IT Security Vulnerabilities Program

This topic is only applicable to Archer on-premises installations.

The Archer IT Security Vulnerabilities Program helps you proactively manage security risks for your organization's IT assets by combining business context, actionable threat intelligence, vulnerability assessment results, and comprehensive workflows in 1 place.

On this page

Performance analysis notes for the IT Security Vulnerabilities Program

If your deployment uses this feature, refer to the following performance analysis notes to understand how the scope and complexity of your IT Security Vulnerabilities Program configuration can affect load times for applications, dashboards, calculations, and notifications.

Hardware Environment

Testing produced the results below in an environment with the following hardware configuration:

Server Type	Services	CPUs (Intel Xenon E5-2690)	Memory
Web Server	Web Application (IIS), Configuration Service, Advanced Workflow Service	16	128GB
Services Server	Job Engine, Queuing Service, Indexing Service, Configuration Service	8	64GB
Database Server	Database	16	128GB

Note: All servers used the Microsoft Windows Server 2012 R2 Standard operating system.

CPU and memory resources remained below maximum capacity during performance analysis at all levels of load.
A single user accessing the Archer test environment measured all test results.

VSR Load

For the purpose of this performance analysis, load is measured by the number of records in the Vulnerability Scan Results (VSR) application in an Archer deployment that returns several hundred vulnerability detections for several hundred IT Security Vulnerabilities Program-enabled devices. VSR load is divided into the following size categories:

Small: 5 million records
Medium: 10 million records
Large: 15 million records

Applications

The VSR load in your Archer deployment significantly affects performance of the following applications:

Vulnerability Scan Results (VSR)
Vulnerability Library
Devices

Note: It is recommended to limit the number of calculated fields in records for these applications. Excessive use of calculated fields can further affect application performance.

Application Load Time

Load time for the VSR application increases at a linear rate proportional to the number of VSR records (up to approximately 90 seconds for a large load).
The Faceted Search Panel loads slower than the main application page (up to 150 seconds for a small load), and does not support medium or large loads in the VSR application.
Other applications with fewer than 200,000 records typically load in under 1 second (including the Faceted Search Panel).

Record Creation and Save Time

Interface load time when adding a new record in the VSR application increases at a linear rate proportional to the number of VSR records (up to approximately 85 seconds for a large load).
Interface load time when saving content in the VSR application remains constant for small and medium loads (approximately 12 seconds), but increases dramatically for a large load (up to approximately 90 seconds).
Load time for creating new records and saving content in other applications with fewer than 200,000 records is relatively consistent for all loads (typically less than 20 seconds).

Advanced Search and Faceted Search

For all levels of load, response times for Advanced Search and Faceted Search increase dramatically when you select fields associated with Global Value Lists (such as Potential Operating System Vulnerabilities, Hardware Vulnerabilities, and Application Vulnerabilities) in the search parameters.
For all levels of load, response times for Faceted Search in the Devices and VSR applications are much longer than those for Advanced Search.
Faceted Search is not supported for medium and large loads due to timeout issues.
Session size for searches in the VSR application increase at a linear rate proportional to the number of VSR records (up to approximately 84 megabytes for a large load).

Dashboards

For all levels of load, CPU utilization on the Web Server and Services Server remains minimal when loading dashboards.
Dashboard load times increase at a linear rate proportional to the number of VSR records (up to approximately 122 seconds for the IT Security Vulnerabilities Program Business and Executive Management dashboard with a large load).
iView request and response sizes remain constant for all loads.

Data Feeds (Qualys, NVD, Tenable Security Center)

It is recommended to run data feeds with "Optimize related calculations after data feed completes" enabled.
Server CPU and memory utilization are minimal when running data feeds for all levels of load.
It is recommended to schedule data feeds to run outside of peak business hours.

Calculations

In deployments with 10,000 or more devices, jobs that modify fields (such as Business Unit Manager) in records associated with the devices may require hours to complete.
it is recommended to schedule jobs that update large numbers of device records (10,000 or more) to run outside of peak business hours.

ADDRESS	ABOUT ARCHER	CUSTOMERS
13200 Metcalf Ave	Events	Archer Academy
Suite 300	Resources	Archer Exchange
Overland Park, KS 66213	Services	Support
	About Us	Archer Community