System requirements for Active Response

Make sure that your system environment meets these requirements and that you have administrator rights.

Note: For a complete list of components, supported platforms, environments, and operating systems for McAfee® Active Response, see KB84473.

Minimum requirements for the Active Response server

The server can be installed on a physical server or a virtual machine.



McAfee® Linux Operating System (MLOS) CentOS
Version The latest version installs with Active Response server package. 6.8 - 7.3

Later versions were not tested, but should work with endpoints running 64-bit McAfee® Agent.

Processor 1 CPU with 4 cores 1 CPU with 4 cores
Memory 8-GB RAM 8-GB RAM
Hard drive 140-GB solid-state disk 140-GB solid-state disk
ISO Yes No; select an ISO to deploy
Hardened Yes No; follow the hardening instructions
Note: These recommendations vary on systems with Meltdown updates, see KB90333 for the latest details.

Minimum requirements for the Active Response endpoint client

Product Windows Linux macOS
McAfee ePO 5.3.1 5.3.1 5.3.1
McAfee® Agent 5.0.3 (< RS2)

5.0.5 (RS2/RS3) (El Capitan and Sierra) (High Sierra)

Data Exchange Layer 3.0.0 + HF3 (< RS2)

3.1.0 (RS2/RS3)

3.0.0 + HF3 3.0.0 + HF3
Endpoint Security

Threat Prevention with

Threat Intelligence module

Endpoint Security with

Adaptive Threat Protection

10.5.0 (< RS2)

10.5.1 (RS2)

10.5.3 (RS3)*


Microsoft Windows 10 (version 1607) - Anniversary Update (Redstone 1 [RS1])

Microsoft Windows 10 (version 1703) - Creators Update (Redstone 2 [RS2])

Microsoft Windows 10 (version 1709) - Fall Creators Update (Redstone 3 [RS3])

Microsoft Windows 10 (version 1803) - Spring Creators Update (Redstone 4 [RS4])

*If you have Redstone 3 endpoints, McAfee® Endpoint Security 10.5.3 must be checked in to the Master Repository before installing the Active Response client bundle.

**Install McAfee Endpoint Security 10.2.2 on Linux endpoints before installing Active Response.

***Install Endpoint Security 10.5.0 for macOS before installing Active Response.

Note: If an endpoint does not currently have a version of Endpoint Security or McAfee VirusScan Enterprise, the appropriate version of the Endpoint Security modules is installed automatically with the Active Response installation. If an endpoint currently has an unsupported version of Endpoint Security, upgrade the modules on the endpoint to a supported version.