Main Menu
  • COMPANY
    • Boundless Cybersecurity
    • Press Releases
    • News
    • Awards
    • Leadership
    • Press Kit
    • Careers
  • PROMOTIONS
    • Customer Loyalty Program
  • MANAGED SERVICES
    • Managed Security Services
    • Security as a Service
    • Professional Services
SonicWall
  • Products
    • Network Security
      • Next Generation FirewallNext-generation firewall for SMB, Enterprise, and Government
      • Security ServicesComprehensive security for your network security solution
      • Network Security ManagerModern Security Management for today’s security landscape
    • Advanced Threat Protection
      • Capture ATPMulti-engine advanced threat detection
      • Capture Security applianceAdvanced Threat Protection for modern threat landscape
    • Access Security
      • Cloud Edge Secure AccessDeploy Zero-Trust Security in minutes
      • Secure Mobile AccessRemote, best-in-class, secure access
      • Wireless Access PointsEasy to manage, fast and secure Wi-FI
      • SwitchesHigh-speed network switching for business connectivity
    • Email Security
      • Email SecurityProtect against today’s advanced email threats
    • Cloud Security
      • Cloud App SecurityVisibility and security for Cloud Apps
      • Cloud Firewall (NSv)Next-generation firewall capabilities in the cloud
    • Endpoint Security
      • Capture ClientStop advanced threats and rollback the damage caused by malware
      • Content Filtering ClientControl access to unwanted and unsecure web content
    • Product Widgets
      • Product Menu Right Image
      • Capture Cloud Platform
        Capture Cloud Platform

        A security ecosystem to harness the power of the cloud

    • Button Widgets
      • Products A-Z
        all products A–Z FREE TRIALS
  • Solutions
    • Industries
      • Distributed Enterprises
      • Retail & Hospitality
      • K-12 Education
      • Higher Education
      • State & Local
      • Federal
      • Healthcare
      • Financial Services
      • Carriers
    • Use Cases
      • Secure SD-Branch
      • Zero Trust Security
      • Secure SD-WAN
      • Office 365 Security
      • SaaS Security
      • Secure WiFi
    • Solutions Widgets
      • Solutions Content Widgets
        Federal

        Protect Federal Agencies and Networks with scalable, purpose-built cybersecurity solutions

      • Solutions Image Widgets
  • Partners
    • SonicWall Partners
      • Partners Overview
      • Find a Partner
      • Authorized Distributors
      • Technology Partners
    • Partner Resources
      • Become a Partner
      • SonicWall University
      • Training & Certification
    • Partner Widgets
      • Custom HTML : Partners Content WIdgets
        Partner Portal

        Access to deal registration, MDF, sales and marketing tools, training and more

      • Partners Image Widgets
  • Support
    • Support
      • Support Portal
      • Knowledge Base
      • Technical Documentation
      • Community
      • Video Tutorials
      • Product Life Cycle Tables
      • Partner Enabled Services
      • Contact Support
    • Resources
      • Resource Center
      • Free Trials
      • Blog
      • SonicWall University
      • MySonicWall
    • Capture Labs
      • Capture Labs
      • Security Center
      • Security News
      • PSIRT
      • Application Catalog
    • Support Widget
      • Custom HTML : Support Content WIdgets
        Support Portal

        Find answers to your questions by searching across our knowledge base, community, technical documentation and video tutorials

      • Support Image Widgets
  • COMPANY
    • Boundless Cybersecurity
    • Press Releases
    • News
    • Awards
    • Leadership
    • Press Kit
    • Careers
  • PROMOTIONS
    • Customer Loyalty Program
  • MANAGED SERVICES
    • Managed Security Services
    • Security as a Service
    • Professional Services
  • Contact Sales
  • English English English en
  • BLOG
  • CONTACT SALES
  • FREE TRIALS
  • English English English en
SonicWall
  • Products
    • Network Security
      • Next Generation FirewallNext-generation firewall for SMB, Enterprise, and Government
      • Security ServicesComprehensive security for your network security solution
      • Network Security ManagerModern Security Management for today’s security landscape
    • Advanced Threat Protection
      • Capture ATPMulti-engine advanced threat detection
      • Capture Security applianceAdvanced Threat Protection for modern threat landscape
    • Access Security
      • Cloud Edge Secure AccessDeploy Zero-Trust Security in minutes
      • Secure Mobile AccessRemote, best-in-class, secure access
      • Wireless Access PointsEasy to manage, fast and secure Wi-FI
      • SwitchesHigh-speed network switching for business connectivity
    • Email Security
      • Email SecurityProtect against today’s advanced email threats
    • Cloud Security
      • Cloud App SecurityVisibility and security for Cloud Apps
      • Cloud Firewall (NSv)Next-generation firewall capabilities in the cloud
    • Endpoint Security
      • Capture ClientStop advanced threats and rollback the damage caused by malware
      • Content Filtering ClientControl access to unwanted and unsecure web content
    • Product Widgets
      • Product Menu Right Image
      • Capture Cloud Platform
        Capture Cloud Platform

        A security ecosystem to harness the power of the cloud

    • Button Widgets
      • Products A-Z
        all products A–Z FREE TRIALS
  • Solutions
    • Industries
      • Distributed Enterprises
      • Retail & Hospitality
      • K-12 Education
      • Higher Education
      • State & Local
      • Federal
      • Healthcare
      • Financial Services
      • Carriers
    • Use Cases
      • Secure SD-Branch
      • Zero Trust Security
      • Secure SD-WAN
      • Office 365 Security
      • SaaS Security
      • Secure WiFi
    • Solutions Widgets
      • Solutions Content Widgets
        Federal

        Protect Federal Agencies and Networks with scalable, purpose-built cybersecurity solutions

      • Solutions Image Widgets
  • Partners
    • SonicWall Partners
      • Partners Overview
      • Find a Partner
      • Authorized Distributors
      • Technology Partners
    • Partner Resources
      • Become a Partner
      • SonicWall University
      • Training & Certification
    • Partner Widgets
      • Custom HTML : Partners Content WIdgets
        Partner Portal

        Access to deal registration, MDF, sales and marketing tools, training and more

      • Partners Image Widgets
  • Support
    • Support
      • Support Portal
      • Knowledge Base
      • Technical Documentation
      • Community
      • Video Tutorials
      • Product Life Cycle Tables
      • Partner Enabled Services
      • Contact Support
    • Resources
      • Resource Center
      • Free Trials
      • Blog
      • SonicWall University
      • MySonicWall
    • Capture Labs
      • Capture Labs
      • Security Center
      • Security News
      • PSIRT
      • Application Catalog
    • Support Widget
      • Custom HTML : Support Content WIdgets
        Support Portal

        Find answers to your questions by searching across our knowledge base, community, technical documentation and video tutorials

      • Support Image Widgets
  • COMPANY
    • Boundless Cybersecurity
    • Press Releases
    • News
    • Awards
    • Leadership
    • Press Kit
    • Careers
  • PROMOTIONS
    • Customer Loyalty Program
  • MANAGED SERVICES
    • Managed Security Services
    • Security as a Service
    • Professional Services
  • Contact Sales
  • Menu

Capture Client - system requirements

02/10/2022 24 People found this article helpful 94,948 Views

    Download
    Print
    Share
    • LinkedIn
    • Twitter
    • Facebook
    • Email
    • Copy URL The link has been copied to clipboard

    Description

    Capture Client is a comprehensive endpoint security solution that protects Windows and macOS devices. It is administered from the SonicWall Cloud Management Console, a cloud service requiring only a web browser and an internet connection. 

    Resolution

    Hardware 

    To install Capture Client on a  Windows PC or mac, the device must meet the following hardware requirements:

    SpecificationMinimumRecommended
    CPU requirements1 GHz Dual-core processor 
    Memory requirements1 GB RAM 3 GB RAM (Windows), 2 GB RAM (Mac)
    Storage requirements2 GB free disk space 

    Note: If you are taking snapshots, add an additional 10%.


    General Agent Requirements

    • CPU micro-architectures such as x86_32, ARM, RISC, MIPS are not supported 
    • If you use PAN-OS 8.1 (Palo Alto Networks), you must manually add SentinelOne as an approved application.

    Operating Systems

    Capture Client Management Console supports endpoints (PCs, laptops, tablets, and other devices) running the following operating systems. Capture Client's advanced threat protection is powered by SentinelOne, and the SentinelOne agent is automatically installed and configured according to the Threat Protection security policy. The recommended SentinelOne agent version is listed below.


    Windows 
    Operating SystemVersionCapture Client SentinelOne Agent
    Windows Server Core
    2019, 2016, 20123.6.24 or later4.6.14.304 or later
    Windows Server

    2019
    2016
    2012 R2, 2012
    2008 R2

    2022*

    3.6.24 or later



    3.6.34 or later*
     4.6.14.304 or later



    21.6.5 or later*
    Windows Storage Server2016, 2012 R2, 20123.6.24 or later4.6.14.304 or later
    Windows 1121H2.22000.3183.6.30 or later21.6.4.423 or later

    Windows 10
    32- and 64-bit Windows 10 RS5 on 32- and 64-bit3.6.24 or later4.6.14.304 or later
    Windows 8
    Version 8,8.1 on 32- and 64-bit
    3.6.24 or later4.6.14.304 or later
    Windows 7
    Version 7 SP1 on 32- and 64-bit  
    3.6.24 or later4.6.14.304 or later


    NOTE: All agents running on Windows that are supported according to SentinelOne’s life cycle are tested for compatibility with each Windows 10 Redstone release. Supported editions of Windows 7, 8, 8.1 and 10 include Home, Pro, Pro for Workstations, Enterprise, Education, Pro Education, and Enterprise LTSC. Core and Mobile editions are not supported


    Windows Agent Dependencies
    InstallationNotes
    Windows Defender
    • You should consider uninstalling Microsoft Defender Antivirus on Windows Server 2016 or 2019 to prevent interoperability issues.
    • On Windows 10, when the Agent registers to the Windows Security Center, SentinelOne becomes the primary Virus and Threat protection, instead of Windows Defender unless a Policy Override change is made to allow Defender.
    • In Windows 7, 8, and 8.1, the SentinelOne Agent registers to the Windows Security Center along with Windows Defender. SentinelOne does not become primary. You should consider uninstalling Microsoft Defender Antivirus.
    .NET Framework 4 and later
    On Windows 10 and Windows Server 2016, install Microsoft KB4093119, to make sure old logs in ProgramData\Sentinel\logs are deleted.
    An endpoint should have only 16 log files, taking up no more than 1.6 GB.
    On Windows 7, Windows 7 Service Pack 1 (SP1), Windows Server 2012, and Windows Server 2008 R2 SP1, install the Update to enable TLS 1.1 and TLS 1.2 as default secure protocols in WinHTTP and add the Registry subkey, as shown in the article.SentinelOne Management-Agent communication uses TLS 1.2. This is not supported by default in Windows 7. You must install this update and add the registry subkey, as shown in the article. 
    KB3033929 (SHA2) - Security Update for Windows 7 SP1 and Windows Server 2008 R2This security update must be installed on Windows 7 SP1 and Windows Server 2008 R2 SP1 to meet minimum requirements for the installer.

    KB2758857 for Windows 7 and Windows Server 2008 R2 OR KB2533623 and KB4457144 - Security updates for Windows 7 SP1 and Windows Server 2008 R2

    (Links to the Updates are on the text above)

    After you install this update, you must restart the endpoint and run the Agent installation again. 
    Microsoft Windows Volume Shadow Copy Service (VSS)Configure VSS before you install the Agent. Refer to this KB article
    GPO PrivilegesThe administrator who runs Agent installation through group policy must have RESTORE and TAKE OWNERSHIP privileges to prevent an installer crash.
    DigiCertIf the endpoint does not get Windows updates, you must manually install DigiCert for the Agent to communicate with the Management.
    Windows Services set to Automatic

    Base Filtering Engine Service

    Windows Update Service


    Required Windows Administrator Permissions


    • The Windows Agent installer works on supported Windows endpoints with default settings. If your environment is hardened with specific changes, the installer might fail or crash. Make sure your environment fulfills these requirements for a successful installation.
    • The Windows Agent installation requires Administrator permissions, with write permissions to C:\Users\Public\Documents and C:\ root. Install only as an Administrator, whether local, remote, GPO, or other.
    • The Agent Anti-Tampering process restores and takes ownership of files during installation. The user running the installation must have Restore and Take Ownership privileges (default for Windows Administrator).
    • The Agent Installer adds a trusted publisher to the machine certificate store that signs the PowerShell profile script of its PowerShell Protection. The local Administrator user must have privileges to install trusted publisher certificates.
    • The Agent Installer creates a backup of the ELAM driver in the ELAM backup directory, ELAMBKUP, configured in the system registry. This directory must exist.
    • The Agent installs drivers to the Program Files directory. The Program Files directory must be on the system boot volume.
    • The Windows System user is required. Do not delete it!


    macOS 
    Operating SystemVersionCapture Client SentinelOne Agent
    macOS 12.0.1 
    Monterey

    3.6.30 or later

    21.7.4.5853 or later

    macOS 11.0, 11.1, 11.2,11.3, 11.3.1, 11.4,11.5, 11.5.1,11.5.2Big Sur


    3.6.29* or later,

    3.6.24 (Intel chipset only)


     

    21.5.3.5411* or later,

    4.7.11.5281 (Intel chipset only)

    macOS 10.15.4, 10.15.5, 10.15.6, 10.15.7Catalina3.6.24 or later4.7.11.5281 or later
    Note: With release of CC 3.6, Kext based agents are no longer supported. Hence, macOS installations older than 10.15.4 are no longer supported.


    * Supports both Apple M1 silicon and Intel chipset Mac endpoints


    Linux


    • The Linux Agent is not supported on nodes on containers (Kubernetes, OpenShift).
    • The Linux Agent supports SELinux.
    • All cloud providers (such as GCP, Azure, AWS) support installation of the Linux Agent on instances that fulfill the system requirements.
    • The Linux Agent is compiled with 64-bit kernel and libraries. It supports Intel x86_64 compatible architecture and x64 hardware. The Linux Agent does not support 32-bit architecture; CPU micro-architectures such as ppc64, x86_32, ARM, RISC, MIPS; or UNIX OS versions such as FreeBSD, AIX, Solaris.
    • The Linux Agent can be installed on Desktops and Servers of the supported distributions, of new kernel versions only (for example: Oracle 6.9 kernel-uek-4.1.12-61*).
    • Limitations of older kernels:
      • Kernels lower than 2.6 - Not supported.
      • Kernels lower than 3.8 - Static AI and Reputation engines are not triggered on new files written to disk, but they do work from Full Disk Scan. Deep Visibility File Modification and Network Action event types are not supported.
      • Kernels lower than 3.10 - Containers are not supported.
      • Kernels lower than 3.11 - Static AI cannot analyze files as they are written to a container. The Agent analyzes these files when the files are executed.
    • The Agent does not support systems with Kernel Lockdown set to Confidentiality.
      For example, Fedora 31 kernel 5.3.7 default Kernel Lockdown was "Confidentiality" which is not supported. Fedora 31 kernel 5.5.x default is "Integrity", which is supported.
    Operating System VersionCapture ClientSentinelOne Agent
    Amazon Linux2018.03
    2017.03
    AMI 2
    3.6.24 or later4.6.11.5 or later
    Red Hat Enterprise Linux (RHEL)8.0 - 8.3,
    7.x
    6.4+
    3.6.24 or later4.6.11.5 or later
    Ubuntu 20.04,20.04.1,
    19.04, 19.10

    18.04,18.04.5, 18.04.7
    16.04
    14.04
    3.6.24 or later4.6.11.5 or later
    CentOS8.0 - 8.3,
    7.x,

    6.4+
    3.6.24 or later4.6.11.5 or later
    Oracle Linux (OL)
    (formerly known as Oracle
    Enterprise Linux or OEL)
    8.0 - 8.3,
    7.0- 7.8,
    6.9, 6.10
     7.9, 8.4
    3.6.24 or later


    3.6.29 or later 
    4.6.11.5 or later


    21.6.3 or later
    SUSE Linux Enterprise Server 12.x, 15.x3.6.24 or later4.6.11.5 or later
    Fedora25, 26, 27, 28, 29, 30,
    31(starting with kernel 5.5.x),
    32,33 
    3.6.24 or later4.6.11.5 or later
    Debian8, 9, 10 3.6.24 or later4.6.11.5 or later
    Virtuozzo73.6.24 or later4.6.11.5 or later
    Scientific Linux6,73.6.24 or later4.6.11.5 or later


    Linux Minimum Hardware Requirements for Agent and for Endpoint Usage
    Minimum for Managed EndpointNotes for Agent Requirements
    2 GHz Dual-core
    4 GB RAMAccording to distro requirements.
    25 GB free disk space for OSMake sure endpoint size fits requirements for logs, files, services, etc.
    2 GBAt least 2 GB in /opt/sentinelone with 3 GB recommended
    Instruction-supported CPU: SSE4_2
    • SSE4a is not supported
    • Some virtual environments mask support for advanced CPU capabilities. See your VM vendor documentation. For example: VMWare article How to Override Masks | Hyper-V article How to turn off processor compatibility mode.


    Required Software
    • Dependencies: None on baseline distro installations.

      If the Linux OS is customized:
      • Get the list of dependencies:
        rpm -qRp SentinelAgent_installerFileName.rpm

        or

        dpkg -I SentinelAgent_installerFileName.deb
      • Make sure these kernel flags are set to y:

    CONFIG_KRETPROBES=y
    CONFIG_KPROBES=y
    CONFIG_FTRACE=y


    Browser Levels

    Based on the operating system you are using, the following browser levels are supported. These browser levels apply to the browser running the Cloud Management Console.

    Browser SupportedWindows ServerWindows 11Windows 10Windows 8Windows 7VistaLinuxmacOS
    Microsoft Edge (latest version)
    ✓✓✓     
    Mozilla FireFox (version 52.5 ESR or later)✓✓✓✓✓✓✓✓
    Google Chrome (latest version)✓✓✓✓✓✓✓✓
    Apple Safari (latest version)       ✓


    It is recommended that Administators also review SentinelOne Version availability with Capture Client before installation and upgrades. 

    SentinelOne Agent compatibility with Capture Client

    Please refer to this KB article for details

    Related Articles

    • How to configure Web Content Filtering on Capture Client 3.6
    • How to export logs from the Capture client console and the endpoint
    • How to Download and Install Capture Client

    Categories

    • Endpoint Security > Capture Client

    Not Finding Your Answers?

    ASK THE COMMUNITY

    Was This Article Helpful?

    YESNO

    Article Helpful Form

    Article Not Helpful Form

    Company
    • Careers
    • News
    • Leadership
    • Awards
    • Press Kit
    • Contact Us
    Popular resources
    • Communities
    • Blog
    • SonicWall Capture Labs

    Stay In Touch

    • By submitting this form, you agree to our Terms of Use and acknowledge our Privacy Statement. You can unsubscribe at any time from the Preference Center.
    • This field is for validation purposes and should be left unchanged.
    • Facebook
    • Twitter
    • Linkedin
    • Youtube
    • Instagram

    © 2022 SonicWall. All Rights Reserved.

    • Legal
    • Privacy
    • English
      Scroll to top
      Trace:dd05288e52973a5809ba22c373a5ba22-70