Kaspersky Next XDR Expert

Hardware and software requirements

This article describes hardware requirements of single-node deployment scheme and multi-node deployment scheme, software requirements of Open Single Management Platform, hardware and software requirements of Kaspersky Deployment Toolkit and OSMP components.

Common requirements and considerations

100% vCPU allocation is required if you use virtualization.

For networks that exceed 40,000 devices, use secondary Administration Servers.

Make sure that the DNS server is available on the network.

Single-node deployment cannot be upgraded to multi-node deployment. Multi-node installation should be preferred If network growth is expected.

Effective device and EPS calculation

Hardware requirements may vary depending on the operating system running on endpoint devices. Use the following formula to estimate effective devices in your network:

<number of devices> = <Windows endpoints> + 3* <Linux and macOS endpoints> + 20 * <servers>

An effective device is expected to contribute 0.5 EPS (events per second) with default settings. Total EPS is calculated using the following formula:

<total EPS> = <EPS from effective devices> + <third-party EPS>

You can convert total EPS to effective devices using the following formula:

<total effective devices> = <total EPS> / 0.5

Single-node deployment: hardware requirements

Single-node deployment requires less resources (see the table below), but the following considerations should be taken into account:

• Single-node scheme only supports up to 10,000 devices in the network.
• The database is located on the primary worker node outside the cluster.

  In case of single-node deployment, it is strongly recommended that you first install the DBMS manually on the host that will act as a primary node. After that, you can deploy Kaspersky Next XDR Expert on the same host.

• Additional nodes are required for KATA/KEDR.
• To deploy the solution correctly, ensure that CPU of the target host supports the BMI, AVX, and SSE 4.2 instruction set.

  Minimum hardware requirements

  Hardware requirements for a single-node deployment scheme

  Solution	250 devices	1000 devices	3000 devices	5000 devices	10,000 devices
  A solution that includes the following applications: Open Single Management Platform Kaspersky Unified Monitoring and Analysis Platform Kaspersky Anti-Targeted Attack Platform / Kaspersky Endpoint Detection and Response Central Node Note: The requirements do not take into account hosts for KEDR services.	1 XDR primary node: CPU: 6 cores, operating frequency of 2.5 GHz RAM: 27 GB Available disk space: 360 GB 1 KUMA services node: CPU: 10 cores RAM: 16 GB Disk space: 500 GB	1 XDR primary worker node: CPU: 8 cores, operating frequency of 2.5 GHz RAM: 32 GB Available disk space: 400 GB 1 KUMA services node: CPU: 10 cores RAM: 16 GB Disk space: 600 GB	1 XDR primary worker node: CPU: 11 cores, operating frequency of 2.5 GHz RAM: 38 GB Available disk space: 600 GB 1 KUMA services node: CPU: 10 cores RAM: 16 GB Disk space: 1000 GB	1 XDR primary worker node: CPU: 15 cores, operating frequency of 2.5 GHz RAM: 46 GB Available disk space: 740 GB 1 KUMA services node: CPU: 10 cores RAM: 16 GB Disk space: 1400 GB	1 XDR primary worker node: CPU: 18 cores, operating frequency of 2.5 GHz RAM: 57 GB Available disk space: 1500 GB 1 KUMA services node: CPU: 10 cores RAM: 16 GB Disk space: 2400 GB

Multi-node deployment: hardware requirements

Multi-node deployment requires more resources (see the table below). For this scheme, the following considerations should be taken into account:

• Multi-node cluster scheme is recommended for networks that exceed 10,000 devices.
• The database is located on a separate host outside the cluster.
• To deploy the solution correctly, ensure that CPUs of target hosts support the BMI/AVX instruction set.

  Minimum hardware requirements

  Hardware requirements for a multi-node deployment scheme

  Solution	20,000 devices	30,000 devices	50,000 devices
  A solution that includes the following applications: Open Single Management Platform Kaspersky Unified Monitoring and Analysis Platform Kaspersky Anti-Targeted Attack Platform / Kaspersky Endpoint Detection and Response Central Node Note: The requirements do not take into account hosts for KEDR services.	12 nodes: 1 XDR primary node 3 XDR worker nodes 1 XDR database node 1 KUMA collector 1 KUMA correlator 3 KUMA keeper 2 KUMA storage	12 nodes: 1 XDR primary node 3 XDR worker nodes 1 XDR database node 1 KUMA collector 1 KUMA correlator 3 KUMA keeper 2 KUMA storage	12 nodes: 1 XDR primary node 3 XDR worker nodes 1 XDR database node 1 KUMA collector 1 KUMA correlator 3 KUMA keeper 2 KUMA storage
  	1 XDR primary node: CPU: 4 cores RAM: 8 GB Available disk space: 500 GB 3 XDR worker nodes: CPU: 8 cores RAM: 20 GB Available disk space: 1 TB 1 XDR database node: CPU: 10 cores RAM: 21 GB Available disk space: 1.6 TB 1 KUMA collector node: CPU: 8 cores RAM: 16 GB Available disk space: 500 GB 1 KUMA corellator node: CPU: 8 cores RAM: 32 GB Available disk space: 500 GB 3 KUMA keeper nodes: CPU: 6 cores RAM: 12 GB Available disk space: 150 GB 2 KUMA storage nodes: CPU: 24 cores RAM: 64 GB Available SSD disk space: 4.7 TB	1 XDR primary node: CPU: 4 cores RAM: 8 GB Available disk space: 500 GB 3 XDR worker nodes: CPU: 10 cores RAM: 24 GB Available disk space: 1 TB 1 XDR database node: CPU: 12 cores RAM: 24 GB Available disk space: 2.7 TB 1 KUMA collector node: CPU: 8 cores RAM: 16 GB Available disk space: 500 GB 1 KUMA corellator node: CPU: 8 cores RAM: 32 GB Available disk space: 500 GB 3 KUMA keeper nodes: CPU: 6 cores RAM: 12 GB Available disk space: 150 GB 2 KUMA storage nodes: CPU: 24 cores RAM: 64 GB Available SSD disk space: 7 TB	1 XDR primary node: CPU: 4 cores RAM: 8 GB Available disk space: 500 GB 3 XDR worker nodes: CPU: 12 cores RAM: 28 GB Available disk space: 1 TB 1 XDR database node: CPU: 16 cores RAM: 32 GB Available disk space: 4.3 TB 1 KUMA collector node: CPU: 8 cores RAM: 16 GB Available disk space: 500 GB 1 KUMA corellator node: CPU: 8 cores RAM: 32 GB Available disk space: 500 GB 3 KUMA keeper nodes: CPU: 6 cores RAM: 12 GB Available disk space: 150 GB 2 KUMA storage nodes: CPU: 24 cores RAM: 64 GB Available SSD disk space: 12 TB

Open Single Management Platform: Software requirements

Software requirements and supported systems and platforms

Highly available PostgreSQL clusters are supported. The Postgres role used by the Server to access the DBMS needs to have privileges to read the following views (enabled by default):

• pg_stat_replication
• pg_stat_wal_receiver

Kaspersky Deployment Toolkit

All Open Single Management Platform components are installed by using Kaspersky Deployment Toolkit.

Kaspersky Deployment Toolkit has the following hardware and software requirements:

Open Single Management Platform components

To view the hardware and software requirements for an Open Single Management Platform component, click its name:

• OSMP Console
• Kaspersky Unified Monitoring and Analysis Platform (hereinafter KUMA)
• Secondary Kaspersky Security Center Administration Servers
• Kaspersky Security Center Network Agent
• Kaspersky Endpoint Security for Windows
• Kaspersky Anti Targeted Attack Platform (hereinafter KATA)
• Kaspersky Industrial CyberSecurity for Networks
• Kaspersky Industrial CyberSecurity for Nodes
• Kaspersky CyberTrace
• Kaspersky Threat Intelligence Portal
• Kaspersky Automated Security Awareness Platform (hereinafter KASAP)