Installation
      Back to home
      1. Support Center
      2. Safous ZTA Admin Guide
      3. Installation

      Prerequisite

      Before you install Safous App Gateway in your environment, please make sure the following requirements are met. Adhering to these requirements will help you maximize the functionality of Safous ZTA and deliver a smooth user experience.

      Hardware Requirements

      To guarantee optimal performance and user experience, we recommend the following minimum hardware specifications for your App Gateway server:

      1. Dedicated Server: Use a clean, dedicated Linux server exclusively for App Gateway installation. Please ensure that you have root permissions for the machine.

      2. Scaling Guidelines: We recommend deploying one App Gateway for every 1,000 concurrent users in your environment. For example, a site serving applications to 3,000 users would ideally utilize three App Gateways.

      3. High Availability: For enhanced availability and uninterrupted service, you should have a minimum of two App Gateway instances per site. This redundancy ensures that even if one instance experiences an outage, the other can continue to provide access to your applications.

      4. Scaling for High-Traffic Sites: If you anticipate high traffic volumes for your installed site, we recommend deploying additional App Gateways to accommodate the increased traffic volumes and ensure a consistent and smooth user experience.

      Server Specification

        Guidelines Example of 1000 users Remark
      Operating System
      • Ubuntu Server 20.04
      • Ubuntu Server 22.04
      • Ubuntu Server 24.04
      • RHEL 8.x (Server Package Required) 
      • RHEL 9.x (Server Package Required)
      • Rocky Linux 9.x
      		    
      CPU Cores
      • 4 cores minimum, 6 cores recommended
      		 6 Adding additional App Gateways is preferred over calling CPU cores for larger deployments.
      RAM
      • 6 GB minimum
      • 512 KB per additional user
      		 8  
      Disk 60 GB minimum 150 GB

      Allocate additional disk space if you intend to store recordings. For high recording volumes, consider utilizing an external mounted volume. 

      Additionally, please ensure you have sufficient Disk IOPS for optimal performance; 3000 IOPS is the baseline. 
      Network Bandwidth 32 Kbps 32 Mbps  

       

      Required Internet Connectivity

      To ensure the proper functioning of your Safous App Gateway, the following domains and ports must be accessible:

      Domain Port(s)
      *.safous.com 443
      *.safous.cn 443
      *.ubuntu.com 80, 443
      *.amazonaws.com 443
      *.bugsnag.com 443

      Ensuring Connectivity:

      To ensure uninterrupted connectivity to these domains, please take the following steps:

        • Firewall and Other Security Services: Check your firewall, WAF, or any other security services for rules or policies that might block traffic to or from these domains.
        • Wildcard Subdomain Access: The domains with an asterisk (*) represent a wildcard, indicating that all subdomains under that domain need to be accessible. Please ensure that you have appropriate connectivity to all subdomains.
        • Proxy Configuration: Do not use proxy servers for traffic between the App Gateway and these domains as this may disrupt the TLS connection and potentially lead to a termination of the TLS connection between the App Gateway and the destination.
        • Traffic Manipulation: Ensure no system in your network are configured to manipulate or intercept traffic between the App Gateway and Safous ZTA PoP.