Sustainability — operator primer (MVP)¶

Other languages: English · Português · Español

Audience: NGFW operator running a TLSStress.Art test bench who needs to produce sustainability reports — energy consumed, CO2 emitted, equivalent in trees + carbon credits, plus AWS IaaS + competitor cost comparison.

TL;DR¶

# 1. Configure devices on Settings → Sustainability → Inventory
#    (PDUs, servers, NGFW DUT, switches; SNMP / IPMI / Redfish creds)
# 2. Pick your grid region (Dashboard → /sustainability)
# 3. Run any test as usual — energy collectors poll automatically
# 4. Open the test detail → Sustainability tab to see:
#    - Live Watts chart (per-device)
#    - kWh consumed + kg CO2 emitted
#    - Trees-per-year equivalent + carbon credit cost
#    - "If you ran on AWS, you would have spent $X" callout
#    - "vs Spirent/Keysight/Ixia, you saved $Y per test"
# 5. Download report (executive or detailed × md/html)

The MVP uses SNMP / IPMI / Redfish polling only — no MQTT (deferred). Devices need to be reachable on the OOBI fabric for the bench to poll them.

What gets monitored¶

Device	Method	OID / Endpoint
Smart PDUs (APC AP8XXX)	SNMP	rPDU2OutletMeteredStatusActivePower
Smart PDUs (Raritan PX3/PX4)	SNMP	outletWatts
Smart PDUs (Eaton ePDU)	SNMP	xupsOutputWatts
Smart PDUs (generic RFC 4133)	SNMP	entPhySensorValue
Servers (UCS, Dell, HPE, Supermicro)	IPMI DCMI	dcmi power reading
Servers (UCS M6/M7, iDRAC9, iLO5)	Redfish	/redfish/v1/Chassis/{id}/Power
NGFW DUT (Cisco FTD)	SNMP	CISCO-ENTITY-SENSOR-MIB
NGFW DUT (Cisco Secure Router)	SNMP	CISCO-ENVMON-MIB
NGFW DUT (Palo Alto)	SNMP	PAN-COMMON-MIB panSysHwPowerWatts
NGFW DUT (Fortinet)	SNMP	FORTINET-FORTIGATE-MIB fgHwSensors
NGFW DUT (Check Point)	SNMP	CHECKPOINT-MIB chassisPowerSupplyEntry
NGFW DUT (Sophos / WatchGuard / Forcepoint)	estimated	nameplate × utilization
Switches (Cisco Nexus / Catalyst)	SNMP	ciscoEnvMonSupplyEntry + POWER-ETHERNET-MIB
Switches (Arista)	SNMP	ENTITY-SENSOR-MIB
Switches (Juniper)	SNMP	JUNIPER-MIB jnxOperatingDescr

For DUTs without telemetry, supply utilization (0..1) and the collector estimates as idle + (nameplate − idle) × utilization.

How the math works¶

Per-device energy:

  Wh = ∫ Watts dt  (trapezoidal integration between samples)
  kWh = Wh / 1000
  attributable_kWh = max(0, raw_kWh − idle_W × duration_h / 1000)

Per-test CO2:

  kg_CO2 = total_attributable_kWh × REGION_FACTOR

REGION_FACTOR is from the IEA 2024 country dataset. The regions ship with built-in factors:

Region	kg CO2 / kWh	Notes
BR	0.094	Hydro-dominated
NO	0.029	Hydro-only
FR	0.052	Nuclear-heavy
US	0.371	National average
DE	0.366	Coal + renewables
PL	0.659	Coal-heavy
IN	0.708	Coal-dominated
GLOBAL	0.475	IEA worldwide weighted

Pick your real region — the same test in Poland emits ~7× more CO2 than in Brazil.

Trees + Carbon Credits visualization¶

We translate kg CO2 into intuitive equivalences:

Equivalence	Reference value	Source
1 mature tree-year	21 kg CO2 absorbed	USDA Forest Service
1 carbon credit	$15/ton CO2 offset (default)	Ecosystem Marketplace 2024 VCM blend
1 km of car driving	0.251 kg CO2 emitted	EPA 2024
1 hour of Netflix HD	0.036 kg CO2 emitted	Netflix ESG 2024
1 smartphone full charge	0.00822 kg CO2 emitted	EPA Calculator

The report's "Carbon footprint" block shows all of these so the customer can frame the result in whatever language resonates.

"If you had used AWS" comparison¶

For every test, the report includes a callout: "if you had run this exact workload on AWS instead, you would have paid $X". The math:

Line	Source
Compute	matched VM SKU × duration_hours
Egress	data_transfer_GB × $0.09/GB
CloudWatch logs	log_GB × $0.50/GB
EBS storage	storage_GB-month × $0.08/GB-month

Picker: cheapest AWS Marketplace NGFW VM SKU that meets the DUT's throughput. 7 VM-Series SKUs supported (FortiGate VM-04 + VM-08, Palo VM-300 + VM-500, Cisco FTDv 30, Check Point CloudGuard, Sophos XG).

Real-world calibration: - 24h × 8 Gbit/s × 1 TB egress on Palo VM-500: ~$290 AWS bill - Same workload on-prem with $0.12/kWh + 5 kWh: ~$0.60 - Customer savings: ~99.8%

"vs Spirent/Keysight/Ixia" comparison¶

The detailed report template adds an amortized 5-year TCO table for the top 3 commercial NGFW test rigs:

Vendor	Capacity	List Price	Yearly TCO	Per-Test
Spirent Avalanche C100	100 Gbit/s	$2,350,000	~$893,000	~$8,930
Keysight CyPerf 100G	100 Gbit/s	$2,100,000	~$798,000	~$7,980
Ixia BreakingPoint 100G	100 Gbit/s	$2,450,000	~$931,000	~$9,310
TLSStress.Art v5.0	100 Gbit/s	$500,000	~$190,000	~$1,900

Customer savings vs vendor average: ~78% (per capacity-matrix analysis in discuss_capacity_planning_matrix_competitive_2026_05_10).

Operator workflow¶

First-time setup¶

Open /sustainability in the dashboard
Pick your grid region (changes the CO2 emission factor)
Open Settings → Sustainability → Inventory
Add each PDU / server / DUT / switch:
SNMP community OR IPMI/Redfish credentials
Endpoint IP (must be reachable from the bench)
idle_watts (optional, recommended — improves accuracy)
nameplate_watts (optional, sanity guard)
sampling_interval_s (default 5s)

Running a test¶

Just run any test as usual. The bench: - Polls every device on its sampling interval - Stores raw EnergySample[] streams per device - On test completion: integrates → kWh → CO2 → all equivalences - Auto-attaches sustainability data to the test run

Reviewing results¶

In the test detail view, the Sustainability tab shows: - Live Watts chart (per-device colored line) - Energy summary (kWh consumed by device + total) - Carbon footprint (Trees + km driving + Netflix hours + cost) - Cost comparison (AWS + competitor TCO)

Download report → choose: - Template: executive (1-page) or detailed (full breakdown) - Format: .md (audit log) or .html (PDF-ready)

What's NOT in MVP (deferred)¶

Feature	Status
MQTT broker integration (smart PDU push)	Next session
Webhooks (notify Slack/Teams when CO2 budget exceeded)	Next session
Live cost-budget alerts mid-test	v5.1+
Multi-region per-test runs	v5.2+
ESG report templates (CDP / GRI standards)	v5.3+
Carbon offset auto-purchase via VCM API	v6.0+

Cross-refs¶

project page — TLSStress.Art overview
NETSECOPEN_PRIMER.md — companion NGFW perf primer
dashboard/src/lib/sustainability/ — module index:
schema.ts (SUS-1) — canonical types
pdu-collector.ts (SUS-2) — APC/Raritan/Eaton/generic
server-collector.ts (SUS-3) — IPMI + Redfish
dut-collector.ts (SUS-4) — 10 NGFW vendors
switch-collector.ts (SUS-5) — Nexus/Catalyst/Arista/Juniper
aggregator.ts (SUS-6) — Watts → kWh → kg CO2
trees-credits.ts (SUS-7) — equivalences
aws-cost.ts (SUS-8) — IaaS cost calculator
competitor-tco.ts (SUS-9) — vendor TCO + combined savings
report-renderer.ts (SUS-10) — md + html × executive + detailed
energy-chart.ts (SUS-12) — pure-SVG live chart widget

Module index — what code produces what¶

Module	Purpose
SUS-1 schema	Canonical Zod schemas + region factors + pricing tables
SUS-2 pdu-collector	SNMP polling for smart PDUs (4 vendors)
SUS-3 server-collector	IPMI DCMI + Redfish for server BMCs
SUS-4 dut-collector	NGFW vendor-specific MIB dispatch (10 vendors)
SUS-5 switch-collector	Nexus/Catalyst/Arista/Juniper + multi-PSU
SUS-6 aggregator	Watts × time → kWh × CO2 factor → kg CO2
SUS-7 trees-credits	kg CO2 → trees + carbon credit cost + 3 equivalences
SUS-8 aws-cost	AWS IaaS bill (compute + egress + logs + storage)
SUS-9 competitor-tco	5-year amortized TCO vs Spirent/Keysight/Ixia
SUS-10 report-renderer	executive + detailed × md + html
SUS-11 dashboard menu	/sustainability landing page
SUS-12 energy-chart	Pure-SVG live Watts chart widget
SUS-13 — this primer	Operator how-to
SUS-14 sample demo	End-to-end on Cisco 1220CX fixtures