S 2.465 Analysis of the required system resources of terminal servers

Initiation responsibility: IT Security Officer, Head of IT

Implementation responsibility: Administrator

In order to be able to guarantee the availability of terminal servers, system resources dimensioning is of decisive importance. Processor output, data throughput to storage systems, and their size are properties which describe the speed of a terminal server, but also have an extreme impact on the stability of such a multi-user system.

The capability of the terminal server clients, on the other hand, is less important, since they only administrate the display and input.

The more users use an individual terminal server, the more processes are started on this server and must run promptly and in parallel. If certain limits have been reached, the terminal server may prevent further users from accessing it, respond too slowly for the users who are already logged in, or even fail entirely.

Scalability

Terminal server systems in particular may quickly stretch the technology used to its performance limits. Here, it must be taken into consideration that no individual IT system can be upgraded endlessly and therefore bottlenecks will occur as of a certain load limit depending on the respective application. These bottlenecks may be eliminated, but show that limitations may occur at other locations if the server load is increased further.

Limiting factors may include

• the number of processors that can be installed
• the addressability of the main memory by the system architecture
• the capability of the memory to be administrated by the operating system
• the speed of the bulk storage systems
• the bandwidth of the internal bus systems

For example, the Microsoft Windows Server 2003 addresses a maximum of 4GB main memory as the basis for the terminal server service on a 32-bit system. In the default configuration, the operating system divides this memory into two areas with 2GB each for applications and the system organisation.

Therefore, a strategy should be developed in order to take into account the growing number of users, the higher data volumes, and therefore the higher loads when planning the terminal server environment.

In practice, concepts such as server clusters (terminal server farms) have proven successful, with information regarding their secure implementation provided in S 6.142 Use of redundant terminal servers. The decisions made in accordance with this safeguard also have a mutual impact on the required dimensioning of the system resources, however. Thus, the required performance and the related reliability can be provided either by the redundancy of the servers or the redundancy of the components in the servers themselves.

Drawing up a requirement profile

In order to determine the resources actually required, it is recommendable to perform an in-depth analysis of the target environment. Here, it is not possible to draw conclusions regarding the memory consumption of the system with the target number of users based on the memory consumption of an individual application executed by one user. Moreover, background processes such as anti-virus scanners, file indexing mechanisms, and screen effects should be taken into consideration.

Therefore, it must at first be verified which programs are used, which tasks are performed using these programs and how, and how fast the applications must respond in order for the users to perform their activities. If required, automated tests or tests with user groups may support the available empirical values.

Review questions:

• Has it been checked which applications are to be used on the terminal server and which tasks are to be performed using these applications?
• Has it been checked which performance requirements are posed by the applications to the terminal server environment given the planned number of users?
• Has a strategy for using terminal servers been drawn up in order to cope with growing numbers of users, higher data volumes, and therefore higher loads?