System and Firewall Requirements

Operating System
  • Windows 2008r2 Server 32-bit and 64-bit (English)
  • Windows 2012 Server 64-bit (English)
Note: Aspera recommends installing Console on 64-bit Windows, which is essential for maximizing MySQL performance.
Minimum Hardware Requirement
  • 2 GHz dual-core CPU (or better)
  • 4 GB of RAM
  • 2 GB of disk space
Data Storage Requirement

In terms of planning for the size growth of the database, the per file records generate 1-2KB per file transfer, and the session records generate 8-12KB per session. For some size estimates, here are a few examples:

  • 100 sessions per day of 1000 files each, all external transfers between managed and unmanaged nodes = approx 2 MB per day db growth, 60 MB per month, 700 MB per year.
  • 1000 sessions per day of 1 file each, all internal between managed nodes = approx 14 MB per day, 420 MB per month, 5 GB per year.
  • 1000 sessions per day, 10,000 files each, 50% internal between managed nodes, 50% external with unmanaged node = approx 15 GB per day, 450 GB per month, 5.4 TB per year.
Applications
  • MySQL Database
  • Apache HTTP Server
Note: If there is an existing installation, shut down the MySQL database and the Apache HTTP server during installation.
Node Machine
  • In order to work with Console, node machines must have an Aspera transfer product installed (IBM Aspera Enterprise Server, IBM Aspera Connect Server, or IBM Aspera Point-to-Point Client).
  • To use the new Console architecture implemented in Console version 3.0 and on, the Aspera transfer products on existing node machines must be upgraded to at least version 3.4.6 and ideally to the latest version. These legacy nodes must be converted to use Node API using the built-in convert option in the Console 3.0 Node edit screens.┬áIf a node is not converted to use Node API, the legacy node will continue to report to Console using the existing mechanism. For more information on node conversion, see Converting Legacy Nodes.
Firewall (on the Console Machine)

Open the following ports on the Console machine:

  • For the Web UI, allow inbound connections for HTTP or HTTPS Web access (for example, TCP/80, TCP/443).
  • Allow outbound connections for SSH (to be used for node administration) on a non-default, configurable TCP port (for example, . TCP/33001).
  • Allow an outbound connection for Aspera Central (for example, . TCP/40001).
  • Allow an inbound connection for MySQL (for example, . TCP/4406).
Firewall (on the Node Machines)
  • To ensure that your server is secure, Aspera strongly recommends allowing inbound connections for SSH on TCP/33001 (or on another non-default, configurable TCP port), and disallowing inbound connections on TCP/22. If you have a legacy customer base using TCP/22, you can allow inbound connections on both ports. For details on securing your individual Aspera transfer server product, review the corresponding user manuals.
  • Allow inbound connections for FASP transfers, which use UDP/33001 by default, although the server may also choose to run FASP transfers on another port.
  • For current nodes and legacy nodes that have been converted to current nodes, allow an inbound connection on TCP 9092.
  • For legacy nodes (unconverted), allow an inbound connection for Aspera Central (for example, TCP/40001).
  • For legacy nodes (unconverted), allow an outbound connection for logging to Console on TCP/4406.
Note: No servers are listening on UDP ports.
When an Aspera client initiates a transfer, the client opens an SSH session to the SSH server on the designated TCP port and negotiates the UDP port over which the data transfer will occur.

For Aspera servers that have multiple concurrent clients, the Windows operating system does not allow Aspera's FASP protocol to reuse the same UDP port for multiple connections. Thus, if you have multiple concurrent clients and your Aspera server runs on Windows, then you must allow inbound connections on a range of UDP ports, where the range of ports is equal to the maximum number of concurrent FASP transfers expected. These UDP ports should be opened incrementally from the base port, which is UDP/33001, by default. For example, to allow 10 concurrent FASP transfers, allow inbound traffic from UDP/33001 to UDP/33010.