Pre-Installation Considerations

Once you have your initial decision made around using VAs or software, review this section. It contains installation guidance that may impact your decision and that you'll find useful while planning the installation of the Validation Platform.

General Decisions

  • Are self-signed certificates allowed? If not, you will need to create certificates and update the Director and any Linux Actors.

Overall Director Requirements / Decisions

  • The system where the Director will be installed must meet or exceed system requirements.
  • What NTP servers are you using (VA) or what time service are you configuring (software)?
  • The Security Validation Update Service (https://update.validation.mandiant.com) must be added to your Allow list.

  • The Security Validation Content Service (https://content.validation.mandiant.com) must be added to your Allow list.

  • Communication ports must be available for Director traffic.
  • Follow standard FQDN naming requirements.

    FQDNs must comply with RFC 1123, a standard that defines the requirements for FQDNs on the internet. This standard specifies that FQDNs can only contain the following:

    • Letters (A-Z, a-z)
    • Digits (0-9)
    • Hyphens (-)

    Underscores are not permitted.


    For more information, see RFC 1123: Requirements for Internet Hosts.

Software-specific Director Requirements

  • Sudo (or similar) must be enabled.
  • The firewallID must be disabled and masked.
  • iptables-services must be installed.
  • Software Dependencies: The preferred approach is to use an authoritative online repository (vendor maintained or company maintained).
  • Adequate disk space must be allocated to /opt on the partition where you will install the Validation Platform.
  • Add or designate a system account in the wheel group, to own the Validation Platform programs, data, and log files.

Overall Actor Requirements / Decisions

  • The system where the Actor will be installed must meet or exceed system requirements.
  • What NTP servers are you using (VA) or what time service are you configuring (software)?
  • Follow standard FQDN naming requirements.

    FQDNs must comply with RFC 1123, a standard that defines the requirements for FQDNs on the internet. This standard specifies that FQDNs can only contain the following:

    • Letters (A-Z, a-z)
    • Digits (0-9)
    • Hyphens (-)

    Underscores are not permitted.


    For more information, see RFC 1123: Requirements for Internet Hosts.

  • Services must be added to your Allow list:
    • verodin_backend_service
    • verodin_network_monitor
    • verodin_pull_service
  • Communication ports must be available for Actor traffic.
  • GPO/Policies that could prevent installation as an Admin must be identified and resolved.

Easy Installer Requirements

  • You have configured / deployed the operating system.
  • Your Actor does not need a proxy for communication with the Director.
  • You do not need to select specific interfaces.
  • You do not need to specify a non-standard install location.

Linux Software-specific Actor Requirements

  • Sudo (or similar) must be enabled.
  • The firewallID must be disabled and masked.
  • iptables-services must be installed.
  • Software Dependencies: The preferred approach is to use an authoritative online repository (vendor maintained or company maintained).
  • Adequate disk space must be allocated to /opt on the partition where you will install the Validation Platform.
  • Add or designate a system account in the wheel group, to own the Validation Platform programs, data, and log files.

Windows-specific Requirements

  • TAP driver must be installed if you want to test DNS/ICMP Tunneling.

Protected Theater

  • Port 6080 must be open if you want to use the built-in console.
© Copyright Mandiant. All rights reserved
  • First Published: May 20, 2022
  • Last updated: September 4, 2025
In This Article
Related Articles
  • None
Copyright © 2020 – 2021 Your Company, LLC. All rights reserved.