Related
Recommended
Karl_Ackerman
NDR - Certified Hardware support Now available

All NDR customers can now deploy the NDR Sensor on certified Hardware, no additional license is required.

NDR and Log Collectors are supported on VMWARE, MS Hyper-V, AWS AMI, and Hardware.

NDR is currently supported on the following Certified HW options.

CERTIFIED   CERTIFIED   CERTIFIED   CERTIFIED   CERTIFIED   CERTIFIED  
Dell R660 2 Socket Dell R660xs Dell R650 Dell R450 Dell R350 Intel Nuc 13th Gen
40Gbps 40Gbps 20Gbps 10Gbps 4Gbps 2.5Gbps
120K connections/sec 80K Connections/sec 40k Connections/sec 20k Connections/sec 8K Connections/sec 4k Connections/sec
64 CPUs 32 CPUs 24 CPUs 16 CPUs 8CPUs 12 CPUs
128GB memory 64GB memory 64GB memory 32GB memory 32GB memory 32GB memory

IMPORTANT: See full spec sheet before ordering HW.  Please insure the HW matches the specific requirements around CPU, Memory, Disk and Networking (DAUL NIC card) requirements.

ndr hw specs (4) (2).xlsx(Revised Aug 2024)

NOTE: Intel NUC 13th Gen has limited availability and we are in the certification process for an alternate low end device for branch offices and labs.

Sizing guidance for Certified HW:

Some general guidance on sizing the Appliance for your network.

If you know the peak and sustained bandwidth consumption at the switch, it is fairly straightforward to map that to the max bandwidth information in the sizing document and the peak bandwidth you experience. NDR is aware and handles streaming and elephant flows (Backup activity) with optimization for this type of traffic. Most threats are identified in typical browsing and general application network activity.

Check the capacity of the switch that you are going to be getting mirrored traffic from - the NDR Sensor should be the same capacity.

If you are still uncertain, here is a table for a typical business: For a typical business, we assume 20% are power users with multiple devices (Devs and the like), 60% typical users with browsing, email activity, and 20% light users. The organization uses VoIP, has some video streaming, and large file upload/download activity, as well as servers for applications and web hosting.

If you are heavy users of video/music streaming, you may want the next level up. If mostly emailing, one level down.

NUC (2.5Gbps):

  • To support up to 2.5K users
  • ~0.7Gbps expected sustained traffic with peak loads 2-3x
  • Device should handle peak loads and growth

DELL R350 (4Gbps):

  • To support up to 5K users
  • ~1.4Gbps expected sustained traffic with peak loads 2x
  • Device should handle peak loads and growth

DELL R450 (10Gbps):

  • To support up to 12.5K users
  • ~3.4Gbps expected sustained traffic with peak loads 2x
  • Device should handle peak loads and growth

DELL R650 (20Gbps):

  • To support up to 25K users
  • ~6.8Gbps expected sustained traffic with peak loads 2x
  • Device should handle peak loads and growth

DELL R660 (40Gbps):

  • To support up to 50K users
  • ~13.7Gbps expected sustained traffic with peak loads 2x
  • Device should handle peak loads and growth
Installation Guide
 
Install documentation is still being finalized and the Hardware option is marked as Beta while we complete those documents and confirm deployments are proceeding as expected.

Please refer to the documents below:
NDR Install guide on Certified DELL hardware

NDR Install guide on Certified Intel NUC V13

Parents Comment Children
  • in reply to Karl_Ackerman

    Hi Karl,

    I have an ASUS NUC in which I have installed the Intel LAN and USB Add-on Assembly Module NUCIOALUWS, this is seen by the NUC installer and everything installs without complaint so not sure why it isn't working. 

    I am told that people are using the ASUS NUC 13th gen but can't get anyone to take a look at why ours is not working. 

    Andy

  • in reply to andyhaigh

    Can you reach me on karl.ackerman@sophos.com so I can loop in Dev and see what you've got setup to see if we can get it working. 

  • in reply to Karl_Ackerman

    Hi Karl,

    You were looped into the emails by support and I got the same issue with an Intel NUC I was able to source. Support got DEV to look at this and now it is working. Was told even the Intel NUC I had was not supported as well, seems there were only 2 Intel NUC's that were officially supported ("NUC13L3Hv5" and "NUC13ANKi5"), sorry to say that really wasn't clear in the literature, there was a link to a NUC at a retail site but nowhere did it say that these were the only supported NUC's.
    We are trying to assist by being an early adopter so would have thought support/DEV would be more helpful.
    Anyway is not stuck in a boot cycle now and will install at the clients and test it out.

    I will email you about the ASUS NUC.

    Thanks

    Andy

  • in reply to andyhaigh

    Thansk for the input. We are in the process of adding the OnLogic Helix 511 to replace the no-longer available INTEL NUC with Dual NIC card.  When we add the OnLogic device we will have a custom sku to facilitate ordering the correct certified HW.

  • in reply to Karl_Ackerman

    Ok, now I am confused. The OnLogic Helix 511 is a 12th Gen architecture. When the original spec was for a 13th Gen.

    With my ASUS NUC can I get the change they made to the Intel NUC done?
    The ASUS NUC is the same as the Intel NUC and takes the Intel LAN and USB Add-on Assembly Module NUCIOALUWS, so fits the requirements.

    Thanks

    Andy

Unfiltered HTML