Requirements

The Atomic OSSEC (AEO) hub is designed to be installed on clean servers, with no external 3rd party yum repositories. STIG or other hardened environment integration is not supported outside of a Professional Services agreement.

Before installing AEO the following system specifications are required for a production environment:

Supported Operating Systems

• Redhat Enterprise Linux 8/9 (x86_64)

• Rocky Linux 8/9 (x86_64)

Recommended System resources

• Cores: 8 vCPUs Minimum, 16 vCPUs Recommended

• Memory: 16 GB Minimum (32 GB Recommended when installing Atomic Inspector)

• Storage: 1 TB available for the /var partition; SSD/NVMe storage is strongly recommended for OpenSearch performance (see Atomic Inspector). Actual disk usage will vary depending on site-specific retention requirements.

Network Security policy

• Inbound TCP/30001 (Used for AEO Web console access)

• Inbound TCP/80, TCP/443 (Used for agent installation)

• Inbound TCP/1515 (Used for agent registration)

• Inbound TCP/22 (Used for remote access over ssh)

• Inbound UDP/514 (used for syslog from agentless and other remote sources; SSH-based agentless integrity monitoring is documented in Agentless)

• Inbound UDP/1514 (Used for agent data communication)

• Inbound/Outbound TCP/6514 (Cluster Only)

• Outbound TCP/443 (Used for remote OS, signature and software updates) - Not required for customers with ISO standalone licenses

• Outbound TCP/53, UDP/53 (Used to perform DNS lookups, required for remote updates to work) - Not required for customers with ISO standalone licenses