System and Memory Requirements for Secret Server

Root > Secret Server

Software Requirements

 

Requirement

Versions supported

Notes

Microsoft operating system

Windows Server 2012 R2

Windows Server 2012

Windows Server 2008 R2

Windows Server 2008

Windows 8.1

Windows 8

Windows 7

Windows Vista Ultimate

Windows Vista Business

Small Business Server (SBS) is  not supported

 

The Essentials edition is not supported due to requiring the domain controller role

 

The “Core” (GUI-less) role is only supported for Server 2012 and Server 2012 R2

Microsoft SQL Server

SQL Server 2005

SQL Server 2008

SQL Server 2008 R2

SQL Server 2012

SQL Server 2014

Express edition or higher is supported.

Microsoft Internet Information Services (IIS)

IIS 7

IIS 8

Part of the operating system

Microsoft .NET Framework

.NET Framework 4.5.2

.NET Framework 4.5.1

Both 32-bit and 64-bit versions are supported, however, some features of Secret Server require 64-bit to operate.

 

Do not plan to install Secret Server on a domain controller. Microsoft ASP.NET will not operate reliably when installed on a domain controller.

 

Hardware Requirements

 

Size of Installation

#

Secrets

#

Users

Processor

RAM

Disk space

Database server

Web application server

Small

1,000

1 - 10

Dual-core

1.6 GHz or higher

2 GB

500 MB

+ 10 MB per user, per year

500 MB

Medium

1,000 - 10,000

10 - 100

Dual-core

2 GHz or higher

4 GB

1 GB

Large

10,000+

100+

Quad-core

2 GHz or higher

8 GB

2 GB

 
 
To improve performance in larger environments where the Discovery and/or Session Recording features will be used heavily, it is also recommend to scale up resources.
 
If you are running Discovery and/or Session Recording...
 
Size of Installation
#
Secrets
#
Users
Processor
RAM
Disk space
Database server
Web application server
Heavy Use
10,000+
100+
Quad-core
2 GHz or higher
16 GB
2 GB
+ 10 MB per user, per year
500 MB + 1TB Shared or Local Drive
 
 
 
Instructions on setting up Database Mirroring and Disaster Recovery - recommended for medium and large installations.
 
 

Other Considerations

  • Secret Server will operate in a virtualized environment (VMWare or Hyper-V).  
  • Do NOT install Secret Server on a domain controller (Microsoft ASP.NET does not operate reliably when installed on a domain controller).
  • Do NOT install Secret Server on a server running SharePoint.
  • You can run Secret Server on the same machine as other applications (Secret Server will require sufficient RAM and CPU to operate normally), however, see the next point:
  • For maximum security, you should install the application on dedicated systems or at least systems with applications with the same level of security/sensitivity.  Access to these systems should then be restricted.  While all sensitive data in Secret Server is either securely hashed or encrypted, it is a security best practice to limit any opportunities for foul play.
  • If you intend to use Session Recording, additional disk space will be needed for the database to store the recorded videos.  See http://support.thycotic.com/KB/a162/configuring-session-recording.aspx for more information.
 

Performance

 
The following example is based off of a test instance with 120,000 Secrets:
    • The database was 1.6 GB.
    • The machine was a Windows 7 instance with an Intel i7 2.67 GHz processor and 6GB of RAM.
  1. Searching performance is primarily driven by the number of Secrets a user has access to, so in the above example a user searching all folders with View access to all Secrets could see search times of 4-6 seconds. Meanwhile, a user with access to 6,000 Secrets in the same instance will see search queries return in 1-2 seconds. Search times can vary based on data; the fastest search will be for a distinct value in a smaller set of Secrets, the longer searches will be for a generic value in a larger set of Secrets. For example, the search for a Secret named "PRODSRV03\LocalAdmin" will return much faster if the search value is "PRODSRV03" and done in a specific folder than if the search is "Admin" and done at the root level.
  2. To increase performance, consider putting the database and web application on a separate servers, which will reduce resource contention. Another option is to set up front-end clustering behind a load balancer using the Enterprise Plus edition, which will help scale out the work done on the web server.

Add Feedback