The Threat Detection server deployed on VMWare ESX is available in both 8 and 16 cores versions.
For a Hyper-v deployment, a single server is available and you select the number of cores during the deployment.
NOTE: Consider when adding events for Threat Detection auditing.
For optimal Threat Detection results, Quest recommends that you select file, folder, and share events that audit permission changes, create, delete, rename, and open actions during the template creation.
Some of the events required for Threat Detection can be very noisy and take up significant space in the Change Auditor database. Once the events are sent to the Threat Detection server for analysis storage in the Change Auditor database is no longer needed.