We've created a complex, self-service security model. It does everything we want. It currently requires 120 security rules, 33 streams, 500+ apps and 4k+ app objects. We are on shared persistence with two rim nodes.
The hub opens in:
17 sec for our Developers
7 sec for Root Admin
3 sec for all other users
I'd like to hear about what others are seeing in a complex security model so we can compare rule strategies. Those running with a simple model need not respond.