Control Compliance Suite

I've been going through the various official documents...

According to the CCS VM install guide, requirements are thus:

server dedicated server with no IPS, IDS, or virus protection
processor 2 GHz
RAM 2 GB (32-bit), 8 GB (64-bit)
disk space 80 GB + for a console/scan engine combination;
10 GB + for a scan engine only
network interface card (NIC) 100 Mbps
NOTE: The 64-bit configuration is recommended for enterprise-scale deployments. For smaller deployments, the 32-bit configuration may be sufficient.

That said, according to the admin guide for the same product...

• processor: 2x Intel quad-core Xeon 55xx "Nehalem" CPUs (2 sockets, 8 cores, and 16 threads total)
• RAM: 48-96 GB with error-correction code (ECC) memory; some 2-socket LGA1366 motherboards can support up to 144GB, with 8GB DDR3 modules
• storage: 8-12 x 7200RPM SATA/SAS hard drives, either 3.5" or 2.5" (if the chassis can only support that many drives in this form factor); total capacity should be 1+TB
• network interface card (NIC): 2 x 1GbE (one for scans, and one for redundancy or for a privatemanagement subnet)

96GB of ram for a vulnerability scanner sounds quite excessive... which of these figures are accurate? (I've attached both guides)

M.

Attachment(s)

CCSVM_Admin_Guide.pdf   660 KB 1 version

CCSVM_Install.pdf   167 KB 1 version

You're looking at the difference between minimal requirements and a scenario recommendation. For the 48 to 96GB RAM scenario the preceeding sentence reads:

The definition of "enterprise-level" can vary. But experience with past deployments indicates that 25,000 IP addresses or more, scanned with any reasonable frequency, warrants this recommended configuration:
 

The scenario also assumes that much of the scan activity will be conducted from the Security Console server and that there are 25,000 live machines to scan. You can generally limit the memory as much as you desire down to the minimums but you will be doing so by reducing the throughput and possibly increasing the human management overheard. There are a lot of network-specific variables to throughput but there is a general linear correlation between number of scan threads and available memory which means that 96GB may about twice as fast as 48GB. If you're deploying on real hardware, pick a memory size that you're comfortable with but try to order the hardware in a manner that allows you to expand later.

Thanks - been through it a few times, agreed on the minimum vs. recomended; it's just that the leap from minimum (which for enterprise states x64 with 8gb of ram on the install documentation) to 48GB of RAM made our customer very concerned.

M.