Traps for Linux Requirements

The Traps agent for Linux has the following requirements:

Requirement	Minimum Specification
Processor	2.3 GHz
RAM	4GB; 8GB recommended
Hard disk space	10GB
Architecture	x86 64-bit
Operating system versions	See Where Can I Install the Traps Agent? in the Palo Alto Networks® Compatibility Matrix .
Kernel version	2.6.32
Software packages	ca-certificates openssl 1.0.0 or a later release Distributions with SELinux in enforcing or permissive mode: Red Hat Enterprise Linux 6, CentOS 6, and Oracle Linux 6—policycoreutils-python Red Hat Enterprise Linux 7, CentOS 7, and Oracle Linux 7—policycoreutils-python and selinux-policy-devel SUSE—policycoreutils-python and selinux-policy-devel Debian and Ubuntu—policycoreutils and selinux-policy-dev CentOS 6.10—Enable the dynamic CA instead of the legacy CA: Enable the dynamic CA configuration: update-ca-trust force-enable Import the certificates: cp XDR-certificate.crt /etc/pki/ca-trust/source/anchors/ . Rebuild the certificate database: update-ca-trust extract
Networking	Allow communication on the TCP port from the agent to server (the default is port 443). Allow the Cortex XDR management console and agent to communicate with external and internal resources required for enforcing endpoint protection. See the Cortex XDR Administrator Guide for your license type (Enable Access with Cortex XDR Prevent or Enable Access with Cortex XDR Pro per Endpoint).

Traps for Linux Limitations

The following table describes limitations on Linux endpoints.

Security Product	Description	Implications and Required Actions
Chrooted and containerized processes	Chrooted and containerized processes collide with the Traps injection mechanism.	Chrooted and containerized processes are not protected by injection-based security modules (ROP Mitigation and Brute Force Protection). All other exploit and malware protection functionality works as expected. No user action is required.

Most Popular