System Requirements

refer to the following system requirements for running belden horizon data operations minimum requirements a belden horizon data operations instance is designed to collect, analyze, and forward data these data operations could require heavy computing resources to be able to facilitate all the day to day processes a belden horizon data operations instance will execute although it is possible to run belden horizon data operations on a wide range of devices, not having enough computing resources for your particular scenario could create serious performance issues consider the following factors when deciding upon the hardware that your belden horizon data operations will use what is the amount of data that will be processed? what is your hardware budget? how many devices will you connect to belden horizon data operations? how many flows/analytics/applications/integrations will you need? what programming language and frameworks will you use? will you need frequent belden horizon data manager belden horizon data operations interactions (for example, in the case of automatic backups) as well? to address some of these questions, we recommend you first install belden horizon data operations on a test virtual machine (vm) then run a partial execution of all your possible workloads to see how it performs from there, you can get a better idea whether you need less, about the same, or a multiplying factor of your test vm's computing resources see below for setting up this vm deployment requirements bhdo can be deployed using docker, iso or ova files, and is compatible with both x86 and arm architectures the following table summarizes the minimum compute requirements when running bhdo in a vm or container minimum compute requirements (vm) minimum compute requirements (container) cores 2 2 memory 4 gb 2 gb storage 20 gb 10 gb recommended configurations a belden horizon data operations instance is typically customized under one of the following three configurations data pass through reading and passing data executed externally exclusively on integrations minimal data processing and/or storage performed on the belden horizon data operations instance most computing resources consumed by only devicehub and data storage/forwarding to integrations in stream processing low volume in stream processing of data using flows and/or analytics (for example, value change or anomaly detection) data stored in influxdb for local visualization using a container running the grafana or python application computing resources consumed by influxdb, flows, analytics, containers, and devicehub heavy in stream processing and application usage high volume in stream processing of all collected data involving complex flows and analytics multiple flows are configured with the maximum allowed ram in analytics, many groups operate, each including multiple processors several containers may be run for further data processing, traceability, downtime recording, and so on influxdb will require additional cpu and ram resources if a large number of devices and tags are configured each device will become its own influxdb data table (measurement) computing resources consumed by user defined code within flows, applications, and analytics flows the following table summarizes parameters for the above three starting configurations when sizing a belden horizon data operations instance configuration 1 (data pass through) configuration 2 (in stream processing) configuration 3 (heavy in stream processing and application usage) devices 1 5 5 10 10+ average tags per device 10 20 20 100 100+ flows instances 0 4 1 4 1 4 average flow nodes < 10 10 50 50+ analytics 0 5 5 25 25+ applications/containers 0 1 2 2+ integrations 1 2 1 5 5+ influxdb usage optional mandatory mandatory opc ua server usage cannot function with opc ua server can function with opc ua server can function with opc ua server cores 4 8 12+ memory(ram) 8 16 gb 16 32 gb 32+ gb storage (disc) 100 250 gb 250 500 gb 500+ gb nic (network interface) typically at least two one for it network (users, belden horizon data manager, integrations) one for ot network (plc connectivity) typically at least two one for it network (users, belden horizon data manager, integrations) one for ot network (plc connectivity) typically at least two one for it network (users, belden horizon data manager, integrations) one for ot network (plc connectivity) firewall port configuration requirements note you have the option of managing ports in belden horizon data operations see docid\ zvyrnvndt8tupqf48bn8i to learn more the firewall managing belden horizon data operations' traffic must always open the following ports function for belden horizon data operations port # encrypted direction protocol description source (port is used by who/what) destination (port must be opened at) accessing belden horizon data operations through a web user interface 443 yes ssl inbound tcp https belden horizon data operations users belden horizon data operations to allow a connection with belden horizon data operations and belden horizon data manager, the following ports must be open function for belden horizon data operations port # encrypted direction protocol description source (port is used by who/what) destination (port must be opened at) redirects 443 80 no inbound tcp http belden horizon data operations users belden horizon data operations connect belden horizon data operations to belden horizon data manager 8883 yes mqtts outbound tcp mqtt ssl belden horizon data operations belden horizon data manager and customer mqtt broker connect belden horizon data operations to belden horizon data manager 443 yes outbound tcp https belden horizon data operations belden horizon data manager connect belden horizon data operations to belden horizon data manager 51820 yes outbound udp udp belden horizon data manager remote access belden horizon data operations belden horizon data manager the firewall managing belden horizon data operations' traffic must open only if corresponding services are present and running function for belden horizon data operations port # encrypted direction protocol description source (port is used by who/what) destination (port must be opened at) use belden horizon data operations as an ftp server 21, 2121 no inbound tcp ftp customer ftp server belden horizon data operations use belden horizon data operations as an ssh server used for backend support access 22 yes session key inbound tcp ssh belden support team belden horizon data operations redirects 443 80 no inbound tcp http belden horizon data operations users belden horizon data operations use belden horizon data operations as an ldap client 389 no outbound tcp ldap belden horizon data operations customer ldap server use belden horizon data operations as an ldap client 636 yes ssl outbound tcp ldap with ssl belden horizon data operations customer ldap server use belden horizon data operations as an opc ua server 4840 yes (depends on server settings) inbound tcp/udp opc ua server customer northbound application belden horizon data operations connect belden horizon data operations to belden horizon data manager 8883 yes mqtts outbound tcp mqtt ssl belden horizon data operations belden horizon data manager and customer mqtt broker connect belden horizon data operations to belden horizon data manager 443 yes outbound tcp https belden horizon data operations belden horizon data manager connect belden horizon data operations to belden horizon data manager 51820 yes outbound udp belden horizon data manager remote access belden horizon data operations belden horizon data manager collaboration with name servers to replace ip of bhdo with a name server 5353 no outbound udp mdns (multicast dns) belden horizon data operations multicast local network collaboration with name servers to replace ip of bhdo with a name server 5355 no inbound tcp/udp llmnr (link local multicast resolution) 224 0 0 252 belden horizon data operations remote access over internet when accessing belden horizon data operations 9993 yes (asymmetric public key encryption) outbound udp remote access belden support team belden horizon data operations plc specific ports the firewall managing belden horizon data operations' traffic must open specific ports for certain plc devices to connect to belden horizon data operations ports for industrial systems and sensors connections are plc specific and should be open on a case by case basis see the docid\ dwzbxd8qukasr1egr2c3r for more information marketplace ports marketplace applications manage their own ports those ports are application specific and are outside of the iptables firewall other ports any other ports are blocked by the iptables firewall this means that the belden horizon data operations flows application can initiate only outgoing traffic and cannot listen to incoming connections