Sensei: Hardware Requirements

Due to the nature of deep packet analysis and detailed drill-down reporting functionality, Sensei requires more hardware resources than a standard L3-L4 firewall.

Note

With the Sensei 1.5 release, you can offload your reporting database to an external system. This allows you to be able to run Sensei on systems with a constrained amount of RAM.

It is recommended that you check if your Ethernet adapter functions well with netmap.

CPU & Memory

Because the analytics module relies on Elasticsearch to process large amounts of data, the amount of the memory available in the system is crucial for the overall performance of Sensei.

Tip

If the number of active devices are more than 250 and the sustained WAN bandwidth is higher than 100 Mbps, we do not recommend deploying Sensei as a virtual guest since resources in virtual environments are generally shared between guest systems.

Below is the recommended minimum hardware requirements for Sensei based on the number of devices and the amount of sustained bandwidth:

# Active Devices

Maximum WAN Bandwidth

Minimum Memory

Minimum CPU

0-25

50 Mbps

4 GB

A Dual-Core CPU (x86_64 compatible, single core PassMark score of 200)

25-50

150 Mbps - 10 Kpps

4 GB

Intel Dual-Core i5 2.0 GHz (2 Cores, 4 Threads) or equivalent

50-100

200 Mbps - 20 Kpps

8 GB

Intel Dual-Core i5 2.2 GHz (2 Cores, 4 Threads) or equivalent

100-250

300 Mbps - 40 Kpps

16 GB

Intel Dual-Core i5 3.2 GHz (2 Cores, 4 Threads) or equivalent

250-1000

500 Mbps - 100 Kpps

32 GB

Intel Quad-Core i7 3.4 GHz (4 Cores, 8 Threads) or equivalent

Note

Sensei requires at least 2 GB of memory. The installer will not continue if you have less than 2 GB of RAM. We recommend 4 GB memory to have an improved experience.

Ethernet Adapter

Sensei uses a FreeBSD subsystem called netmap(4) to access raw Ethernet frames. With FreeBSD 11 (OPNsense version <= 20.1) this software can be very particular in terms of proper driver compatibility.

Intel based adapters, particularly em(4) and igb(4), are observed to perform well in terms of stability and performance.

Sunny Valley Networks is sponsoring developments on this project so you can expect netmap(4) will better support a wide range of Ethernet drivers.

Disk Space

Sensei uses Elasticsearch or MongoDB as its backend to store large data sets. Please allow at least 5 MB of disk space per hour per megabit/second throughput.

If you’re running a 100 Mbps link (about 100 users) which is quite active during the daytime and idle rest of the day, you may calculate the space needed as follows:

5 MB x 12 hours x 100 Mbps = 6 GB per day.
6 GB x 7 days a week = 42 GB per week.
42 x 4 weeks a month = 164 GB per month.

As of version 0.7.0, Sensei expires old report data to free up disk space for the most recent data based on the configured number of days of history to keep.