System Requirements

The following are minimum requirements to use PAM for Single Server and medium use Production farms.

If questions about architecture and system recommendations for large scale farm deployments remain or issues arise while using PAM, please contact our Support team: https://support.imprivata.com/.

Component Single Server, Test or Quick Trial Medium Use Production Farm Enterprise Production Farm
Windows O/S (64-bit only) Windows Server 2019, 2022, 2025 / Windows 11 (24H2+) Windows Server 2019, 2022, 2025 Windows Server 2022, 2025
Linux O/S (64-bit only)

RHEL 8.x/9.x, Ubuntu 20.04* LTS/22.04/24.04 LTS, Debian 11/12/13, Rocky Linux 8.x/9.x, AlmaLinux 8.x/9.x*

 RHEL 8.x/9.x, Ubuntu 22.04/24.04 LTS, Debian 12/13, Rocky Linux 8.x/9.x, AlmaLinux 8.x/9.x RHEL 9.x, Ubuntu 22.04/24.04 LTS, Debian 12/13, Rocky Linux 9.x, AlmaLinux 9.x
CPU 2-4 vCPUs @ 2.4 GHz+ 4-8 vCPUs @ 2.4 GHz+ 8-16 vCPUs @ 2.4 GHz+
Memory (reserved for PAM use) 8 GB minimum, 16 GB recommended 16 GB minimum, 32 GB recommended 32-64 GB recommended
Disk Space (reserved for PAM use) 50 GB minimum 100-200 GB 500 GB - 2 TB+
Disk Type Standard HDD acceptable SSD recommended SSD/NVMe required
Database Included (Apache Derby)** MS SQL, MySQL, Oracle, PostgreSQL MS SQL, PostgreSQL, Oracle (external, dedicated)

*Ubuntu 20.04 legacy support - upgrade recommended

**For Single Server, Test or Quick Trial deployments the recommendation is to use the included, internal database however you can use any of the other supported databases that are available to you.

Important: Disk space requirements increase significantly when session video recordings are enabled. Plan for 10-100+ GB per month of additional storage depending on session volume and retention policies.

Software Requirements

Web Browsers

Microsoft Edge, Google Chrome, Mozilla Firefox, or Apple Safari (latest versions recommended).

Note: Internet Explorer is no longer supported as of July 17, 2022. IE users must transition to Microsoft Edge, Google Chrome, or Mozilla Firefox.

External Database Requirements

The default installation includes an internal database (Apache Derby) that can be deployed for testing and small deployments. For production deployments, an external database is strongly recommended.

Please be prepared to supply a valid connection string to your database as well as an appropriate user and password to successfully establish this connection. Please contact your Database Administrator if you need assistance.

Supported Database Requirements

Recommendation for New Deployments:

We recommend PostgreSQL or Microsoft SQL Server for new deployments due to optimal performance, reliability, and support. MySQL/MariaDB and Oracle are supported for existing customer environments.

Database Supported Versions Deployment Type Recommendation
PostgreSQL 12.x, 13.x, 14.x, 15.x, 16.x Network RECOMMENDED for new deployments - Best performance and scalability
Microsoft SQL Server 2016, 2017, 2019, 2022 Network RECOMMENDED for Windows environments - SQL Authentication only
MySQL 5.7, 8.0, 8.4 Network Supported - InnoDB engine required, Pessimistic Locking must be enabled
MariaDB 10.6+ Network Supported - Pessimistic Locking must be enabled
Oracle 12c, 19c, 21c, 23c Network Supported - For existing enterprise customers
Apache Derby 10.14+ Embedded, Network Test/Dev only - NOT recommended for production

Critical for MySQL/MariaDB: Pessimistic Locking must be enabled. Optimistic locking (which may be the default) will cause issues with PAM functionality and is not supported.

End of Life Notice: PostgreSQL versions 9.5, 10, and 11 are End of Life and no longer receive security updates. These versions are not recommended and may not be supported in future PAM releases.

External Database Server Hardware Requirements

The following are recommended hardware specifications for dedicated external database servers supporting PAM production deployments:

Component Medium Production Enterprise Production Notes
CPU 4-8 cores @ 2.4 GHz+ 8-16 cores @ 2.4 GHz+ Depends on concurrent users and session volume
Memory (RAM) 16-32 GB 32-64 GB Higher for environments with extensive audit logging
Disk Space 100 GB minimum 500 GB - 2 TB+ Significantly more if session video recordings stored in database
Disk Type SSD recommended SSD/NVMe required Critical for audit log and session recording performance
IOPS 1000+ IOPS 3000+ IOPS Higher for environments with session recording
Network Latency 10ms to PAM servers < 5ms to PAM servers Low latency critical for performance

Database Sizing Factors

Database sizing depends heavily on the following factors:

  • Number of concurrent users: 10-100 (small), 100-500 (medium), 500-2000+ (enterprise).

  • Number of managed privileged accounts: 100-1,000 (small), 1,000-10,000 (medium), 10,000-50,000+ (enterprise).

  • Session recording volume: Video recordings can consume 10-100+ GB per month.

  • Audit log retention: Longer retention periods require more storage.

  • Session frequency: High-frequency password checkouts and sessions increase database load.

High Availability Recommendations

For enterprise production deployments, consider implementing database high availability:

  • MS SQL Server: Always On Availability Groups or Failover Cluster Instances.

  • PostgreSQL: Streaming Replication with automatic failover (using tools like Patroni or repmgr).

  • Oracle: Real Application Clusters (RAC) or Data Guard.

  • MySQL: Group Replication or InnoDB Cluster.

IMPORTANT:

Critical: Database Co-Location Requirement

The external database server MUST be located in the same data center as the PAM application servers.

Why this matters:

  • PAM makes numerous sequential database calls during session operations.

  • Even "low" latency (10-20ms) across data centers compounds significantly with sequential calls.

  • Example: 50 sequential DB calls × 15ms latency = 750ms delay per operation.

  • Users will experience slow page loads, session launch delays, and timeout errors.

Observed Issues: Customers with PAM in Data Center A and database in Data Center B have experienced severe performance degradation, even when network monitoring tools showed acceptable latency. The cumulative effect of sequential database operations makes cross-data-center deployments unsuitable for production use.

Recommendation: Database server should be on the same network segment/VLAN as PAM servers with <1-2ms latency.

Network Requirements

Critical: PAM to Database Network Requirements

IMPORTANT:

Database MUST be in the same data center as PAM servers.

Configuration Latency Status Notes
Same rack/network segment < 1ms Optimal Best performance for production
Same data center < 2ms Acceptable Recommended minimum for production
Same data center (different zones) 2-5ms Marginal May experience performance issues under load
Different data centers (same region) 5-15ms Not Supported Sequential DB calls cause severe performance degradation
Different regions > 15ms Not Supported Unusable for production - will cause timeouts and errors

Why Sequential Database Calls Matter:

PAM architecture makes multiple sequential database calls for common operations:

  • User login: 15-25 database queries (authentication, permissions, preferences, audit logging)

  • Password checkout: 10-20 database queries (authorization, password retrieval, history, audit logging)

  • Session launch: 20-40 database queries (credentials, policies, recording settings, audit logging)

  • Page load: 5-15 database queries (UI data, permissions, configuration)

Latency Impact Example:

Session launch with 30 sequential DB calls:

  • 1ms latency: 30ms total = Excellent user experience.

  • 5ms latency: 150ms total = Noticeable delay.

  • 10ms latency: 300ms total = Slow, frustrating experience.

  • 20ms latency: 600ms total = Unacceptable, users report "system is broken".

This does not include query execution time, only network round-trip latency.