General information

This page describes the minimum hardware and software requirements for deploying Axxon Datacenter. The final configuration (number of servers, performance, and storage capacity) is calculated individually for each project based on its tasks and scale. These requirements serve as the technical basis for infrastructure planning. This page describes the baseline requirements. A complete list of checkpoints for infrastructure preparation is available in Checklist of requirements for configuring Axxon Datacenter.

Requirements for server hardware

You can use several types of servers for deployment, each performing different roles in the architecture:

Server roleMinimum requirementsFunction and purpose
Axxon One (one or three servers)
  • OS: Linux Ubuntu LTS 22.04/20.04
  • CPU: 4 cores (vCPU), ~2.5 GHz (x86-64)
  • RAM: 16 GB
  • SSD: 256 GB for OS and additional software
  • Network: SSH, open ports 80 (HTTP), 443 (HTTPS)
Peripheral servers for video processing and on-site analytics. The number is determined by the required fault tolerance
AxxonNet (one or three servers)
  • OS: Linux Ubuntu LTS 22.04/20.04
  • CPU: 4 cores (vCPU), ~2.5 GHz (x86-64)
  • RAM: 16 GB
  • SSD: 300 GB for OS and additional software
  • Network: SSH, open ports 80443

Control center. Provides a unified interface, user management, and integration

Service domain (optional)
  • OS: Linux Ubuntu LTS 22.04/20.04
  • CPU: 4 cores (vCPU), ~2.5 GHz (x86-64)
  • RAM: 8 GB
  • SSD: 256 GB for OS and additional software
  • Network: SSH
Hosting of supporting services (for example, portal, documentation)
Database servers
  • OS: Linux Ubuntu LTS 22.04/20.04
  • CPU: 4 cores (vCPU), ~2.5 GHz (x86-64)
  • RAM: 32 GB
  • SSD: 500 GB for OS and additional software
  • Network: SSH
For deploying PostgreSQL, ClickHouse, and other DBMSs. Disk requirements depend on the archive size

License Server (if hosted locally, see Private License Server)

  • OS: Linux Ubuntu LTS 22.04/20.04
  • CPU: 4 cores (vCPU), ~2.5 GHz (x86-64)
  • RAM: 8 GB
  • SSD: 150 GB for OS and additional software
  • USB port for hardware key
  • Network: SSH
Alternatively, you can use AxxonSoft’s corporate cloud license server (see Public License Server)

Requirements for video archive storage systems

Storage typeRequirements and supported solutions

Object storage (S3-compatible)

Direct integration with cloud and local S3 solutions to create a horizontally scalable archive.

Public cloud services:

Private/Hybrid solutions:

  • MinIO for deployment in private infrastructure
Network-attached storage (NAS)

Usage of classic network storage devices using standard protocols.

  • NAS system with a shared network partition
  • Access via a network path (UNC) for all Axxon One servers
  • Supported protocols: NFS (Linux/Unix OS), SMB/CIFS (Windows OS)

Required settings of the host system and network

These settings are critical for the correct deployment and operation of the platform:

ParameterRequirements
Security and access
ResponsibilitySecurity of host systems (including hypervisors) is provided by the customer
Interserver traffic

All network connections must be allowed between all project servers (without firewall restrictions):

  • All traffic between the hosts is allowed

  • All servers are accessible to each other over the network

  • There are no port restrictions between servers

  • There is no firewall between the servers

SSH accessRequired for installation and administration on Linux servers
FirewallUFW is not supported and must be disabled in the OS. If necessary, you can configure the rules via iptables
Network configuration
Open ports

The following ports are open and added to the Firewall permissions:

  • Incoming/Outgoing: 22 (SSH), 80 (HTTP), 443 (HTTPS)
  • Outgoing: Access from monitoring proxy hosts (from hosts running Zabbix proxy) to port 10051 of the external AxxonSoft monitoring service based on Zabbix (m.itdep.net)
  • Incoming: on the local network to port 10051 of the host running Zabbix Proxy
Internet accessAll servers must have full internet access (for installing updates, licenses, certificates, and others)
Time synchronization (NTP)All servers must have an NTP server configured and functioning correctly
Time zoneAll servers must have the required time zone set
Infrastructure services (delivery options)
License Server
  • AxxonSoft provides access to a corporate license server. This server must be accessible from all Axxon One servers
  • License Server is deployed on the customer's premises
Domain name
  • AxxonSoft provides a name like <clientname>-demo.axxoncloud.com
  • The customer provides a domain name with an A/CNAME DNS record that links to the IP address of the AxxonNet server
SSL certificate for a domain name
  • AxxonSoft provides a Let's Encrypt certificate. Ports 443 and 80 must be open for the Let's Encrypt servers. No action on the part of the customer is required.
  • The customer provides a valid SSL certificate and private key for the domain name used
Mail server
  1. The customer provides the SMTP mail server and its data:
    • IP address of the SMTP server,
    • connection port,
    • login and password,
    • email that will send emails as AxxonNet,
    • access from the AxxonNet server to the mail server (no port restriction).
  2. The customer provides a Mailjet account (if there is no SMTP mail server):
    • the customer registers a  Mailjet account with any pricing plan and provides login/password,

    • the customer adds SPF/DKIM records to the DNS zone for AxxonNet,

    • the customer adds the TXT login record to the DNS zone for AxxonNet.

      AxxonSoft can help with Mailjet setup, but it is necessary to have access to the DNS settings.

  3. AxxonSoft provides a Mailjet account only for demo installations. In this case, the customer provides access to the Mailjet servers via ports 25 and 587
Remote access
Procedure of remote access for support

For deployment and support work, AxxonSoft engineers require remote access to servers. The following methods are supported (in order of priority):

  1. Direct SSH access to servers (preferred).
  2. SSH access via VPN to the customer's network.
  3. RDP connection to a dedicated host on the customer's network, followed by SSH access to the servers.
  4. VPN connection to the RDP host, then SSH to the servers

TeamViewer, AnyDesk and other similar remote access options aren't supported.