# Requirements This page consolidates the requirements for all UDiTH Portal components. Please review the sections relevant to the components you intend to deploy. ## Ports For communication between the individual components and the clients, certain ports must be available. The port values shown are examples and can be adjusted. | Service | Protocol/Port | |--------------|----------------------------------------------| | Request | 443/TCP | | Direct Stream | P2P | | Authentication | 443/TCP or 8443/TCP (if on the same server with Windows) | | Relay Stream | 3478 TCP/UDP, port range 50000-51000/UDP (2 ports per stream, but most WebRTC implementations in browsers can open more than 2, in some cases 4-6. This also depends on the number of TURN server addresses specified in the configuration.) | | Management | 443/TCP | ## Common Requirements The following requirements apply across components, regardless of platform. - **Accurate server time** configuration (using NTP is recommended). - **Trusted SSL certificate** for the alias or (sub)domain: - Must meet current security standards. - The certificate and key are required as a `.pfx` file or similar. - **Alias or subdomain** for the server. - **Microsoft SQL Server 2016 or later**: - A database must already be created. - A user with **DB Owner** permissions on that database is required. - **TURN/STUN server** may be required for BBV, depending on your local network. ### Network - **Recommended:** 10 Gbit network connection - **Minimum:** 1 Gbit network connection ### Storage The backing storage for the Central Model Repository must be fast enough to saturate the network connection when serving models. As a guideline, plan for approximately **1000 read IOPS** and **100 MB/s** of read throughput per **1 Gbit** of network connection. | Network connection | Read IOPS | Read throughput | |--------------------|-------------|-----------------| | 1 Gbit | 1000 IOPS | 100 MB/s | | 10 Gbit | 10000 IOPS | 1000 MB/s | ### Latest validated versions - Keycloak 26.6.1 - MSSQL 2025 ## Portal (Windows) - **Windows Server 2016 or later** is required. - **.NET 10 Hosting Bundle**. - **SQL Server Express** can be installed during the main installation. - **IIS installation** with the **Default Website** accessible via **HTTPS**: - Setup via HTTP is **not supported**. - **Keycloak 26.x Server** must be pre-installed. ## Portal (Linux) - **Docker** is required. - To use the attribute indexing feature, a non-Express version of SQL Server should be used because of the storage requirements. - A **reverse proxy** in front of Portal is recommended. - **Keycloak 26.x Server**. ## Keycloak - Ensure that Keycloak can either: - Run on a different port than 443 (used by the web service), **or** - Use a separate IP address/server. - Currently, it seems **not possible** to use a reverse proxy like IIS to host both Keycloak and the web service on the **same subdomain and port**. ## Databases All database operations must be handled by the customer. Regular backups are recommended. Direct data manipulation on the database is prone to error and should be avoided.