Software Requirements

Monofor server needs some software packages to work correctly. In the Monofor Server environment, required software packages and docker engine services must be installed or can be installed during the installation on the Linux server.

Operating System Packages

For Ubuntu/Debian

CODE

apt-get install -y build-essential traceroute ethtool dnsutils \
open-vm-tools net-tools tcpdump apt-transport-https ca-certificates \
curl software-properties-common unzip gnupg jq bash-completion netcat bc

For Redhat/Centos/Rocky

YUM Package Manager

CODE

yum install -y yum-utils traceroute ethtool open-vm-tools net-tools bind-utils \
epel-release net-tools tcpdump ca-certificates curl unzip gnupg2 jq \
bash-completion netcat bc

DNF Package Manager

CODE

dnf install -y yum-utils traceroute ethtool open-vm-tools net-tools bind-utils \
epel-release net-tools tcpdump ca-certificates curl unzip gnupg2 jq \
bash-completion netcat bc

Bash Completion

CODE

curl https://raw.githubusercontent.com/docker/docker-ce/master/components/cli/contrib/completion/bash/docker -o /etc/bash_completion.d/docker.sh

Docker Packages

Monofor Server required docker engine services listed in the below.

Docker engine packages can be install from official docker repositories. Please check this page to install correct version for your Linux Server distros.

Docker engine packages list:

docker-ce
docker-ce-cli
containerd.io
docker-buildx-plugin
docker-compose-plugin

Monofor PoC environment doesn’t require external databases. Monosign PoC installer has local database container and it will install during the PoC installation.

Operating System Firewall

Operating System firewall must be disabled.

Red Hat/Centos

systemctl disable firewall

system stop firewall

Debian/Ubuntu

systemctl disable ufw

systemctl stop ufw

DNS Requirements

Monosign application and services need domain names on the internal and external DNS system. In the table below, required domain names defined. These are the default values of the DNS names. However, if needed they can change to any values.

Application	DNS Name	Type
Account	monosign-account.domainname	Internal and External^*
Management	monosign-mng.domainname	Internal
API	monosign-api.domainname	Internal

If the Monofor Identity Push Service wants to be used via the internet, the Account application must be published on the internet. For this access, monosign-account.domain.com domain name must be configured on the external DNS system, and firewall ports must be opened. For firewall requirements, you can check this page.

Timezone and the NTP configuration

Linux server timezone and the NTP configuration must be done on the Linux server.

It can be check with the below link

CODE

timedatectl

SSL Certificate Requirements

Monosign has multiple web services, and every service has different functionality. Monosign uses secure communications, internal services and external integrations. Due to this, Monosign services need a wildcard SSL certificate to work properly.

SSL Certificate Options

CODE

- Public certificate must be signed by one of Global Certificate Authorities
- Public certificate format must be base64 encoded CRT format
- Public certificate contains full chain certificate like root CA, and intermediate CA.
- Private key should not be exported password protected
- Private key format must be RSA format

During the installation, a self-signed certificate is generated by the installer. If wanted to use custom certificate it can be install later.

Database Requirements

Monosign application and services keep data on the database. Database server/service is the main component of the Monosign. Monosign has supported two types of database server/service, one of them must be chosen.

Microsoft SQL Server
PostgreSQL Server

All details are described below.

Microsoft SQL Server

Monosign needs a database server. This database contains all Monosign data and configurations.

Supported Microsoft Database Servers

SQL Server	Monofor
SQL Server 2016 - Standard, Enterprise Edition	Supported
SQL Server 2017 - Standard, Enterprise Edition	Supported
SQL Server 2019 - Standard, Enterprise Edition	Supported
SQL Server 2022 - Standard, Enterprise Edition	Supported

Microsoft SQL Server Express Edition not supported.

Existing SQL Server Requirement

If Monosign will be installed on an existing Microsoft SQL Server

SQL Server collation must be chosen SQL_Latin1_General_CP1_CI_AS
Specific database user
- Example: monosigndb_user
Database to be created
- monosigndb – for Monosign Main Database
Database authentication type and permissions
- monosigndb_user authentican method must be SQL Authentication
- monosigndb_user has db_owner rights on the monosigndb

New SQL Server Requirement

If Monosign will be installed on a New Microsoft SQL Server Instance

Hardware Requirement

	Minimum	Recommended
CPU	8 Core	8 Core
Memory	16 GB	24 GB
Disk	200 GB	400 GB

SQL Service port must be open on the SQL Server
SQL Server collation must be chosen SQL_Latin1_General_CP1_CI_AS
Specific database user
- Example: monosigndb_user
Database to be created
- monosigndb – for Monosign Main Database
Database authentication type and permissions
- monosigndb_user authentican method must be SQL Authentication
- monosigndb_user has db_owner rights on the monosigndb

PostgreSQL Server Requirements

Monosign needs a database server. This database contains all Monosign data and configurations.

Supported PostgreSQL Server Version

PostgreSQL	Monofor
PostgreSQL 13	Supported
PostgreSQL 14	Supported
PostgreSQL 15	Supported

Existing PostgreSQL Server Requirements

If Monosign will be installed on an existing PostgreSQL Server

Specific database user
- Example: monosigndb_user
Database to be created
- monosigndb – for Monosign Main Database
Database permissions
- monosigndb_user has db_owner rights on the monosigndb

New PostgreSQL Server Requirements

If Monosign will be installed on a New PostgreSQL Server Instance

Hardware Requirement

	Minimum	Recommended
CPU	8 Core	8 Core
Memory	16 GB	24 GB
Disk	200 GB	400 GB

Specific database user
- Example: monosigndb_user
Database to be created
- monosigndb – for Monosign Main Database
Database permissions
- monosigndb_user has db_owner rights on the monosigndb

Disk Space Calculation

Monofor stores all data within the database. Therefore, it requires disk capacity on the database server. In the table below, you can see the necessary database amount suitable for the example user numbers.

1 User Authentication Request Size : 52 KB

1 User and Profile Data Size : 2.6 MB = 2662,4 KB

Calculation = (User * User/Profile Data Size) + (User * Authentication Size * Day Count * Authentication Count)

Example 1

User Authentication Request per Day = 5

	1 Month	3 Months	6 Months	12 Months
1000 User	0.010 TB	0.024 TB	0.046 TB	0.090 TB
5000 User	0.049 TB	0.121 TB	0.230 TB	0.448 TB
10000 User	0.097 TB	0.243 TB	0.461 TB	0.897 TB
25000 User	0.244 TB	0.607 TB	1.152 TB	2.241 TB
50000 User	0.487 TB	1.214 TB	2.303 TB	4.483 TB
100000 User	0.974 TB	2.427 TB	4.607 TB	8.965 TB
200000 User	1.949 TB	4.855 TB	9.213 TB	17.930 TB

Example 2

User Authentication Request per Day = 10

	1 Month	3 Months	6 Months	12 Months
1000 User	0.017 TB	0.046 TB	0.090 TB	0.177 TB
5000 User	0.085 TB	0.230 TB	0.448 TB	0.884 TB
10000 User	0.170 TB	0.461 TB	0.897 TB	1.768 TB
25000 User	0.425 TB	1.152 TB	2.241 TB	4.421 TB
50000 User	0.850 TB	2.303 TB	4.483 TB	8.841 TB
100000 User	1.701 TB	4.607 TB	8.965 TB	17.682 TB
200000 User	3.402 TB	9.213 TB	17.930 TB	35.365 TB

Performance Metrics

Monofor products database performance is related to user authentication request. When 1 user trying to authenticate 20 SELECT and 15 INSERT operation done in the database. In the below table it can be find how many process handled by the database for number of users

User Count	Number of Process/s (20 SELECT + 15 INSERT)
1	35
100	3.500
1000	35.000
5000	175000
10000	350.000
50000	1.750.000
100000	3.500.000
200000	7.000.000