Sign In with your
Trend Micro Account
Need Help?
Need More Help?

Create a technical support case if you need further support.

Recommended scalabilities for Smart Protection Relay

    • Updated:
    • 24 Nov 2016
    • Product/Version:
    • Core Protection Module 10.5
    • Core Protection Module 10.6
    • Platform:
    • Windows 2003 Enterprise
    • Windows 2003 Standard

When planning the deployment for switching Core Protection Module (CPM) endpoints from default Conventional Scan method to Smart Scan method, refer to the following information for recommended numbers of CPM endpoints before starting deployment.


The following table describes the Smart Protection Relay test environment:

SpecificationsStandard MachineLow-end Machine
Processor TypeIntel Dual Core 2  2.66 GHzIntel Pentium 4  2.8 GHz
Logical Processor21
Memory2G RAM1G RAM
Hard Disk250 GB200 G
Network Card1G NIC1G NIC

The following table shows the recommended number of CPM endpoints for extreme scenarios. Extreme scenarios include situations like the first 24 hours after switching CPM endpoints to Smart Scan method, or everyone coming back to work after a two-week long holiday.

SpecificationsRecommended Number of CPM EndpointsSPU Usage of SPR
Standard Machine100016%
Low-end Machine50026%
The CPU loading in the table above only shows the average load. Loading/performance may vary depending on different hardware. Please also take available bandwidth into deployment consideration when locating relays at remote sites.

For CPM v10.5, Trend Micro suggests deploying one layer relays for best performance. That means all Smart Protection Relays will directly query Smart Protection Servers. Administrators can determine how many Smart Protection Servers they need to deploy based on the number of CPM endpoints under Smart Protection Relays.

To reach the maximum capacity for one Smart Protection Server, Trend Micro suggests deploying Smart Protection Server on high-end machines.

The following table describes the Smart Protection Server test environment.

SpecificationsHigh-end Machine
ModelDell PowerEdge R710
ProcessorTwo Xeon Quad 2.27 GHz
Logical Processors8
Memory32G RAM
Hard Disk1.63 TB
Network Card1G NIC

The capacity data and VM environment details in the test results shown in the table below are based on dedicated virtual machine resource usage (including virtual processors and memory).

Trend Micro also suggests this configuration to achieve supporting the recommended number of CPM endpoints listed in the table below. If the machine hosting Smart Protection Server is resource shared by other VMs, performance and scalability may drop depending on the system resource arrangements for the other VM applications on the same host machine.

SpecificationsHigh-end Machine
Virtual Processors4
Recommended Number of CPM Endpoints50,000
CPU Usage75%

For the recommended 50,000 CPM endpoints, Trend Micro suggests switching CPM endpoints to Smart Scan method in batches. One batch at most should not have more than 5,000 endpoints.

After all endpoints are switched to Smart Scan method, it is also suggested to configure scheduled scans in batches to avoid heavy traffic between Smart Protection Server/Relay and CPM endpoints. Again, in a corporate with 50,000 CPM endpoints, one batch at most should not have more than 5,000 endpoints running scheduled scan simultaneously.

Smart Protection Relay's default network throttle settings can be used when outbound bandwidth is more than 20 Mbps. With default settings, Smart Protection Relay will only use up to 9 Mbps on a 20 Mbps network environment.

If the total outbound bandwidth is less than 20 Mbps, please use the BigFix Fixlet to customize the bandwidth that a Smart Protection Relay is allowed to use. Supported outbound bandwidths are:

  • 10Mbps
  • 6Mbps
  • 2Mbps
  • 512Kbps
  • 256Kbps

The network throttle settings that a Smart Protection Relay uses and their recommended number of smart scan endpoints supported under different bandwidth settings are listed in the table below:

Total Outbound Bandwidth (5 profiles)Total Network Throttle for Smart Protection RelayNetwork Throttle for Smart Protection Relay - Smart Query Filter UpdateRecommended Number of Smart Scan Endpoints
256 Kbps90 Kbps45 Kbps8
512 Kbps150 Kbps45 Kbps20
2 Mbps614 Kbps184 Kbps80
6 Mbps1.8 Mbps552 Kbps245
10 Mbps3 Mbps921 Kbps410
Configure; Deploy; Install
Solution Id:
Did this article help you?

Thank you for your feedback!

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

If you need additional help, you may try to contact the support team. Contact Support

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.