Vous êtes sur la page 1sur 30

Double First

System Recommendations
Engage ...................................................................................................................................3

Engage Database ....................................................................................................................4

Software ...................................................................................................................................4

Hardware ...................................................................................................................................5

Engage Broker Service ...........................................................................................................6

Software ...................................................................................................................................6

Hardware ...................................................................................................................................6

Engage Desktop Application ................................................................................................7

Software ...................................................................................................................................7

Hardware ...................................................................................................................................8

Engage Portal...........................................................................................................................9

Software ...................................................................................................................................9

Hardware ................................................................................................................................ 11

Engage Analytics .................................................................................................................. 12

Software ................................................................................................................................ 12

Hardware ................................................................................................................................ 14

Engage Apps .......................................................................................................................... 15

Software ................................................................................................................................ 15

Hardware ................................................................................................................................ 15

Securing Engage Portal and Engage Analytics when published to the Internet ... 16

Network security .................................................................................................................... 17

Running multiple Engage components on servers ...................................................... 22

Engage Accounts .................................................................................................................. 23

Engage Accounts Database ............................................................................................... 24

Software ................................................................................................................................ 24

Hardware ................................................................................................................................ 25

Engage Accounts Desktop Application ........................................................................... 26

Software ................................................................................................................................ 26

Hardware ................................................................................................................................ 27

Double First Cloud ............................................................................................................... 28

Further information............................................................................................................ 29

1|P a g e
Document control

Version: 2.2

Date: 31/03/2017

Document owner: Ian Haig-Brown

The systems recommendations are based upon testing and experience of our software
products running on different hardware platforms. Every effort is made to provide as
much information as possible to guide our customers and ensure the correct
environment is deployed to get the best and fastest possible experience from our
software products.

If you have any queries, please contact Double First (spechelp@doublefirst.com) and we
will be pleased to support and advise.

2|P a g e
Engage

Engage is split into various components which all have specific requirements:

The Engage Database, which requires Microsoft SQL Server running on a


Microsoft Windows Server platform

The Engage Broker Service, which requires a Microsoft Windows Server


platform

The Engage Desktop Application, which requires a Microsoft Windows client


platform

The Engage Portal, which requires Microsofts Internet Information Services (IIS)
on a Microsoft Windows Server platform and a compatible browser

Engage Analytics, which requires Microsofts Internet Information Services (IIS)


on a Microsoft Windows Server platform and a compatible browser

The Engage Apps, which requires Microsofts Internet Information Services (IIS)
on a Microsoft Windows Server platform and a compatible mobile operating
system

Some of the components can be together on a shared server. This is detailed below in
the Running multiple Engage components servers section.

3|P a g e
Engage Database

Software

Microsoft SQL Server product Microsoft SQL Server 2008 R2


versions supported Microsoft SQL Server 2012
Microsoft SQL Server 2014
Microsoft SQL Server 2016

Microsoft Windows Server product Microsoft Windows Server 2008


versions supported Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2

Hotfixes, patches and updates to It is recommended that software is updated as recommended by


Microsoft Windows and SQL Server Microsoft in order to provide a secure and stable environment
products

Notes

General The SQL setting for COLLATION needs to be


SQL_Latin1_General_CP1_CI_AS

TCP/IP and named pipes must be enabled

Licencing Microsoft SQL Server licensing can either be purchased by the


customer from Double First directly or through the Microsoft
reseller channel

Microsoft Windows Server is never supplied by Double First

In order to take advantage of Microsofts preferential pricing in the


Education sector, it is sometimes necessary for the school to
purchase directly through a Microsoft software distributor using a
specific type of licensing agreement

4|P a g e
Hardware

Processor Intel Xeon 3200 compatible or above. Dual-core is recommended.


For larger schools over 1500 NOR, quad-core is recommended

Memory 8GB RAM or above. For larger schools over 1500 NOR, 16GB is
recommended

Hard Disk Space Hard disk space should be planned on the basis of pupil numbers
and anticipated intensity of use, with the Document Management
System (DMS) particularly in mind

As a minimum 100GB is recommended

We recommend running an additional 50MB per pupil for each year


running Engage as the database and DMS expands following the
user of the software

As an example:

Initial recommendation = 100GB


1500 NOR school, for 5 years (50MB x 1500 x 5) = 375GB
Total required for 5 years = 475GB

Network 1Gb/s to the desktop is recommended, with at least a 1Gb/s


network backbone

Virtualisation Engage has been tested and is used by our customers on the
Microsoft and VMWare hypervisors

5|P a g e
Engage Broker Service

Software

Microsoft Windows Server product Microsoft Windows Server 2008


versions supported Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2

Hotfixes, patches and updates to It is recommended that software is updated as recommended by


Microsoft Windows and SQL Server Microsoft in order to provide a secure and stable environment
products

Notes

Licencing Microsoft Windows Server is not supplied by Double First

Hardware

Processor Intel Xeon 3200 compatible or above. For larger schools over 1500
NOR, dual-core is recommended

Memory 4GB RAM or above. For larger schools over 1500 NOR, 8GB is
recommended

Hard Disk Space 100GB

Network 100Mb/s to the desktop is required as a minimum with a 100Mb/s


network backbone.

For schools over 500 NOR, 1Gb/s is required on the backbone.

1Gb/s to the desktop is recommended, with at least a 1Gb/s


network backbone

Virtualisation Engage has been tested on the Microsoft and VMWare hypervisors

6|P a g e
Engage Desktop Application

Software

Microsoft Windows client We recommend Microsoft Windows 10. Note that Windows 10 is the first
platform versions supported "Windows as a service" model of frequent operating system updates,
and there are constant updates to the operating system which Double
First will continue testing as released

Microsoft Windows 7 or above is also supported

Depending upon the version, Windows clients have a variety of editions.


Typically, schools will need to have an edition that supports Active
Directory domain membership to support a typical Microsoft
infrastructure

There are multiple versions of Windows in general, the Engage Desktop


Application is only supported on business versions of Windows where
the software can be joined to a Microsoft Active Directory domain

Apple Macintosh client The Engage Desktop Application has been tested in multiple virtualised
platform versions supported applications, including VMWare Fusion and Parallels, as well as thin client
environments, including Microsoft Remote Desktop Services and Citrix
and can be configured to act as though running natively depending upon
the software being used

The Microsoft Server and client platform versions still apply if virtualising
or running the software in thin client mode

The Engage Desktop Application cannot be run natively on an Apple


Macintosh MacOS operating system

.NET framework 4.0 SP1 is the minimum

3.5.1 is included with Windows 7 in any case, and therefore this should
not be an issue if running the minimum recommended Microsoft
Windows client platform version

Microsoft Office This is not necessary unless you wish to use integration features with the
Engage Desktop Application, such as mail merge

Version 2010 and above is required if you wish to use those features

Adobe Acrobat Reader Any version, but the latest is always recommended

Notes

Licencing Microsoft client software is not supplied by Double First

7|P a g e
Hardware

Processor Intel processors released in the last 5 years or compatible

Where virtualising on an Apple Macintosh platform, quad-core is


recommended, with at least two cores allocated to the Microsoft
Windows client operating software

Memory 4GB RAM or above

Where virtualising on an Apple Macintosh platform, 8GB is


recommended, with at least 4GB allocated to the Microsoft
Windows client operating software

Hard Disk Space 200GB

Network 100Mb/s is required as a minimum

1Gb/s is recommended

Display Graphics with resolution above 1024x768

8|P a g e
Engage Portal

Software

IIS versions supported All IIS versions on the below Windows Server platforms are
supported

Windows Server platform versions Microsoft Windows Server 2008


supported Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2

Supported Desktop Browsers Microsoft Internet Explorer 9 and above


Microsoft Edge
Google Chrome
Mozilla Firefox
Safari

Supported Mobile Device Browsers Safari on iOS8 or above

Chrome on Android

The Portal is tested on iOS and Android

9|P a g e
Notes

Licencing Microsoft Windows Server is not supplied by Double First

SMTP An SMTP relay server is required to send e-mails from Engage

Internal/External Access An A record entry to point DNS requests to the Portal is required
for internal and external access

SSL Certificate An SSL certificate is strongly recommended for external access to


the portal via HTTPS

Static IP Address To publish the portal from an on-premise server to the internet, a
static IP address is recommended

Alternatively, there are dynamic DNS services available if a dynamic


IP address is the only option available

Bandwidth It is recommended that 64Kb/s per concurrent user of bandwidth is


made available

Given there are some economies of scale, and connections are


rarely concurrent for multiple users, it is recommended 64Kb/s per
5 users is applied as a formula to calculate bandwidth e.g. 300
users = 3840Kb/s / 3.8Mb/s

This is particularly important when publishing the portal externally


and considering bandwidth needs

10 | P a g e
Hardware

Processor Intel Xeon 3200 compatible or above. For larger schools over 1500
NOR, dual-core is recommended

Memory 2GB RAM or above. For larger schools over 1500 NOR, 4GB is
recommended

Hard Disk Space 100GB

Network 100Mb/s to the desktop is required as a minimum with a 100Mb/s


network backbone

For schools over 500 NOR, 1Gb/s is required on the backbone.

1Gb/s to the desktop is recommended, with at least a 1Gb/s


network backbone

Virtualisation Engage has been tested on the Microsoft and VMWare hypervisors

11 | P a g e
Engage Analytics

Software

IIS versions supported All IIS versions on the below Windows Server platforms are
supported

Windows Server platform versions Microsoft Windows Server 2008


supported Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2

Supported Desktop Browsers Microsoft Internet Explorer 9 and above


Microsoft Edge
Google Chrome
Mozilla Firefox
Safari

Supported Mobile Device Browsers Safari on iOS8 or above

Chrome on Android

Analytics is tested on iOS and Android

12 | P a g e
Notes

Licencing Microsoft Windows Server is not supplied by Double First

Internal/External Access An A record entry to point DNS requests to Analytics is required


for internal and external access

SSL Certificate An SSL certificate is strongly recommended for external access to


the portal via HTTPS

Static IP Address To publish Analytics from an on-premise server to the internet, a


static IP address is recommended

Alternatively, there are dynamic DNS services available if a dynamic


IP address is the only option available

Most customers choose not to publish Analytics externally in any


case as this is considered an internal reporting tool, although some
customers wish to offer remote access through HTTPS

Bandwidth It is recommended that 64Kb/s per concurrent user of bandwidth is


made available

Given there are some economies of scale, and connections are


rarely concurrent for multiple users, it is recommended 64Kb/s per
5 users is applied as a formula to calculate bandwidth e.g. 10
users = 128Kb/s

This is particularly important when publishing Analytics externally


and considering bandwidth needs

13 | P a g e
Hardware

Processor Intel Xeon 3200 compatible or above. For larger schools over 1500
NOR, dual-core is recommended

Memory 2GB RAM or above. For larger schools over 1500 NOR, 4GB is
recommended

Hard Disk Space 100GB

Network 100Mb/s to the desktop is required as a minimum with a 100Mb/s


network backbone

For schools over 500 NOR, 1Gb/s is required on the backbone.

1Gb/s to the desktop is recommended, with at least a 1Gb/s


network backbone

Virtualisation Engage has been tested on the Microsoft and VMWare hypervisors

14 | P a g e
Engage Apps

Software

Engage Portal requirements In order for Engage Apps to work, Engage Portal must be installed,
setup and published to the internet via HTTPS

Supported Desktop Browsers Microsoft Internet Explorer 9 and above


Microsoft Edge
Google Chrome
Mozilla Firefox
Safari

Stores Engage Apps are available as free downloads in the Apple App Store
or Google Play

Hardware

Supported Mobile Devices iOS8 or above / Android Lollipop or above

15 | P a g e
Securing Engage Portal and Engage Analytics when published to the Internet

When confidential data is accessed over the Internet the issue of security must be
considered.

There are several steps that Double First has taken to offer protection against breaches
at the browser level, including scanning the code for vulnerabilities each time a new
version is released, and placing commands to discourage search engines from scanning
and indexing the pages.

However, there are some things we cannot protect which are part of the customers
responsibility.

For example, hosting Engage Portal or Engage Analytics with no encryption or proper
security in place on your school network, means you will be sending data as plain text
across the Internet which can make it relatively easy to intercept and exploit by those
with malicious intent.

Double First takes security very seriously. We want your use of Engage Portal and
Engage Analytics to be as safe as possible and therefore offer the following advice for all
installations:

o Do not publish the Engage Portal / Engage Analytics URLs (web address) on your
schools public website or other publicly available web pages, either visibly or in
hidden text. This not only prevents any inquisitive party from exploring things to
which they should not have access, but also avoids automatic devices/bots such
as search engine spiders from indexing the link.

o If teachers or parents intend accessing Engage Portal / Engage Analytics using


shared public machines then consider offering guidance notes to ensure they log
out and properly exit their browser prior to finishing.

o Always keep the anti-virus software on the servers up to date.

o Make sure Microsoft Windows security and critical updates are installed on the
servers during a regular maintenance window or better still, automatically.

o Ensure a valid firewall solution is in place.

o As a minimum, use a Secure Sockets Layer (SSL) certificate to encrypt your data.

o Consider using more robust forms of network security (see below).

16 | P a g e
Network security

In order to give some idea of how you can best protect use of school-hosted Engage
Portals / Engage Analytics on the Internet, the following are four approaches, starting
with our minimum recommended method:

o Low (minimum recommendation)

SSL is a method of encrypting data between the server and the end user. You will
need to purchase an SSL certificate that has an annual (or longer) renewal date.
Note it is important to keep your certificate up to date as the service will fail if it
expires.

You may well have seen sites that use this level of protection; the web address
commences https and you will usually see a padlock icon somewhere in the
browser to signify that that data flow between the browser and the server is
encrypted.

LAN Internet

Firewall port User accessing Engage Portal from


Engage Database and Engage Portal forwarding HTTPS Internet
with SSL certificate

17 | P a g e
o Medium

This option requires the use of SSL and a DMZ (De-Militarised Zone). A DMZ adds
an additional layer of security; the Engage Portal server is placed within the DMZ
and outside users will only have access to the contents of the DMZ.

For this option you will be required to have your Engage Broker server and
Engage Portal as separate machines.

LAN DMZ Internet

Engage Database
User accessing Engage Portal from
Internet

Engage Portal with SSL certificate

18 | P a g e
o Medium+

The difference between the medium and the medium+ option is the addition of
another firewall that sits between the DMZ and the SQL server.

LAN DMZ Internet

Engage Database Engage Portal with SSL certificate User accessing Engage Portal from
Internet

19 | P a g e
o High

This option requires that SSL and the DMZ are in place as well as an
authentication product for encryption and key generation/decryption. The
authentication server is placed in the DMZ along with the Engage Portal server.

When an Internet user logs into Engage Portal they enter their user name and
password along with the authentication key. The Engage Portal username and
password is verified against the Engage Database server and the key is verified
on the authentication server. Both forms of verification have to pass for the user
to successfully gain access to the Portal.

For this option all end users will require a key fob, App, mobile phone with text
messaging capability or similar technology.

LAN DMZ Internet

Engage Portal with SSL certificate

Engage Database
User accessing Engage Portal from
Internet (using key fob)

Authentication server operating with


key fob

20 | P a g e
For more information

If you would like to discuss any of these options, or to discuss related areas such as
provision of secure home internet access, please contact our colleagues at du Pr plc
(enquiries@dupre.co.uk) who will be able to provide a range of advice and solutions.

21 | P a g e
Running multiple Engage components on servers

Double First recommends that each Engage component is run on a separate server,
however, it is understood that schools may wish to run components on a shared server
in order to reduce the costs of running separate servers.

All of the Engage components can be run on the same server, but this is only
recommended for schools under 500 NOR. At least 16GB of RAM with a quad-core
server, 100Mb/s network from server to desktop, and the hard disk space requirements
added together is the minimum specification.

For larger implementations than 500 NOR, Engage Database and Engage Broker are
often run on the same server. Engage Portal and Engage Analytics are then run on a
separate server. This keeps the database/data access layers and the web access layer
on respective separate server platforms. The two separate minimum specifications in
terms of RAM and hard disk space should be added together to determine server
specification. Quad-core processors and 1Gb/s network from server to desktop is also
recommended.

22 | P a g e
Engage Accounts

Engage Accounts is split into various components which all have specific requirements:

The Engage Accounts Database, which requires Microsoft SQL Server running
on a Microsoft Windows Server platform, or Microsoft SQL Express running on a
Microsoft Windows Client or Server platform

The Engage Accounts Desktop Application, which requires a Microsoft


Windows client platform

23 | P a g e
Engage Accounts Database

Software

Microsoft SQL Server product Microsoft SQL Server 2008 R2


versions supported Microsoft SQL Server 2012
Microsoft SQL Server 2014
Microsoft SQL Server 2016

Microsoft Windows Server product Microsoft Windows Server 2008


versions supported (for installation Microsoft Windows Server 2008 R2
of Microsoft SQL Server if this Microsoft Windows Server 2012
option is chosen) Microsoft Windows Server 2012 R2

Hotfixes, patches and updates to It is recommended that software is updated as recommended by


Microsoft Windows and SQL Server Microsoft in order to provide a secure and stable environment
/ SQL Server Express products

Notes

General The SQL setting for COLLATION needs to be


SQL_Latin1_General_CP1_CI_AS

TCP/IP and named pipes must be enabled

Licencing Microsoft SQL Server licensing can either be purchased by the


customer from Double First directly or through the Microsoft
reseller channel

Microsoft Windows Server is not supplied by Double First

In order to take advantage of Microsofts preferential pricing in the


Education sector, it is sometimes necessary for the school to
purchase directly through a Microsoft software distributor using a
specific type of licensing agreement

24 | P a g e
Hardware

Processor Intel Xeon 3200 compatible or above. Dual-core is recommended.


For larger schools over 1500 NOR, quad-core is recommended

Memory 8GB RAM or above. For larger schools over 1500 NOR, 16GB is
recommended

Hard Disk Space 400GB is recommended

Network 1Gb/s to the desktop is recommended, with at least a 1Gb/s


network backbone

Virtualisation Engage has been tested and is used by our customers on the
Microsoft and VMWare hypervisors

25 | P a g e
Engage Accounts Desktop Application

Software

Microsoft Windows client platform We recommend Microsoft Windows 10


versions supported
Microsoft Windows 7 or above is also supported

Depending upon the version, Windows clients have a variety of


editions. Typically, schools will need to have an edition that
supports Active Directory domain membership to support a typical
Microsoft infrastructure

There are multiple versions of Windows in general, the Payroll


Database is only supported on business versions of Windows
where the software can be joined to a Microsoft Active Directory
domain

Apple Macintosh client platform The Engage Accounts Desktop Application has been tested in
versions supported multiple virtualised applications, including VMWare Fusion and
Parallels, as well as thin client environments, including Microsoft
Remote Desktop Services and Citrix and can be configured to act as
though running natively depending upon the software being used

The Microsoft Server and client platform versions still apply if


virtualising or running the software in thin client mode

The Engage Accounts Desktop Application cannot be run natively on


an Apple Macintosh MacOS operating system

Notes

Licencing Microsoft client software is not supplied by Double First

26 | P a g e
Hardware

Processor Intel processors released in the last 5 years or compatible

Where virtualising on an Apple Macintosh platform, quad-core is


recommended, with at least two cores allocated to the Microsoft
Windows client operating software

Memory 4GB RAM or above

Where virtualising on an Apple Macintosh platform, 8GB is


recommended, with at least 4GB allocated to the Microsoft Windows
client operating software

Hard Disk Space 100GB

Network 100Mb/s is required as a minimum

1Gb/s is recommended

Display Graphics with resolution above 1024x768

27 | P a g e
Double First Cloud

The Double First Cloud is operating using Amazon Web Services (AWS), a global leader
in providing hosted infrastructure.

The Double First Cloud serves all chosen applications from a web browser, from the
AWS data centre with the lowest latency to the customers primary premises.

The Cloud option can be offered with all Double First products.

As long as the client machine has a compatible browser, and for Desktop Applications a
compatible thin client with Microsofts Remote Desktop Services, any client can be used
with the Double First Cloud.

Windows, MacOS, Linux (most variants), ChromeOS, iOS and Android all have
compatible thin clients and browsers.

Further details on the benefits of the Double First Cloud are available as a separate
piece of collateral which can be requested from the Double First sales team.

28 | P a g e
Further information

Remote Support Double First utilises LogMeIn Rescue as a primary means of remote
support or Microsoft Remote Desktop as a secondary means

Double First is happy to use VPN tunnels/client as a method of


access if this is necessary to comply with a schools security policy

We request schools to agree to LogMeIn Rescue, ideally


Unattended, with a user account with the appropriate permissions
on the schools server(s) as this enables Double First to offer the
fastest possible resolution with the least disruption to school staff

Backups You are reminded that it is critical that backups are completed and
moved to an alternative location on a daily basis in order to prevent
data loss

We recommend customers ensure they have a disaster recovery


plan

This plan would ideally include sourcing a replacement server and


considering what will happen whilst the system is down, alongside a
regular routine to test restoration of data

Windows Server Active Directory We strongly recommend that a Windows Server Active Directory
environment is deployed for user authentication to Windows server
- workgroups can cause security problems

Anti-virus It is extremely important that sufficient anti-virus software is run on


any server or client machine

Double First cannot be responsible for issues which are as a result


of anti-virus not being run, such as viruses, spam, spyware,
ransomware, worms, adware, bots and malware (this list is not
intended to be exhaustive)

Issues that are suspected to be as a result of no anti-virus software


being run and require Double First intervention to solve, may incur
additional charges

END

Double First Ltd

29 | P a g e