http://www.clearswift.com Reading Berkshire RG7 4SA UK Tel: +44 (0) 118 903 8903 Fax: +44 (0) 118 903 9000 Sales: +44 (0) 118 903 8700 Technical Support: +44 (0) 118 903 8200 Email: info@clearswift.com Australia Clearswift 5th Floor 165 Walker Street North Sydney New South Wales, 2060 AUSTR ALIA Tel: +61 2 9424 1200 Fax: +61 2 9424 1201 Email: info@clearswift.com.au Germany Clearswift Landsberger Straße 302 D-80 674 Munich GERMANY Tel: +49 (0)89 904 05 206 Fax: +49 (0)89 904 05 810 Email: info@clearswift.de Japan Clearswift K.K 7F Hanai Bldg. 1-2-9 Shibakouen, Minato-ku, Tokyo 105-0011 JAPAN Tel: +81 (3)5777 2248 Fax: +81 (3)5777 2249 Email: info.jp@clearswift.co.jp United States Clearswift Corporation 161 Gaither Drive Centerpointe Suite 101 Mt. Laurel, NJ 08054 UNITED STATES Tel: +1 856-359-2360 Fax: +1 856-359-2361 Email: info@us.clearswift.com

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information