Calculation of hardware resources for the Administration Server

This section contains calculations that provide guidance for planning hardware resources for the Administration Server. A recommendation on calculating disk space when the Vulnerability and Patch Management feature is used is provided separately.

Hardware requirements for the DBMS and the Administration Server

The following tables give the recommended minimum hardware requirements to a DBMS and Administration Server obtained during tests. For a complete list of operating systems and DBMSs supported, please refer to the list of hardware and software requirements.

Administration Server and DBMS are on different devices, the network includes 50 000 devices

Configuration of the device that has Administration Server installed

Configuration of the device that has DBMS installed

Administration Server and DBMS are on the same device, the network includes 50 000 devices

Configuration of the device that has Administration Server and DBMS installed

Administration Server and DBMS are on different devices, the network includes 100 000 devices

Configuration of the device that has Administration Server installed

Configuration of the device with DBMS installed

The tests were run under the following settings:

• Automatic assignment of distribution points is enabled on the Administration Server, or distribution points are assigned manually in accordance with the recommended table.
• The backup task saves backup copies to a file resource located on a dedicated server.
• The synchronization interval for Network Agents is set as specified in the table below.

  Synchronization interval for Network Agents

  Synchronization interval (minutes)	Number of managed devices
  15	10,000
  30	20,000
  45	30,000
  60	40,000
  75	50,000
  150	100,000

Calculation of database space

The approximate amount of space that must be reserved in the database can be calculated using the following formula:

(200 * C + 2.3 * E + 2.5 * A), KB

where:

• C is the number of devices.
• E is the number of events to store.
• A is the total number of Active Directory objects:
  • Device accounts
  • User accounts
  • Accounts of security groups
  • Active Directory organizational units

  If scanning of Active Directory is disabled, A is considered to equal zero.

If you plan to enable (in the Kaspersky Endpoint Security policy settings) notification of Administration Server on applications that you run, you will need additional (0.03 * C) gigabytes to store in the database the information about applications that you run.

If Administration Server distributes Windows updates (thus acting as the Windows Server Update Services server), the database will require an additional 2.5 GB.

During operation, a certain unallocated space is always present in the database. Therefore, the actual size of the database file (by default, the KAV.MDF file, if you use SQL Server as the DBMS) often turns out to be approximately twice as large as the amount of space occupied in the database.

It is not recommended to limit explicitly the size of the transaction log (by default, the file KAV_log.LDF, if you use SQL Server as the DBMS). It is recommended to leave the default value of th MAXSIZE parameter. However, if you have to limit the size of this file, take into consideration that the typical necessary value of the MAXSIZE parameter for KAV_log.LDF is 20480 MB.

Calculation of disk space (with and without the use of the Vulnerability and patch management feature)

Calculation of disk space without the use of the Vulnerability and patch management feature

The Administration Server disk space required for the %ALLUSERSPROFILE%\Application Data\KasperskyLab\adminkit folder can be estimated approximately using the formula:

(724 * C + 0.15 * E + 0.17 * A), KB

where:

• C is the number of devices.
• E is the number of events to store.
• A is the total number of Active Directory objects:
  • Device accounts
  • User accounts
  • Accounts of security groups
  • Active Directory organizational units

If scanning of Active Directory is disabled, A is considered to equal zero.

Calculation of additional disk space with the use of the Vulnerability and patch management feature

• Updates. The shared folder additionally requires at least 4 GB to store updates.
• Installation packages. If some installation packages are stored on the Administration Server, the shared folder will require an additional amount of free disk space equal to the total size of all of the available installation packages to be installed.
• Remote installation tasks. If remote installation tasks are present on the Administration Server, an additional amount of free disk space (in the %ALLUSERSPROFILE%\Application Data\KasperskyLab\adminkit folder) equal to the total size of all installation packages to be installed will be required.
• Patches. If Administration Server is involved in installation of patches, an additional amount of disk space will be required:
  • The patches folder should have the amount of disk space equal to the total size of all patches that have been downloaded. By default, patches are stored in the %ALLUSERSPROFILE%\Application Data\KasperskyLab\adminkit\1093\.working\wusfiles folder (you can use the klsrvswch utility to specify a different folder for storing patches). If Administration Server is used as the WSUS server, you are advised to allocate at least 100 GB to this folder.
  • The %ALLUSERSPROFILE%\Application Data\KasperskyLab\adminkit folder must have an amount of disk space equal to the total size of those patches that are referenced by existing instances of update (patch) installation and vulnerability fix tasks.

Page top