Traps for Linux Requirements

The Traps agent for Linux has the following requirements:
Requirement
Minimum Specification
Processor
2.3 GHz
RAM
4GB; 8GB recommended
Hard disk space
10GB
Architecture
x86 64-bit
Operating system versions
See Where Can I Install the Traps Agent? in the
Palo Alto Networks® Compatibility Matrix
.
Kernel version
2.6.32
To perform malware analysis of ELF files, and collect data for EDR and behavioral threat analysis, each Traps release requires a supported kernel version:
If you deploy Traps on a Linux server that is not running one of the kernel versions required for these additional protection capabilities, Traps will operate in asynchronous mode: the agent will obtain a verdict for the executed ELF file in parallel to its execution and terminate it if a malware verdict is obtained. In addition, data collection for EDR and behavioral threat protection will not be supported.
Software packages
  • ca-certificates
  • openssl 1.0.0 or a later release
  • Distributions with SELinux in enforcing or permissive mode:
    • Red Hat Enterprise Linux 6, CentOS 6, and Oracle Linux 6—policycoreutils-python
    • Red Hat Enterprise Linux 7, CentOS 7, and Oracle Linux 7—policycoreutils-python and selinux-policy-devel
    • SUSE—policycoreutils-python and selinux-policy-devel
    • Debian and Ubuntu—policycoreutils and selinux-policy-dev
  • glibc—Required for exploit protection of containerized processes using the ROP Mitigation and Brute Force Protection modules. If glibc is not installed, the modules are disabled but all other exploit and malware protection functionality work as expected.
Networking
Allow communication on TCP port 443 from the Traps agent to server

Recommended For You