Requirements

The Atomic Enterprise OSSEC (AEO) hub is designed to be installed on clean servers, with no external 3rd party yum repositories. STIG or other hardened environment integration is not supported outside of a Professional Services agreement.

Before installing AEO the following system specifications are required for a production environment:

Supported Operating Systems

• Redhat Enterprise Linux 8/9 (x86_64)

• Rocky Linux 8/9 (x86_64)

Recommended System resources

• Cores: 8 Minimum, 16 Recommended

• Memory: 16GB

• Storage: 1TB available for the /var partition, will vary depending on site specific retention requirements

Network Security policy

• Inbound TCP/30001 (Used for AEO Web console access)

• Inbound TCP/80, TCP/443 (Used for agent installation)

• Inbound TCP/1515 (Used for agent registration)

• Inbound TCP/22 (Used for remote access over ssh)

• Inbound UDP/514 (Used for agentless syslog)

• Inbound UDP/1514 (Used for agent data communication)

• Inbound/Outbound TCP/6514 (Cluster Only)

• Outbound TCP/443 (Used for remote OS, signature and software updates) - Not required for customers with ISO standalone licenses

• Outbound TCP/53, UDP/53 (Used to perform DNS lookups, required for remote updates to work) - Not required for customers with ISO standalone licenses