Server components

Recommended software and Hardware requirements are provided for each component. To calculate an individual PAM configuration, contact technical support.

Management Server

Note

The system requirements were determined during tests in a test environment with a typical load profile.

Windows

Hardware requirements
Parameters	50 sessions	100 sessions	200 sessions
CPU RAM HDD/SSD Network adapter	8 cores 8 GB 120 GB 1 Gbps	16 cores 16 GB 120 GB 1 Gbps	32 cores 32 GB 120 GB 1 Gbps
Operating system	Windows Server 2016–2022
Domain	Microsoft Active Directory
Web Server	Internet Information Services 8.5–10.0
Modules for the IIS Web server	Basic Authentication Windows Authentication Static Content HTTP Redirection ASP.NET Core Runtime ISAPI Extensions .NET Extensibility ISAPI Filters IIS Management Console
Additional Microsoft components	Microsoft .NET Core 8 URL Rewrite

Network Connectivity

Incoming

Protocol	Port	Description
TCP	443	User console, API, IdP connection

Outgoing

Protocol	Port	Description
TCP	389, 636	Directory Service Reading
TCP	389, 636	Service operations in Directory Service
TCP	5985, 5986, 139, 445	Service operations in Windows
TCP	22	Service operations in Linux, IOS XE, Inspur BMC
TCP	1433	Service operations or data recording in Microsoft SQL Server database
TCP	5432	Service operations or data recording in PostgreSQL database
TCP	1521	Service operations in OracleDB database
TCP	3306	Service operations in MySQL database
TCP	445	Recording screenshots to media storage
TCP	5443	Reading a session stream from a Windows access server
TCP	8443	Reading a session stream from a Linux access server

Linux

Hardware requirements
Parameters	50 sessions	100 sessions	200 sessions
CPU RAM HDD/SSD Network adapter	2 cores 4 GB 120 GB 1 Gbps	2 cores 4 GB 120 GB 1 Gbps	2 cores 4 GB 120 GB 1 Gbps
Operating system	Debian 11 and higher Ubuntu 22.04 and higher
Container engine	Docker 18.09 and higher Docker Compose 1.29.2 and higher Note: Docker must be installed from the Linux distribution's repository.
Additional components	iptables 1.4 and higher python 3.5 and higher openssh-server (the version depends on the Linux distribution) Note: If nftables is installed on the server, remove it and install iptables.
Disk partitioning	Root file system (/) — partition with application and operating system files. It is recommended to allocate 10–20 GB depending on the installed software. /home — partition for storing user data. Also used for storing temporary files and docker images during PAM installation. At least 10 GB of free space must be allocated. /var — partition for storing temporary files, logs, databases, caches. It is recommended to allocate 20 GB or more. /tmp — partition with temporary files. The partition size should be sufficient for temporary operations, such as unpacking files or storing caches. It is recommended to allocate 10 GB or more. /boot — partition containing the bootloader and kernel. It is recommended to allocate 1 GB taking into account future expansions and updates. swap — partition used as virtual memory. It is recommended to allocate a size equal to the RAM size. /var/lib/docker — partition for Docker root directory, containing docker images, volumes and temporary files. As the number of user sessions increases, the partition size needs to be increased. It is recommended to allocate 100 GB or more. /etc/axidian — partition for PAM data: configurations, certificates, keys, logs. Temporary data awaiting transfer to remote media storage is saved to the partition. It is recommended to allocate 40 GB or more. Disk partitioning example Example of partitioning for a server with a disk volume of 240 GB and 32 GB of RAM. Partition Disk volume, GB % of total disk Root file system (/) 20 8,33 /home 10 4,17 /var 20 8,33 /tmp 10 4,17 /boot 1 0,42 swap 32 13,33 /var/lib/docker 100 41,67 /etc/axidian 47 19,58

Network Connectivity

Incoming

Protocol	Port	Description
TCP	443	User console, API, IdP connections

Outgoing

Protocol	Port	Description
TCP	389, 636	Directory Service Reading
TCP	389, 636	Service operations in Directory Service
TCP	5985, 5986, 139, 445	Service operations in Windows
TCP	22	Service operations in Linux, IOS XE, Inspur BMC
TCP	1433	Service operations or data recording in Microsoft SQL Server
TCP	5432	Service operations or data recording in PostgreSQL
TCP	1521	Service operations in OracleDB
TCP	3306	Service operations in MySQL
TCP	445	Recording screenshots to media storage
TCP	5443	Reading a session stream from a Windows access server
TCP	8443	Reading a session stream from a Linux access server

RDS Access Server

Note

The system requirements were determined during tests in a test environment with a typical load profile.

Hardware requirements
Parameters	10 RDP or SSH sessions	50 RDP or SSH sessions	100 RDP or SSH sessions
CPU RAM HDD/SSD Network adapter	8 cores 12 GB 160 GB + 5 GB per Axidian Privilege User 1 Gbps	16 cores 32 GB 320 GB + 5 GB per Axidian Privilege User 1 Gbps	32 cores 64 GB 520 GB + 5 GB per Axidian Privilege User 1 Gbps
Operating system	Windows Server 2016–2022
Domain	Microsoft Active Directory
Roles	Remote Desktop Services Broker (RDCB) Remote Desktop Services Host (RDSH) Remote Desktop Web Access (RDWA)
Additional Microsoft components	Microsoft .NET Desktop Runtime x64 v8 Microsoft C++ 2015–2019 Redistributable
Browser	Google Chrome Microsoft EDGE
Other requirements	Support for Simultaneous MultiThreading (AMD) or Hyper-Threading (Intel) Monitor width resolution of at least 1280 pixels

Network Connectivity

Incoming

Protocol	Port	Description
TCP	3389	Connection to the Access server
TCP	5443	Reading a session stream

Outgoing

Protocol	Port	Description
TCP	443	Interaction with the Management server
TCP	3389	Connection to a resource via RDP protocol
TCP	22	Connection to a resource via SSH protocol
TCP	23	Connection to a resource via Telnet protocol
TCP	445	Recording videos of sessions in media storage

RDP Access Server

info

The system requirements were determined during tests in a test environment with a typical load profile.

Hardware requirements
Parameters	10 RDP sessions	50 RDP sessions	100 RDP sessions
CPU RAM HDD/SSD Network adapter	2 cores 4 GB 120 GB 1 Gbps	8 cores 12 GB 120 GB 1 Gbps	8 cores 12 GB 120 GB 1 Gbps
Operating system	Debian 11 and higher Ubuntu 22.04 and higher
Container engine	Docker 18.09 and higher Docker Compose 1.29.2 and higher Note: Docker must be installed from the Linux distribution's repository.
Additional components	iptables 1.4 and higher python 3.5 and higher openssh-server (the version depends on the Linux distribution) Note: If nftables is installed on the server, remove it and install iptables.
r	Monitor width resolution of at least 1280 pixels

Network Connectivity

Incoming

Protocol	Port	Description
TCP	3390	Connection to the Access server
TCP	8443	Reading a session stream

Outgoing

Protocol	Port	Description
TCP	443	Interaction with the Management server
TCP	3389	Connection to a resource via RDP protocol
TCP	445	Recording videos of sessions in media storage

SSH Access Server

Note

The system requirements were determined during tests in a test environment with a typical load profile.

Hardware requirements
Parameters	50 SSH sessions	100 SSH sessions	200 SSH sessions
CPU RAM HDD/SSD Network adapter	2 cores 2 GB 120 GB 1 Gbps	2 cores 4 GB 120 GB 1 Gbps	4 cores 4 GB 120 GB 1 Gbps
Operating system	Debian 11 and higher Ubuntu 22.04 and higher
Container engine	Docker 18.09 and higher Docker Compose 1.29.2 and higher Note: Docker must be installed from the Linux distribution's repository.
Additional components	iptables 1.4 and higher python 3.5 and higher openssh-server (the version depends on the Linux distribution) Note: If nftables is installed on the server, remove it and install iptables.

Network Connectivity

Incoming

Protocol	Port	Description
TCP	2222	Connection to the Access server

Outgoing

Protocol	Port	Description
TCP	443	Interaction with the Management server
TCP	22	Connection to a resource via SSH/SCP/SFTP protocol
TCP	445	Saving transferred files

PostgreSQL Access Server

Note

The system requirements were determined during tests in a test environment with a typical load profile.

Hardware requirements
Parameters	50 SQL sessions	100 SQL sessions	200 SQL sessions
CPU RAM HDD/SSD Network adapter	2 cores 4 GB 120 GB 1 Gbps	2 cores 4 GB 120 GB 1 Gbps	2 cores 4 GB 120 GB 1 Gbps
Operating system	Debian 11 and higher Ubuntu 22.04 and higher
Container engine	Docker 18.09 and higher Docker Compose 1.29.2 and higher Note: Docker must be installed from the Linux distribution's repository.
Additional components	iptables 1.4 and higher python 3.5 and higher openssh-server (the version depends on the Linux distribution) Note: If nftables is installed on the server, remove it and install iptables.

Network Connectivity

Incoming

Protocol	Port	Description
TCP	5432	Connection to the Access server

Outgoing

Protocol	Port	Description
TCP	5432	Writing data to the PostgreSQL DBMS

MSSQL Access Server

Operating system	Debian 11 and higher Ubuntu 22.04 and higher
Container engine	Docker 18.09 and higher Docker Compose 1.29.2 and higher Note: Docker must be installed from the Linux distribution's repository.
Additional components	iptables 1.4 and higher python 3.5 and higher openssh-server (the version depends on the Linux distribution) Note: If nftables is installed on the server, remove it and install iptables.

Network Connectivity

Incoming

Protocol	Port	Description
TCP	1433	Connection to the Access server

Outgoing

Protocol	Port	Description
TCP	1433	Writing data to the MSSQL DBMS

Web Terminal Server

Note

The system requirements were determined during tests in a test environment with load distribution:

• 40% on SSH session
• 60% on RDP session

Hardware requirements
Parameters	25 sessions	50 sessions	75 sessions	100 sessions
CPU RAM HDD/SSD Network adapter	single-core 2 GB 120 GB 1 Gbps	2 cores 4 GB 120 GB 1 Gbps	3 cores 6 GB 120 GB 1 Gbps	4 cores 8 GB 120 GB 1 Gbps
Operating system	Debian 11 and higher Ubuntu 22.04 and higher
Container engine	Docker 18.09 and higher Docker Compose 1.29.2 and higher Note: Docker must be installed from the Linux distribution's repository.
Additional components	iptables 1.4 and higher python 3.5 and higher openssh-server (the version depends on the Linux distribution) Note: If nftables is installed on the server, remove it and install iptables.

Network Connectivity

To the Web Terminal

Protocol	Port	Description
TCP	443	Connection to the Web Terminal

From Web Terminal to SSH/RDP Proxy

Protocol	Port	Description
TCP	2222	Connection to a resource via SSH Proxy protocol
TCP	3389	Connection to a resource via RDP Proxy protocol

From SSH/RDP Proxy

Protocol	Port	Description
HTTPS	443	Interaction with the Management Server
HTTPS	443	Interaction with the IDP
SSH	22	Connection to the SSH Access Server
RDP	3389	Connection to the RDP Access Server
SMB/CIFS	445	Recording videos of sessions in media storage

Web Access Server

Note

The system requirements were determined during tests in a test environment with a typical load profile and based on the recommended scaling for the Video Resolution. Configure this setting before opening a web session.

Hardware requirements
Parameters	10 Web sessions	50 Web sessions	100 Web sessions
CPU RAM HDD/SSD Network adapter	2 cores 6 GB 120 GB 1 Gbps	8 cores 18 GB 120 GB 1 Gbps	16 cores 32 GB 120 GB 1 Gbps
Operating system	Debian 11 and higher Ubuntu 22.04 and higher
Container engine	Docker 18.09 and higher Docker Compose 1.29.2 and higher Note: Docker must be installed from the Linux distribution's repository.
Additional components	iptables 1.4 and higher python 3.5 and higher openssh-server (the version depends on the Linux distribution) Note: If nftables is installed on the server, remove it and install iptables.

Network Connectivity

Incoming

Protocol	Port	Description
TCP	5443	Connection to the Access server
TCP	58080	Server status monitoring

Outgoing

Protocol	Port	Description
TCP	443	Connection to a web resource via the HTTPS protocol
TCP	80	Connection to a web resource via the HTTP protocol

CIS Benchmark Security Settings

PAM servers must have CIS Benchmark security settings applied.