This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
ABOUT CHECKMATES & FAQ
Create a Post
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Help

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have one, create one now for free!
Giancarlo_Cotta
Contributor
‎2018-06-10 01:53 AM

Threat Emulation sizing

Jump to solution

Hi

I'm evaluating the Threat Emulation and I have to do the sizing.

Is it possibile to find a document that indicates how many files to consider every day for web and email traffic?

Thanks a lot

1 Solution

Accepted Solutions
Vincent_Bacher
Advisor
‎2018-06-10 11:58 PM
In response to Giancarlo_Cotta

Jump to solution

Never saw such a docu before, maybe other mates do.
Maybe another way would be implementing a PoC in a VM and enabling sizing mode as per sk93598

and now to something completely different

View solution in original post

7 Replies
Vincent_Bacher
Advisor
‎2018-06-10 02:51 PM

Jump to solution

That depends on the amount of mails your organization sends and receives and the web activity of the users and servers.

In addition it depends on you, if you want all supported files to be emulated and how many exceptions you want to configure, for instance for Windows updates. 

and now to something completely different
0 Kudos
Giancarlo_Cotta
Contributor
‎2018-06-10 11:50 PM

Jump to solution

Hi

Thanks for your answer.

But if I working for a customer that is not able to calculate the amount of mails I'm looking for a documentation that help to calculate in base of statistical data how to dimension a device.

.

Is it possible to find a document that help to understand eventually traffic for email o http in base on a number of user?

Thanks

0 Kudos
Vincent_Bacher
Advisor
‎2018-06-10 11:58 PM
In response to Giancarlo_Cotta

Jump to solution

Never saw such a docu before, maybe other mates do.
Maybe another way would be implementing a PoC in a VM and enabling sizing mode as per sk93598

and now to something completely different
PhoneBoy
Admin
Admin
‎2018-06-11 10:48 AM
In response to Vincent_Bacher

Jump to solution

The problem is that each organization is different in terms of number of files emulated, etc.

Best approach is to sample from your real environment, which this SK discusses how to do.

Huseyin_Rencber
Collaborator
‎2018-06-15 01:52 PM

Jump to solution

sk93598 will help you but every topology has different traffic and file characteristic.

Thomas_Werner
Employee Alumnus
Employee Alumnus
‎2018-06-18 05:02 AM

Jump to solution

Hi Giancarlo,

as a very rough estimation you could calculate 2 unique files per user per day for mail traffic and 5 unique files per user per day for web traffic.

This is a very rough estimation and as Dameon already mentioned live production traffic could vary.

The best I found is to ask the customer for statistics on their existing mail gateways/servers and web proxies.

Even better for sizing would be to get the different file type distribution within those traffics.

Regards Thomas

Giancarlo_Cotta
Contributor
‎2018-06-18 12:15 PM

Jump to solution

Thank for answer, now is clear!

Giancarlo