All NDR customers can now deploy the NDR Sensor on certified Hardware, no additional license is required.
NDR and Log Collectors are supported on VMWARE, MS Hyper-V, AWS AMI, and Hardware.
NDR is currently supported on the following Certified HW options.
| CERTIFIED | CERTIFIED | CERTIFIED | CERTIFIED | CERTIFIED | CERTIFIED |
| Dell R660 2 Socket | Dell R660xs | Dell R650 | Dell R450 | Dell R350 | Intel Nuc 13th Gen |
| 40Gbps | 40Gbps | 20Gbps | 10Gbps | 4Gbps | 2.5Gbps |
| 120K connections/sec | 80K Connections/sec | 40k Connections/sec | 20k Connections/sec | 8K Connections/sec | 4k Connections/sec |
| 64 CPUs | 32 CPUs | 24 CPUs | 16 CPUs | 8CPUs | 12 CPUs |
| 128GB memory | 64GB memory | 64GB memory | 32GB memory | 32GB memory | 32GB memory |
IMPORTANT: See full spec sheet before ordering HW. Please insure the HW matches the specific requirements around CPU, Memory, Disk and Networking (DAUL NIC card) requirements.
NDR Certified HW specifications
NOTE: Intel NUC 13th Gen has limited availability and we are in the certification process for an alternate low end device for branch offices and labs.
Sizing guidance for Certified HW:
Some general guidance on sizing the Appliance for your network.
If you know the peak and sustained bandwidth consumption at the switch, it is fairly straightforward to map that to the max bandwidth information in the sizing document and the peak bandwidth you experience. NDR is aware and handles streaming and elephant flows (Backup activity) with optimization for this type of traffic. Most threats are identified in typical browsing and general application network activity.
Check the capacity of the switch that you are going to be getting mirrored traffic from - the NDR Sensor should be the same capacity.
If you are still uncertain, here is a table for a typical business: For a typical business, we assume 20% are power users with multiple devices (Devs and the like), 60% typical users with browsing, email activity, and 20% light users. The organization uses VoIP, has some video streaming, and large file upload/download activity, as well as servers for applications and web hosting.
If you are heavy users of video/music streaming, you may want the next level up. If mostly emailing, one level down.
NUC (2.5Gbps):
- To support up to 2.5K users
- ~0.7Gbps expected sustained traffic with peak loads 2-3x
- Device should handle peak loads and growth
DELL R350 (4Gbps):
- To support up to 5K users
- ~1.4Gbps expected sustained traffic with peak loads 2x
- Device should handle peak loads and growth
DELL R450 (10Gbps):
- To support up to 12.5K users
- ~3.4Gbps expected sustained traffic with peak loads 2x
- Device should handle peak loads and growth
DELL R650 (20Gbps):
- To support up to 25K users
- ~6.8Gbps expected sustained traffic with peak loads 2x
- Device should handle peak loads and growth
DELL R660 (40Gbps):
- To support up to 50K users
- ~13.7Gbps expected sustained traffic with peak loads 2x
- Device should handle peak loads and growth
Install documentation is still being finalized and the Hardware option is marked as Beta while we complete those documents and confirm deployments are proceeding as expected.
Please refer to the documents below:
NDR Install guide on Certified DELL hardware
