Download This Guide
Management Scalability
The following management scalability features are supported on Security Director:
- By default, monitor polling is set to 15 minutes and resource
usage polling is set to 10 minutes. This polling time changes to 30
minutes for a large-scale data center setup such as one for 200 SRX
Series devices managed in Security Director.
Note: You can manually configure the monitor polling on the Administration > Monitor Settings page.
- Security Director supports a maximum of 10,000 SRX Series devices and 10,000 EX Series switches in a six-node Junos Space fabric (four JBoss servers and two database nodes). In a setup with 10,000 SRX Series devices, all settings for monitor polling must be set to 60 minutes. If monitoring is not required, disable it to improve your publish or update job performance.
- To enhance the performance further, increase the update
subjobs thread number in the database. To increase the update subjobs
thread in the database, run the following command:
#mysql -pnetscreen mysql> update RuntimePreferencesEntity SET value=20 where name='UPDATE_MAX_SUBJOBS_PER_NODE'; mysql> exit
Table 2 shows the supported firewall rules per policy processed concurrently.
Table 2: Supported Firewall Rules per Policy
Number of Device Rules Processed Concurrently | JBoss Node Count | Memory | Platform OpenNMS Function | Log Collector | Hard Disk |
|---|---|---|---|---|---|
5,000–7,000 | 1 | 32 GB of RAM | Enabled | Dedicated node | Any |
15,000 | 1 | 32 GB of RAM | Off or dedicated node | Dedicated node | Any |
40,000 | 2 | 32 GB of RAM per node | Off or dedicated node | Dedicated node | Any |
100,000 | 2 | 32 GB of RAM per node | Off or dedicated node | Dedicated node | SSD required |
| Note: If you use the database dedicated setup (SSD hard disk VMs) for the deployment mentioned in the table above, the performance of publish and update is better compared with the normal two-node Junos Space fabric setup. |
