This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Giancarlo_Cotta
Contributor
‎2018-06-10 01:53 AM
Jump to solution

Threat Emulation sizing

Hi

I'm evaluating the Threat Emulation and I have to do the sizing.

Is it possibile to find a document that indicates how many files to consider every day for web and email traffic?

Thanks a lot

1 Solution

Accepted Solutions
Vincent_Bacher
Advisor
‎2018-06-10 11:58 PM
In response to Giancarlo_Cotta
Jump to solution

Never saw such a docu before, maybe other mates do.
Maybe another way would be implementing a PoC in a VM and enabling sizing mode as per sk93598

and now to something completely different

View solution in original post

7 Replies
Vincent_Bacher
Advisor
‎2018-06-10 02:51 PM
Jump to solution

That depends on the amount of mails your organization sends and receives and the web activity of the users and servers.

In addition it depends on you, if you want all supported files to be emulated and how many exceptions you want to configure, for instance for Windows updates. 

and now to something completely different
0 Kudos
Giancarlo_Cotta
Contributor
‎2018-06-10 11:50 PM
Jump to solution

Hi

Thanks for your answer.

But if I working for a customer that is not able to calculate the amount of mails I'm looking for a documentation that help to calculate in base of statistical data how to dimension a device.

.

Is it possible to find a document that help to understand eventually traffic for email o http in base on a number of user?

Thanks

0 Kudos
Vincent_Bacher
Advisor
‎2018-06-10 11:58 PM
In response to Giancarlo_Cotta
Jump to solution

Never saw such a docu before, maybe other mates do.
Maybe another way would be implementing a PoC in a VM and enabling sizing mode as per sk93598

and now to something completely different
PhoneBoy
Admin
Admin
‎2018-06-11 10:48 AM
In response to Vincent_Bacher
Jump to solution

The problem is that each organization is different in terms of number of files emulated, etc.

Best approach is to sample from your real environment, which this SK discusses how to do.

Huseyin_Rencber
Collaborator
‎2018-06-15 01:52 PM
Jump to solution

sk93598 will help you but every topology has different traffic and file characteristic.

Thomas_Werner
Employee Alumnus
Employee Alumnus
‎2018-06-18 05:02 AM
Jump to solution

Hi Giancarlo,

as a very rough estimation you could calculate 2 unique files per user per day for mail traffic and 5 unique files per user per day for web traffic.

This is a very rough estimation and as Dameon already mentioned live production traffic could vary.

The best I found is to ask the customer for statistics on their existing mail gateways/servers and web proxies.

Even better for sizing would be to get the different file type distribution within those traffics.

Regards Thomas

Giancarlo_Cotta
Contributor
‎2018-06-18 12:15 PM
Jump to solution

Thank for answer, now is clear!

Giancarlo

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events