SCEPman depends mainly on the CPU resources. Memory and disc are less important.
A SCEPman instance in one Azure S1 App Service Plan can serve up to 400 requests per minute. Requests are
- SCEP issuing requests and
- OCSP requests.
The load for your SCEPman service has several dependencies and varies in the different environments. Important dependencies are:
- 1.Distribution of requests
- 2.Frequency of logins to network resources
- 3.Frequency of certificate requests/renewals
Especially the distribution of the requests has a high importance. If all clients do requests at the same time, your SCEPman instances get heavy load.
We recommend the following sizing in Azure Compute Units (ACU) for the Azure App Service Plans as a starting point:
Every environment has its own load distribution over the day. In many environments the morning (start of work) generates a peak in terms of load at your SCEPman.
You can adapt the computing power for your App Service to your individual daily load distribution with the Azure App Service Scale Out features. E.g. you could define 2 x S1 in the morning from 08:00-10:00 to cover the morning peak, while you reduce to 1 x S1 for the rest of the day.
If you are able to predict your load well (e.g. derived from load history), we recommend Manual Scale over Auto Scale, since Auto Scale has to behave lazy (hysteresis) to prevent flapping between scales.