Contents:
Cayosoft Guardian System Requirements
Note: Installing the Administrator Service and Cayosoft Guardian on the same server is not supported. Cayosoft strongly recommends installing them on separate servers to ensure optimal performance.
Hardware Requirements
Component | Requirements |
---|---|
Platform |
2 GHz or higher Intel-compatible dual or quad-core CPU |
Memory |
8 GB minimum, 16 GB recommended
Note: For environments with 100k user accounts or more, 32 GB RAM or more is recommended.
|
Disk |
180 GB or more of free disk space |
Machine |
Physical, on-premises virtual, Azure VM, or AWS virtual server |
To help you determine the optimal hardware requirements for your environment, check the hardware configuration calculator.
Software Requirements
Component | Requirements |
---|---|
OS |
Windows Server 2016, 2019 and 2022 Windows 10 Pro |
Active Directory Forest Functional level |
2012R2, 2016
|
Active Directory Domain Functional level |
2012R2, 2016 |
Web browsers |
Google Chrome (versions released within the past 12 months) |
Database |
Cayosoft Guardian comes with a built-in SQL Server Express LocalDB. For production workloads, SQL Server 2017 or later, or Azure SQL, or SQL Server on AWS is strongly recommended. Azure SQL standard database must be created with one of the following configurations:
SQL Server on AWS must be created with at least db.m5.large model. |
Required ports |
Important: Microsoft Internet Explorer is not supported.
Required Permissions
System or task | Permissions |
---|---|
Azure AD / Office 365 Exchange Online |
Office 365 connection account should hold the Azure AD Global Admin Role in each connected Office 365 / Azure AD tenant. Connection account must be a cloud-only account, i.e., not synchronized with on-premises Active Directory. Connection account should not be used in any other application or script except Cayosoft Guardian. To use notification channels, you must apply Office 365 license to Office 365 connection account with assigned Microsoft Teams and Exchange online options. |
Active Directory domain partition |
Active Directory connection account should be a Domain Admin. |
Active Directory schema, configuration, or application partition |
Active Directory connection account should be Enterprise Admins and Schema Admins. |
To configure gMSA connection account |
An Enterprise admin account is required to configure gMSA for the entire forest and a Domain Admin for managing a specific domain. To grant admin rights for read-only gMSA when performing rollback i.e., Admin account for elevating permissions, the specified admin account must have permissions to update members of the corresponding groups. |
To send email and email alerts |
The Cayosoft Guardian Service Account should have a Microsoft Exchange Online license with an instantiated mailbox. Cayosoft recommends assigning an E1 license to the service account. |
To send Microsoft Teams Alerts |
The Cayosoft Guardian Service Account should have a Microsoft Teams license. Cayosoft recommends assigning a E1 level license to the service account. |
Create an Azure share for backups |
An account with a Contributor role in the resource group is required if you plan to create a resource group manually and only allow Cayosoft Guardian to create the resources, such as Azure file shares. |
Create Azure resources for recovery site |
An account with a Contributor role in the resource group is required if you plan to create a resource group manually and only allow Cayosoft Guardian to create the resources. A Contributor role for the subscription is required for Cayosoft Guardian to create a resource group with all resources. Assign this role to an account that you use to add a new subscription under Cloud Services. An account with Global Admin role is required to add the subscription into Cayosoft Guardian. |
Using an Azure blob storage in backup plans |
An account with Storage Blob Data Contributor role on a subscription level is required. Assign this role to an account that you use to add a new subscription under Cloud Services. |
Create resources in AWS |
To back up to S3 storage and create resources in AWS, Cayosoft Guardian requires an account with the following permissions:
Cayosoft recommends creating a separate organization and accounts for instant forest recovery, so the service accounts can only access resources required for forest recovery, and it does not have access to production workloads. |
Comments
0 comments
Please sign in to leave a comment.