Installation Requirements¶
The Device Hub server application can be hosted by Leitwert or deployed on a server provided by you. Please contact Leitwert support to analyse your situation and identify, design and implement the best solution for your use case.
If you choose to host the Device Hub application yourself, the following minimum requirements must be met.
Overview¶
Integration and required ports of the Device Hub in the hospital network
As illustrated above, the Device Hub components (dms services, dh services, monitoring services) can be deployed in the closed hospital network as dockerized containers on two separate virtual machines. An opened port to the public internet to access the docker registry is required. The ports to an external NTP server, smtp server, debian repository and pypi repository are only required, if they are not available within the Hospital Network.
The wearable devices connect to the Gateways via Bluetooth. The Gateways in turn connect to the Device Hub via the WLAN network available on the wards. The Gateways communicate with the Device Hub only via a select number of ports (see graphic above), which need to be accessible.
Device Hub Requirements¶
Minimum Server Requirements¶
The Device Hub consists of two server applications, which run on two different servers to increase the robustness of the system.
In order for the server applications to run smoothly, the following minimum requirements must be met:
Server 1
| \ | Requirement |
|---|---|
| RAM | 16 GB |
| CPU | 4 Cores |
| Storage | 100 GB SSD (depends on data to be gathered) |
| OS | Debian 11 |
| Access | Root Access |
Server 2
| \ | Requirement |
|---|---|
| RAM | 32 GB |
| CPU | 4 Cores |
| Storage | 300 GB SSD (depends on data to be gathered) |
| OS | Debian 11 |
| Access | Root Access |
Note
Storage requirements for the Device Hub depend mainly on the amount of data to be gathered. If you intend to gather large amounts of sensor raw data, 300 GB disk space as indicated in the table above is likely not enough. Please consult with Leitwert to ensure enough storage space.
Network Requirements¶
The following network requirements apply to both servers:
- Having access to the internet via port 22443 to access Leitwert's docker registry
- Having access to an internal or public (port 123) NTP server
- Having access to an internal or public (port 587) smtp server to send emails for user registration
- Having access to an internal or public (port 443) debian apt and pypi repository
- Domains for dms, dh and monitoring components like dms.project.mycompany.ch
- Certificates signed for domains
- Port 22 open to access the servers via ssh using provided external access method (e.g. virtual desktop, VPN)
Gateway Requirements¶
The device IDs of the Gateways must be registered on the Device Hub. This can either be done using the user frontend or with a script through the REST API.
Authentication with WLAN¶
Username and Password¶
If Gateways always remain in the same location, they can be pre-configured to access the related WLAN network.
Alternatively, the WLAN of the Gateways can be configured manually by users via the "Gateway Configuration App" (see Gateway Setup for more information).
Note
The manual configuration of the WLAN access using the mobile app is currently only available for WPA2 or open networks.
Certificate¶
If certificates are required for authentication with the WLAN network, they must be issued by the corresponding certificate authority and pre-installed on the Gateways by Leitwert.
Whitelisting¶
If the gateways need to be whitelisted to access the WLAN, it is preferred to use hostnames or MAC addresses, since there is no fix IP address for the Gateways.
Note
It is recommended to also whitelist the gateways in the LAN network to enable access for tech support in case they can't connect to WLAN anymore
Gateway Software Updates¶
Software updates for Gateways can be released through the Device Hub, on which the Gateways are registered. Gateways will update automatically the next time they connect with the Device Hub server.
For more information on how to release software updates, see section Firmware Updates.
Note
Software updates can contain the requirement to download specific Python packages from the public internet. If the public internet can't be contacted by the Gateways from within your network, all relevant URLs need to be whitelisted for Gateway software updates to work.
Time Server Access¶
The Gateways require access to a time server to synchronize time (e.g. europe.pool.ntp.org). Please specify, if only a specific time server can be used within your network.
Remote Access for Initial Configuration and Testing¶
We need to be able to access the Gateways remotely for the initial installation e.g. via SSH. This access can be temporary, until all Gateways are deployed and tested. If remote access is not possible, an on-site visit by one of our engineers is required.