System requirements for Active Response

Make sure that your system environment meets these requirements and that you have administrator rights.

Note: For a complete list of supported platforms, environments, and operating systems for McAfee® Active Response, see KB84473.

Minimum requirements for McAfee Data Exchange Layer components

Use the following table to determine your minimum McAfee® Data Exchange Layer (DXL) components based on your McAfee® ePolicy Orchestrator® (McAfee® ePO™) server environment.

Component Single McAfee ePO

server environment

Multiple McAfee ePO

server environment

DXL extensions 4.0.0 4.0.0
DXL endpoint clients 3.0.0 + HF3 (< RS2, Linux, macOS)

3.1.0 (RS2/RS3)

4.0.0
DXL brokers 3.1.x* 4.0.0

(at least one DXL 4.0.0

broker must be online)

* With version 3.1.x broker, the Health Status page reports an out-of-date broker. This alert can be disregarded.

Minimum requirements for the Active Response server

The server can be installed on a physical server or a virtual machine.

  • 1 CPU with 4 cores
  • 8 GB RAM
  • 140-GB solid-state disk

Supported web browsers for the user interface

  • Internet Explorer 11 or later
  • Microsoft Edge on Windows 10.0
  • Chrome 53.0 or later
  • Firefox 46.0 or later
  • Safari 8.0 or later (on Macintosh operating systems only)

Supported operating systems for the Active Response endpoint client

Operating system Version Architecture Processor RAM Minimum Free Hard Disk space
Windows 10 (Redstone 3) Base 32-bit and 64-bit 2 GHz or higher 3 GB 1 GB
Windows 10 (Redstone 2) Base 32-bit and 64-bit 2 GHz or higher 3 GB 1 GB
Windows 10 Enterprise, Anniversary Update Base 32-bit and 64-bit 2 GHz or higher 3 GB 1 GB
Windows 8.1 Enterprise Base, U1 32-bit and 64-bit 2 GHz or higher 3 GB 1 GB
Windows 8.0 Base 32-bit and 64-bit 2 GHz or higher 3 GB 1 GB
Windows 7 Enterprise Up to SP1 32-bit and 64-bit 1.4 GHz or higher 2 GB 1 GB
Windows 7 Professional Up to SP1 32-bit and 64-bit 1.4 GHz or higher 2 GB 1 GB
Windows Server 2016 Base 64-bit 2 GHz or higher 3 GB 1 GB
Windows 2012 Server Base, R2, U1 64-bit 2 GHz or higher 3 GB 1 GB
Windows 2008 R2 Enterprise SP1 64-bit 2 GHz or higher 3 GB 1 GB
Windows 2008 R2 Standard SP1 64-bit 2 GHz or higher 3 GB 1 GB
CentOS* 6.5 - 6.9

64-bit only

2 GHz or higher 2 GB 1 GB
Red Hat* 6.5 - 6.9

64-bit only

2 GHz or higher 2 GB 1 GB
macOS*

High Sierra (10.13)

Sierra (10.12)

El Capitan (10.11)

64-bit 2 GHz or higher 2 GB 1 GB

* Does not support the Trace functionality or displaying data on the Threat Workspace.

Important: On Linux 64-bit systems, compatible 32-bit libraries must be installed on endpoints for Active Response to work properly. See KB89991 for instructions.

Minimum requirements for the Active Response endpoint client

Product Windows Linux macOS
McAfee ePO 5.3.1 5.3.1 5.3.1
McAfee® Agent 5.0.3 (< RS2)

5.0.5 (RS2/RS3)

5.0.5.658 5.0.5.658 (El Capitan and Sierra)

5.0.6.347 (High Sierra)

Data Exchange Layer 3.0.0 + HF3 (< RS2)

3.1.0 (RS2/RS3)

3.0.0 + HF3 3.0.0 + HF3
Endpoint Security

Threat Prevention with

Threat Intelligence module

10.2.0 (< RS2)

10.2.2 (RS2)

10.2.3 (RS3)*

10.2.2** 10.2.3***
Endpoint Security with

Advanced Threat Protection

10.5.1 (< RS2)

10.5.2 (RS2)

10.5.3 (RS3)

Microsoft Windows 10 (version 1607) - Anniversary Update (Redstone 1 [RS1])

Microsoft Windows 10 (version 1703) - Creators Update (Redstone 2 [RS2])

Microsoft Windows 10 (version 1709) - Fall Creators Update (Redstone 3 [RS3])

*If you have Redstone 3 endpoints, McAfee® Endpoint Security 10.2.2 or 10.5.3 must be checked in to the Master Repository before installing the Active Response client bundle.

**Install McAfee Endpoint Security 10.2.2 on Linux endpoints before installing Active Response 2.2.

***Install Endpoint Security 10.2.3 for macOS before installing Active Response 2.2.

Note: If an endpoint does not currently have a version of Endpoint Security or McAfee VirusScan Enterprise, the appropriate version of the Endpoint Security modules is installed automatically with the Active Response installation. If an endpoint currently has an unsupported version of Endpoint Security, upgrade the modules on the endpoint to a supported version.