cancel
Showing results for 
Search instead for 
Did you mean: 
Post a Question

Threat Emulation sizing

Jump to solution

Hi

I'm evaluating the Threat Emulation and I have to do the sizing.

Is it possibile to find a document that indicates how many files to consider every day for web and email traffic?

Thanks a lot

1 Solution

Accepted Solutions

Re: Threat Emulation sizing

Jump to solution

Never saw such a docu before, maybe other mates do.
Maybe another way would be implementing a PoC in a VM and enabling sizing mode as per sk93598

and now to something completely different
7 Replies

Re: Threat Emulation sizing

Jump to solution

That depends on the amount of mails your organization sends and receives and the web activity of the users and servers.

In addition it depends on you, if you want all supported files to be emulated and how many exceptions you want to configure, for instance for Windows updates. 

and now to something completely different
0 Kudos

Re: Threat Emulation sizing

Jump to solution

Hi

Thanks for your answer.

But if I working for a customer that is not able to calculate the amount of mails I'm looking for a documentation that help to calculate in base of statistical data how to dimension a device.

.

Is it possible to find a document that help to understand eventually traffic for email o http in base on a number of user?

Thanks

0 Kudos

Re: Threat Emulation sizing

Jump to solution

Never saw such a docu before, maybe other mates do.
Maybe another way would be implementing a PoC in a VM and enabling sizing mode as per sk93598

and now to something completely different
Admin
Admin

Re: Threat Emulation sizing

Jump to solution

The problem is that each organization is different in terms of number of files emulated, etc.

Best approach is to sample from your real environment, which this SK discusses how to do.

Re: Threat Emulation sizing

Jump to solution

sk93598 will help you but every topology has different traffic and file characteristic.

Employee++
Employee++

Re: Threat Emulation sizing

Jump to solution

Hi Giancarlo,

as a very rough estimation you could calculate 2 unique files per user per day for mail traffic and 5 unique files per user per day for web traffic.

This is a very rough estimation and as Dameon already mentioned live production traffic could vary.

The best I found is to ask the customer for statistics on their existing mail gateways/servers and web proxies.

Even better for sizing would be to get the different file type distribution within those traffics.

Regards Thomas

Re: Threat Emulation sizing

Jump to solution

Thank for answer, now is clear!

Giancarlo