For general information about driver and system compatibility, read Airlock WAF hardware compatibility.
These are the recommended hardware profiles for Airlock Gateway. If Airlock IAM is run on Airlock Gateway, add another 2 GB.
Profile | Minimum Requirements | Example |
Minimum (for demo purposes) Max. 5 parallel users / sessions |
1 CPU 2.0 GHz |
Virtual machine with 5 GB RAM and a virtual 18 GB disk |
Small Up to 1000 HTTPS sessions |
2 CPU 2.0 GHz |
Virtual machine with 8 GB RAM and a virtual 80 GB disk HP ProLiant DL20 Gen9 |
Medium Up to 9000 HTTPS sessions |
1 x 8-Core CPU 2.5 GHz |
HP ProLiant DL360 Gen10 |
Large Up to 40000 HTTPS sessions |
2 x 8-Core CPU 2.5 GHz |
HP ProLiant DL360 Gen10 |
With modern hardware, Airlock Gateway is able to answer up to 7000 HTTPS requests/second. However, the actual performance very much depends on protected applications, the protocol used (HTTP and/or HTTPS) and enabled Airlock Gateway features. For example, enabling HTTPS, URL encryption and content rewriting can easily double the CPU load. Having a lot of long-running requests, WebSocket or NTLM-passthrough connections reduces the amount of requests that can be handled with the same hardware.
The performance numbers contained in the profiles above are based on a number of assumptions. The most important are:
In environments with high traffic rates and local reporting enabled, lots of log messages are written to disk (at least one message per request). Therefore, we recommend the use of SSD disks in these setups.
Airlock Gateway automatically tunes the scalability settings for critical system components depending on the amount of installed RAM.
Starting with Airlock Gateway 7.2, the scalability settings are tuned for systems with up to 256 GB installed RAM. For older versions of Airlock Gateway, this amount is 128 GB RAM.
Servers that have even more installed RAM are tuned like servers that have exactly the mentioned amount of installed RAM. This means that most performance metrics will not improve anymore. The maximum number of requests per second and the maximum number of concurrent connections will stay on a similar level.
Please contact Airlock support if you encounter scalability problems.
It is recommended to use software RAID. Hardware RAID may be supported on specific plattforms.
Using the built-in software RAID of Airlock Gateway has the following advantages:
These are the recommended profiles for Airlock Gateway in cloud environments:
Profile | Requirements |
Minimum (for demo purposes) Max. 5 parallel users / sessions |
1 vCPU |
Small Up to 1000 HTTPS sessions |
2 vCPUs |
Medium Up to 9000 HTTPS sessions |
8 vCPUs |
Large Up to 40000 HTTPS sessions |
16 vCPUs |