Производитель: SolarWinds
SolarWinds Firewall Security Manager 6
Hardware on the VM host | Small | Medium | Large |
---|---|---|---|
CPU |
2 – 4 core processors at 2.0 GHz |
6 – 10 core processors at 2.0 GHz |
10 – 16 core processors at 2.0 GHz |
If you will be storing original log messages in addition to normalized log messages, increase the CPU and memory resource requirements by 50%. |
|||
Memory | 8 GB RAM | 16 GB – 48 GB RAM | 48 GB – 256 GB RAM |
Hard drive storage | 250GB, 15k hard drives (RAID 1/mirrored settings) | 500GB, 15K hard drives (RAID 1/mirrored settings) |
1TB, 15k hard drives (RAID 1/mirrored settings) |
|
|||
Input/output operations per second (IOPS) | 40 – 200 IOPS | 200 – 400 IOPS | 400 or more IOPS |
NIC | 1 GBE NIC | 1 GBE NIC | 1 GBE NIC |
SEM Azure hardware requirements
Hardware on the VM host |
Small Standard_DS3_v2 |
Medium Standard_DS4_v2 |
Large Standard_D32s_v3 |
---|---|---|---|
CPU [cores] |
4 |
8 |
32 |
RAM [GB] | 14 | 28 | 128 |
IOPs | 12800 | 25600 | 51200 |
SEM software requirements
Software | Requirements |
---|---|
Hypervisor (required on the VM host) |
One of the following:
|
Microsoft Azure | Learn about Microsoft Azure requirements here. |
Amazon Web Services | Learn about Amazon Web Services requirements here. |
Web browser (required on a remote computer to run the web console) |
Current and later versions of the following:
|
Adobe Flash (browser plug-in required on a remote computer to run the web console) | Adobe Flash Player 15 |
SEM agent hardware and software requirements
Hardware and Software | Requirements |
---|---|
Operation System (OS) |
The SEM agent is compatible with the following operating systems:
|
The requirements specified below are minimum requirements. Depending on your deployment, you may need additional resources to support increased log-traffic volume and data retention. |
|
Memory | 512 MB RAM |
Hard Drive Space | 1 GB |
Other requirements |
Administrative access to the device hosting the SEM Agent. The SEM agent for Mac OS X requires Java Runtime Environment (JRE) 8 or later. |
SEM reports application hardware and software requirements
Hardware and Software | Requirements |
---|---|
Operation System (OS) |
The SEM reports application is Windows only. The following Windows versions are supported:
|
Memory |
512 MB RAM minimum. SolarWinds recommends using a computer with 1 GB of RAM or more for optimal reports performance. |
Other requirements |
Install the SEM reports application on a system that runs overnight. This is important because the daily and weekly start time for these reports is 1:00 AM and 3:00 AM, respectively. |
Firewall ports that you need to open to allow communication with SolarWinds Security Event Manager (formerly Log & Event Manager)
PORT # | PROTOCOL | SERVICE | DIRECTION | DESCRIPTION |
---|---|---|---|---|
22, 32022 | TCP | SSH | Bidirectional |
SSH traffic to the SolarWinds SEM VM. (Port 22 is not used prior to version 6.3.x.) If you need to close either ports 22 or 32022, contact SolarWinds Support. |
25 | TCP | SMTP | Outbound | SMTP traffic from the SolarWinds SEM VM to your email server for automated email notifications. |
80, 8080 | TCP | HTTP | Bidirectional | Non-secure HTTP traffic from the SolarWinds SEM console to the SolarWinds SEM VM. (SEM closes this port when activation completes, but you can re-open it with the CMC togglehttp command.) |
139, 445 | TCP | NetBIOS, SMB | Bidirectional |
Standard Windows file sharing ports (NetBIOS Session Service, Microsoft SMB) that SEM uses to export debug files, syslog messages, and backup files. The SEM Remote Agent Installer also uses these ports to install Agents on Microsoft Windows hosts across your network. |
161, 162 | TCP | SNMP | Bidirectional | SNMP trap traffic received from devices, and used by the Orion platform to monitor SEM. (Monitoring SEM on port 161 is not used prior to version 6.3.x.) |
389, 636 | TCP | LDAP | Outbound |
LDAP ports that the SEM Directory Service Connector tool uses to communicate with a designated Active Directory domain controller. The SEM Directory Service Connector tool uses port 636 for SSL communications to a designated Active Directory domain controller. |
443, 8443 | TCP | HTTPS | Bidirectional |
HTTPS traffic from the SolarWinds SEM console to the SEM VM. SEM uses these secure HTTP ports after SEM is activated. |
(445) | TCP | See entry for port 139. | ||
514 | TCP or UDP | Syslog | Inbound | Syslog traffic from devices sending syslog event messages to the SolarWinds SEM VM. |
(636) | TCP | See entry for port 389. | ||
2100 | UDP | NetFlow | Inbound | NetFlow traffic from devices sending NetFlow to the SolarWinds SEM VM. |
6343 | UDP | sFlow | Inbound | sFlow traffic from devices sending sFlow to the SolarWinds SEM VM. |
(8080) | TCP | See entry for port 80. | ||
(8443) | TCP | See entry for port 443. | ||
8983 | TCP | nDepth | Inbound | nDepth traffic sent from nDepth to the SEM VM containing raw (original) log data. |
9001 | TCP | SEM reports application | Bidirectional | SEM reports application traffic used to gather SEM teports data on the SEM VM. |
(32022) | TCP | See entry for port 22. | ||
37890-37892 | TCP | SEM Agents | Inbound | SEM Agent traffic sent from SolarWinds SEM Agents to the SolarWinds SEM VM. (These ports correspond to the destination ports on the SEM VM.) |
SEM no longer uses the port listed in the following table.
PORT # | PROTOCOL | SERVICE | DIRECTION | DESCRIPTION |
---|---|---|---|---|
5433 | TCP | SEM Reports | Inbound | Port 5433 is no longer used. Previously, this port carried traffic from the SolarWinds SEM reports application to the SolarWinds SEM VM. This was used by versions prior to LEM 5.6, for which support ended December 2015. |