These are the minimum system requirements for the Security Validation Endpoint Actor:
| Specification | Minimum requirement |
|---|---|
| Processor Cores | One, although the Actor doesn't require a dedicated core. |
| Memory | The amount of memory you need depends on your OS version. The following are the minimum memory recommendations:
|
| Storage | 20GB of free disk space for Actor files |
Network |
Static, routable IP address preferred (VPN and PPP interfaces are supported, except by Ubuntu). Windows supports 2 interfaces, but only one is required. |
| Powershell | PowerShell versions 2.0-5.1 are supported when running PowerShell-based Actions |
| Account Access Level | Local admin rights |
Supported environments
The Endpoint Actor can be installed on any of the following operating systems:
Mac
| Operating system | Supported releases |
|---|---|
| macOS |
Catalina (10.15)
|
Linux
| Operating system | Supported releases |
|---|---|
| Amazon Linux 2 | Earlier than 4.14.4.0 |
| CentOS | Earlier than 4.14.4.0:
|
| Red Hat Enterprise Linux (RHEL) |
Earlier than 4.14.4.0:
|
| Rocky Linux | 8-8.x |
| Ubuntu | Earlier than 4.14.4.0:
4.14.4.0 and later:
|
* As of June 30, 2024, CentOS 7, the underlying operating system for Director and Actor appliances prior to 4.14.0.0, will be End of Life (EOL), therefore no longer supported as a base operating system for MSV Director and Actor appliances. Plan to upgrade to 4.14.0.0 or later on the Rocky Linux 8 platform as soon as possible. See Upgrade Security Validation Components to Rocky Linux 8 for more information.
Windows
| Operating system | Supported releases |
|---|---|
| Windows | 10
11 |
| Windows Server | 2019
2022 |
Additional details about the supported Windows Operating Systems:
- Supported languages (Host CLI and Protected Theater Actions): English, French, French Canadian, German, Spanish, Spanish Latin America
- Other Western European language versions may work but have not been tested.
- Double-byte character languages are not supported, but Security Validation may translate and process Host CLI Action outputs from double-byte languages if the Host CLI Actions - Force Windows Code Page to English advanced setting is turned on.
Memory Reservation on Virtual Machines
To avoid performance issues, you must ensure that your resources are reserved and are not dynamically provisioned. Failure to reserve minimum required resources may result in unsatisfactory performance or a failure to start. You can search your virtualization product's knowledge base for "Allocate Memory Resources". For ease of access, vSphere 7.0 instructions, which closely match other versions, are available in VMware's Allocate Memory Resources article, https://docs.vmware.com/en/VMware-vSphere/7.0/com.vmware.vsphere.vm_admin.doc/GUID-49D7217C-DB6C-41A6-86B3-7AFEB8BF575F.html.
Actor services
The following services are installed and run as part of the macOS and Linux Actor applications. If you're running an Actor on a system that has an anti-virus product, you must add the following services to your Allow list or the Actor will not function as expected.
macOS
/Users/Shared/Verodin/node/node/scripts/verodin_endpoint/Users/Shared/Verodin/node/node/scripts/verodin_backend/Users/Shared/Verodin/node/node/scripts/verodin_network_monitor/Users/Shared/Verodin/node/node/web/verodin_standalone_server
Linux
/opt/apps/verodin/node/node/scripts/verodin_backend_service/opt/apps/verodin/node/node/scripts/verodin_network_monitor/opt/apps/verodin/node/node/scripts/verodin_pull_service
Windows
Installing, upgrading, and removing the Windows Actor and Windows Protected Actor can be blocked by your security controls (anti-virus, software management, access management, and so on). In addition, you could get invalid results when running some security content. To prevent this, you may need to add Security Validation Actor artifacts and services to your Allow lists. The fields you must populate vary based on product.
C:\Program Files\Verodin\node\node\scripts\verodin_backend.exeC:\Program Files\Verodin\node\node\scripts\verodin_backend_service.exeC:\Program Files\Verodin\node\node\scripts\verodin_endpoint_service.exeC:\Program Files\Verodin\node\node\scripts\verodin_network_service.exeC:\Program Files\Verodin\node\node\scripts\verodin_updater.exeC:\Program Files\Verodin\node\ext\iodine\{iodine.exe | iodined.exe}C:\Program Files\Verodin\node\ext\kerberos\{kdestroy.exe | kinit.exe | klist.exe}C:\Program Files\Verodin\node\ext\openssh\{scp.exe | ssh-keygen.exe | ssh.exe}C:\Program Files\Verodin\node\ext\openssl\openssl.exe
In addition to adding the artifacts to your allow lists, the following Windows services are required service dependencies:
- DHCP Client
- Server
- TCP/IP Protocol Driver
There are several directories that are included with Security Validation that have random names and variable hashes. These directories should be excluded from AV scanning to prevent invalid results when you run certain security content. The two directories we suggest you add to your Allow lists are:
C:\Program Files\Verodin\node\node\db\ff\jobsC:\Program Files\Verodin\node\node\tmpC:\Program Files\Verodin\node\node\job_action_logsC:\Program Files\Verodin\tmp
For each supported version, there will be a table listing the artifacts you need to add to your Allow lists. These artifacts have the same values for the following fields:
- Description: Security Validation Windows Installer
- Product Description: Security Validation Windows Installer
- Product Name: Security Validation Windows Actor
See Windows 64-bit Actor Artifacts and Services for more information.