Control Compliance Suite (CCS) 12.x.x – Guidelines for Reporting Servers
search cancel

Control Compliance Suite (CCS) 12.x.x – Guidelines for Reporting Servers


Article ID: 191156


Updated On:


Control Compliance Suite Control Compliance Suite Standards Server


Here are guidelines that will help to plan for the number of reporting servers needed to have in CCS deployment. This assumes that the server configuration is at least matching with what Planning and Deployment Guide is recommending. In general, Broadcom has seen customers having much better and higher configuration than what the guide recommends; possibly because the guide is quite old and hardware and software have evolved considerably since then.


CCS 12.6.x


  1. The most important parameter is 'Compliance Cycle Frequency'. One Compliance Cycle means assessing all assets against the desired standards and generating reports for them. It is an umbrella term covering the following attributes:
    • The frequency of the cycle. Is it weekly/bi-weekly/monthly/quarterly/etc.?
    • Number of assets
    • Number of checks
    • Which are the report templates involved? Performance does vary based on which templates are being used.
  2. Depending upon these parameters and environmental parameters such as network bandwidth etc., report generation time will vary.
  3. A typical way to start with will be to create a benchmark Report Generation Job, run it and note down the timing for it.
  4. The next step should be to estimate report generation time for all assets.
    • For instance, assume that in this case there are 40K assets and 300 checks.
    • Assuming that the benchmark report job of 1K asset and 300 checks takes around 45 minutes.
    • Considering 15 minutes of cool-down period, it takes an hour to scan 1K assets and 300 checks.
    • Therefore, it is very likely to take around 40 hours to generate reports for 40K assets and 300 checks.
  5. The next question is: is it good enough to meet the objective of 'Compliance Cycle'?
    • For instance, typically customers run data collection Jobs during non-business hours and over weekends.
    • Let's assume in this case that data collection and evaluation jobs are run over the weekend.
    • By Monday, evaluation data is ready to generate the reports. Let's assume that the reports have to be generated by Tuesday morning i.e. within 24 hours.
    • Since generating reports for all 40K assets will take at least 40 hours, it is not meeting the Compliance Cycle objective.
    • In order to meet the objective, Reporting Servers need to be scale-out.
    • If adding a reporting server and assuming that it cuts down the overall report generation time by almost half, the reports should be available within 24 hours.

Please note that there will still be components like Application Server, Load Balancer, and Database server which are not scaled out, and hence Broadcom cannot claim that by doubling the number of reporting servers, the overall report generation will cut down by half. But, it is safe to assume that it will come down considerably because a substantial amount of the processing happens on Reporting Server while generating the report.