4 Replies Latest reply on Sep 27, 2013 2:35 AM by cryptochrome

    Appliance sizing (4000B)

    cryptochrome

      Hi,

       

      are there any sizing guides available somewhere? I am specifically looking at the 4000B right now which we could use for a small project. How many users is this thing able to handle with most common features enabled (SSL, URL-Filter, AV, whitelisting, etc.)?

       

      Thanks

        • 1. Re: Appliance sizing (4000B)
          asabban

          Hello,

           

          the sizing for MWG works a little different. All our tests are based on "Requests per second". Out internal tools allow to specify the number of req/s and select an appliance model and then it spits out the number of appliances you require to run. Based on data we have collected we have some "estimations" to allow to get the req/s based on input values such as users or bandwidth. These are only assumptions, no one can tell if this is suitable for a specific customers environment... in one company 10000 users do 100 req/s, in a different company they could do 500 req/s - so this is only an assumption or estimation, not a sizing that is bulletproof!

           

          I have chosen a 4000B with McAfee AV, SSL, URL Filter, etc. The system is - according to the sizing - able to handle 100 req/s at 88% usage. That means there is not much safety left for peaks, but 100 req/s will go through.

           

          Then I have estimated how many users - according to our numbers - reflect 100 req/s. We have different profiles such as "high" internet usage or "intense" internet usage. In my opinion there is no need to look into "medium" or "low" internet usage, since these numbers don't match what we usually see. So the result is

           

          100 req/s -> 2000 users with "high" internet usage

           

          or

           

          100 req/s -> 1000 users with "intense" internet usage

           

          If you allow things like facebook, xing, twitter, youtube etc you should assume "intense" internet usage. If the environment may be restricted to business critical services "high" internet usage should be suitable.

           

          I hope this gives you some idea... please note that I cannot give any warranty or take responsibility on the numbers above! If you need a proper and official sizing based on facts rather than the numbers we estimate you will need to get the number of req/s and call sales. They can help you to create an official sizing.

           

          But maybe you are just looking for an estimate - in this case the above numbers should work (probably better than no data ;-).

           

          Let me know if there are any questions on this.

           

          Best,

          Andre

          • 2. Re: Appliance sizing (4000B)
            cryptochrome

            Hello Andre,

             

            very nice, thanks for the detailed response. Those estimates are all I need. We are piloting MWG7 (before migration from 6.x) with a couple of hundred users on a dual-machine 4000B cluster. The pilot will max out at 1000 users. It looks like the two machines are powerful enough to handle this, even at "extreme" conditions

             

            Again, thanks. Much appreciated!

            • 3. Re: Appliance sizing (4000B)
              asabban

              Hello!

               

              two boxes should be fine. Just some things to keep in mind...

               

              When we talk about 2x4000B I assume both will run in a central management and handle traffic. As mentioned above 1000 users with "intense" usage load one system up to 88%. I assume that an "extreme" condition could require more than the remianing resources available for one box, so as long as both systems are working "extreme" conditions may work fine, but if one system goes down we need to ensure that the remaining box is able to handle the complete traffic alone. So I would recommend - when the pilot is running - to calculate the req/s and see what is really going through - then you know if 2 systems are suitable or if you need a third one for redundancy :-)

               

              In case anything else is required, just let us know.

               

              Best,

              Andre

              1 of 1 people found this helpful
              • 4. Re: Appliance sizing (4000B)
                cryptochrome

                Thanks. We are loadbalancing traffic to those two machines, so a single machine should not be hit by more than 200-300 users at any given time. And the pilot is... well, a pilot. Things are supposed to go wrong   Users can switch to to production proxies anytime, so no worries here.