/
System Requirements for On-Premises Deployment of GYTPOL

System Requirements for On-Premises Deployment of GYTPOL

Introduction

This document serves the purpose of providing essential system prerequisites and requirements that must be met before initiating the installation process for the GYTPOL Validator product.

Audience

This User Guide is primarily intended for IT system and infrastructure teams responsible for implementing, managing, and maintaining servers and Active Directory within their organizations. It provides clear instructions and explanations suitable for technical users, ensuring that these teams can effectively utilize the software for their specific needs.

Checklist

Before proceeding with the installation of GYTPOL Validator software, it is crucial to verify that all the following requirements are met:

Operating System - GYTPOL Server:

Ensure that the operating system on the GYTPOL Server meets the specified requirements.

Server Sizing:

Determine the appropriate server sizing based on the anticipated number of devices that will interact with GYTPOL Validator.

Users and Groups:

Confirm the existence and configuration of Users and Groups in both Active Directory and the GYTPOL Server, ensuring proper synchronization.

Server Software - GYTPOL Server:

Make sure that the necessary server software components are installed and configured correctly on the GYTPOL Server.

Admin Interface:

Ensure that a web browser is available and compatible for use as the admin interface by end-users of GYTPOL Validator.

Sensor Requirements:

Verify that servers and workstations covered by GYTPOL Validator meet the required Sensor-side specifications.

DNS - Routing to GYTPOL Server:

Add any necessary DNS configurations to ensure proper routing to the GYTPOL Server, allowing seamless communication.

Ports:

Determine and open the specific ports on both the server and Sensor sides as required by GYTPOL Validator to facilitate communication and functionality.

Antivirus:

Implement measures to prevent any interference or blocking of GYTPOL Validator's proper execution by antivirus software.

 

Ensuring that all these prerequisites are met will contribute to a successful and efficient installation of GYTPOL Validator software.

Find additional help in Detailed Configuration Instructions when required.

System Architecture

Server Architecture

Server Sizing

Up to 3,000 Devices / PoC

RAM (GB)

System Storage (GB)

CPU (# Cores)

16

80 SSD

8

 

Up to 10,000 Devices

Server

RAM (GB)

Storage (GB)

CPU (# Reserved Cores)

GYTPOL

16

80 SSD

8

DB

24

200 SSD

8

 

Up to 15,000 Devices

Server

RAM (GB)

Storage (GB)

CPU (# Reserved Cores)

GYTPOL

24

80 SSD

8

DB

24

250 SSD

8

 

Up to 50,000 Devices

Server

RAM (GB)

Storage (GB)

CPU (# Reserved Cores)

GYTPOL

32

150 SSD

16

DB

64

450 SSD

16

For customers with specific scenarios, please take note of the following:

  • Customers managing more than 50,000 devices are advised to contact support@gytpol.com for specialized sizing recommendations.

  • If you are using the Nutanix hypervisor, please contact support@gytpol.com for further guidance and support tailored to your specific setup.

Operating System and Language

  • A dedicated physical or virtual server is required, running Windows Server 2016 Standard or a later version.

  • Windows Server language settings (detailed checks are here):

    • The Windows Server operating system must be set to use the English (United States) language.

    • The Windows Server language for non-Unicode programs must be set to use the English (United States) language.

  • Customers who use a separate database server should install SQL Server 2016 Standard or a later version. For detailed instructions on configuring MS SQL, please consult Appendix 1.

Users and Groups

To create a domain user with the specified permissions and ensure the password adheres to the given criteria, follow these steps:

Create the User:

  • Open the Active Directory Users and Computers management console.

  • Navigate to the appropriate organizational unit (OU) or location where you want to create the user.

  • Right-click on the OU, select "New," and then choose "User."

  • Follow the prompts to set up the user account. You can use your naming convention, but for purpose of this document, let's call the user "GYTPOLSVC."

Set Password Criteria:

When setting the password for "GYTPOLSVC," make sure it does not contain any of the following characters ', ", ~, ;, commas or spaces

Assign Permissions (optional):

  • For a more stringent permission setup, you can create a security group within Active Directory, e.g., "GYTPOL_UI_Access”.

  • Add "GYTPOLSVC" to the "GYTPOL_UI_Access" group.

  • This group will be used to access GYTPOL UI or system settings during the initial server configuration.

  • By default, all authenticated users are granted access to the GYTPOL UI, which can be modified using the Roles and Permissions screen after the initial installation process.

 

By following these steps, you will have created a domain user, set a password that adheres to your criteria, and established a security group for GYTPOL UI access, all in compliance with your requirements.

Permissions

Follow the below table to set the permissions regarding the user and the group (follow hyperlinks for how to’s):

 

Type

Name

Permission set

AD User

GytpolSvc

Domain level:

Member of Domain Group: “Performance Log Users”

 

GYTPOL Server local settings:

Local admin on GYTPOL server

Logon as a service

Logon as a batch job

 

GPMC permissions

Server software and general settings

Requirement

How to Verify

Web Browser supports Chromium

We recommend using the latest version of either MS Chromium Edge or Google Chrome browsers.

However, in offline or closed environments, a minimum version of 100 is required.

.NET 4.7.2 installed

(Installed by default on Server 2019)

https://dotnet.microsoft.com/en-us/download/dotnet-framework/thank-you/net472-web-installer

Notepad++ installed

(Optional, yet strongly advised to simplify configuration management)

https://notepad-plus-plus.org/downloads/

The minimum required version of PowerShell is 5.1.

(Installed by default on Server 2016 and later)

 

Ensure that the PowerShell script execution policy is not set to "Restricted" in any of its categories.

How to Check PowerShell Version and Restriction Mode

IPv6 disabled (Optional)

How to Check if IPv6 is disabled

Configure Windows Firewall inbound ports

- or -

Turn Windows Firewall OFF (service should be up and running)

In case of using the Windows Firewall

 

How to check if Windows Firewall is at ‘off’ state

IE enhanced disabled

How to Disable Internet Explorer Enhanced Security Configuration

Proxy is not configured

How to Disable Proxy Settings

After committed changes - restart the remote machine (GYTPOL server)

Admin Interface

  • You need a physical or virtual machine running at least Windows 7 SP1.

  • It is recommended to use the latest version of either MS Chromium Edge or Google Chrome browsers for optimal compatibility.

Sensor Requirements

  • Ensure that Task Scheduler is enabled for both user and computer.

  • Enable Event Viewer for both user and computer.

  • RSOP (Resultant Set of Policy) should be allowed.

  • PowerShell version requirements:

    • PowerShell 2.0 or later is required, with support for detection and auto-upgrade.

    • PowerShell 5.1 and later are preferred, as they support detection, auto-upgrade, remediation, and revert.

    • It is recommended to set PowerShell scripts to "All Signed&q