PolicyServer System Requirements

Hardware and Scaling Requirements

The following shows deployment and scaling requirements in several different-sized environments. In smaller network environments, PolicyServer SQL databases can be installed on the same server. For PolicyServer deployments in environments greater than 1500 devices, Trend Micro recommends having at least two dedicated servers:

  1. A dedicated server for the PolicyServer services, also known as the "front-end server"

  2. A dedicated server for the database, or add the database to an existing SQL cluster

With larger environments, Trend Micro recommends adding additional servers to avoid having single points of failure. The following table displays two sets of requirements for the PolicyServer SQL database: one set for the basic requirements at that scale, and one set for an environment with increased redundancy.

Devices

PolicyServer Front-end Requirements

PolicyServer SQL Database Requirements

PolicyServer SQL Database with Zero Single Points of Failure (Recommended)

1,500

  • One front-end and SQL database multi-role server with an Intel Xeon quad-core 2.0 GHz processor or equivalent

  • 8 GB RAM

  • 120 GB hard drive

Installed on PolicyServer front-end server

Not recommended for deployments at this scale

3,000

  • One front-end server with two Intel Xeon quad-core 2.0 GHz processors or equivalent

  • 4 GB RAM

  • 40 GB hard drive

  • One SQL database server with an Intel Xeon quad-core 2.0 GHz processor or equivalent

  • 8 GB RAM

  • 100 GB hard drive

Not recommended for deployments at this scale

10,000

  • Two front-end servers each with an Intel Xeon quad-core 2.0 GHz processor or equivalent

  • 4 GB RAM

  • 40 GB hard drive

  • One SQL database server with an Intel Xeon quad-core 2.0 GHz processor or equivalent

  • 8 GB RAM

  • 120 GB hard drive

  • One SQL server cluster of two nodes, each with an Intel Xeon quad-core 2.0 GHz processor or equivalent

  • 8 GB RAM

  • 60 GB RAID 5 hard drive

  • 150 GB shared SAN RAID 5 hard drive

20,000

  • Four front-end servers each with two Intel Xeon quad-core 2.0 GHz processors or equivalent

  • 4 GB RAM

  • 40 GB hard drive

  • One SQL database server with an Intel Xeon quad-core 2.0 GHz processor or equivalent

  • 16 GB RAM

  • 160 GB RAID 5 hard drive

  • One SQL server cluster of two nodes, each with an Intel Xeon quad-core 2.0 GHz processor or equivalent

  • 8 GB RAM

  • 60 GB RAID 5 hard drive

  • 180 GB shared SAN RAID 5 hard drive

40,000

  • Eight front-end servers each with two Intel Xeon quad-core 2.0 GHz processors or equivalent

  • 4 GB RAM

  • 40 GB hard drive

  • Two SQL database cluster servers each with an Intel Xeon quad-core 2.0 GHz processor or equivalent

  • 16 GB RAM

  • 320 GB shared SAN RAID 5 hard drive

  • Four SQL database cluster servers each with an Intel Xeon quad-core 2.0 GHz processor or equivalent

  • 16 GB RAM

  • 60 GB RAID 5 hard drive

  • 350 GB shared SAN RAID 5 hard drive

Note:

Virtual hardware is supported under VMware Virtual Infrastructure.

Microsoft or VMware on virtual hardware does not support Microsoft Cluster Service.

Software Requirements

Specification

Requirements

Operating system

  • Windows Server 2008 / 2008 R2 (64-bit)

  • Windows Server 2012 / 2012 R2 (64-bit)

Database server

  • Microsoft SQL Server 2005 SP3 / 2008 / 2008 R2 / 2012

  • Microsoft SQL Server Express 2005 SP3 / 2008 / 2012

  • Mixed Mode Authentication (SA password) installed

  • Reporting services installed

Note:

For Windows Server 2008 R2, you must install SQL Server 2008 SP1.

Application server

PolicyServer 5.0 Patch 4 requires Microsoft Internet Information Services (IIS) with the following roles installed and enabled:

  • Application Development

    • ASP.NET

    • ASP

    • ISAPI Extensions

    • ISAPI Filters

  • Management Tools

    • IIS Management Console

    • IIS Management Scripts and Tools

    • Management Service

    • IIS 6 Management Compatibility

    • IIS 6 Metabase Compatibility

For Windows Server 2008 and 2008 R2 you must install the "Application server" role and the "Web server" role. Additionally, you must add SMTP and Microsoft IIS Support features.

Legacy Endpoint Encryption environments (version 3.1.3 and earlier) require Client Web Service. If you install Client Web Service on a remote endpoint, install Microsoft IIS on that endpoint.

Other software

  • Both Microsoft .NET Framework 2.0 SP2 (or 3.5) and 4.0

  • Windows Installer 4.5 (SQL Express)

Installation Files

File

Purpose

PolicyServerInstaller.exe

Installs PolicyServer databases and services. Optionally, the PolicyServer MMC can install at the same time.

PolicyServer MMCSnapinSetup.msi

Installs the PolicyServer MMC only.

TMEEProxyInstaller.exe

Installs the Client Web Service and the Traffic Forwarding Service. These services function as web proxies and communication protocols for environments that have PolicyServer and Endpoint Encryption agents in different LANs. Client Web Service functions for 3.1.3 or earlier agents and Traffic Forwarding Service functions for 5.0 or later agents.

Note:

PolicyServer includes a 30-day trial license. To upgrade to the full product version, register your product with your Activation Code in Control Manager or PolicyServer MMC.

Required Accounts

Account

Function

Description

SQL SA

PolicyServer Installer

Account is used only to create the PolicyServer databases

SQL MADB

PolicyServer Windows Service

Account created during installation to authenticate to PolicyServer databases

Local Administrator

PolicyServer Windows Service and IIS

Account used to run the PolicyServer Windows Service and web service application pools