Detailed System Requirements
Abstract
This document establishes the technical requirements for Guardium version 12.2 - CPUs, RAM.
Content
The IBM Guardium solution is available as a:
- Hardware offering, which is a fully configured physical appliance provided by IBM.
- Software offering, which are software images deployed on customer hardware either directly or as virtual appliances.
The scope of this document is the "software offering," and the listed requirements apply to both the physical appliance and the virtual appliance unless specified otherwise.
Product overview
IBM Guardium is a unified, cross-platform solution that both protects databases in real time and automates the entire compliance auditing process. The solution supports all major database platforms, enterprise applications, and operating systems (UNIX, Linux, Windows, and IBM z/OS).
Guardium can be deployed in a variety of operational modes:
- Collector. In Database Activity Monitoring or Vulnerability Assessment, the collectors monitor and analyze database activity to provide continuous fine-grained auditing and reporting, real-time policy-based alerting and database access controls.
- Central Manager/Aggregator. The Central Manager is a single point of management for the entire Guardium deployment. With the Central Manager, customers can define enterprise-wide policies, alerts, queries and reports, install patches, push configuration and perform a variety of other administrative tasks from a single console. In addition, data from multiple collectors can be aggregated to the Aggregation Server to provide holistic views and generate enterprise-level reports.
Hardware requirements
The following hardware requirements are necessary for the Guardium solution to work properly. Unless specified otherwise, the requirements are for both the physical installation and the virtual installation.
Installation on physical appliances
The Guardium 12.2 solution works only on x86 Intel-based or AMD-based platforms (for example, x86_64). Only platforms and hardware that are officially supported by Red Hat Linux 9.6 (64-bit) are expected to work properly (See links to Red Hat Support documentation, listed at end of this document). However, not all officially supported platforms are guaranteed. Platforms that require additional drivers or specialized post-install configuration are not supported at this time.
Note: If your appliance requires additional configuration beyond the standard Red Hat 9.6 (64-bit) installation, then you should install Red Hat 9.6 (64-bit), record all the installation time choices, and any post-install configuration steps. Send this information to Guardium Technical Services for analysis and, based on the analysis, they may be able to provide a software update to support this platform.
Deviations from the specifications in this document may result in failure to install the solution, in such cases, the appliance might not be accessible over the network and Guardium Technical Support engineers will not be able to assist in troubleshooting and remediation.
Installation on virtual appliances
Guardium can be installed on Red Hat OpenShift Virtualization, Red Hat Enterprise Virtualization, VMware Virtualization, Microsoft Hyper-V, and Nutanix AHV.
Notes:
- Hardware requirements for the virtual solution are restricted to the platforms supported by VMware. ESX 5.1 or higher is the minimum to run Guardium 12.x.
- When using the virtual solution, the performance of Database Activity Monitoring using over-the-network inspection through SPAN port or Tap device depends on the configuration of the virtual system, including CPU and memory dedication.
- VMware introduces additional complexity. The overall performance and utilization of your Guardium virtual appliance may vary based on VMware configuration, resource allocation, and/or sizing planning.
Minimum and recommended resources per software/virtual appliance
In addition to minimum and recommended resources for typical deployments, recommendations are also provided for high-load environments such as Teradata clusters, Oracle Exadata, Oracle SuperCluster, or IBM POWER9.
| Resource | Required Range * | Comments |
| Physical CPUs | Minimum: 4 cores Recommended: 8 cores Recommended for high-load environments: 24 cores | x86 (Intel or AMD) processors required |
| Virtual CPUs | Minimum: 4 vCPUs Recommended: 8 vCPUs
| For Kafka broker nodes, 8 CPUs are recommended (Core=4, Socket=2). |
| RAM | (64-bit) Minimum: 24 GB (min) Maximum: motherboard max Recommended: 32 GB Recommended for high-load environments and environments using Analytics and Quick Search: 64 GB | Guardium's features are memory intensive. To take full advantage of these features, it is recommended to have at least 32 GB of RAM and 8-core CPU. For Central Managers in a large federated environment, the recommended memory is 64 GB. For Kafka broker nodes, the recommended RAM is 64 GB and SWAP is 32 GB. Allocating more than 96 GB of RAM to Guardium collectors does not result in additional linear performance improvements. To maintain system efficiency, it is recommended to limit memory allocation to 96 GB or less. |
Ports (NICs) 1 Gbit or 10 Gbit per second card recommended 10 Gbit per second card can be used in 64-bit system with sufficient memory | 1-4 | Each port can be an actual NIC, or a virtual switch that can be configured to use multiple NICs, optionally with failover IP teaming. Optional: The third port may also be configured to team with the primary interface in order to provide failover IP teaming. Alternatively, the last port on the device may be configured as a secondary management interface with a different IP, NETMASK and GW from the primary. When using Inspection Engines to capture traffic (not S-TAPs) on software appliances, additional ports may be required. Multiple network interfaces are supported on: (1) a Guardium hardware appliance; (2) a customer's software appliance (the customer installs Guardium software on their hardware appliance); or (3) VMware solution with ESX Server. |
| Disk Size | Minimum: 300 GB Maximum:<2 TB Recommended:
Guardium supports smaller HD disks for integrated data warehouse configurations, using datamart interfaces (10.1.3 and later). | Use of RAID is recommended. RAID-10, RAID-0, RAID-1, RAID 0+1, RAID 1+0 are supported. Note: Larger disks may hold more audit records for longer periods of time, but are more likely to impact performance. At least 25 GB of free disk space on the /var partition is required. For Kafka broker nodes, the recommended disk sizes are:
|
| Disk Size | >2 TB | Beginning with v10.1.2, disk partitions, >2 TB are supported. However, certain conditions are required: 1. Configure the system into EFI/UEFI mode via the BIOS. 2. Install version 10.1.2 or later. For example version 11.4, 11.5 or 12. (a) during which the install should auto-detect the EFI bios support and use GPT (GUID Partition Tables) that allow >2 TB partitions. (b) Additionally the v10.1.2 install will also use EXT4 partition types by default, and thus avoid the previous EXT3 file size limitation of <2 TB. Note: To resize the hard drive of an existing appliance, the user needs to rebuild their system. |
| Disk Speed | 7200 RPM to 15,000 RPM | To use 7200 RPM, scale back the sizing ratio by 70%. Example: If you are using 7200 RPM disk, which is slow, you should reduce your sizing by 70%. If your sizing calls for 10 S-TAPs to a collector, if you are running with 7200 RPM drives, drop that to 3 S-TAPs to a collector. |
* Refer to IBM configuration tables for physical ranges.
Important: The installation of the software appliance will wipe the disk, repartition and reformat the disk, and install the Guardium solution as a newly installed operating system.
Refer to the Appliance Installation Guide for step-by-step instructions on configuration and installation. The separate Appliance Installation Guide also provides information on how to customize the partitioning on the appliance and how to install on a remote drive (SAN). Installation on a SAN is supported; installation on a NAS is not supported.
Guardium support for 10G network cards
The 10G network cards must be supported by the Red Hat Enterprise Linux (RHEL) 9.6 or later.
Sizing recommendations
Standard Appliance Specification
There are four configurations of the IBM SR630 V2 (M7) shipped by IBM:
- Collector x2464 64-bit
- Aggregator x2464 64-bit
- Collector x3364 64-bit
- Aggregator x3364 64-bit
Note: In general, hardware specifications and configuration should follow manufacturers' best-practices to optimize performance. For example on the topic of memory configuration, make sure that the DIMMs are both balanced and matched, otherwise you will not take advantage of the full capacity of the appliance.
Collector x2464 64-bit (4731-G2D)
Aggregator x2464 64-bit (4731-G3D)
| Components | Specifications |
Form factor | 1U rack mount |
Processor | Two Intel Xeon Silver 4310 Processors 12C 2.1 GHz 18 MB Cache 120 W |
Memory | Collector and Aggregator: 128GB, Four 32GB TruDDR4 Memory (2Rx4, 1.2V) 2666MHz RDIMM |
Disk drive bays | Collector and Aggregator: 2.4TB, Four 1.2TB 10K 12Gbps SAS 2.5", RAID 10 |
I/O - Networking | ThinkSystem 1Gb/10Gb 4-port 10GBase-T OCP |
Intel E810-DA2 Dual Port 10Gb/25Gb SFP28 Adapter | |
Transceiver | Two SFP28 SR Transceivers |
Environment | Air temperature: Operating: ASHRAE Class A2: 10 °C - 35 °C (50 °F - 95 °F); for altitudes above 900 m (2,953 ft), decrease the maximum ambient temperature by 1 °C for every 300-m (984-ft) increase in altitude Non-operating: 5 °C to 45 °C (41 °F to 113 °F) Storage: -40 °C to 60 °C (-40 °F to 140 °F) Humidity: Operating: ASHRAE Class A2: 20% - 80% (non-condensing); maximum dew point: 21 °C (70 °F) Electrical: 100 to 127 (nominal) V ac; 50 Hz or 60 Hz; 8.4 A 200 to 240 (nominal) V ac; 50 Hz or 60 Hz; 4.1 A Input kilovolt-amperes (kVA) (approximately): 0.466 kVA |
Ports | Rear: 3x USB 3.1 ports, 1 x video connector, 1x RJ-45 10/100/1000 Mb XClarity Controller connector |
Power Cord | Two 2.0m, 13A/100-250V, C13 to IEC 320-C14 Rack Power Cable |
Hot-swap parts | Hard drives, power supplies, fans. |
Chassis | Height: 43mm (1.7"), Width: 440mm (17.3"), Depth: 773mm (30.4"), Weight: 26.3kg (58lb) Max |
Collector x3364 64-bit (4731-G4D)
Aggregator x3364 64-bit (4731-G5D)
Components | Specifications |
Form factor | 1U rack mount |
Processor | Two Intel Xeon Gold 5317 Processors 12C 3.0 GHz 18 MB Cache 150 W |
Memory | Collector: 128GB, Four 32GB TruDDR4 Memory (2Rx4, 1.2V) 2666MHz RDIMM Aggregator: 256GB, Eight 32GB TruDDR4 Memory (2Rx4, 1.2V) 2666MHz RDIMM |
Disk drive bays | Collector: 2.4TB, Four 1.2TB 10K 12Gbps SAS 2.5", RAID 10 Aggregator: 4.8TB, Eight 1.2TB 10K 12Gbps SAS 2.5", RAID 10 |
I/O - Networking | ThinkSystem 1Gb/10Gb 4-port 10GBase-T OCP |
Intel E810-DA2 Dual Port 10Gb/25Gb SFP28 Adapter | |
Transceiver | Two SFP28 SR Transceivers |
Environment | Air temperature: Operating: ASHRAE Class A2: 10 °C - 35 °C (50 °F - 95 °F); for altitudes above 900 m (2,953 ft), decrease the maximum ambient temperature by 1 °C for every 300-m (984-ft) increase in altitude Non-operating: 5 °C - 45 °C (41 °F - 113 °F) Storage: -40 °C - +60 °C (-40 °F - 140 °F) Humidity: Operating: ASHRAE Class A2: 20% - 80% (non-condensing); maximum dew point: 21 °C (70 °F) Electrical: 100 to 127 (nominal) V ac; 50 Hz or 60 Hz; 8.4 A 200 to 240 (nominal) V ac; 50 Hz or 60 Hz; 4.1 A Input kilovolt-amperes (kVA) (approximately): - 0.534 kVA (Collector) |
Ports | Rear: 3x USB 3.1 ports, 1 x video connector, 1x RJ-45 10/100/1000 Mb XClarity Controller connector |
Power Cord | Two 2.0m, 13A/100-250V, C13 to IEC 320-C14 Rack Power Cable |
Hot-swap parts | Hard drives, power supplies, fans. |
Chassis | Height: 43mm (1.7"), Width: 440mm (17.3"), Depth: 773mm (30.4"), Weight: 26.3kg (58lb) Max |
Collector x3364n 64-bit (4731-G6D)
Aggregator x3364n 64-bit (4731-G7D)
Components | Specifications |
Form factor | 1U rack mount |
Processor | Two Intel Xeon Gold 5317 Processors 12C 3.0 GHz 18 MB Cache 150 W |
Memory | Collector: 128GB, Four 32GB TruDDR4 Memory (2Rx4, 1.2V) 2933MHz RDIMM Aggregator: 256GB, Eight 32GB TruDDR4 Memory (2Rx4, 1.2V) 2933MHz RDIMM |
Disk drive bays | Collector: 3.84TB, Two 3.84TB NVMe PCIe Gen 4.0 2.5", RAID 1 |
I/O - Networking | ThinkSystem 1Gb/10Gb 4-port 10GBase-T OCP |
Intel E810-DA2 Dual Port 10Gb/25Gb SFP28 Adapter | |
Transceiver | Two dual rate 10Gb/25Gb SFP28 SR Transceivers |
Environment | Air temperature: Operating: ASHRAE Class A2: 10 °C - 35 °C (50 °F - 95 °F); for altitudes above 900 m (2,953 ft), decrease the maximum ambient temperature by 1 °C for every 300-m (984-ft) increase in altitude Non-operating: 5 °C - 45 °C (41 °F - 113 °F) Storage: -40 °C - +60 °C (-40 °F - 140 °F) Humidity: Operating: ASHRAE Class A2: 20% - 80% (non-condensing); maximum dew point: 21 °C (70 °F) Electrical: 100 to 127 (nominal) V ac; 50 Hz or 60 Hz; 8.4 A 200 to 240 (nominal) V ac; 50 Hz or 60 Hz; 4.1 A Input kilovolt-amperes (kVA) (approximately): - 0.515 kVA (Collector) |
Ports | Rear: 3x USB 3.1 ports, 1 x video connector, 1x RJ-45 10/100/1000 Mb XClarity Controller connector |
Power Cord | Two 2.0m, 13A/100-250V, C13 to IEC 320-C14 Rack Power Cable |
Hot-swap parts | NVMe drives, power supplies, fans. |
Chassis | Height: 43mm (1.7"), Width: 440mm (17.3"), Depth: 773mm (30.4"), Weight: 26.3kg (58lb) Max |
UEFI = 3.50 (AFE134E) XCC (BMC) = 5.50 (AFOT54H) LXPM = 3.31 (XWL128G) RAID 940 = 52.32.0-5990
IBM Support Fix Central download: SR630-V2 (M7) v8.0.0 (25.2) Firmware Version
More information
For more information, visit the following online resources:
- Guardium product overview
- IBM Support community
- Installation guide
- Red Hat hardware compatibility
- Red Hat Enterprise Linux (RHEL) release notes
Was this topic helpful?
Document Information
Modified date:
24 October 2025
UID
ibm17244627