Firewall Analyzer - System Requirements

    The system requirements mentioned below are minimum requirements for a specific log rate. The sizing requirements will vary based on the load.

    Hardware requirements

    Standalone edition

    Firewall log rate
    		 Processor Memory Hard disk space
     Upto 500 logs/second Intel Xeon Quad Core 3.5 GHz/ 8 threads 8 GB 90 GB/day for 500 logs/second
     More than 500 logs/second Intel Xeon Quad Core 3.5 GHz/ 8 threads or higher 16 GB 90 GB/day
    for every 500 logs/second

    Distributed edition

    Admin server

    Processor Memory Hard disk space
    Intel Xeon Quad Core 3.5 GHz/ 8 threads or higher
    CPUs with a total combined PassMark score of 7,000 or higher    		 8 GB 100 GB

    Collector server

    Firewall log rate
    		 Processor Memory Hard disk space
     Upto 500 logs/second Intel Xeon Quad Core 3.5 GHz/ 8 threads 8 GB 90 GB/day for 500 logs/second
     More than 500 logs/second Intel Xeon Quad Core 3.5 GHz/ 8 threads or higher 16 GB 90 GB/day
    for every 500 logs/second

    Refer Firewall Analyzer Sizing Guide for hard disk space and PostgreSQL tuning.

    Note:
    • CPU recommendation for deployments use the PassMark® score. To learn more, click here.
    • We strongly recommend assigning a dedicated machine for Firewall Analyzer

     

    Software requirements

    The following table lists the recommended software requirements for an Firewall Analyzer installation.

    Software Version requirements for Evaluation
    		 Version requirements for Production
    Windows OS Windows 10 (or) Windows Server 2012 Windows Server 2022/ 2019/ 2016/ 2012 R2/ 2012
    Linux OS Ubuntu 14 to 22.04/ CentOS 7/ Fedora 37/ Red Hat 7 to 9.4/​ Opensuse 15.4/ Debian 10 to 11.6 Ubuntu 14 to 22.04/ Red Hat version 7 to 9.4/ CentOS Stream 9/ CentOS Stream 8/ CentOS 7
    Browsers Chrome/ Firefox/ Edge Chrome (preferred)/ Firefox/ Edge

     

    Note: User Privilege: Local administrator privileges required for Firewall Analyzer installation.

     

    Port requirements

    The following are the ports and protocols that Firewall Analyzer uses for communication.

    Ports used by the application

    Port Protocol Port Type Usage Remarks
    8060 TCP Static Web server port Can be configured using ChangeWebServerPort.bat file.
    22 TCP Static SSH port  
    1433 TCP Static (MS SQL) Database port Can be changed in conf/database_params.conf file or dbconfiguration.bat file.
    13306 TCP Static (PostgreSQL) Database port Can be changed in conf/database_params.conf file.
    32000-32999     Wrapper  
    31000-31999     JVM (to connect Wrapper)  

    Ports used for monitoring

    Port Protocol Port Type Usage Remarks
    1514 UDP Static Syslog port  (Firewall log receiver port for Firewall Analyzer) Can be changed via web client.

    Ports used by add-ons

    For ports used by OpMnager add-ons, refer OpManager system requirements page.

     

    Database Requirements

    The following table lists the basic requirements for your Firewall Analyzer database server.

    PostgreSQL

    • Standalone Edition - Bundled with the product (PostgreSQL version 14.7).
    • Distributed Edition - Bundled with the product. We recommend MS SQL.

    For Remote PostgreSQL, Firewall Analyzer supports PostgreSQL versions 14.7 to 14.x.

    In case of failover, we recommend MS SQL.

    Microsoft SQL

    1. Supported versions

    SQL 2019 (from build 125379) | SQL 2017 | SQL 2016 | SQL 2014

    1. Important Notices
      1. For production use 64 bit versions of SQL
      2. Recovery mode should be set to SIMPLE.
      3. SQL and Firewall Analyzer should be in the same LAN. Currently WAN based SQL installations are not supported.
    2. Collation
      1. English with collation setting (SQL_Latin1_General_CP1_CI_AS)
      2. Norwegian with collation setting (Danish_Norwegian_CI_AS)
      3. Simplified Chinese with collation setting (Chinese_PRC_CI_AS)
      4. Japanese with collation setting (Japanese_CI_AS)
      5. German with collation setting (German_PhoneBook_CI_AS)
    3. Authentication
      • Mixed mode (MS SQL and Windows authentication).
    4. BCP

      The "bcp.exe"(Windows)/"bcp"(Linux) and "bcp.rll" must be available in the OpManager bin directory.

      The BCP utility provided with Microsoft SQL Server is a command line utility that allows you to import and export large amounts of data in and out of SQL server databases quickly.

      For Windows:

      The bcp.exe and bcp.rll will be available in the MSSQL installation directory. If MSSQL is in a remote machine, copy bcp.exe and bcp.rll files and paste them in the <\OpManager\bin> directory.

      Note:

      For Windows:The SQL server version compliant with the SQL Native Client must be installed in the same Server.

      For Linux:

      For BCP utility in Linux, mssql-tools (Microsoft ODBC driver for Linux) should be installed on a Firewall Analyzer installed machine. Please follow the steps in the document provided below to install Microsoft ODBC driver on Linux servers.

      https://learn.microsoft.com/en-us/sql/connect/odbc/linux-mac/installing-the-microsoft-odbc-driver-for-sql-server

      Note:

      For Linux:The command to install ODBC driver is different for every Linux flavor. Please choose the correct Linux flavor and install the ODBC driver.

       

      • Steps to move BCP utility to Firewall Analyzer :
      • After the ODBC driver is installed in Linux servers, the bcp utility files can be found in the below mentioned path. Copy both bcp and bcp.rll files to <opmanager_home>/bin and start Firewall Analyzer once.
      • For ODBC driver version 18: file in /opt/mssql-tools18/bin/ and bcp.rll file in /opt/mssql-tools18/share/resources/en_US/
      • For other versions of ODBC: bcp file in /opt/mssql-tools/bin/ and bcp.rll file in /opt/mssql-tools/share/resources/en_US/