IndiGo Hardware and Networking Requirements

Introduction

The specifications in this document apply to physical servers. If an institution chooses to use virtual servers, they must be provisioned to the same standard as the equivalent physical servers.

Each system described below includes both a database server and an application server to meet PCI-DSS requirement 2.2.1. However, for Cardinal and Indigo installations, these roles may be combined on a single physical or virtual server if no sensitive data is stored.

Requirements for iVeri Indigo Server(s)

Transaction Volume	Server
Up to twenty thousand transactions per month	Configuration requirements listed below
Over twenty thousand but below one hundred thousand transactions per month

If PCI DSS is a requirement (PCI-DSS 2.2.1) then separate database and application servers are required. If it isn't a requirement and since card data is not stored then only a single server that is both database and application server is necessary.

Configuration

Hardware

Component	Description	Notes
CPU	4 CPU’s	OS, OS Swap and Applications
Memory	8GB minimum
Disks	Hard Disk with a minimum effective capacity of 250GB
NIC	100 Mb NIC minimum

Note: For new integrations, hardware specifications must be submitted for approval before installation to confirm that the minimum configuration requirements are met.

Software

Component	Description
OS	Use the current supported versions of Windows and Ubuntu. Servers must remain eligible for current security updates.
Database	PostgreSQL 10.x 64 bit or above
Java	JRE 1.8 64 bit or above

Networking

Each Server requires an internal IP address allocated to it as well as outbound access to the iVeri Gateway it processes transactions through.

In addition to the internal address further internal IP addresses may be required according to the services hosted on the Server. These additional IP addresses may require NATs to be configured on the institutions boundary firewall to internet routable IP addresses.

Additional Requirements for Configuration

If email notifications are required, an SMTP gateway must be available.
Disaster recovery for the iVeri Indigo Server requires one application server with the same specifications as the production servers.
The customer is responsible for backing up the operating system, application, and data in line with existing backup procedures.
The customer is responsible for monitoring the application server hardware in line with existing monitoring processes.
The customer must provide iVeri Payment Technology with remote access to the application server for maintenance purposes.
The customer must allow iVeri Payment Technology to upload software updates and patches to the Indigo server.
Websites exposed to the internet require SSL certificates. The certificate may be self-signed or issued by a recognized certificate authority.
If the installation must comply with PCI requirements, it should be performed by someone familiar with PCI and in accordance with the applicable PA-DSS.

Implementation Guide

The Indigo server MUST always remain on clean UPS power. Without UPS protection, the configuration is vulnerable to power fluctuations that may corrupt the SD card.