Linux Environment
Management Server
Hardware Requirements
| Device | 50 sessions | 100 sessions | 200 sessions |
|---|---|---|---|
| CPU | 2 Cores | 2 Cores | 2 Cores |
| RAM | 4 GB | 4 GB | 4 GB |
| HDD/SSD | 120 GB | 120 GB | 120 GB |
| Network adapter | 1 Gbit | 1 Gbit | 1 Gbit |
Software Rquirements
Operating system:
- Linux
Container engine:
- Docker 18.09 and higher
- Docker Compose 1.29.2 and higher
caution
Docker must be installed from the distribution's repository.
Alternative way to install Docker (not recommended)
As an exception (in cases when there is no access to the operating system and Docker repositories) it is possible to install Docker from static binary files.
If you are using an operating system other than those listed by the link, then the required package with the SELinux module will not be installled during the Docker installation. This package is required for Axidian Privilege to function properly. On most systems this package is called container-selinux.
Install it manually according to the documentation of the operating system you are using. This must be done before running the installation script run-deploy.sh.
If you are using an operating system other than those listed by the link, then the required package with the SELinux module will not be installled during the Docker installation. This package is required for Axidian Privilege to function properly. On most systems this package is called container-selinux.
Install it manually according to the documentation of the operating system you are using. This must be done before running the installation script run-deploy.sh.
Web server:
- Nginx 1.23.1 (docker image included)
Network Connectivity
- Incoming
- Outgoing
| Protocol | Port | Description |
|---|---|---|
| TCP | 443 | User console, API, IdP connections |
| Protocol | Port | Description |
|---|---|---|
| TCP | 389, 636 | Microsoft Active Directory Reading |
| TCP | 389, 636 | Service operations in Microsoft Active Directory |
| TCP | 5985, 5986, 139, 445 | Service operations in Windows |
| TCP | 22 | Service operations in Linux, IOS XE, Inspur BMC |
| TCP | 1433 | Service operations or data recording in Microsoft SQL Server |
| TCP | 5432 | Service operations or data recording in PostgreSQL |
| TCP | 1521 | Service operations in OracleDB |
| TCP | 3306 | Service operations in MySQL |
| TCP | 445 | Recording screenshots to media storage |
| TCP | 5443 | Reading a session stream from a Windows access server |
| TCP | 8443 | Reading a session stream from a Linux access server |
Access Server (SSH)
Hardware Requirements
| Device | 50 SSH sessions | 100 SSH sessions | 200 SSH sessions |
|---|---|---|---|
| CPU | 2 Cores | 2 Cores | 2 Cores |
| RAM | 2 GB | 2 GB | 4 GB |
| HDD/SSD | 120 GB | 120 GB | 120 GB |
| Network adapter | 1 Gbit | 1 Gbit | 1 Gbit |
Software Requirements
Operating system:
- Linux
Container engine:
- Docker 18.09 and higher
- Docker Compose 1.29.2 and higher
Network Connectivity
- Incoming
- Outgoing
| Protocol | Port | Description |
|---|---|---|
| TCP | 2222 | Connection to the Access server |
| Protocol | Port | Description |
|---|---|---|
| TCP | 443 | Interaction with the Management server |
| TCP | 22 | Connection to a resource via SSH/SCP protocol |
| TCP | 23 | Connection to a resource via Telnet protocol |
| TCP | 445 | Saving transferred files |
Access Server (RDP)
Hardware Requirements
| Device | 10 RDP sessions | 50 RDP sessions | 100 RDP sessions |
|---|---|---|---|
| CPU | 4 Cores | 12 Cores | 16 Cores |
| RAM | 4 GB | 12 GB | 40 GB |
| HDD/SSD | 120 GB | 120 GB | 120 GB |
| Network adapter | 1 Gbit | 1 Gbit | 1 Gbit |
Software Requirements
Operating system:
- Linux
Container engine:
- Docker 18.09 and higher
- Docker Compose 1.29.2 and higher
Network Connectivity
- Incoming
- Outgoing
| Protocol | Port | Description |
|---|---|---|
| TCP | 3389 | Connection to the Access server |
| TCP | 8443 | Reading a session stream |
| Protocol | Port | Description |
|---|---|---|
| TCP | 443 | Interaction with the Management server |
| TCP | 3389 | Connection to a resource via RDP protocol |
| TCP | 445 | Recording videos of sessions in media storage |
CIS Benchmark Security Settings
PAM servers must have CIS Benchmark security settings applied.