Skip to main content
Skip table of contents

PoC Requirements - v2023.04

Monofor Virtual Appliance

Monofor has providing virtual machine which is ready for Monofor Products. If you don’t want lose any time to preparing of the linux server you can download and import your VMware Infrastructure.

Please follow this guide to install Monofor Virtual Appliance.

Operating Systems

Monofor products can be installed in different kinds of server environments.

Supported Operating Systems are listed In the table below;

Operating System

Monosign

Debian 12.x

Supported

Ubuntu 22.04 LTS

Supported

Red Hat Enterprise Linux 7.x

Supported*

Red Hat Enterprise Linux 8.x

Supported

Red Hat Enterprise Linux 9.x

Supported

Centos 7.x

Supported**

Centos Stream 8.x

Supported

Centos Stream 9.x

Supported

Oracle Linux 7.x

Supported***

Oracle Linux 8.x

Supported

Oracle Linux 9.x

Supported

Rocky Linux 8.x

Supported

Rocky Linux 9.x

Supported

*Red Hat Enterprise Linux 7.x EOL June 30, 2026

**Centos 7.x EOL June 30, 2024

***Oracle Linux 7.x June 1, 2026

Windows OS is not supported by Monosign because Windows OS is not supporting the Linux container architecture.

Hardware Requirements

CPU, disk and memory requirements are listed for the supported operating system In the table below;

 

Minimum

Recommended

CPU Core

8 Core

16 Core

CPU Speed

2.1 GHz

2.1 GHz

Memory

16 GB

32 GB

Disk

100 GB

200 GB

 

For the Single Server deployment, 1 server is enough for installation.

Software Requirements

Monofor server needs some software packages to work correctly. In the Monofor Server environment, required software packages and docker engine services must be installed or can be installed during the installation on the Linux server.

Operating System Packages

For Ubuntu/Debian

BASH
apt-get install -y build-essential traceroute ethtool dnsutils \
open-vm-tools net-tools tcpdump apt-transport-https ca-certificates \
curl software-properties-common unzip gnupg jq bash-completion netcat bc

For Redhat/Centos

  • YUM Package Manager

BASH
yum install -y yum-utils traceroute ethtool open-vm-tools net-tools bind-utils \
epel-release net-tools tcpdump ca-certificates curl unzip gnupg2 jq \
bash-completion netcat bc
  • DNF Package Manager

BASH
dnf install -y yum-utils traceroute ethtool open-vm-tools net-tools bind-utils \
epel-release net-tools tcpdump ca-certificates curl unzip gnupg2 jq \
bash-completion netcat bc
  • Bash Completion

BASH
curl https://raw.githubusercontent.com/docker/docker-ce/master/components/cli/contrib/completion/bash/docker -o /etc/bash_completion.d/docker.sh

Docker Packages

Monofor Server required docker engine services listed in the below.

Docker engine packages can be install from official docker repositories. Please check this page to install correct version for your Linux Server distros.

Docker engine packages list:

  • docker-ce

  • docker-ce-cli

  • containerd.io

  • docker-buildx-plugin

  • docker-compose-plugin

Monofor PoC environment doesn’t require external databases. Monosign PoC installer has local database container and it will install during the PoC installation.

Operating System Firewall

Operating System firewall must be disabled.

Red Hat/Centos

systemctl disable firewall

system stop firewall

Debian/Ubuntu

systemctl disable ufw

systemctl stop ufw

DNS Requirements

Monosign application and services need domain names on the internal and external DNS system. In the table below, required domain names defined. These are the default values of the DNS names. However, if needed they can change to any values.

Application

DNS Name

Type

Description

Account

monosign-account.domain.com

Internal and External*

Monofor Server IP A Record

Management

monosign-mng.domain.com

Internal

Monofor Server IP A Record

API

monosign-api.domain.com

Internal

Monofor Server IP A Record

*MonoSync

monosync.domain.com

Internal

Monofor Server IP A Record

*Monopam

monopam.domain.com

Internal

Monofor Server IP A Record

*Monopam-CDN

monopam-cdn.domain.com

Internal

Monofor Server IP A Record

*Monopam-CDN-Console

monopam-cdn-con.domain.com

Internal

Monofor Server IP A Record

*Monopam-GW

monopamgw.domain.com

Internal

Monopam GW Server A Record

If the Monosign Authenticator Push Service wants to be used via the internet, the Account application must be published on the internet. For this access, monosign-account.domain.com domain name must be configured on the external DNS system, and firewall ports must be opened. For firewall requirements, you can check this page.

Account, API and Management hostname must be defined for all installations.

Monosync DNS record required if Monosync is in PoC Scope.

Monopam and related DNS record required if Monopam is in PoC Scope

Timezone and the NTP configuration

Linux server timezone and the NTP configuration must be done on the Linux server.

It can be check with the below link

BASH
timedatectl

SSL Certificate Requirements

Monosign has multiple web services, and every service has different functionality. Monosign uses secure communications, internal services and external integrations. Due to this, Monosign services need a wildcard SSL certificate to work properly.

SSL Certificate options

CODE
- Public certificate must be signed by one of Global Certificate Authorities
- Public certificate format must be base64 encoded CRT format
- Public certificate contains full chain certificate like root CA, and intermediate CA.
- Private key should not be exported password protected
- Private key format must be RSA format

During PoC/Demo installation, a self-signed certificate is generated by the installer.

Firewall Ports

Internet Access

Source

Destination

Service/Port

Information

Monosign Server(s)

*.monosign.com

*.monofor.com

TCP/443

For Monosign images, updates license check and configuration

Monosign Server(s)

download.docker.com

TCP/443

Docker required package installation

Monosign Server(s)

Operating System repositories

TCP/80

TCP/443

OS upgrades and some necessary packages

Internal Access

Source

Destination

Service/Port

Information

Monosign Server(s)

DNS Servers

UDP/53

DNS Requests

Monosign Server(s)

NTP Servers

UDP/123

Time synchronization

Monosign Server(s)

Active Directory Servers

TCP/389

TCP/636

Integration for Active Directory Services

Monosign Server(s)

Email/SMTP Servers

TCP/25 or TCP/587

Email notification

Any Radius Clients

Monosign Server(s)

UDP/1812

UDP/1813

*Radius integration.

ANY

Monosign Server(s)

TCP/443

Users SSO operations, and management access.

Monosign Server(s)

DB Servers

DB Specific Port

*Monosync Integration

Monopam Gateway Server

Any Machine

TCP/22 and TCP/3389

*Monopam Gateway Access to other servers

Monosign Server(s)

Monopam Gateway Server

Monosign Server(s)

Monopam Gateway Server

TCP/443

*Monopam to Monopam Gateway Server Communication

*If this module wants to test, this firewall requirements are needed.

User Source Requirements

In the document below, the user source type requirements are described.

  • Active Directory

Active Directory Requirements

Monosign supports Unified Directory architecture. It means you can use an external or an internal user directory. Monosign natively supports Microsoft Active Directory/LDAP servers. Active directory integration can be performed with the following user permissions.

A service user must be created in the active directory.

Example service user name “monosign_svc“

Operation

Permissions

Object Type

Authentication

Standard Active Directory User Permission

User

Password Reset/Unlock Account

Reset Password

Read pwdLastSet

Write pwdLastSet

Read lockoutTime

Write lockoutTime

User

If SSP(Self-Service Portal) is not needed, the service user doesn’t require any special permissions. Default AD user permissions are enough.

Monopam Gateway Requirements

Monopam is in the PoC scope Monopam Gateway server must be prepared. If Monopam is not in the scope, you can skip this step.

Operating Systems

Monopam Gateway Service can be installed only on Microsoft Windows Servers.

In the table below supported Operating Systems are listed.

Monopam Gateway Service is using RDS in Windows system. Because of that Windows Server must be joined to the Active Directory Domain.

Operating System

Monopam Remote Service

Windows Server 2019

Supported

Windows Server 2022

Supported

Hardware Requirements

The table below lists CPU, disk, and memory requirements for the supported operating system.

 

Minimum

Recommended

CPU Core

8 Core

16 Core

CPU Speed

2.1 GHz

2.1 GHz

Memory

16 GB

32 GB

Disk

100 GB

200 GB

Ipv6 must be disabled on the Windows Server.

If the requirements are ready please continue in this page to check requirements.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.