View recommended system sizing information for use when deploying the Internet Access On-Premises Gateway.
When deploying the Internet Access On-Premises Gateway, TrendAI™ recommends allocating at least 200 GB of disk space for the on-premises gateway to
store
application and log files. Detection and activity logs are automatically uploaded
to TrendAI Vision One™ unless uploading is manually disabled. Detection and activity log files are automatically
purged from the on-premises gateway when the files are older than seven days or take
up a
total of 50 GB of disk space. TrendAI Vision One™ retains uploaded log files for up to 180 days.
The following tables provide information for use when considering system sizing based
on
on-premises gateway performance test results.
 |
Note
|
-
System sizing recommendations for on-premises gateways running in proxy server mode under the following conditions:
-
Deployment method: VMWare ESXi through a Service Gateway virtual appliance
-
Use: Web server traffic protection
-
Traffic protocol: HTTPS with HTTPS inspection enabled
-
Average traffic size: 17 KB
-
|
Number of vCPU cores
|
RAM
|
Enabled feature set
|
Recommended maximum network throughput
|
Transactions per second |
Recommended maximum total user count
|
|
8
|
16 GB
|
Internet access rules only
|
200 Mbps
|
1650
|
2900
|
|
8
|
16 GB
|
Internet Access rules with Threat Protection
|
170 Mbps
|
1500
|
2600
|
|
8
|
16 GB
|
Internet access rules with Threat Protection and Data Loss Prevention
|
150 Mbps
|
1300
|
2200
|
|
12
|
16 GB
|
Internet access rules only
|
290 Mbps
|
2500
|
4400
|
|
12
|
16 GB
|
Internet access rules with Threat Protection
|
260 Mbps
|
2250
|
3900
|
|
12
|
16 GB
|
Internet access rules with Threat Protection and Data Loss Prevention
|
230 Mbps
|
1950
|
3400
|
|
24
|
32 GB
|
Internet access rules only
|
570 Mbps
|
4800
|
8500
|
|
24
|
32 GB
|
Internet access rules with Threat Protection
|
510 Mbps
|
4400
|
7800
|
|
24
|
32 GB
|
Internet access rules with Threat Protection and Data Loss Prevention
|
400 Mbps
|
3300
|
5900
|
|
48
|
64 GB
|
Internet access rules only
|
850 Mbps
|
7200
|
12,500
|
|
48
|
64 GB
|
Internet access rules with Threat Protection
|
810 Mbps
|
6700
|
12,000
|
|
48
|
64 GB
|
Internet access rules with Threat Protection and Data Loss Prevention
|
510 Mbps
|
4400
|
7800
|
-
System sizing recommendations for on-premises gateways running in ICAP server mode under the following conditions:
-
Deployment method: VMWare ESXi through a Service Gateway virtual appliance
-
Use: Web server traffic protection
-
Average traffic size: 17 KB
-
|
Number of vCPU cores
|
RAM
|
Enabled feature set
|
Recommended maximum network throughput
|
Transactions per second
|
Recommended maximum total user count
|
|
8
|
16 GB
|
Internet access rules only
|
150 Mbps
|
1250
|
2000
|
|
8
|
16 GB
|
Internet access rules with Threat Protection
|
135 Mbps
|
1200
|
1900
|
|
8
|
16 GB
|
Internet access rules with Threat Protection and Data Loss Prevention
|
100 Mbps
|
900
|
1500
|
|
12
|
16 GB
|
Internet access rules only
|
200 Mbps
|
1700
|
3000
|
|
12
|
16 GB
|
Internet access rules with Threat Protection
|
190 Mbps
|
1600
|
2900
|
|
12
|
16 GB
|
Internet access rules with Threat Protection and Data Loss Prevention
|
150 Mbps
|
1300
|
2300
|
|
24
|
32 GB
|
Internet access rules only
|
400 Mbps
|
3200
|
5600
|
|
24
|
32 GB
|
Internet access rules with Threat Protection
|
380 Mbps
|
3000
|
5400
|
|
24
|
32 GB
|
Internet access rules with Threat Protection and Data Loss Prevention
|
250 Mbps
|
2000
|
3500
|
|
48
|
64 GB
|
Internet access rules only
|
700 Mbps
|
5400
|
10,000
|
|
48
|
64 GB
|
Internet access rules with Threat Protection
|
650 Mbps
|
5100
|
9000
|
|
48
|
64 GB
|
Internet access rules with Threat Protection and Data Loss Prevention
|
300 Mbps
|
2400
|
4500
|
-
System sizing recommendations for on-premises gateways running in ICAP server mode under the following conditions:
-
Deployment method: VMWare ESXi through a Service Gateway virtual appliance
-
Use: File server traffic protection
-
Average traffic size: 100 KB
-
|
Number of vCPU cores
|
RAM
|
Enabled feature set
|
Recommended maximum network throughput
|
Transactions per second
|
Recommended maximum total user count
|
|
8
|
16 GB
|
Internet access rules only
|
550 Mbps
|
650
|
1200
|
|
8
|
16 GB
|
Internet access rules with Threat Protection
|
550 Mbps
|
650
|
1200
|
|
8
|
16 GB
|
Internet access rules with Threat Protection and Data Loss Prevention
|
500 Mbps
|
600
|
1000
|
|
12
|
16 GB
|
Internet access rules only
|
550 Mbps
|
650
|
1200
|
|
12
|
16 GB
|
Internet access rules with Threat Protection
|
550 Mbps
|
650
|
1200
|
|
12
|
16 GB
|
Internet access rules with Threat Protection and Data Loss Prevention
|
500 Mbps
|
600
|
1000
|
|
24
|
32 GB
|
Internet access rules only
|
890 Mbps
|
1050
|
2000
|
|
24
|
32 GB
|
Internet access rules with Threat Protection
|
890 Mbps
|
1050
|
2000
|
|
24
|
32 GB
|
Internet access rules with Threat Protection and Data Loss Prevention
|
850 Mbps
|
1000
|
1800
|
|
48
|
64 GB
|
Internet access rules only
|
900 Mbps
|
1100
|
2000
|
|
48
|
64 GB
|
Internet access rules with Threat Protection
|
900 Mbps
|
1100
|
2000
|
|
48
|
64 GB
|
Internet access rules with Threat Protection and Data Loss Prevention
|
900 Mbps
|
1080
|
1900
|
 |
Important
|
|
ImportantEnabling local prompt injection service requires an additional 4 vCPU and 12GB memory
for on-premises gateway to support about 6~8 concurrent tasks for prompt injection
scanning. It cannot be improved by adding more CPU or memory, if you require to support
more concurrent tasks, you must setup additiona on-premises gateways with the local
prompt injection service
|