1.3 Network Requirements

In addition to the servers on which Access Manager software is installed, your network environment must meet the following requirements:

  • An LDAP directory (eDirectory, Active Directory, or Azure Active Directory) that contains your system users. Identity Server uses the LDAP directory to authenticate users.

    NOTE:Azure Active Directory is supported when Access Manager is deployed on Microsoft Azure.

  • Web servers with content or applications that need protection and single-sign on.

  • Static IP addresses for each Access Manager Appliance. If the IP address of the machine changes, Access Manager Appliance components cannot start.

  • A domain name server, which resolves DNS names to IP addresses and which has reverse lookups enabled.

    Access Manager Appliance communicates with each other by their IP addresses, and some requests require them to match an IP address with the device's DNS name. Without reverse lookups enabled, these requests fail. In particular, Identity Servers perform reverse lookups to their user stores. If reverse lookups are not available, host table entries can be used.

  • Time must be synchronized to within one minute among all components of the configuration using NTP with RHEL 7.x. NTP is discontinued in RHEL 8, therefore with RHEL 8.x you must use Chrony. For more information, see Configuring Chrony.

    IMPORTANT:If time is not synchronized, you cannot authenticate and access resources.

  • (Optional) An L4 switch or similar solution if you are planning to configure load balancing.

  • Clients with an Internet browser.