# Azure Costs Estimates
Installing Anvilogic's UD for Azure creates a new Azure Data Explorer cluster in **your** environment that is used to manage objects to run the Unified Detect framework.
During the set up process, a VM is created that will manage the Data Explorer Cluster. The default size upon our automated installation of that VM is a **Standard\_E2ads\_v5 (Medium 8vCPUs) in a production cluster with SLA.** This can be changed at any time if the amount of detections you have running requires more compute resources.
{% hint style="warning" %}
Review your billing configurations for ADX pricing tiers that control cluster management to ensure proper scaling expectations and configuration for the Anvilogic service to not get terminated.
See [#estimated-cluster-sizes](#estimated-cluster-sizes "mention") and [#cluster-size-costs](#cluster-size-costs "mention").
{% endhint %}
### Estimated cluster sizes
The table below assumes each deployed job run averages 1 minute and every rule deployed has the specified job run frequency. In reality, you could have a mix of how long the jobs take to run and how often they run. The table below is a guideline to be used for estimating capacity, and is based on the [Azure Data Explorers default concurrency](https://learn.microsoft.com/en-us/kusto/concepts/query-limits?view=microsoft-fabric) limits, which is the number of cores multiplied by 10.
3 Concurrency job runs are reserved for adhoc jobs executed from the Azure TI Builder view when creating or editing a threat identifier. The remaining jobs are reserved for deployed rules.
{% hint style="info" %}
Other KQL queries being run outside of Azure UD also contribute towards this search concurrency and can cause throttled jobs if the cluster is operating near full utilization.
{% endhint %}
| Cluster size | Azure ADX concurrency limit | Job run frequency (in minutes) | Deployed rules limit |
|---|
| Standard_E2ads_v5 | 20 | 5 | 80 |
| Standard_E2ads_v5 | 20 | 15 | 240 |
| Standard_E2ads_v5 | 20 | 30 | 480 |
| Standard_E2ads_v5 | 20 | 60 | 960 |
| Standard_E4ads_v5 | 40 | 5 | 180 |
| Standard_E4ads_v5 | 40 | 15 | 540 |
| Standard_E4ads_v5 | 40 | 30 | 1,080 |
| Standard_E4ads_v5 | 40 | 60 | 2,160 |
| Standard_E8ads_v5 | 80 | 5 | 380 |
| Standard_E8ads_v5 | 80 | 15 | 1,140 |
| Standard_E8ads_v5 | 80 | 30 | 2,280 |
| Standard_E8ads_v5 | 80 | 60 | 4,560 |
| Standard_E16ads_v5 | 160 | 5 | 780 |
| Standard_E16ads_v5 | 160 | 15 | 2,340 |
| Standard_E16ads_v5 | 160 | 30 | 4,680 |
| Standard_E16ads_v5 | 160 | 60 | 9,360 |
| Standard_D32d_v4 | 320 | 5 | 1,580 |
| Standard_D32d_v4 | 320 | 15 | 4,740 |
| Standard_D32d_v4 | 320 | 30 | 9,480 |
| Standard_D32d_v4 | 320 | 60 | 18,960 |
### Cluster size costs
The table shows the estimated monthly cost for various cluster sizes.
{% hint style="info" %}
The estimated monthly and annual costs do not include additional storage costs. To determine the additional storage costs, use [Microsoft Azure pricing calculator](https://azure.microsoft.com/en-us/pricing/calculator/) in the Microsoft documentation.
{% endhint %}
| Cluster size | Number of cores | Estimated monthly cost | Estimated annual cost |
|---|
| Standard_E2ads_v5 | 2 | $512 | $6,144 |
| Standard_E4ads_v5 | 4 | $1,024 | $12,288 |
| Standard_E8ads_v5 | 8 | $2,050 | $24,600 |
| Standard_E16ads_v5 | 16 | $4,099 | $49,188 |
| Standard_D32d_v4 | 32 | $7,781 | $93,372 |