Glossary
| ADR | Advanced Detection and Response. ARIA's threat detection solution. |
| APE | Analytics and Policy Engine (sometimes abbreviated just AE). This is a large server that runs the dashboard and machine learning for all tenants. |
| CCE | Control and Collection Engine (or just Collector). This is smaller server that receives logs and flows from the customer network. The CCE organizes, compresses and encrypts the data and passes it to the APE. |
| EDR | Endpoint Detection and Response: The EDR agent or client sits on an customer endpoint (laptop, workstation, desktop, etc) and provides data to the EDR server. The EDR server filters and enriches the data before passing it to the APE. |
| LTS | This is an SFTP server for Long-Term Storage of data and Forensic Analysis. |
| OpenVAS | Vulnerability Assessment Scanner |
| Note: | The requirements listed here are the minimum required for installation. The exact requirement may vary based on various factors such as the number of customers, critical hosts, data flow, etc. This document also changes frequently as new software releases and functionality can affect minimum requirements. See your sales rep to request the latest version. |
APE
| Component | APE Small | APE Small Azure VM | APE Medium | APE Large |
| Load Volume | Low (For POVs or small scale) Up to 300 Critical Devices / Servers Up to 2000 Non-critical Devices / Hosts Up to 5000 Events/sec and 7000 Flows/sec | Low (For POVs or small scale) Up to 300 Critical Devices / Servers Up to 2000 Non-critical Devices / Hosts Up to 5000 Events/sec and 7000 Flows/sec | Medium Up to 800 Critical Devices / Servers Up to 5000 Non-critical Devices / Hosts Up to 12,000 Events/sec and 15,000 Flows/sec | High Up to 2000 Critical Devices / Servers Up to 25,000 Non-critical Devices / Hosts Up to 20,000 Events/sec and 25,000 Flows/sec |
| CPU | 32 cores / 64 threads, @2.6GHz | 32 vCores VM Size: D32as_v5 | 64 cores / 128 threads, @2.8GHz | 64 cores / 128 threads, @2.8GHz |
| Memory | 128GB DDR4 ECC, @2667MHz | 128GB | 256GB DDR4 ECC, @3000MHz | 512GB DDR4 ECC, @3000MHz |
| Disk | PCIe 3.0/4.0 NVMe Drive: 3.2TB total space, M.2, U.2 or U.3 form factor. Needs combined 150K/50K IOPS across the drives. | OS disk: Premium SSD, 256 GB, Performance Tier P50 (7500 IOPS, 250 MBps) Data disk: Premium SSD, 512 GB, Performance Tier P40 (7500 IOPS, 250 MBps) | PCIe 3.0/4.0 NVMe Drive: 7.6TB total space, M.2, U.2 or U.3 form factor. Needs combined 250K/90K IOPS across the drives. | PCIe 3.0/4.0 NVMe Drive: 15.2TB total space, M.2, U.2 or U.3 form factor. Needs combined 400K/150K IOPS across the drives. |
| Networking* | 1GbE RJ-45Port | Standard network connection | 1GbE RJ-45Port | 10GbE RJ-45Port. Must support 1GbE |
| * If 2 or more APE servers are to be configured in High Availability (HA) mode, it requires additional interconnectivity (direct cross cable linking) on a 10 GbE interface. | ||||
CCE
| Component | CCE Medium bare-metal | CCE Medium VM | CCE Small Azure VM |
| Volume | 800 Servers 10,000 Devices / Hosts 12,000 Events per second 15,000 Flows per second | 800 Servers 10,000 Devices / Hosts 12,000 Events per second 15,000 Flows per second | 300 Servers 2,000 Devices / Hosts 5,000 Events per second 7,000 Flows per second |
| CPU | 4 cores / 8 threads, @2.5GHz | 8 vCores, @2.5GHZ | 4 vCores VM Size: D4as_v4 |
| Memory | 16GB DDR4 ECC, @3000MHz | 16GB DDR4 ECC, @3000MHz | 16GB |
| Disk | 256GB SSD 250K/90K IOPS | 256GB SSD 250K/90K IOPS | OS disk: Premium SSD, 256GB, Performance Tier P50 (7500 IOPS, 250 MBps) |
| Networking | 1GbE RJ-45Port | 1GbE connection | Standard network connection |
EDR
| Component | EDR Server Small bare-metal | EDR Server Small VM | EDR Server Small Azure VM | EDR Server Large bare-metal |
| EDR Clients* | Up to 700 EDR Clients | Up to 700 EDR Clients | Up to 700 EDR Clients | Up to 5600 EDR clients across 8 VMs |
| CPU | 4 cores / 8 threads, @2.8GHz | 4 vCores, @2.8GHZ | 4 vCores VM Size: D4as_v4 | 32 cores / 64 threads, @2.8GHz |
| Memory | 16GB DDR4 ECC, @3000MHz | 16GB DDR4 ECC, @3000MHz | 16GB | 256GB DDR4 ECC, @3000MHz |
| Disk | PCIe 3.0/4.0 NVMe Drive: 512GB total space, M.2, U.2 or U.3 form factor. Needs combined 250K/90K IOPS across the drives. | PCIe 3.0/4.0 NVMe Drive: 512GB total space, M.2, U.2 or U.3 form factor. Needs combined 250K/90K IOPS across the drives. | OS disk: Premium SSD, 512GB, Performance Tier P40 (7500 IOPS, 250 MBps) | 7.6TB total space spread across 8 drives, M.2, U.2 or U.3 form factor. Needs combined 250K/90K IOPS across the drives. |
| Networking | 1GbE RJ-45Port | 1GbE connection | 1GbE connection | 1GbE RJ-45Port |
| *EDR Clients have no specific requirements. Windows, Linux and MAC endpoints use minimal resources. | ||||
LTS
| Component | LTS Server (SFTP) | LTS Small Azure VM |
| CPU | 12 vCores, @2.5GHz | 16 vCores VM Size: D16as_v4 |
| Memory | 16GB DDR4 ECC, @2667MHz | 64GB |
| Disk | 5TB total space, any form factor. 150K/50K IOPS across the drives. | OS disk: Standard HDD, 4TB, Performance Tier S50 |
| Networking | 1GbE RJ-45Port | 1GbE RJ-45Port |
OpenVAS
| Component | OpenVAS Server |
| CPU | 8 threads, @2.5GHz |
| Memory | 8GB DDR4 ECC, @2667MHz |
| Disk | 256TB total space, any form factor. 150K/50K IOPS across the drives. |
| Networking | 1GbE RJ-45Port |
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article