Azure Deployment Guide

Teramind on Azure Overview

All Teramind solutions are available to deploy on Microsoft’s enterprise-ready Azure platform as a Private Cloud option. This deployment guide will help you discover what you can expect from your Teramind on Azure deployment and provide you with installation prerequisites, step-by-step instructions, technical and support information.

Architecture Self-contained, Linux-based VM
Data Center Deploy on a wide selection of data centers/regions
License Endpoint based. Same as Teramind On-Premise. More information on licensing can be found here.
Server Managed by you, VHD provided by Teramind
Updates Periodic, single file, uploaded to the dashboard
Backups Managed by you through the Azure Portal
Scalability Vertical/horizontal scaling with optional auto scaling
Support Free basic infrastructure support from Microsoft. Teramind support includes: installation assistance, 24/7 follow-the-sun, enterprise SLA
Additional Options
  • Manual/remote/silent agent install options
  • Active Directory/Group Policy support
  • SIEM & Project Management software integrations
i
After you have finished the deployment, you should update your server and apply any latest patch. Check out this article to learn how: How to update the Teramind Server and BI Classification (On-Premise / Private Cloud deployment).

You can download a PDF version of the deployment guide by clicking the button below:

 

 Download the Azure Deployment Guide

Deployment Video

Benefits of Deploying Teramind on Azure

If you prefer on-premise deployments but unwilling to incur the cost and hassle of an in-house infrastructure or you want to move to the Cloud but have been concerned about compliance or security, or have made the transition and already host on Azure, then Teramind on Azure is the right choice for you. Here are some infrastructure benefits you can expect if you choose to deploy Teramind on Azure:

Flexible and Competitive Pricing

No upfront cost, you only pay for the resources you consume (i.e. CPU, storage, memory). Additionally, you can save even more if you already use Windows Server and SQL Server. Teramind’s configuration for a standard deployment (D4d v4 instance, supporting up to 100 users) costs only a few cents per hour*.

*Infrastructure costs are set by Microsoft and subject to change.

Most Coverage

With 54 regions* in 140 countries, Azure has the most coverage than any cloud provider. Global customers can reduce the infrastructure cost and complexity while meeting local residency requirements by hosting in an Azure data center. Moreover, you can pair regions and Availability Zones for your ideal Teramind setup.

*Not all regions are currently available on Teramind. See the Regions/Data Centers section for a list of supported regions.

Easy Deployment

Create a Teramind machine instance in minutes by launching the Teramind deployment from the Teramind Azure Marketplace page. Or, if you prefer, deploy programmatically using API calls, ARM templates, or the PowerShell console to automatically deploy without using the Azure Portal.

Premium Storage and Optimization

The majority of the Teramind Azure deployments come with SSDs designed for high-performance and low-latency disk support. Additionally, Teramind lets you choose from a range of instance types optimized for special purposes like Compute/Storage Optimized instances.

Agility and Scaling

Vertical and horizontal scaling with optional auto-scaling allows you to scale the number of running instances up or down, based on telemetry data automatically with Azure Monitor.

Reliability and Disaster Recovery

Your data stays resilient with Azure’s High Availability (HA), redundancy with multi-geo replications, on-demand backup, and offsite disaster recovery features.

Security and Compliance

With 70+ compliance offerings, Azure has the largest portfolio in the industry when it comes to security, privacy, and transparency. Combining this with Teramind’s conformance with GDPR, HIPAA, PCI DSS, etc. makes Teramind and Azure an ideal package for customers in government, healthcare, finance, and other regulated industries.

Central Management Console

Configure and manage all your deployments from one central location. Azure also comes with built-in support for application monitoring, log analytics, patching, backup, and site recovery so you can focus on your Teramind application and not worry about managing the infrastructure.

Primary Server Requirements

Deployments for under 1,000 concurrent users can be hosted on one all-inclusive server, in most cases. VM instance(s) should be provisioned based on the expected number of concurrent monitored sessions, according to the following table:

Concurrent Users Server Requirements Instance Type
Up to 100 1 Teramind Master Server (VM) D4d v4
Up to 500 1 Teramind Master Server (VM) D8d v4
Up to 1, 000 1 Teramind Master Server (VM) D16d v4
Larger deployments:
1,000 or more concurrent users
1 Teramind Master Server (VM) D16d v4
1 Teramind App Server (VM)
per 1,000 concurrent users
D16d v4
1 Teramind BI Server (VM) D16d v4

Database Server Requirements

Concurrent Users Server Type CPU/Disk
Up to 100 1 Basic
  • CPU: 2 vCores
  • Disk: 100 GB*
Up to 500 1 General Purpose
  • CPU: 4 vCores
  • Disk: 500 GB*
Up to 1, 000 1 General Purpose
  • CPU: 8 vCores
  • Disk: 1 TB*
Larger deployments:
1,000 or more concurrent users
1 General Purpose
  • CPU: 16 vCores
  • Disk: 1 TB or more*

* Disk size is estimated for 1 year of average usage and may vary depending on monitored data, monitoring profiles, etc.

OCR Server Requirements

i
You need to set up at least one OCR Database Node and one Mining Node for the OCR features to work.
No of Users Server Requirements Instance Type
Less than 200 users 1 OCR Database Node D4d v4
1 OCR Mining Node D16d v4
Larger deployments of 200 or more users 1 OCR Database Node D4d v4
Disk: 100 GB
1 OCR Mining Node per 200 users D16d v4
Disk: 24 GB
i
You will need to adjust the disk size as you add or remove video recordings over time. See the Storage Requirements section below for more information.

Storage Requirements

Primary Storage

The Teramind virtual appliance comes with a primary volume of 32 GB by default. This volume contains the Teramind server application and database. The size of this volume can be increased at a later point in time. 

i
Teramind requires the primary volume to be on SSD or equivalently fast storage for deployments above 500 users.
i
BI Classifications needs about 5GB of disk space plus additional disk space equivalent to about 20% of your current DB size. So for example, if you have a database of 100GB the BI deployment will need 20GB+5GB = 25GB space. Check out this article to learn how to update your BI classifications.
Storage for Screen Recordings

The simplest way to add scalable storage is to use Microsoft Azure Blob Storage. For instructions on how to do so, check out Step 3: Creating a Microsoft Azure Blob Storage.

i
Blob Storage is mandatory if you have a multi-server deployment (a deployment that has more than one Teramind App Server).

Agent Requirements

i
Detailed agent specifications can be found here.

Installation Prerequisites

  • An Azure account
  • Your Teramind license key, available from Teramind Self-Hosted portal at: https://www.teramind.co/portal
  • An SSH client like Putty if you are using Windows

Step 1: Creating an Azure Instance and Accessing it with SSH

1.1 Accessing the Teramind on Azure Portal

 

mceclip0.png

Visit: www.teramind.co/deployment/azure and click the Check out Teramind on Azure Marketplace button.

  1. Once on the portal, click the GET IT NOW A window will pop up with the title, Create the app in Azure.
  2. Click the Continue

This will launch the Azure Portal and take you to Teramind’s Home page. You might be asked to log in if you are not already..

1.2 Launching the VM Creation Wizard

mceclip1.png

Click the Create button.

This will take you to the Create a virtual machine page.

1.3 Configuring the VM Basics

Screenshot_3_place.png

The Create a virtual machine page has several tabs.

Click the Basic tab if it’s not selected already.

Under the Project details section, select an existing Resource group. Or, create a new group by clicking the Create new link.

Under the Instance details section, enter a Virtual machine name and select a Region and Size for the machine.

i
Check out the Primary Server Requirements section above for help on choosing an instance.

Under the Administrator account, select the SSH public key for the Authentication type option. Enter a Username. Select Generate new key pair for the SSH public key source option. Enter a Key pair name.

Click the Next: Disks button to continue.

1.4 Configuring the VM Disks

mceclip2.png

On the Disks tab, you can choose disk type, encryption, and other options. For this demonstration, we will keep the default settings for these options.

Click the Next: Networking button to continue.

i
Note that Teramind requires the primary volume to be on SSD or equivalently fast storage for deployments above 500 users.

1.5 Configuring the VM Networking

mceclip3.png

Teramind already comes with a pre-configured network interface card (NIC) with the necessary NSG rules for use with the VM. So, unless you have special needs, you can keep the default settings on the Networking screen.

Click the Next: Management button to continue.

1.6 Configuring the VM Management Options

mceclip4.png

The Management screen let you turn the settings for Monitoring, Identity and Auto-Shutdown options.

Under the Monitoring section, Disable the Boot diagnostics option.

Click the Next: Advanced button to continue.

1.7 Configuring the VM Advanced Options

mceclip5.png

You can add post-deployment extensions, custom data such as a script or a file, and configure other options from the Advanced screen.

For this tutorial, we will not need any of these options.

Click the Next: Tags button near the bottom of the page to continue.

1.8 Adding Tags to the VM

mceclip6.png

Tags allow you to categorize resources for consolidated billings. You can decide to use this feature if you want. For this tutorial, we will not use any tags.

Scroll to the bottom of the page and click the Next: Review + create button.  Azure will run a validation check for all the settings.

1.9 Validating the VM Settings

mceclip7.png

Wait while Azure runs a validation check for all the settings.

1.10 Creating the VM

Screenshot_9_place.png

Once Azure is done with the checks, it will show a Validation passed message unless it encounters any errors.

Review all your settings and click the Create button near the bottom of the page to start creating the virtual machine.

Depending on your settings, it may take a few minutes to create the instance.

1.11 Downloading the Private Key

mceclip8.png

Since we used the SSH public key as the authentication type (Step 1-3), Azure will generate a private key (PEM file) which you can download by clicking the Download private key and create resource button. Save the key in a secure place. You will need it in Step 1-15 to log in to your instance.

Click the Return to create a virtual machine button when ready.

1.12 Waiting for the VM Deployment

mceclip9.png

You will see a ‘Deployment is in progress’ message and a blue progress icon next to your instance while it is being created. It might take a few minutes to complete the deployment.

1.13 Launching the VM Resource Page

mceclip10.png

Once the VM is ready, you will see a ‘Your deployment is complete’ message.

Click the Go to resource button to continue to your VM’s resource page.

1.14 Copying the VM's Public IP Address

mceclip11.png

Make sure you are on the Overview tab (second tab from the left). You will see a summary of the VM’s settings and current status.

From under the Networking section, copy or write down the Public IP address for the virtual machine. We will use this IP for the next step.

1.15 Accessing the Teramind Server with SSH

mceclip0.png

Launch an SSH session. If you are on Windows, you can use a tool like Putty or a similar utility for the SSH. Make sure you have administrative access.

Type:

ssh -i <pem file> <username>@<ip_address>

Press Enter.

Where <pem file> is the full path of the PEM file you downloaded in Step 1-11. <username> is the Username you used for the administrator account when creating the VM in Step 1-3. And finally, <ip_address> is the public IP address you copied in the previous step (Step 1-14).

Press Enter. If you are asked to continue connecting, type yes and press Enter again.

1.16 Getting Ready for the Next Step

mceclip1.png

Once the server is ready, you will be prompted for a Role (master). However, before we can do that, we need to take care of few other things.

Keep this command window open as you will use it to finalize the setup in Step 4.

Step 2: Creating an Azure Database for PostgreSQL

External databases are not mandatory. However, using the Azure Database for PostgreSQL will improve the scalability of your server and is recommended for deployments over 100 concurrent users.

For this tutorial, we will show you how to create an Azure Database for PostgreSQL to use with Teramind.

If you already know how to create a database, you can skip the next step.

i
If you already know how to create an Azure Database for PostgreSQL, you can skip this step.

2.1 Adding a New Resource for the DB

mceclip0.png

From the Azure Portal, click All resources from the left-sidebar.

Click the + Create button on top.

You will be taken to the Create a resource panel.

2.2 Adding the Azure DB Resource

mceclip1.png

Select Databases from the list of resources (you can also use the search field to locate it).

Select Azure Database for PostgreSQL from the list of databases on the right.

You will be taken to the resource deployment page.

2.3 Selecting a DB Deployment Plan

mceclip2.png

On the deployment option page, you will be asked how you want to use the service.

Click the Create button under the Single server plan.

2.4 Configuring the DB Basics

Screenshot_20_place.png

On the Single server page, under the first tab, Basics, select the Resource group you want to use or click the create new link under it to create a new group.

Enter a name in the Server name field under the Server Details section.

Provide your admin username and password to authenticate the account.

For this tutorial, you can keep other options to their default values.

Click the Next: Additional settings button to continue.

i
Check out the Database Server Requirements section above for help on choosing an instance for your database.

2.5 Configuring Additional DB Settings

mceclip3.png

Additional settings tab allows you to customize additional configuration parameters such as data encryption.

For this tutorial, we will keep the default configurations.

Click the Next: Tags button to continue.

2.6 Adding Tags to the DB

mceclip4.png

Tags allow you to categorize resources for consolidated billings. For this tutorial, we will not use any tags.

Click the Next: Review + create button to continue.

2.7 Creating the DB

Screenshot_23_place.png

On the Review + create tab, you will be able to see the estimated cost per month to use the database and a summary of your configurations.

Review all your settings and click the Create button near the bottom.

It might take a few minutes to create the database.

2.8 Waiting for the DB Deployment

mceclip5.png

You will see a ‘Deployment is in progress’ message and a blue progress icon next to your database server while it is being created. It might take a few minutes to complete the deployment.

2.9 Launching the DB Resource Page

mceclip6.png

Once the database is ready, you will see a ‘Your deployment is complete’ message.

Click the Go to resource button to continue to your database’s resource page.

2.10 Configuring the DB Connection Security Settings

Screenshot_26_place.png

Select the Connection security tab (2nd tab from the left).

Turn the Allow access to Azure services option ON.

DISABLE the Enforce SSL connection option near the bottom.

Click the Save icon on top to save the changes.

We will connect to this database later in Step 4.

Step 3: Creating a Microsoft Azure Blob Storage

External storage is not mandatory for Teramind deployments. However, Teramind uses file storage for OCR screen recordings, and Microsoft Azure Blob Storage is an efficient, secure, scalable, and redundant solution to store such data within Azure. External storage is recommended for deployments of over 100 concurrent monitored users.

i
For more information on external storage, check out the Storage Requirements section on this guide.
i
If you already know how to create a Microsoft Azure Blob storage, you can skip this step.

3.1 Adding a New Resource for the Storage

mceclip7.png

From the Azure Portal, click All resources from the left-sidebar.

Click the + Create button on top.

You will be taken to the Create a resource panel.

3.2 Adding the Storage Account

Screenshot_28_place.png

Select Storage from the list of resources (you can also use the search field to locate it).

Select Storage account from the list of storage options on the right.

You will be taken to the Create a storage account page.

3.3 Configuring the Storage Basics

mceclip8.png

On the Create storage account page, under the first tab, Basics, select the Resource group you want to use or click the create new link under it to create a new group.

Enter a name in the Storage account name field under the Instance Details section.

You can configure other options such as Region, Performance, and Redundancy. For this tutorial, we will keep them to their default values.

Click the Next: Advanced button to continue.

3.4 Configuring the Storage Advanced Settings

Screenshot_30_place.png

On the Advanced tab, configure as follows:

  • Enable secure transfer: Enabled
  • Enable blob public access: Enabled
  • Enable storage account key access: Enabled
  • Access tier: Hot

Click the Next: Networking button to continue.

3.5 Configuring the Storage Networking Options

mceclip9.png

On the Networking tab, configure as follows:

  • Connectivity method: Public endpoint (all networks)
  • Routing preference: Microsoft network routing

Click the Next: Data protection button to continue.

3.6 Configuring the Storage Data Protection Settings

Screenshot_32_place.png

On the Data protection tab, configure as follows:

  • Enable soft delete for blobs: Enabled
  • Enable soft delete for file shares: Enabled

Click the Next: Tags button to continue.

3.7 Adding Tags to the Storage

mceclip10.png

Tags allow you to categorize resources for consolidated billings. For this tutorial, we will not use any tags.

Click the Next: Review + create button. Azure will run a validation check for all the settings.

3.8 Creating the Storage

Screenshot_34_place.png

Azure will confirm with a 'Validation passed' message unless it encounters any errors.

Review all your settings and click the Create button near the bottom of the page when ready.

It might take a few minutes to create the storage.

3.9 Waiting for the Storage Deployment

mceclip11.png

You will see a ‘Deployment is in progress’ while your storage account is being created. It might take a few minutes to complete the deployment.

3.10 Launching the Storage Resource Page

mceclip12.png

Once the storage is ready, you will see a ‘Your deployment is complete’ message.

You can see your newly created storage by clicking the Go to resource button.

We will connect to this storage in Step 4.

Step 4: Finishing the Deployment

As the last step of the server deployment process, you will need to assign the external database and storage to your master instance, setup the Teramind Server using the SSH and finally, configure your account settings on the Teramind Dashboard..

i
After you finish the deployment, you should update your server and apply any latest patch. Check out this article: How to update the Teramind Server and BI Classification (On-Premise / Private Cloud deployment).

4.1 Confirming the Master Role and Use of External Database

mceclip0.png

Go back to the SSH window you used in Step 1-16.

Give the master role a name (e.g. ‘master’) at the ‘Role (master)’ prompt.

At the ‘Use external database?’ prompt enter yes.

Next, Teramind will ask for the connection details for the database.

4.2 Opening the Database Overview Panel

mceclip1.png

Go back to the Azure portal.

Click All resources.

Click your database (e.g. ‘newdatabase2’) from the list of resources. You can narrow down the list using the Filter option on top.

It will open the database Overview panel.

4.3 Copying the Database Login Details

mceclip2.png

From the database’s Overview panel, near the top-right corner, copy or write down the Server name and the Admin username.

4.4 Entering the Database Login Details in SSH

mceclip3.png

Go back to the SSH window you opened in Step 4-1.

Paste or type the database host name (the Server name you copied in the previous step), and press Enter.

Paste or type the database username (the Admin username you copied in the previous step), and press Enter.

Type the database password you used when you created the database in Step 2-4, and press Enter.

i
During the database setup process, if you are prompted to enter a password, use the admin password you assigned to the VM in Step 1-3 (not the database password).

4.5 Confirming the Use of Azure Storage

mceclip4.png

Once the database setup is done, Teramind will ask if you want to use Azure storage.

Type yes and press Enter.

Next, you will need to provide the Azure storage account name and the access key to connect.

4.6 Opening the Storage Access Keys Panel

mceclip5.png

Go back to the Azure portal.

Click All resources.

Click your storage account name (e.g. ‘teststoragename2’) from the list of resources. You can narrow down the list using the Filter option on top.

Click Access keys from the right panel.

4.7 Copying the Storage Access Details

mceclip6.png

On the Access keys panel, click the Show keys / Hide keys button to show/hide keys.

Copy or write down the Storage account name.

Copy or write down the key under key1 too.

4.8 Entering the Storage Access Details in SSH

mceclip7.png

Go back to the SSH window.

Paste or type the Storage account name you just copied, and press Enter.

Paste or type the storage key1 you copied in the previous step and press Enter.

Teramind will configure the storage and finalize the server installation.

4.9 Finishing the SSH Session

mceclip8.png

Once you have entered the bucket Teramind will set up the servers. Finally, you will be provided with a link to your dashboard. Click the link or enter it on your browser to continue.

You can close the SSH window.

4.10 Accessing the Teramind Server

mceclip9.png

When you open the Teramind Server link in the browser, you may be displayed a warning message. This is because you are using an HTTPS connection without an SSL certificate. Most browsers will allow you to continue with an override action.

If you are using Google Chrome, click the ADVANCED link on the page and select the Proceed to… option.

4.11 Agreeing to the EULA

mceclip19.png

When you enter the Teramind Dashboard for the first time, you will see the End-User License Agreement screen.

Scroll down and click the Accept & Continue button.

4.12 Setting the Language and Timezone

mceclip20.png

On the Welcome to Teramind screen, select your language and timezone and click CONTINUE.

4.13 Setting Up Your Admin Account

mceclip21.png

On the Lets secure your Teramind installation screen, enter an email and a password for your Admin account.

4.14 Getting Your License Key

mceclip0.png

Open a new browser tab and go to: https://www.teramind.co/portal. Login with the admin email and password.

Click the Licenses tab.

From the list of licenses, click the Key link under the Actions column. A pop-up will display the license key.

Copy the license key or write it down.

4.15 Entering the License Key

mceclip23.png

Go back to your Teramind Dashboard. Enter the license key and click the CONTINUE button.

4.16 Finishing the Server Setup

mceclip24.png

At this stage, you can install the Teramind agent and start monitoring the targeted computer(s). Or, you can do it later.

To install the agent, click one of the options under Install agents. If you need help installing the agent, check out this article on our Knowledge Base. You can also watch this short video: Downloading and Installing Teramind's Hidden Agent

To install the agent at a later time, click the SKIP TO DASHBOARD button.

You are done setting up your Teramind Server. If you want to use the OCR feature, continue to Step 5 below.

Step 5: Setting Up the OCR (optional)

If you want to use the OCR feature, you will need to setup two VMs/nodes in addition to a master node.

5.1 Creating the OCR Nodes

mceclip10.png

Create the master VM/node as usual.

Then, create two additional VMs/nodes. The first node is for the OCR database. In Teramind, we will refer to it as elastic. This node will be used by the OCR engine for metadata and other processing activities. The second node is for storing the videos. In Teramind, we will refer to it as teracv.

It does not matter how you name the databases, just make sure to assign the correct database to the correct role later in the SSH steps. Also, please make sure that all the nodes are in the same Resource group.

i
For more information on the OCR server requirements, check out the OCR Server Requirements section on this guide.

5.2 Copying the OCR Database Node's Public IP Address

mceclip11.png

Click All resources from the left panel of the Azure Portal and open the elastic instance (e.g. ‘TeramindElastic’).

Click the Overview tab and copy the Public IP address located under the Essentials section.

5.3 Logging into the OCR Database Node

mceclip12.png

Launch an SSH session. If you are on Windows, you can use a tool like Putty or a similar utility for the SSH. Make sure you have administrative access.

If you used the username/password option for your elastic VM’s Authentication type, then use the following command:

Type:

ssh <username>@<ip_address>

Press Enter.

Where <username> is the Username you used for the administrator account when creating the VM and <ip_address> is the Public IP address you copied in the previous step.

Type the password and press Enter.

i

If you used the SSH public key option for your VM’s Authentication type, then use the following command:

ssh -i "<pem file>" <username>@<ip_address>

Where <pem file> is the full path of the key pair file you downloaded when creating the VM.

5.4 Copying the Master Node's Private IP Address

mceclip13.png

lick All resources from the left panel of the Azure Portal and open the master instance (e.g. ‘Teramindtest’).

Click the Overview tab and copy the Private IP address located under the Networking section.

5.5 Connecting the OCR Database Node with the Master Node

mceclip14.png

Go back to the command prompt window.

When asked, enter elastic at the Role (Master) prompt.

At the Enter master address prompt, type/paste the Private IP address you copied in the previous step.

It might take a few minutes for Teramind to set up the elastic node.

5.6 Copying the OCR Mining Node's Public IP Address

mceclip15.png

Click All resources from the left panel of the Azure Portal and open the teracv instance (e.g. ‘TeramindTeracv’).

Click the Overview tab and copy the Public IP address located under the Essentials section.

5.7 Logging into the OCR Mining Node

mceclip17.png

Go back to the SSH window or launch a new one.

If you used the username/password option for your teracv VM’s Authentication type, then use the following command:

Type:

ssh <username>@<ip_address>

Press Enter.

Where <username> is the Username you used for the administrator account when creating the VM and <ip_address> is the Public IP address you copied in the previous step.

Type the password and press Enter.

i

If you used the SSH public key option for your VM’s Authentication type, then use the following command:

ssh -i "<pem file>" <username>@<ip_address>

Where <pem file> is the full path of the key pair file you downloaded when creating the VM.

5.8 Connecting the OCR Mining Node with the Master Node

mceclip18.png

When asked, enter teracv at the Role (Master) prompt.

At the Enter master address prompt, enter the Private IP address you copied in Step 5-4.

It might take a few minutes for Teramind to set up the teracv node.

Once done, you can exit the SSH session.

5.9 Accessing the Teramind Settings

mceclip33.png

We will now need to approve the two nodes on the Teramind Dashboard.

Login to your Teramind Dashboard on the master server.

Click the Cog Wheel icon near the top-right corner of the dashboard and select Settings from the pull-down menu.

5.10 Approving the Nodes

Screenshot_11_place.png

From the Settings screen, click the Server management tab.

Turn on the ENABLE MULTI-NODE DEPLOYMENT option under the Security settings section.

Under the Nodes section, you will notice the Screen mining database node and the Screen mining node.

Approve both nodes by clicking the APPROVE buttons.

You are now all setup for the OCR.

Step 6: Installing the Teramind Agent

Teramind Agent can be installed both locally and remotely. Check out this article to learn how to download and install the agent: How to download and install the Teramind Agent.

Firewall & Proxy Considerations

In most cases, you should not have to change any settings to get Teramind to work. By default, the Teramind Agents communicate with the Teramind server on two ports: 443, and 10000.

The Teramind management interface is entirely web driven and runs over HTTPS (port 443). This means that most proxies will allow the traffic through, provided you properly installed your SSL certificates.

For live and recorded screen playback, as well as live sessions listing, Teramind uses Websockets. Although Websockets operates as HTTPS over port 443, some older proxies may not recognize this protocol. In either case, if you are experiencing trouble accessing your Teramind dashboard, try to disable your proxy temporarily to isolate the cause.

Also note that, if audio recording is enabled, Teramind Agent will connect to the server on a random UDP ports in the range 1000-65535 to send the audio recordings. Make sure UDP ports in that range are enabled and open from the endpoint to the server.

i
If you encounter any issues with your firewall or proxy, check out this troubleshooting article for help: Firewall and proxy issues.

Antivirus Considerations

Teramind Agent and its drivers come digitally signed with an extended-validation certificate. We’ve made every effort to coordinate our signature with the major antivirus vendors, and as a result, Teramind should work normally with the vast majority of antivirus software. 

i
If you encounter any issues, check out the Antivirus Configuration Guide for help.

Azure Additional Configurations

Once you have installed Teramind successfully, you can configure other aspects of the server, agent and other settings entirely from the web-based dashboard. 

Changing the License Key

Check out this article for help: How to change the license key (On-Premise / Private Cloud Deployment).

Setting Up the Active Directory / LDAP Integration

Check out the Active Directory section on the Teramind User Guide to learn how to setup an Active Directory / LDAP integration.

SMTP Email

Check out this article for help: SMTP Configurations (On-Premise).

SSL Certificate

Check out the Settings > Security > SSL section on the Teramind User Guide to learn how to setup the SSL certificates. You can also create your own SSL certificates for use with your on-premise deployments. To learn how to generate such self-signed certificates, check out this article.

Azure Architecture

architecture-Azure.png

  1. Teramind Agent asks Management Server for an Application Server IP and port
  2. Management Server responds
  3. Teramind Agent connects to the assigned Application Server
  1. OCR Miner talks to the Management Server and asks for a record to process
  2. Management Server fetches a screen file from the Microsoft Azure Blob Storage and sends it to the OCR Miner Node
  3. Once OCR is done, the OCR Miner sends results as text to the Management Server
  4. Management Server writes the OCR result text to Elasticsearch

The Management Server serves the admin dashboard, load balances agents, and provides data to the OCR Miner Nodes. Teramind Agent connects to an Application Server via an always-on, TLS-encrypted connection, using our own protocol based on Google Protocol Buffers. OCR Miners are stateless and work with spot instances.

Azure Technical Specifications, Licensing and Support

Regions / Data Centers Teramind on Azure deployment is available on the following data centers/regions (subject to change). We recommend you choose a region closest to you for faster service and lower latency:
  • Canada Central
  • Canada East
  • Central US
  • East US
  • East US 2
  • North Central US
  • South Central US
  • West Central US
  • West US
  • West US 2
  • Canada Central
  • Canada East
  • Central US
  • East US
  • East US 2
  • North Central US
  • South Central US
  • West Central US
  • West US
  • West US 2
OS 64-bit Linux/Unix, Debian 9 Azure Image (VHD).
Databases Azure SQL volume by default. Optionally, Microsoft Azure Blob Storage and Azure Database for PostgreSQL are supported.
Instances For a typical deployment of up to 100 concurrent users, Teramind recommends a B4MS Standard VM with 4 Cores, 16GB RAM and 32GB SSD. Various other instances types (Basic, Standard, General Purpose, Memory Optimized, Compute Optimized) with different combinations of CPU, RAM, SSD and HDD options are available to meet specific use cases. Please check out the Primary Server Requirements / OCR Server Requirements / Storage Requirements sections for more information.
License BYOL (bring your own Teramind license). Click here to try it out or subscribe to Teramind On-Premise/Private Cloud offer.
Support Basic infrastructure support is available for free from Microsoft. Teramind support is included as part of the Teramind subscription.
Was this article helpful?
0 out of 0 found this helpful