network_design_-_where_to_setup_lucy
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
network_design_-_where_to_setup_lucy [2018/04/03 19:48] – lucy | network_design_-_where_to_setup_lucy [2019/10/14 15:45] (current) – lucy | ||
---|---|---|---|
Line 1: | Line 1: | ||
- | ===== Introduction | + | ===== On-premise installation vs. installation in the cloud ===== |
- | Lucy can be installed on premise or in the internet. | + | Lucy can be installed on-premise or in the internet |
Reasons for installing on an external server in the internet are: | Reasons for installing on an external server in the internet are: | ||
Line 12: | Line 12: | ||
Reasons for installing LUCY on premises are: | Reasons for installing LUCY on premises are: | ||
- | * **Legal**: Some laws might not allow you to store sensitive data on an external server outside your network or outside your country. Especially with the new data protection law in Europe (GDPR) you need to make sure any personalized or sensitive data is secured. | + | * **Legal**: Some laws might not allow you to store sensitive data on an external server outside your network or outside your country. Especially with the new data protection law in Europe ([[privacy_data_protection_and_gdpr|GDPR]]) you need to make sure any personalized or sensitive data is secured. |
* **Integration with certain features**: LUCY comes with different API's such as the[[ldap_integration| LDAP API]], the [[api|REST API]] etc. which are common for backend applications that are usually not exposed to the internet. | * **Integration with certain features**: LUCY comes with different API's such as the[[ldap_integration| LDAP API]], the [[api|REST API]] etc. which are common for backend applications that are usually not exposed to the internet. | ||
* **Security**: | * **Security**: | ||
- | ===== On premise installation ===== | + | ===== Where to place LUCY in an on-premise installation? ===== |
- | **Download: | + | You can place LUCY in the intranet or within a secured zone (DMZ). |
- | If you have decided | + | |
- | * **Virtual Box**: http:// | ||
- | * **Linux Installer**: | ||
- | * **ESX/ | ||
- | * **Vmware Image**: http:// | ||
- | * **Amazon**: http:// | ||
- | |||
- | If you require a different format (e.g. ovf), search for the according converter (e.g. search for " | ||
- | |||
- | **License: | ||
- | For testing purposes please send us the workstation ID (http:// | ||
- | |||
- | **Where to place LUCY in an onsite installation? | ||
- | You can place LUCY in the intranet or within a secured zone (DMZ). If you setup LUCY within the intranet you will have to consider the following challenges: | ||
- | |||
- | * Mail integration: | ||
- | |||
- | {{ setup_lan.png? | ||
- | |||
- | * DNS integration: | ||
- | |||
- | * HTTP/HTTPS access: The landing pages and the E-learning needs to be accessible via http or https (see [[ssl_configuration|this chapter]] for SSL configuration). If users from the internet have to access those pages, you need to make sure that you have setup an according port forwarding rule on your firewall together with a NAT entry, that points to LUCY. | ||
- | |||
- | * Security products and whitelisting: | ||
- | |||
- | * Securing the access: Once you finished the setup, you might want to prevent users from accessing the web based administration. In [[security_considerations|this chapter]] we discuss a few tips on how to secure LUCY. | ||
- | |||
- | |||
- | If you setup LUCY in a DMZ, you could as well consider using a LUCY instance only as a reverse proxy in the secured zone, and install the main application within the intranet as a " | ||
- | |||
- | |||
- | ===== LUCY Vmware technical components ===== | ||
- | |||
- | When you download and boot the VMware Image, all software components are integrated in that image. There is no need to install any additional software. All components (DB, mail server, web server etc,) are bundles within the VMware images and controlled by the internal LUCY software, which runs transparently in the background. The updating of those components is also done within the LUCY software through internal processes, which are not visible to the end user. | ||
- | |||
- | {{ vmwared1.png? | ||
+ | ===== On premise installation technical checklist ===== | ||
+ | Please consult [[installation_checklist|this chapter]]. | ||
network_design_-_where_to_setup_lucy.1522777718.txt.gz · Last modified: 2019/07/25 12:51 (external edit)