System requirements

Each part of a Deep Security deployment has its own system requirements.

Requirements vary by version. For older versions of Deep Security Manager, agents, relays, or virtual appliances, see their documentation.

If you plan to operate Deep Security in FIPS mode, see FIPS 140-2 support for additional requirements.

Deep Security Manager requirements

For a list of agent versions that are compatible with this version of the manager, see Deep Security Agent platforms.

If you'd prefer, you can watch Deep Security 12 - DSM System Requirements and Sizing on YouTube.

System component Requirements
Minimum memory (RAM)

Minimum RAM requirements depend on the number of agents that are being managed. See Deep Security Manager sizing.


On Linux, reserved system memory is separate from process memory. Therefore, although the installer's estimate might be similar, it will detect less RAM than the computer actually has. To verify the computer's actual total RAM, log in with a superuser account and enter:
grep MemTotal /proc/meminfo
Minimum disk space 1.5 GB (200 GB recommended)
Operating system
  • Red Hat Enterprise Linux 8 (64-bit)
  • Red Hat Enterprise Linux 7 (64-bit)
  • Red Hat Enterprise Linux 6 (64-bit)
  • Windows Server 2019 (64-bit)
  • Windows Server 2016 (64-bit)
  • Windows Server 2012 or 2012 R2 (64-bit)

Windows operating systems running in a Server Core configuration are not currently supported.

If you are upgrading your Deep Security Manager and are using Windows Server 2008, we recommend that you add a new Deep Security Manager node on a supported operating system (see Run Deep Security Manager on multiple nodes). When that's complete, decommission the node running on Windows Server 2008.

Database
  • PostgreSQL 10.x (only Core, Amazon RDS, or Amazon Aurora distributions)
  • PostgreSQL 9.6.x (only Core, Amazon RDS, or Amazon Aurora distributions)
  • Microsoft SQL Server 2017
  • Microsoft SQL Server 2016
  • Microsoft SQL Server 2014
  • Microsoft SQL Server 2012
  • Microsoft SQL RDS
  • Azure SQL Database (SaaS) (multi-tenancy is not supported)
  • Oracle 11g, 12c, 18c, 19c, all supported when deployed as software or when used with Amazon RDS

See also Sizing.

  • Deep Security Manager support for PostgreSQL includes any minor versions of compatible PostgreSQL releases.
  • If you are upgrading your Deep Security Manager and are using Microsoft SQL Server 2008, we recommend that you upgrade your database to a supported version before you upgrade your Deep Security Manager.
  • Microsoft SQL Server Express is only supported in very limited deployments. See Microsoft SQL Server Express considerations.
  • Microsoft SQL Server service packs for these versions are also supported.
  • Microsoft SQL Server is only supported when database containment is set to NONE. For details, see this Microsoft webpage on contained databases.
  • Oracle Database Express (XE) is not supported.
  • Oracle container database (CDB) configuration is not supported with Deep Security Manager multi-tenancy.
Web browser

Cookies must be enabled.

We recommend using the latest version of these browsers:

  • Firefox
  • Microsoft Edge
  • Google Chrome
  • Apple Safari on a Mac

Deep Security Agent requirements

If you'd prefer, you can watch Deep Security 12 - Agent System Requirements and Sizing on YouTube.

The agent installer permits installation on any supported operating system. RAM and disk space requirements are not checked.

On supported versions of Microsoft Windows, Powershell 4.0 or newer is required to run the agent deployment script.

Deep Security Virtual Appliance requirements

Because the appliance uses the same protection modules as agents, if you import an update to the 64-bit agent for Red Hat, it may notify you that new software is available for the appliance, like it does for Red Hat agents.

VMware does not support running nested ESXi servers in production environments. For more information, see the VMware Knowledge Base article.
System component Requirements
CPU

64-bit, Intel-VT or AMD-V present and enabled in UEFI.

The number of CPUs varies by the number of VMs being protected. See Deep Security Virtual Appliance sizing.

Minimum memory (RAM)

Varies by the number of VMs being protected. See Deep Security Virtual Appliance sizing.

Minimum disk space Varies by the number of VMs being protected. See Deep Security Virtual Appliance sizing.
VMware

VMware NSX-T Data Center (NSX-T):

  • VMware vCenter 6.7 with ESXi 6.7 EP06 (release name ESXi 670-201901001)
  • VMware vCenter 6.5 with 6.5 U2 P03 (release name ESXi 650-201811002)
  • VMware NSX-T 2.4.x
  • VMware NSX-T 2.5.x*

*Notes:

  • Deployment on NSX-T 2.5.x is supported with Deep Security Virtual Appliance 12.0 Update 3 or later.
  • Deployment on NSX-T 2.5.x has a few known issues. See knowledge base article 157039 for details.

VMware NSX Data Center for vSphere (NSX-V):

  • VMware vCenter 6.7 with ESXi 6.7
  • VMware vCenter 6.5 with ESXi 6.0 or 6.5
  • VMware vCenter 6.0 with ESXi 6.0
  • VMware NSX Manager 6.3.x or 6.4.x
    VMware vSphere 6.5a is the minimum supported version with NSX for vSphere 6.3.0.

VMware vCloud Director:

  • versions up to and including 9.1 are supported

For details, see the VMware compatibility matrix.

For more information about VMware product interoperability, see VMware Interoperability Matrices.

vSwitches
  • vSphere Standard Switch (vSS)
  • vSphere Distributed Switch (vDS)
Guest VMs

The VMs (guests) that will be protected by the virtual appliance have these requirements: