Download This Guide
Management Scalability
Table 2 shows the supported firewall rules per policy processed concurrently.
Table 2: Supported Firewall Rules per Policy
Number of Device Rules Processed Concurrently | Jboss Node Count | Memory | Platform OpenNMS Function | Log Collector | Hard Disk |
|---|---|---|---|---|---|
5,000-7,000 | 1 | 32GB RAM | Enabled | Dedicated node | Any |
15,000 | 1 | 32GB RAM | Off or dedicated node | Dedicated node | Any |
40,000 | 2 | 32GB RAM per node | Off or dedicated node | Dedicated node | Any |
100,000 | 2 | 32GB RAM per node | Off or dedicated node | Dedicated node | SSD required |
 | Note: If you use the database dedicated setup (SSD hard disk VMs) for this deployment, the performance of publish and update is better compared with the normal two-node Junos Space fabric setup. |
The following management scalability features are supported on Security Director:
- By default, monitoring polling is set to 15 minutes and
resource usage polling is set to 10 minutes. This polling time changes
to 30 minutes for a large-scale data center setup such as one for
200 high-end SRX Series devices managed in Security Director.
Note: You can manually configure the monitor polling on the Administration > Monitor Settings page.
- Security Director supports a maximum of 10,000 SRX Series devices and 10,000 EX Series switches in a six-node Junos Space fabric (four JBoss servers and two database nodes). In a setup with 10,000 SRX Series devices, all settings for monitoring polling must be set to 60 minutes. If monitoring is not required, disable the monitoring to improve your publish or update job performance.
- To enhance the performance further, increase the Update
sub-jobs thread number in the database. To increase the Update sub-jobs
thread in the database, run the following command:
#mysql -pnetscreen mysql> update RuntimePreferencesEntity SET value=20 where name='UPDATE_MAX_SUBJOBS_PER_NODE'; mysql> exit
