To use cognitix Threat Defender certain hardware requirements have to be fulfilled. To get an optimal experience additional recommendations are given below.


Technical Requirements


CPU

  • Intel CPU with SSE 4.2
  • Minimum of 4 threads, for example

    • 2 CPU cores with HyperThreading
    • 1 CPU with 4 cores
  • Maximum of 8 NUMA nodes (CPU sockets)

RAM

  • Minimum of 8GB
  • Recommended 16GB or more
  • Recommended 2GB per CPU core
  • Minimum of 8GB per NUMA node
  • Equal amount of memory on all NUMA nodes

Network Cards

  • Minimum of 3 network interfaces in total
  • Minimum of 2 network interfaces with Intel chipset supported by DPDK v17.05

    • Examples of supported Intel chipsets:

      • Intel 1G: 82575, 82576, 82580, I210, I211, I350, I354
      • Intel 10G: 82598, 82599, X540, X550, X552/X557 (Niantic)
      • Intel 10G/40G: X710 (Fortville)

Disk

  • SSD recommended
  • Minimum of 32GB
  • Recommended 120GB

Installation

  • Via bootable USB device, or
  • Via DVD

BIOS

  • Legacy BIOS boot mode (non-UEFI)

Example Configurations

SystemMainboard and
chipset
CPU(s)RAMNICs
Axiomtek NA342Vendor-specific
SoC integrated
1x Intel Celeron
J1900
4C/4T - 2.0Ghz/2.42Ghz
8GB DDR3L
1333MHz
4x Intel I211-AT
at 1x 1GbE
Standard
server
Supermicro
X11SSH-F
Intel C236
1x Intel Xeon
E3-1270v5
4C/8T - 3.6GHz/4.0GHz
64GB DDR4
2133MHz ECC
1x Intel X710-DA2
at 2x 10GbE SFP+
Standard
server
Supermicro
X10SRi-F
Intel C612
1x Intel Xeon
E5-2690v4
14C/28T - 2.6GHz/3.5GHz
128GB DDR4
2133MHz ECC
1x Intel X710-DA2
at 2x 10GbE SFP+,
1x Intel 82599ES
at 2x 10GbE SFP+
Standard
server
Supermicro
X10DRi
Intel C61
2x Intel Xeon
E5-2690v4
14C/28T - 2.6 GHz/3.5GHz
256GB DDR4
2133MHz ECC
1x Intel X710-DA2
at 2x 10GbE SFP+,
1x Intel 82599ES
at 2x 10GbE SFP+



Attention
To be able to get firmware and license updates, the management interface of Threat Defender has to be able to reach the cognitix servers via the Internet. If you do not want to connect Threat Defender to the Internet, you need to update it manually.
If Threat Defender is not updated for 180 days, it will no longer allow traffic to pass.




Virtual Environments

Due to the multitude of available virtualization tools and their various configuration possibilities, we do not support the installation and operation of Threat Defender in virtual environments.
If the virtualization software is able to provide the required hardware requirements (e.g. via “passthrough”), it is possible to install and run Threat Defender in a virtual environment, however.
Note that virtualization impairs the processing speed of Thread Defender. If required, please contact your provider or support of the virtualization solution.


cognitix Threat Defender is a layer 2 firewall. If it is executed on suitable hardware and using the respective license, it can process up to 40Gbit/s and higher. Thread Defender achieves this high processing speed because it directly accesses the network hardware. Any layer added between Threat Defender and the network hardware (e.g. the operating system, drivers for virtual environments) slows the processing speed of Threat Defender down due to additional latencies.


For this reason, we do not recommend installing Threat Defender in a virtual environment.


LAN Infrastructure

Important!

To be able to get firmware and license updates, the Threat Defender must be able to reach our servers via the Internet.