PoC Requirements - v2023.04

Monofor Virtual Appliance

Monofor has providing virtual machine which is ready for Monofor Products. If you don’t want lose any time to preparing of the linux server you can download and import your VMware Infrastructure.

Please follow this guide to install Monofor Virtual Appliance.

Operating Systems

Monofor products can be installed in different kinds of server environments.

Supported Operating Systems are listed In the table below;

Windows OS is not supported by Monosign because Windows OS is not supporting the Linux container architecture.

Hardware Requirements

CPU, disk and memory requirements are listed for the supported operating system In the table below;

For the Single Server deployment, 1 server is enough for installation.

Software Requirements

Monofor server needs some software packages to work correctly. In the Monofor Server environment, required software packages and docker engine services must be installed or can be installed during the installation on the Linux server.

Operating System Packages

For Ubuntu/Debian

apt-get install -y build-essential traceroute ethtool dnsutils \
open-vm-tools net-tools tcpdump apt-transport-https ca-certificates \
curl software-properties-common unzip gnupg jq bash-completion netcat bc

For Redhat/Centos

• YUM Package Manager

yum install -y yum-utils traceroute ethtool open-vm-tools net-tools bind-utils \
epel-release net-tools tcpdump ca-certificates curl unzip gnupg2 jq \
bash-completion netcat bc

• DNF Package Manager

dnf install -y yum-utils traceroute ethtool open-vm-tools net-tools bind-utils \
epel-release net-tools tcpdump ca-certificates curl unzip gnupg2 jq \
bash-completion netcat bc

• Bash Completion

curl https://raw.githubusercontent.com/docker/docker-ce/master/components/cli/contrib/completion/bash/docker -o /etc/bash_completion.d/docker.sh

Docker Packages

Monofor Server required docker engine services listed in the below.

Docker engine packages can be install from official docker repositories. Please check this page to install correct version for your Linux Server distros.

Docker engine packages list:

• docker-ce

• docker-ce-cli

• containerd.io

• docker-buildx-plugin

• docker-compose-plugin

Monofor PoC environment doesn’t require external databases. Monosign PoC installer has local database container and it will install during the PoC installation.

Operating System Firewall

Operating System firewall must be disabled.

Red Hat/Centos

systemctl disable firewall

system stop firewall

Debian/Ubuntu

systemctl disable ufw

systemctl stop ufw

DNS Requirements

Monosign application and services need domain names on the internal and external DNS system. In the table below, required domain names defined. These are the default values of the DNS names. However, if needed they can change to any values.

If the Monosign Authenticator Push Service wants to be used via the internet, the Account application must be published on the internet. For this access, monosign-account.domain.com domain name must be configured on the external DNS system, and firewall ports must be opened. For firewall requirements, you can check this page.

Account, API and Management hostname must be defined for all installations.

Monosync DNS record required if Monosync is in PoC Scope.

Monopam and related DNS record required if Monopam is in PoC Scope

Timezone and the NTP configuration

Linux server timezone and the NTP configuration must be done on the Linux server.

It can be check with the below link

timedatectl

SSL Certificate Requirements

Monosign has multiple web services, and every service has different functionality. Monosign uses secure communications, internal services and external integrations. Due to this, Monosign services need a wildcard SSL certificate to work properly.

SSL Certificate options

- Public certificate must be signed by one of Global Certificate Authorities
- Public certificate format must be base64 encoded CRT format
- Public certificate contains full chain certificate like root CA, and intermediate CA.
- Private key should not be exported password protected
- Private key format must be RSA format

During PoC/Demo installation, a self-signed certificate is generated by the installer.

Firewall Ports

Internet Access

Internal Access

^*If this module wants to test, this firewall requirements are needed.

User Source Requirements

In the document below, the user source type requirements are described.

• Active Directory

Active Directory Requirements

Monosign supports Unified Directory architecture. It means you can use an external or an internal user directory. Monosign natively supports Microsoft Active Directory/LDAP servers. Active directory integration can be performed with the following user permissions.

A service user must be created in the active directory.

Example service user name “monosign_svc“

If SSP(Self-Service Portal) is not needed, the service user doesn’t require any special permissions. Default AD user permissions are enough.

Monopam Gateway Requirements

Monopam is in the PoC scope Monopam Gateway server must be prepared. If Monopam is not in the scope, you can skip this step.

Operating Systems

Monopam Gateway Service can be installed only on Microsoft Windows Servers.

In the table below supported Operating Systems are listed.

Monopam Gateway Service is using RDS in Windows system. Because of that Windows Server must be joined to the Active Directory Domain.

Hardware Requirements

The table below lists CPU, disk, and memory requirements for the supported operating system.

Ipv6 must be disabled on the Windows Server.

If the requirements are ready please continue in this page to check requirements.