Introduction and process overview

Orbit System Diagram:

Introduction

FastStats Orbit is a JavaScript Web Application that deploys from a web server, runs in modern browsers. You can use Orbit on a variety of devices as it runs in a browser user interface (BUI), and communicates with FastStats via the Orbit API.

The Orbit API & Orbit Updater Service

The Orbit API is a RESTful web service that connects the Orbit application to FastStats.

The FastStats Orbit Updater service is a windows service that obtains the Orbit web application and Orbit API from Apteco’s update server.

Before you begin

CAUTION Installing Orbit requires access to staff with experience installing Apteco Products and administering IIS, SQL, and Windows Server. If you are concerned you do not have access to appropriate skills, please contact your partner.

This guide details the steps required to add FastStats Orbit to an existing FastStats Enterprise system and add the following to your web server:

  1. Orbit web application. See Configuring the Orbit Web Application.

  2. Orbit API. See Orbit API configurator.

Note: We only guarantee compatibility with the previous four FastStats system releases and no releases before Q2 2017. You need Q2 2020 to use the Pareto feature and Q1 2021 to use the Resolve Table feature.

Security information

Securing user sessions

Orbit should be installed on a web server that supports HTTPS.

The authentication process sends passwords in plain text through the communication channel between the Orbit UI (Client) and Orbit API (Web Server). Using HTTPS ensures all communications are encrypted.

Security considerations of the Orbit Updater process

The Orbit Updater service downloads packages (‘nuget’ packages) from the Orbit Update Server (usually [https://orbit.apteco.com](https://orbit.apteco.com/)) over HTTPS. The update server exists in Apteco’s DMZ and the packages are encrypted in transit.

This server has been secured using a certificate issued by DigiCert, ensuring that:

  • All communications are encrypted

  • The package(s) are secure in transit

  • The configured update server is valid and is not a malicious site purporting to be the configured update server

The orbit.apteco.com server is managed within the Apteco DMZ and protected by a current firewall with an active threat detection subscription.

Support for signing Nuget packages has only been introduced recently and is therefore not yet supported within Orbit; we plan to introduce support for signed Nuget packages in a future release of the Orbit updater.

The orbit updater runs packaged SQL scripts to apply any changes necessary. These scripts ship with a .sig (signature) file, which contains a SHA512 signed hash of the SQL Script. The Orbit updater only applies these scripts if:

  • The .sig file is present

  • The .sig file matches the contents of the SQL script

  • The signature found matches a known Apteco signature

Process overview

Orbit installation process overview

The installation is a process is a five-stage process and we have included a check list in the appendices for your convenience. The stages are:

  1. Prerequisites

  2. Information Required

  3. Orbit Installation

    • Orbit Database

    • Updater Service

    • Post Installation check

  4. Configuration

    • Orbit

    • IIS

    • FastStats

  5. Testing and Validation

We recommend that you complete and validate the prerequisites and decide, document, and where possible test information required before starting the installation process.

In some environments completing the prerequisites may require some effort and support from multiple teams. Deciding the correct options for your organisation may require consulting with different people and teams.