System Requirements
Minimum Requirements
| Component | Requirement |
|---|---|
| OS | Linux x86_64 (Ubuntu 20.04+) |
| CPU | 4 cores |
| Memory | 4 GB RAM |
| Disk | 1 GB free space |
Recommended for Production
| Component | Recommendation |
|---|---|
| OS | Ubuntu 24.04 LTS |
| CPU | 8+ cores |
| Memory | 8 GB+ RAM |
| Network | Low-latency connection |
| Storage | SSD for logs |
Network Requirements
Outbound Connectivity
The service must reach:
- Facephi license servers (for license validation)
License Server Access
Required IPs and ports:
| IP | Port | Protocol |
|---|---|---|
| 52.223.22.71 | 443 | TCP/IP |
| 35.71.188.31 | 443 | TCP/IP |
| 75.2.113.112 | 443 | TCP/IP |
| 99.83.149.57 | 443 | TCP/IP |
Required URLs:
https://api.cryptlex.com:443https://api.eu.cryptlex.com:443
Configure firewall rules to allow outbound HTTPS traffic to these endpoints.
Deployment Architecture
The IAD Service operates as a stateless REST API that forwards requests to an IAD engine:
Client → IAD Service (Port 6982) → IAD Engine
- Multiple service instances can run behind a load balancer
- Each instance maintains a connection pool to the engine
- No session state is stored in the service
Performance Characteristics
| Metric | Typical Value |
|---|---|
| Latency | < 100ms |
| Throughput | Depends on engine capacity |
| Concurrent connections | Limited by number_of_threads config |
| Max request size | Configurable via client_max_body_size |
Security Considerations
- Deploy behind a reverse proxy or API gateway
- Enable SSL/TLS for all communications
- Protect license file with appropriate permissions (chmod 644)
- Use firewall rules to restrict inbound connections