Supported operating systems
- Astra Linux versions 1.7.5 / 1.7.6 / 1.8.1/1.8.2
- RedOS versions 7.3.4 / 7.3.5 / 8.0
- Ubuntu 22.04 LTS / 24.04 LTS
Hardware requirements
The IP addresses of the VMs on which NAICE is deployed must be configured statically!
Single-host deployment
Minimum requirements (suitable only for test operation):
- CPU: 4
- RAM: 10 Gb
- HDD: 50 Gb
Recommended requirements:
- CPU: 8
- RAM: 16 Gb
- HDD: 1000 Gb
High-availability deployment
| Role | CPU | RAM | HDD |
|---|---|---|---|
| Minimum requirements for deploying NAICE on 2 VMs (test operation) | |||
| NAICE 1 + PostgreSQL node 1 | 6 | 10 Gb | 500 Gb |
| NAICE 2 + PostgreSQL node 2 | 6 | 10 Gb | 500 Gb |
| Recommended requirements for deployment on 2 VMs (fewer than 1000 network devices) | |||
| NAICE 1 + PostgreSQL node 1 | 8 | 16 Gb | 1000 Gb |
| NAICE 2 + PostgreSQL node 2 | 8 | 16 Gb | 1000 Gb |
| Recommended requirements for deployment on 4 VMs (more than 1000 network devices) | |||
| NAICE 1 | 16 | 32 Gb | 100 Gb |
| NAICE 2 | 16 | 32 Gb | 100 Gb |
| PostgreSQL node 1 | 8 | 16 Gb | 1000 Gb |
| PostgreSQL node 2 | 8 | 16 Gb | 1000 Gb |
Disk layout requirements
By default, NAICE stores configuration files in the /etc/docker-naice/ directory.
This directory also contains PostgreSQL database files and database backups.
Docker uses the /var/lib/docker/ directory to store containers and their logs.
When allocating partitions and mounting disks, ensure that these directories have sufficient space for deployment and normal system operation.
VM for running Ansible playbooks
| Role | CPU | RAM | HDD | Notes |
|---|---|---|---|---|
| Host for running Ansible playbooks | 1 | 4 Gb | 100 Gb | Ubuntu 24.04 required |
RADIUS protocol attribute requirements
RADIUS Access-Request messages sent by network devices during user authentication must include:
User-Name— required to determine the user login (except when authorization is based on a TLS certificate attribute);Calling-station-Id(in MAC address format) — required to determine the unique endpoint.
It is recommended that the following attributes be included:
Acct-Session-Id— a unique session identifier; without it, sessions can be distinguished only by indirect parameters;NAS-Port-Type— required for correct detection of connection type (wired/wireless);Service-Type— required for correct identification of the authentication method (802.1X / MAB).