Protected Theater Minimum System Requirements

The specifications in the following table are necessary for the installation of each Protected Theater. Protected Actor Minimum System Requirements are separate and must be considered when configuring the disk (Gold) image requirements.

  • The overall Protected Theater requirements are based on two sets of requirements: resources that the Protected Theater requires to run plus the resources required by the disk image you’re adding to the Protected Theater.
  • When configuring the image settings in the Security Validation Platform, you can select a max of 8 cores for the CPU and 2-8 GB RAM.
Protected Theater does not support a virtual or hardware Trusted Platform Module (TPM).
Specification Protected Theater Minimum Requirement
Processor 64-bit x86 CPU with at least 4 cores + baseline OS requirements
CPUs assigned to the Protected Theater must be reserved, not shared with other VMs.
Memory 8 GB + baseline OS requirements
Memory assigned to the Protected Theater must be reserved, not shared, oversubscribed, or swapped to disk.
Disk Storage 200 GB + 3x disk image size (refers to the size of the disk storage that is allocated when golden VM image is created)
  • Deployment of the OVA should be on a high-throughput disk, such as an SSD or NVMe (200 GB PT Disk and optional 400 GB to 1 TB secondary "images disk").
  • The recommended Protected Theater installation requires two disks. Disk 1 for the Protected Theater must be thick-provisioned with 200 GB of SSD backed space. Disk 2 must be a thick-provisioned 400 GB or larger disk backed by SSD hardware.
  • Disk 2, the "Images Disk," should be 4x the original Virtual Machine Disk (non-compressed) size.
  • We recommend that the "full" image be exported (also sometimes called a "thick" image export) so that the true size of the full VM disk storage can be used for space calculations.
  • To add an additional disk to an existing Protected Theater instance, see Adding Disk Storage to the Protected Theater for more information.
System

VMware ESXi 7.02, hardware version 19 or later

Network Interfaces 1 static IP

Examples

We are providing some example requirements to help demonstrate how to calculate the overall requirements.

Processor and Memory requirement examples

  • Example one:
    • Minimum requirements for a host with Microsoft(R) Windows(R) 10 with Endpoint Detection and Response (EDR): 4 cores and 4 GB
    • Protected Theater requires: 4 cores & 8 GB
    • Total Requirements: (4 cores & 4 GB) + (4 cores & 8 GB) = 8 cores & 12 GB
  • Example two:
    • Typical requirements for a host with Windows 10: 4 cores and 8 GB
    • Protected Theater requires: 4 cores & 8 GB
    • Total Requirements: (4 cores & 8 GB) + (4 cores & 8 GB) = 8 cores & 16 GB

Required disk storage

  • The PT OVA requires: 200 GB
  • Disk image requires: x GB + y GB (if you retain the image file in the ../images directory)

  • Total Requirements: 200 GB + x GB + y GB

    or

    to simplify calculations, 200 GB + 4X disk image requirements

The required disk storage is also a calculation. The PT OVA requires 200 GB on its own plus space for the disk image. We recommend 3x the space to retain the image file in the .../images directory. If you remove that, 3x the space is adequate.

Memory Reservation on Virtual Machines

To avoid performance issues, you must ensure that your resources are reserved and are not dynamically provisioned. Failure to reserve minimum required resources may result in unsatisfactory performance or a failure to start. You can search your virtualization product's knowledge base for "Allocate Memory Resources". For ease of access, vSphere 7.0 instructions, which closely match other versions, are available in VMware's Allocate Memory Resources article, https://docs.vmware.com/en/VMware-vSphere/7.0/com.vmware.vsphere.vm_admin.doc/GUID-49D7217C-DB6C-41A6-86B3-7AFEB8BF575F.html.

Supported Linux Operating Systems

Images for the following Operating Systems can be used in Protected Theater.

Operating System
CentOS 7.0 to 7.x*
RHEL 7.0 to 7.x
RHEL 8.0 to 8.x
Ubuntu 18.04
Ubuntu 20.04

* As of June 30, 2024, CentOS 7, the underlying operating system for Director and Actor appliances prior to 4.14.0.0, will be End of Life (EOL), therefore no longer supported as a base operating system for MSV Director and Actor appliances. Plan to upgrade to 4.14.0.0 or later on the Rocky Linux 8 platform as soon as possible. See Upgrade Security Validation Components to Rocky Linux 8 for more information.

Operating system Supported releases
Windows 10
11
Windows Server 2019
2022

Additional details about the supported Windows Operating Systems:

  • Supported languages (Host CLI and Protected Theater Actions): English, French, French Canadian, German, Spanish, Spanish Latin America
  • Other Western European language versions may work but have not been tested.
  • Double-byte character languages are not supported, but Security Validation may translate and process Host CLI Action outputs from double-byte languages if the Host CLI Actions - Force Windows Code Page to English advanced setting is turned on.

Supported Actor Image Formats

Images can only be a single disk.
  • OVA
  • VMDK
  • QCOW2
  • VHD
  • VDI
© Copyright Mandiant. All rights reserved
  • First Published: June 5, 2022
  • Last updated: May 22, 2026
In This Article
Related Articles
Copyright © 2020 – 2021 Your Company, LLC. All rights reserved.