Sizing guidelines
Database storage requirements
Most of the database storage is consumed by the logs. The storage space consumption by the application and policy configuration is negligible when compared to the logs.
The following figure displays the server storage requirements:
Note:
- The metrics are derived based on the assumption that the log event cleanup is disabled and the log retention period is set to 7 days.
- By default, the logs are retained for 90 days or up to 100 K log events are retained depending on the configured settings. These settings are available in the Secure Private Access Runtime service appsettings.json file and can be modified as required. For details, Settings to retain event logs.
Server configuration
The following table displays the server configuration details:
| Configuration | Details |
|---|---|
| Total number of applications | 250 |
| Total number of policies | 50 |
| Number of apps per user | 15 |
| AD configuration | Users are part of 20 groups, upto 20 levels of nesting |
| Troubleshooting log retention period | 7 days (default) |
| Troubleshooting Log level | Error (default) |
| Secure Private Access server log retention | 90 days or 600 files |
Traffic Profile
The following table displays the traffic profile details per day per user.
| Profile | Details |
|---|---|
| Enumerations | 10 |
| Enterprise browser policy sync | 20 |
| App launch from Citrix Workspace app | 4 |
| App access from Citrix Enterprise Browser | 500 |
| Help desk troubleshooting requests (per day), through Citrix Director | 1000 |
Deployment guidelines
The following table displays the database sizing requirement based on parameters such as concurrent app access user sessions, app enumeration per minute, and CPUs used by Secure Private Access:
| Concurrent app access user sessions | App enumeration per min | Secure Private Access memory in GB | Secure Private Access CPUs | Storage in GB | Notes |
|---|---|---|---|---|---|
| < 20 (PoC purposes) | 2 | 4 GB | 2 | 40 GB* | For PoC purposes SPA can be deployed on the same machine as StoreFront without any change in existing VMs specs. |
| 20 | 5 | 8 GB | 4 | 60 GB | - |
| 160** | 18 | 16 GB | 4*** | 60 GB | 2 or more SPA nodes can be deployed for better performance |
Note:
*The storage is mainly consumed by CDF logs. By default, Secure Private Access keeps 600 rollover log files with each file of size 10 MB. So if both Secure Private Access admin and runtime services are running in the same machine, the maximum storage utilization by the logs is 12 GB. Also, SQL express can be installed on the local VM for PoC purposes.**For this load profile and higher, it’s recommended to deploy Secure Private Access on a dedicated server instead of co-hosting with StoreFront, unless the NetScaler Gateway version is lesser 13.0 or lesser than 13.1-48.47.***It is recommended that you use at least 2 Secure Private Access nodes cluster for such load as there some known performance issues. These issues are planned to be addressed in the upcoming releases.
Other components configuration
| Component | vCPUs | Memory |
|---|---|---|
| Secure Private Access plug-in | 8 | 16 GB |
| Secure Private Access SQL server | 8 | 16 GB |
| StoreFront | 16 | 8 GB |
| Gateway | 4 | 8 GB |
| Active Directory | 8 | 14 GB |
| Client | 4 | 8 GB |
Copied!
Failed!