TABLE OF CONTENTS
- Hardware and Software Requirements
Hardware and Software Requirements
The Trust Agent consists of a Windows driver and service that can be installed on most Windows endpoints. The Trust Center is a Linux virtual machine that can be hosted using a hypervisor like ESXi. The minimum and recommend requirement for running the Trust Agent and Trust Center are described below.
Requirements to Run the Trust Agent
The Trust Agent is supported on the following Windows and Linux platforms.
Windows XP Pro SP2 through Windows 11 and all Windows Server editions from 2003 onward including most 32-bit and 64-bit x86 platforms with noted service packs. Home versions are not supported. Embedded versions are supported.
Supported Windows Operating Systems
Supported Windows Operating Systems |
---|
Microsoft Windows XP SP2 (32-bit only) |
Microsoft Windows 7 SP1 requires KB3138612, KB4474419, and KB4490628 |
Microsoft Windows 8 |
Microsoft Windows 8.1 |
Microsoft Windows 10 Version 1507 through 22H2 with cumulative updates. (32-bit supported only up to 21H2) |
Microsoft Windows 11 (64-bit only) |
Microsoft Windows 11 22H2 |
Microsoft Windows Server 2003 SP2 (32-bit only) |
Microsoft Windows Server 2008 SP2 with KB2763674 |
Microsoft Windows Server 2008 R2 SP1 |
Microsoft Windows Server 2012 |
Microsoft Windows Server 2012 R2 |
Microsoft Windows Server 2016 |
Microsoft Windows Server 2019 |
Microsoft Windows Server 2022 (64-bit only) |
Microsoft Windows Server 2025 |
Note: The AZT Network Agent is only supported on 64-bit operating systems.
Ubuntu
Supported Ubuntu Distributions
Ubuntu | Code Name | Linux Kernel Version |
---|---|---|
Ubuntu 24.04 | Noble Numbat | 6.6 |
Ubuntu 22.04 | Jammy Jellyfish | 5.15 |
Ubuntu 20.04 | Focal Fossa | 5.4 |
Ubuntu 18.04 | Bionic Beaver | 4.15 |
For Ubuntu we support both the regular kernel and the Hardware Enablement (HWE) kernel. The HWE kernel can be built by passing OPT_HWE=y through the environment.
Amazon Linux
Supported Amazon Linux Kernels
Supported Amazon Linux Kernels |
---|
Amazon Linux 2023 |
Amazon Linux 2 |
We support building 3 different Amazon Linux 2 Kernels.
- OPT_LINUX_PACKAGE=kernel builds the default 4.14 kernel.
- OPT_LINUX_PACKAGE=kernel-5.10 builds the extra 5.10 kernel.
- OPT_LINUX_PACKAGE=kernel-5.15 builds the extra 5.15 kernel.
The Amazon Linux 2 build doesn’t generate modules so it is important that you install the kernel matching the kernel that is currently installed in your EC2 instance. Failing to do so will cause the system to fail to boot. E.g. if your EC2 instance has 5.10 installed, you need a 5.10 AZT Kernel. This does not apply to Amazon Linux 2023.
SUSE Linux
Supported SUSE Linux Kernels
Supported SUSE Linux Kernels |
---|
openSUSE Tumbleweed |
openSUSE Leap 15.6 |
SUSE Linux Enterprise Server 15 SP6 |
OPT_ZYPPER_REPO links to a repo to download specific kernels which may be for older or enterprise versions of the various SUSE flavors. Examples of its use:
- OPT_ZYPPER_REPO=https://download.opensuse.org/repositories/Kernel:/SUSE-2025/standard will build the SUSE-2025 Kernel (6.12)
- OPT_ZYPPER_REPO=https://download.opensuse.org/repositories/Kernel:/SUSE-2024/standard will build the SUSE-2024 Kernel (6.4, not currently supported).
- OPT_ZYPPER_REPO=https://download.opensuse.org/repositories/Kernel:/openSUSE-15.0:/Submit/standard will build Kernel 4.12 which is used in SLES 12.
- Not setting OPT_ZYPPER_REPO will use the latest available kernel.
Red Hat Enterprise Linux (RHEL)
Supported Red Hat Enterprise Linux (RHEL) Kernels
Release | Kernel Version |
---|---|
RHEL 7.9 | 3.10.0-1160 |
RHEL 8.10 | 4.18.0-553 |
RHEL 9.5 | 5.14.0-503.11.1 |
Rocky Linux
Supported Rocky Linux Kernels
Release | Kernel Version |
---|---|
Rocky Linux 8.10 | 4.18.0-553 |
Rocky Linux 9.5 | 5.14.0-70.13.1 |
CentOS
Supported CentOS Kernels
Release | Kernel Version |
---|---|
CentOS 7.9 | 3.10.0-1160 |
Note: The AZT Agent is a Linux Security Module (LSM). For modern Linux kernel versions 5.1 and newer, the AZT Agent LSM can run in parallel with either the SELinux or AppArmor LSM. For Linux kernel versions older than 5.1, SELinux and AppArmor will be disabled and replaced with the AZT Agent LSM.
Linux Security Module
Linux Security Module (LSM) Support
Linux Kernel Version 5.1 and newer | Linux Kernel Versions older than 5.1 | |
---|---|---|
AZT Agent LSM | Can run in parallel with either SELinux or AppArmor LSM | Replaces the SELinux or AppArmor LSM |
SELinux LSM | Can run in parallel with AZT Agent LSM | Disabled |
AppArmor LSM | Can run in parallel with AZT Agent LSM | Disabled |
Note: You must have at least Linux Kernel Version 4.11 to have access to the following countermeasures: Reflective Injection, Malicious Shellcode, and Malicious JavaScript.
Note: Replacing physical components of your device (such as the motherboard) may cause new software and drivers to be installed on the device. If you are in Prevent mode, these updates will be blocked. You should switch to Detect mode and allow these new updates to be installed and trust the new drivers and tools, then return to Prevent mode when you are finished.
The following table lists the operating systems not supported by the Trust Center.
Unsupported Operating Systems
Unsupported Windows Operating Systems |
---|
Microsoft Windows 7 SP0 |
Microsoft Windows Vista SP1 |
Microsoft Windows Server 2003 SP0/SP1 |
Microsoft Windows Server 2003 SP0/SP1/SP2 (64-bit) |
Microsoft Windows XP SP0/SP1 |
Microsoft Windows Vista SP2 with KB2763674, KB4039648, KB4493730, and KB4474419 |
Microsoft Windows 2008 SP0/SP1 |
Microsoft Windows 2008 R2 SP0 |
The Trust Agent software can be installed on an endpoint device that meets the following requirements.
Component | Description | Notes |
---|---|---|
CPU | 1 core | 1.4 GHz or faster |
Memory | 100 MB | 6 MB paged memory, 2 MB non-paged memory |
Hard Disk Drive | 200 MB | N/A |
Network | 100 Base-T | N/A |
Requirements to Run the Trust Center
This table highlights the minimum requirements and recommended requirements to run the Trust Center.
Component | Small Trust Center Minimum Requirement for POVs or small scale | Medium Trust Center Recommended | Large Trust Center |
---|---|---|---|
Maximum Endpoints | 50 | 500 | 1000 |
Hypervisor | VMware ESXi 5.0 or later, Microsoft Hyper-V, Windows Server 2016 or later, Proxmox, Virtual Environment 8.2.2 or later | VMware ESXi 5.0 or later, Microsoft Hyper-V, Windows Server 2016 or later, Proxmox, Virtual Environment 8.2.2 or later | VMware ESXi 5.0 or later, Microsoft Hyper-V, Windows Server 2016 or later, Proxmox, Virtual Environment 8.2.2 or later |
CPU | 8 cores | 16 cores | 32 cores |
Memory | 8 GB | 16 GB | 32 GB |
Disk (Operating System) | 30 GB | 64 GB | 64 GB |
Disk (Storage) | 250 GB | 1 TB | 1 TB |
Network | 100 Base-T | 1 GbE | 1 GbE |
The following table lists the hypervisors not supported by the Trust Center.
Unsupported Hypervisors
Unsupported Hypervisors |
---|
VMWare Fusion Pro for Mac |
Ports Used by AZT PROTECT
The following ports are used for communication with the Trust Center, Trust Agent, and Trust Point. They must be allowed through any firewall running on the endpoints or through any firewall configured with the Trust Center, Trust Agents, and/or Trust Point.
Port to open in firewall | Description |
---|---|
Required: 443 (HTTPS) | Used to access the Trust Center dashboard, the Trust Point Dashboard, and for Trust Agent installation. |
Required: 7443 (AZT Communication) | Used for internal communication between the Trust Agents and a Trust Center. Also used to register and send heartbeats in Trust Point configurations. |
Required: 9443 (AZT Communication) | Used for internal communication between a Trust Center and a Trust Point, or between two Trust Points. |
Browser Requirements to Use AZT Dashboard
Recommended browsers to use with the Zero Trust software.
Name | Versions | Comments |
---|---|---|
Google Chrome | 105.0.5195.102+ | Latest version is recommended. |
Microsoft Edge | 105.0.1343.27+ | Latest version is recommended. |
Firefox | 104.0.2+ | Latest version is recommended. |
Internet Explorer | 11.0+ | Latest version is recommended. |
Browser zoom level percentage | All browsers | Recommended browser setting is 100% for best readability. |
User Provided Data Limitations
There are several places where data is entered by users:
Device Groups
Policy Names
Device Names
Endpoint Reports
Report Name
User Management
Active Directory
Data in these areas is typically limited to the values in the following table.
Description | Limitation |
---|---|
Characters | English alphabet Lower and upper case No spaces Digits 0-9 |
General Text Length | 56 characters |
First Name Length | 12 characters |
Last Name Length | 25 characters |
Group Name Length | 100 characters |
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article