Sizing Guidelines for Virtual Appliances
Consult the following as a guideline for configuring your Lumu Virtual Appliances (VA) in your environment. Be aware that this may vary depending on several factors related to your network environment, such as overall latency, number of users and/or devices served by the VA, etc.
Hardware Considerations
The Lumu Virtual Appliance is compatible with the most common hypervisors such as VMWare ESX/ESXi, Windows Hyper-V, and Cloud solutions such as Microsoft Azure, Google Cloud Platform, and Amazon Web Services.
- Dedicated CPU:2
- RAM: 4GB
- Disk space: 30GB
The following tables reference how to configure the VA according to the record load it will handle. The total record load is the average amount of all the different records collected by the appliance per second.
DNS Collector
Consider the following setup as a reference for a Virtual Appliance collecting DNS metadata only:
|
Suggested VA Specifications
|
Threshold (records per second)
|
|
2 CPU, 4 GB RAM
|
2000
|
|
4 CPU, 4 GB RAM
|
3500
|
|
8 CPU, 8 GB RAM
|
6000
|
Additional Collectors
Consider the following setup as a reference for a Virtual Appliance collecting additional metadata, such as netflow, proxy logs, etc.
| Suggested VA Specifications |
Threshold (records per second) |
| 2 CPU, 4 GB RAM |
1000 |
| 4 CPU, 4 GB RAM* |
3000 |
| 4 CPU, 6 GB RAM |
6000 |
| 8 CPU, 8 GB RAM |
12000 |
Bandwidth Considerations
The Lumu VA captures network metadata and sends it in compressed batches to the Lumu cloud to streamline bandwidth consumption. While the captured metadata accounts only for a small fraction of the total enterprise traffic, it will always be proportional to the total traffic.
When a VA is used as a DNS collector in high-traffic sites, it is recommended to deploy two virtual appliances to ensure redundancy and use them respectively as primary and secondary DNS collectors across the network.
If the total bandwidth monitored by the VA is 100Mb/s or more, it is recommended to assign at least 2Mb/s to the link between the VA and the Lumu cloud. This rule reference can help measure the bandwidth for larger or smaller networks.
Related Articles
Deploy Virtual Appliances
To get started and review requirements for Lumu Virtual Appliances, consult our document Introduction to Virtual Appliances. Follow these simple steps to create and download a pre-configured Virtual Appliance and start illuminating threats and ...Introduction to Lumu Virtual Appliances
The Lumu Virtual Appliance (VA) is a pre-configured lightweight virtual machine solution that collects the network metadata of your entire enterprise and forwards it to the Lumu cloud with the lowest impact on the network operation. This document ...Deploy Lumu VA in VMware ESXi
Lumu Virtual Appliance (VA) is a virtualized machine that provides you with all the elements required to collect network metadata to provide you with maximum visibility when it comes to identifying compromised network endpoints within your ...Deploy Lumu VA in VirtualBox
Lumu Virtual Appliance (VA) is a virtualized machine that provides you with all the elements required to collect network metadata to provide you with maximum visibility when it comes to identifying compromised network endpoints within your ...Deploy Lumu VA in VMware Workstation
Lumu Virtual Appliance (VA) is a virtualized machine that provides you with all the elements required to collect network metadata to provide you with maximum visibility when it comes to identifying compromised network endpoints within your ...