Handle's infrastructure overview guides setup and customization for secure, efficient, and optimal performance.
We get a lot of questions from customers who are setting up a new server or migrating to new hardware.. They want to know the server requirements and the best way to configure their servers for their potentially unique situation. Whether you are self-hosted, hosting at our facilities, or using some other provider, the pieces are all the same. But for each, the configuration requirements are the same.
In this article, we give you an overview of how it works and what’s required.
Overview of the Handle Cloud and Data Server
The Handle 2.0 Cloud hosts the Handle 2.0 application and has everything you need to power the application and its components. It has a five-step authentication process:
- Login: The user logs in and enters their credentials
- Validation: Handle Cloud validates your user and device (2 factor authentication)
- Token: Handle Cloud returns a secure token and the application to the user
- Connection: The user’s device securely connects directly to your Handle server
- Data: The data your user has set up is downloaded and cached on the device
When the user logs in, their username and password tell the Cloud server which data server they need to connect to.
Every organization has a data server that pulls the data, combines it, and runs all their automations and scripts. The data server can be hosted with us, another hosting environment, or internally.
Once the data server authenticates the login, we implement a hybrid model, passing a secure token to the user’s device, whether that’s a mobile device or desktop. This allows them access to Handle’s server, just as a passport allows entry into another country.
The user now has a temporary connection for as long as their session lasts on that device, IP, and network. And as long as that user remains authenticated, it will let them through and give them access to the application.
Login and Security
Many people connect their logins directly to Azure or Office 365, so they can adopt its protocols for multi-factor authentication (MFA) and passwords. With this integration, the system will mirror your Microsoft configurations and will authenticate through that platform.
Alternatively, you can use the standard setup, hosted by us. This will implement Handle’s login and multi-factor authentication (MFA) methods and password requirements.
Handle’s default password requirements are:
- Minimum 6 characters
- 1 special character
- 1 number
- 1 lowercase character
- 1 uppercase character
But you can request to increase minimum requirements for added security.
The standard setup monitors the user, their IP addresses, and the devices they’ve been on. It will check consistently when they log in, and if they haven’t logged in from that device or network before, they’ll get an email with a link to confirm basically it’s them logging in.
If anyone tries to hack in or use someone’s username and password on an unauthenticated device, the user will get a verification email alerting them to the fact that someone’s tried to log in. The email requires the user to verify that device by clicking on a link in the email.
Data Server Requirements
Hardware requirements are based on the amount of load you put on the server rather than the number of users. The number of users can help provide a guideline but the level of integrations, how often they process, and the amount of data processed in dashboards and preloaded views will determine the necessary hardware.
With this in mind, we typically recommend the Handle’s Standard setup for 100 or fewer users.
- CPU: Quad-core, 2.5 GHz or greater
- RAM: 64GB Recommended
- Storage: Two physical or logical drives, 350GB SSD (one storage, one backup)
You can also split the database and application server. Using multiple application servers, you can balance the load. It also gives you a few additional advantages:
- It’s more secure.
- The two servers are compartmentalized, and you can control traffic between them.
- You can be very specific about the resources on each server.
Most organizations don’t need to take this approach, but larger organizations sometimes anticipate that they’ll need to do heavy processing and want the system to run fast. It also allows you to optimize the resources on each server depending on the need.
If you want the two-server setup, let us know. We can talk about the best setup for your needs. For example, we can sometimes get away with fewer resources on the database server than the application server or vice versa, depending on the processes you’re going to be running.
Database Requirements
You have two options for our database: Express and Standard. Both of them are run on Microsoft SQL’s database.
Option 1 is Express, Microsoft’s free edition of SQL Server. Currently, it allows up to 10 GB of space and storage and as many as 4 cores, which is all many organizations need.
Option 2 is Microsoft’s Standard edition. If you want to optimize the database, its queries and capabilities, enabling it to run faster and more efficiently, and if you want to integrate with other databases, you’ll need to upgrade to a higher level of SQL. Currently, the Standard edition provides 524 GB of space and storage and as many as 24 cores. This will require additional licensing.
We do not sell SQL licenses or provide them with Handle, so you can choose the option that works best for you. If you currently have SQL licenses, we can use those or drop our database into your database server.
Network Configuration
Your network configuration can be simple or complex, depending on your firewalls and concurrent configurations you have in place.
Most organizations allow us to connect directly to the data server and route to that from the public IP. If the public IP can be redirected to your internal data server, everything will be able to connect with no issues. Users will be able to log in, get their secure token, and connect back to the database.
Important: People will connect to the Handle Application from inside and outside the network . When they’re outside, we have the routing control needed to ensure they can get to the data. When they’re connecting internally, either in a store location or in any place that is on that network, you’ll need the internal DNS record that’s pointing the external address back to your internal IP for the data server.
Need Help Setting Up Handle’s Data Server & Security?
You can reach out to us at any time at https://texadasoftware.com/support/. We’ll talk with you about the best setup and resources for your needs.