Introduction to HawkShield
  • Introduction to HawkShield
  • Deployment
  • On-Prem Deployment
  • Infrastructure Deployment
  • Automation Flow for Updating Services
  • Automation Flow to Update Services
  • Administrative Guide
  • Browser Protection
    • Browser Plug-In Deployment
    • User Guide of Browser Protection
  • Email Protection
    • Admin Policy Creation
    • User Guide of Email Protection (for G-Mail)
      • Connecting G-Mail Accounts to HawkShield
    • Deployment for Outlook
    • User Guide of Email Protection (for Outlook)
      • Connecting Outlook Accounts to HawkShield
  • Introduction to HawkShield DSPM
    • Capabilites
    • Analytics Dashboard
    • DSPM Connectors
      • Setting Up Connectors
      • Managing Connector
      • Connector Dashboard
    • DSPM Findings
      • File by Entities
    • DSPM Reports
      • How to Create New Report
    • DSPM Policy
      • How to Create SaaS Policy
      • How to Create DBaaS Policy
    • DSPM Incident
    • DSPM Entities
      • How to Create New Entities
      • How to Create Categories
    • DSPM Privacy Law
      • How to Create a Privacy Law
    • Data Lineage
    • Security Inventory
  • Settings
    • Add/Edit Notification Channel
    • Default Reason
    • Blocked Domain
    • Request Approval
  • Subscription
  • Logs
Powered by GitBook
On this page

On-Prem Deployment

This section defines the prerequisites of the system and recommended settings for the deployment of HawkShield Security on-premises. The deployment process requires two physical servers, and the MSSP or SI owning virtualization through such tools as Proxmox, MS Oracle VirtualBox, and the same.

Infrastructure Requirements

  1. Virtualization: In a nutshell, 15 high-availability and performance-tuned VMs were deployed.

  2. Kubernetes Cluster: It is necessary to have at least 9 nodes, of which the following are required

  • 3 Master Nodes with standard SSDs.

  • 3 Worker Nodes with big memory that is capable of having NVMe Solid States Drives for improved performance.

  • 3 Standard Worker Node with SSD Storage enabled.

  1. Database and Backup:

  • Option 2 – 2 memory-intensive servers or VM with NVMe SSDs for the PostgreSQL database cluster.

  • 1 dedicated backup server for data protection every 12 hours, it is involved with backup increments.

  1. Additional Infrastructure:

  • 1 Rancher-StackStorm server for managing everything related to Kubernetes and creating and running required processes and workflows.

  • Two external load-balancing servers are required to control the traffic and guarantee high availability.

Performance and Scalability Considerations

The system requirements described above are intended to achieve the lowest cost, best performance, and scalability of HawkShield. Nevertheless, such configurations may differ depending on the needs of your business as well as the chosen deployment model.

System Requirements & Hardware Specifications

The table below captures the minimum and recommended hardware and software specifications for HawkShield Security on-premises. These specifications are crucial to make the solution smooth running and scalable, where appropriate.

Note: In fact, the storage requirements might also depend on the data traffic as well as the type of deployment. This is because a special setup may be required to suit some organizations’ requirements.

System Overview

Category
Requirement Details

Hardware

Minimum 64 core, 184 GB RAM, 920 GB storage.

Physical Machines or Servers

2 (Minimum)

Physical Server Requirements

1 VM with 36 core vCPUs, 96 GB RAM, 650 GB SATA SSD, and a physical-to-virtual core ratio of 1:4.

1 VM with 28 core vCPUs, 88 GB RAM, 270 GB NVME SSD, and a physical-to-virtual core ratio of 1:2.

Virtual Machines or Servers

15

Operating System

Ubuntu 22.04 LTS

Platform

On-Prem

Database

PostgreSQL 13

Container Compatibility

Docker 26.0.1, Kubernetes 1.30

Network

Internal Network Bandwidth - 1Gbps - 10Gbps (Recommended)

Switches - Optical Fiber

Internet Bandwidth - 300Mbps (For 200 users )

Browser Compatibility

Chrome - 69.0.3497.100 (64-bit)

Firefox - 63.0 Internet Explorer 11 -

11.245.17143.0 Microsoft Edge -

42.17134.1.0 Safari Desktop - 12.0

Additional Browser Requirements

Enable JavaScript on your browser.

Disable pop-up blocker.

A minimum screen resolution of 1024×768 is recommended.

Detailed Configuration Breakdown

Server Name
Total CPU
Total Ram
Total Storage
Quantity
Network
OS
Kubernetes Version
Docker Version
Hardware Details

Master Node

12

24

150

3

1 Gbps-10Gbps

ubuntu 22.04 LTS

1.3

26.0.1

Processor - Intel Xeon Scalable, Clock speed - 3.1 GHz, CPU architecture - x86_64, Ram Type - DDR4 Volume Type - SATA SSD

Worker Node (General Instance)

12

48

210

3

1 Gbps-10Gbps

ubuntu 22.04 LTS

1.3

26.0.1

Processor - GHz Intel Xeon Scalable, Clock speed - 3.1 GHz, CPU architecture - x86_64, Ram Type - DDR4 Volume Type - SATA SSD

Worker Node (Memory Intensive Instance)

20

72

210

3

1 Gbps-10Gbps

ubuntu 22.04 LTS

1.3

26.0.1

Processor - 3rd generation AMD EPYC, Clock speed - 3.6 GHz, CPU architecture - x86_64, Ram Type - DDR4 Volume Type - NVME SSD

DB Cluster

8

16

7

2

1 Gbps-10Gbps

ubuntu 22.04 LTS

-

-

Processor - 3rd generation AMD EPYC, Clock speed - 3.6 GHz, CPU architecture - x86_64, Ram Type - DDR4 Volume Type - NVME SSD

Backup Node

4

8

200

1

1 Gbps-10Gbps

ubuntu 22.04 LTS

-

-

Processor - 3.1 GHz Intel Xeon Scalable, Clock speed - 3.1 GHz, CPU architecture - x86_64, Ram Type - DDR4 Volume Type - SSD

Rancher & stack storm Node

4

8

50

1

1 Gbps-10Gbps

ubuntu 22.04 LTS

-

-

Processor - 3.1 GHz Intel Xeon Scalable, Clock speed - 3.1 GHz, CPU architecture - x86_64, Ram Type - DDR4 Volume Type - SATA SSD

External Load Balancer

4

8

40

2

1 Gbps-10Gbps

ubuntu 22.04 LTS

-

-

Processor - Intel Xeon Scalable, Clock speed - 3.1 GHz, CPU architecture - x86_64, Ram Type - DDR4 Volume Type - SATA SSD

Data Backup

  • The PostgreSQL and RabbitMQ data will be backed up incrementally based on the triggers once in 12 hours to the backup server.

  • Therefore as the volume of data increases storage capacity will have to be also scaled. For example, if HawkShield processes 10 GB of data per day, the backup server takes about one and a half months to perform one full backup turn before the need arises to scale up storage space.

Autoscaling Considerations

  • Correspondingly, the scalability of the system relies heavily on the used virtualization software. Relative to workload as well as available resources the automated scaling feature will scale up or down.

Storage Configuration

  1. System Requirements: HawkShield depends on a 64-bit operating system. Based on the scanning requirements and workload of the solution, storage requirements may be in demand.

  2. Local Storage Configuration: RAID-configured local hard drives are preferred since they provide both performance and backup, in case of failure among others. Unfortunately, from the table above, we note that local configurations do not support remote storage solutions like SAN and NAS.

Network Configuration

To ensure seamless operation and secure communication, the local network hosting the HawkShield Security on-premises solution must be configured as per the following requirements:

  1. Network & Firewall Configuration: Make sure that everything from your network firewall, or proxy server that can block the HawkShield Security on-prem server from accessing the HawkShield Cloud is as open as needed for communication to be continuous. This is for system maintenance, download of new content material, and updating of data as well as synchronization.

  2. Secure Communications: All people must use https for connections. As for other configurations, there is a list of requirements for successful HawkShield Security deployment on the on-prem server: An SSL certificate must be valid; DNS settings should enable the FQDN.

Network Protocol and Ports: Only Port 443 (HTTPS) should be allowed for protection to allow safe interaction with the HawkShield Security servers.

Data Backup Strategy

Under data protection, HawkShield will need another server or VM to store PostgreSQL and RabbitMQ data by utilizing an Incremental Backup Strategy. This means that data is constantly updated and there is data backup to avoid cases of losing the data in case of a system breakdown or a power surge.

Disaster Recovery Plan (DRP)

For maintaining business operations, HawkShield enforces strict DR planning for PostgreSQL and RabbitMQ services such as geo-partitioning. These strategies expounded below aim at ensuring data and system availability, reliability and to prevent the crippling of an organization’s operation in the case of a disaster.

High Availability (HA)

The main aim of the high availability (HA) configuration is much related to redundancy where the effect of system downtime, whether planned or unplanned, is reduced to the barest minimum. The following HA configurations are required:

  1. Geographical Distribution: To have an automatic failover and redundant configuration, PostgreSQL and RabbitMQ nodes have to be placed in different geographical locations.

  2. Node Configuration:

  • It is possible for one to operate as the active node whereas the other will operate as the passive node so that the integration of the failover is executed automatically.

  • Likewise one will act as the active node while the second one will be passive which is to be used in case of hot standby node failure.

This configuration makes it possible in case of disaster or maintenance that the passive node will take over the operation without any delay of service.

PreviousDeploymentNextInfrastructure Deployment

Last updated 5 months ago