Traps for Linux Requirements

The Traps agent for Linux has the following requirements:
Minimum Specification
2.3 GHz
4GB; 8GB recommended
Hard disk space
x86 64-bit
Operating system versions
See Where Can I Install the Traps Agent? in the
Palo Alto Networks® Compatibility Matrix
Kernel version
Software packages
  • ca-certificates
  • openssl 1.0.0 or a later release
  • Distributions with SELinux in enforcing or permissive mode:
    • Red Hat Enterprise Linux 6, CentOS 6, and Oracle Linux 6—policycoreutils-python
    • Red Hat Enterprise Linux 7, CentOS 7, and Oracle Linux 7—policycoreutils-python and selinux-policy-devel
    • SUSE—policycoreutils-python and selinux-policy-devel
    • Debian and Ubuntu—policycoreutils and selinux-policy-dev
  • CentOS 6.10—Enable the dynamic CA instead of the legacy CA:
    1. Enable the dynamic CA configuration:
      update-ca-trust force-enable
    2. Import the certificates:
      cp XDR-certificate.crt /etc/pki/ca-trust/source/anchors/
    3. Rebuild the certificate database:
      update-ca-trust extract

Traps for Linux Limitations

The following table describes limitations on Linux endpoints.
Security Product
Implications and Required Actions
Chrooted and containerized processes
Chrooted and containerized processes collide with the Traps injection mechanism.
Chrooted and containerized processes are not protected by injection-based security modules (ROP Mitigation and Brute Force Protection). All other exploit and malware protection functionality works as expected. No user action is required.

Recommended For You