Does not apply to Deep Security as a Service

Sizing guidelines for on-premise Deep Security deployments vary by the scale of your network, hardware, and software. See also Sizing for Azure Marketplace.

Database disk space

Required database disk space varies by:

  • Number of computers
  • Number of events (logs) recorded per second
  • How long events are retained

With default settings, an average computer's logs require approximately 50 MB of Deep Security Manager database disk space. 1000 computers require 50 GB, 2000 computers require 100 GB, and so on.

With default settings, protection modules that consume the most disk space are (from most to least):

  1. Firewall
  2. Integrity monitoring
  3. Log inspection

Event retention settings can be configured in the policy and/or individual computer settings. (See Policies, inheritance, and overrides.) To configure disk space usage, see Events, including which events are logged for stateful firewall of TCP, UDP, and ICMP. See also Deep Security Manager performance features.

Dedicated servers

Including future growth, if your deployment is not expected to exceed 1000 computers (real or virtual), you can install Deep Security Manager and its database on the same computer. Otherwise, to ensure adequate performance during concurrent operations, you should install them on separate, dedicated servers in the same physical location.

Multiple server nodes

For better availability and scalability in larger deployments, use a load balancer, and install the same version of Deep Security Manager on multiple servers ("nodes"). Connect them to the same database storage.

To avoid high load on database servers, don't connect more than 3 Deep Security Manager nodes to each database server.

Each manager node is capable of all tasks. No node is more important than any of the others. You can log in to any node, and agents, appliances, and relays can connect with any node. If one node fails, other nodes can still provide service, and no data will be lost.