Performance guidelines
The following information can be used as guidelines before implementing MetaDefender Email Gateway Security at an organization.
Since there are many factors that may affect performance, these test results should not be viewed as performance guarantees.
Factors that may affect performance
Among many others, the following can greatly impact Email Gateway Security performance:
Package and configuration
- set of engines (which engines; how many anti-malware engines)
- configuration (e.g. Deep CDR or Proactive DLP is enabled or not)
System environment
- physical hardware server or virtualized environment (hypervisor)
- profile (make, model and number of CPU cores, amount of RAM)
- storage (make, model and volume; if it is HDD, SSD or RAMDisk)
Traffic characteristics
- number of emails; number, size and file type of email attachments
Test results
Performance is measured by the number of processed emails in a certain timeframe interval. In the test scenarios below, the traffic was generated by using real-world attachment number, attachment size and attachment type distributions.
In all cases below:
MetaDefender Email Gateway Security was deployed as an SMTP relay
CDR was enabled in every case, and was on for all supported file types
Email Gateway Security and Core were deployed on different servers
Server parameters for Core:
- Operating system: Microsoft Windows Server 2022 Standard
- CPU: 2.6 GHz, 64 bit, 8 processors
- Memory: 16 GB RAM
- Storage: 100 GB Hard Disk
Server parameters for Email Gateway Security:
- Operating system: Microsoft Windows Server 2022 Standard
- CPU: 2.6 GHz, 64 bit, 8 processors
- Memory: 16 GB RAM
- Storage: 100 GB Hard Disk
Parallel senders:
- Senders: number of parallel sending threads
- Delay: delay between emails for each sender
Duration for each test execution is 8 hours
Product parameters:
- Core queue size: 500
- CDR parallel count (
parallelcount_ds): 20 - Email Gateway Security concurrency threshold (
concurrency_threshold): 0 - Email Gateway Security concurrency threshold (
processing_threshold): 75
| Email Gateway Security Version | Core Version | Senders | Delay | Multiscan engines | Other engines | Processed emails | Failed emails | |
|---|---|---|---|---|---|---|---|---|
| 6.1.0 (2 instances) | 5.14.1 | 5 | 1000ms | 8 engines | CDR, PDLP, YARA, Adaptive Sandbox, File-Based Vulnerability Assessment, InSights Threat Intelligence | 0 | 0 |
Scaling guidelines
| User count | Architecture | Notes |
|---|---|---|
| 5k-10k | $inline[iimage,https://uploads.developerhub.io/prod/Zxkd/qsq6i00akxw5li09p2gm63pnlt0eusja9y40wyakh9jfrw2j9r29quqmcx1zvr4w.png,58,w100] | Email Gateway Security hardware: 8-16 CPU / 8-16 GB RAM / 100+ GB SSD Factors:
Core hardware: 8-32 CPU / 8-32 GB RAM / 100-300 GB SSD Factors:
|
| 10k-25k | $inline[iimage,https://uploads.developerhub.io/prod/Zxkd/ksqiispdcererxxalffg2c68lb1qpcn4d2qlqzhjkg7jtz94cqxftl4db939taxi.png,273,w100] | Use the Email Gateway Security built-in load balancing of Core servers through the Core type server profile with the round robin server preference. For details see Server preference. One Email Gateway Security instance can supply approximately (tops) 5 Core servers with traffic. |
| >25k | $inline[iimage,https://uploads.developerhub.io/prod/Zxkd/t9m9g15po7t1rlelt3ytyyqmxve4ce2ilezp9vqcwxdpks407jzfgqwra6unuw7w.png,439,w100] | All Email Gateway Security instances may be connected to all Core instances for better traffic distribution. Use the Email Gateway Security built-in load balancing of Core servers through the Core type server profile with the round robin server preference. For details see Server preference. |