Old Version 5
changes.mady.by.user Ann Base
New Version Current
changes.mady.by.user Ylva Andersson
- This line was added.
- This line was removed.
- Formatting was changed.
This article discusses the recommendations for Smart ID deployment.
Smart ID Certificate Manager and Nexus OCSP Responder are not included in this description.
Deployment and sizing considerations
Smart ID is a highly flexible and scalable solution for small or large enterprises. Since Smart ID covers many different use cases and scenarios, the expected load on the different components and therefore the sizing and resource planning can differ significantly between customer cases.
The following list of considerations are guidelines to help our customers and partners to plan their specific setup.
The number of users is an indicator how many concurrent users we will have in the system. Card officers and registration officers typically work in the system multiple hours per day, while self-service users typically access it a couple of minutes at a time and quite rarely. There might be a peak of self-service users, for example when a lot of certificates expire at the same time or if an organizational change is done that require self-service interaction.
For authentication requests via the Digital Access Portal, in an enterprise scenario there is typically a peak in the morning and then a constant load during the day. This causes traffic on the Digital Access Portal and the Smart ID Messaging service.
A high number of concurrent users will cause load on the application servers. In that case, a load balancer setup with multiple nodes should be considered for the corresponding components.
Consider these questions about users and roles:
Besides the use cases that are executed on the user front end, such as card enrollment, self-service tasks, and authentication requests, there are typically also processes running in the background. These background processes include daily synchronization with a user repository, for example Active Directory or HR system, automatic locking or revocation of credentials based on leaving dates, cleanup tasks, bulk requests for new credentials, or automatic certificate enrollment via protocols such as SCEP or ACME.
When scheduling these tasks, the following should be considered:
Smart ID is typically the central platform to manage any kind of identities and corresponding credentials in an organization. Therefore, Smart ID has to collect, store and manage certain information about lots of different entities in the database. The number and type of entities to be stored can vary significantly depending on the customers scenarios. Therefore it is important to plan the sizing of the database properly.
Consider the following points:
The minimum database requirements can be found on each database vendor's page for setting up an appropriate database. These requirements apply to a standard shipment of Smart ID
The database server should be run in default configuration. Deviations from the standard configuration need to be aligned with your Nexus partner or Nexus project team.
There might be some specifics to each Smart ID component, which can be found via the links in the "More on requirements and interoperability" section.
The correct server sizing or capacity depends on the use cases, user load and, for example, automated import and export processes and should therefore be defined together with your Nexus partner or Nexus project team.
Performance tuning, adding indexes and statistics need to be aligned with your Nexus partner or Nexus project team, to avoid, for example, later update issues. If you have highly customized processes and use cases, the data amount in the database depends on the complexity of the processes and how often these trigger the persistence in its runtime (number of save tasks, state change tasks, user forms, etc.) multiplied by the number of users using these processes. In this case your Nexus partner or Nexus project team is recommended to measure the database growth on their test systems, in order to give you the best possible indication.
Supported databases and browsers
These databases are supported by all Smart ID components:
- MS SQL 2019
- Postgres 11, 12
- MS Azure SQL
- Oracle 19c (Except for Physical Access)
The following browsers are supported by all Smart ID components::
- Mozilla Firefox with any latest version
- Google Chrome with any latest version
- Edge Chromium with any latest version
- Safari with any latest version
More on requirements and interoperability
For more information on the full support of databases, operating systems, browsers, and so on, see the following articles:
- Digital Access component requirements and interoperability
- Identity Manager requirements and interoperability
- Install and upgrade Smart ID Messaging
- Card SDK requirements and interoperability
- Personal Desktop Client requirements and interoperability
- Smart ID Desktop App requirements and interoperability
- Smart ID Mobile App requirements and interoperability
This article is valid includes updates for Smart ID 2122.04 and later10.