Article Number: 000126165
VMware Carbon Black Cloud Endpoint Sensor System Requirements
Summary: System requirements must be met when installing the VMware Carbon Black Cloud Endpoint sensor.
Article Content
Symptoms
This article covers the system requirements for installing the VMware Carbon Black Cloud Endpoint sensor.
Affected Products:
VMware Carbon Black Cloud Endpoint
Affected Operating Systems:
Windows
Mac
Linux
Cause
Not applicable.
Resolution
The VMware Carbon Black Cloud Endpoint sensor has specific Software, Hardware, Network, and Anti-virus requirements. Click the appropriate tab for more information.
Click the appropriate operating system tab for specific platform software requirements.
General Requirements:
- Local Administration rights for installation
Internet Browser:
- Mozilla Firefox, Google Chrome, and Microsoft Edge
Click the appropriate VMware Carbon Black Cloud Endpoint version for additional software requirements. For more information, reference How to Identify the VMware Carbon Black Cloud Endpoint Sensor Version.
Operating Systems (64 and 32 bit):
- Desktop:
- Windows 111
- Windows 101
- v21H2 (November 2021 Update)
- v21H1 (May 2021 Update)
- v20H2 (October 2020 Update)
- v2004 (May 2020 Update / 20H1)
- v1909 (November 2019 Update / 19H2)
- v1903 (May 2019 Update / 19H1)
- v1809 (October 2018 Update / Redstone 5)
- v1803 (Spring Creators Update / Redstone 4)
- v1709 (Fall Creators Update / Redstone 3)
- v1703 (Creators Update / Redstone 2)
- v1607 (Anniversary Update / Redstone)
- v1511 (November Update / Threshold 2)
- Windows 10 Long-Term Servicing Channel
- Windows 10 Enterprise LTSC 2019
- Windows 10 Enterprise LTSC 2016
- Windows 10 Enterprise LTSC 2015
- Windows 8.1
- SP1
- Update 2
- Update 1
- Windows 8
- SP0
- Windows 72
- SP1
- SP0
- Server:
- Windows Server 20193
- Windows Server 20163
- SP0
- Windows Server 2012 R23
- SP0
- Windows Server 20123
- SP1
- SP0
- Windows Server 2008 R223
- SP1
- SP0
1Unlisted Windows feature updates are not supported. For a status on all feature updates, reference Dell Data Security / Dell Data Protection Windows Version Compatibility.
2Requires Microsoft KB Update 4474419 (https://support.microsoft.com/help/4474419 
) and 4490628 (https://support.microsoft.com/help/4490628 
). For more information about this requirement, reference SHA-1 Signing Certificate Expiration and Deprecation on Dell Data Security / Dell Data Protection Products.
3Server Core (2008/2012/2016/2019) editions are not supported.
Operating Systems (64 and 32 bit):
- Desktop:
- Windows 101
- v21H1 (May 2021 Update)
- v20H2 (October 2020 Update)
- v2004 (May 2020 Update / 20H1)
- v1909 (November 2019 Update / 19H2)
- v1903 (May 2019 Update / 19H1)
- v1809 (October 2018 Update / Redstone 5)
- v1803 (Spring Creators Update / Redstone 4)
- v1709 (Fall Creators Update / Redstone 3)
- v1703 (Creators Update / Redstone 2)
- v1607 (Anniversary Update / Redstone)
- v1511 (November Update / Threshold 2)
- Windows 10 Long-Term Servicing Channel
- Windows 10 Enterprise LTSC 2019
- Windows 10 Enterprise LTSC 2016
- Windows 10 Enterprise LTSC 2015
- Windows 8.1
- SP1
- Update 2
- Update 1
- Windows 8
- SP0
- Windows 72
- SP1
- SP0
- Windows 101
- Server:
- Windows Server 20193
- Windows Server 20163
- SP0
- Windows Server 2012 R23
- SP0
- Windows Server 20123
- SP1
- SP0
- Windows Server 2008 R223
- SP1
- SP0
1Unlisted Windows 10 feature updates are not supported. For a status on all feature updates, reference Dell Data Security / Dell Data Protection Windows Version Compatibility.
2Requires Microsoft KB Update 4474419 (https://support.microsoft.com/help/4474419 
) and 4490628 (https://support.microsoft.com/help/4490628 
). For more information about this requirement, reference SHA-1 Signing Certificate Expiration and Deprecation on Dell Data Security / Dell Data Protection Products.
3Server Core (2008/2012/2016/2019) editions are not supported.
Operating Systems (64 and 32 bit):
- Desktop:
- Windows 101
- v20H2 (October 2020 Update)
- v2004 (May 2020 Update / 20H1)
- v1909 (November 2019 Update / 19H2)
- v1903 (May 2019 Update / 19H1)
- v1809 (October 2018 Update / Redstone 5)
- v1803 (Spring Creators Update / Redstone 4)
- v1709 (Fall Creators Update / Redstone 3)
- v1703 (Creators Update / Redstone 2)
- v1607 (Anniversary Update / Redstone)
- v1511 (November Update / Threshold 2)
- Windows 10 Long-Term Servicing Channel
- Windows 10 Enterprise LTSC 2019
- Windows 10 Enterprise LTSC 2016
- Windows 10 Enterprise LTSC 2015
- Windows 8.1
- SP1
- Update 2
- Update 1
- Windows 8
- SP0
- Windows 72
- SP1
- SP0
- Windows 101
- Server:
- Windows Server 20193
- Windows Server 20163
- SP0
- Windows Server 2012 R23
- SP0
- Windows Server 20123
- SP1
- SP0
- Windows Server 2008 R223
- SP1
- SP0
1Unlisted Windows 10 feature updates are not supported. For a status on all feature updates, reference Dell Data Security / Dell Data Protection Windows Version Compatibility.
2Requires Microsoft KB Update 4474419 (https://support.microsoft.com/help/4474419 
) and 4490628 (https://support.microsoft.com/help/4490628 
). For more information about this requirement, reference SHA-1 Signing Certificate Expiration and Deprecation on Dell Data Security / Dell Data Protection Products.
3Server Core (2008/2012/2016/2019) editions are not supported.
Note: To determine Windows 10 feature update versions, reference Which Version of Windows Operating System am I Running?
Operating Systems (64 and 32 bit):
- Desktop:
- Windows 101
- v1909 (November 2019 Update / 19H2)
- v1903 (May 2019 Update / 19H1)
- v1809 (October 2018 Update / Redstone 5)
- v1803 (Spring Creators Update / Redstone 4)
- v1709 (Fall Creators Update / Redstone 3)
- v1703 (Creators Update / Redstone 2)
- v1607 (Anniversary Update / Redstone)
- v1511 (November Update / Threshold 2)
- Windows 10 Long-Term Servicing Channel
- Windows 10 Enterprise LTSC 2019
- Windows 10 Enterprise LTSC 2016
- Windows 10 Enterprise LTSC 2015
- Windows 8.1
- SP1
- Update 2
- Update 1
- Windows 8
- SP0
- Windows 72
- SP1
- SP0
- Windows 101
- Server:
- Windows Server 20193
- Windows Server 20163
- SP0
- Windows Server 2012 R23
- SP0
- Windows Server 20123
- SP1
- SP0
- Windows Server 2008 R223
- SP1
- SP0
1Unlisted Windows 10 feature updates are not supported. For a status on all feature updates, reference Dell Data Security / Dell Data Protection Windows Version Compatibility.
2Requires Microsoft KB Update 4474419 (https://support.microsoft.com/help/4474419 
) and 4490628 (https://support.microsoft.com/help/4490628 
). For more information about this requirement, reference SHA-1 Signing Certificate Expiration and Deprecation on Dell Data Security / Dell Data Protection Products.
3Server Core (2008/2012/2016/2019) editions are not supported.
Note: To determine Windows 10 feature update versions, reference Which Version of Windows Operating System am I Running?
Note: Local Scanning functionality is not available for Carbon Black Cloud Endpoint sensors running on macOS.
General Requirements:
- Local Administration rights for installation
Internet Browser:
- Mozilla Firefox, Google Chrome, and Microsoft Edge
Click the appropriate VMware Carbon Black Cloud Endpoint version for additional software requirements. For more information, reference How to Identify the VMware Carbon Black Cloud Endpoint Sensor Version.
Warning:
- For computers running macOS Mojave (10.15.0) or later, Full Disk Access is required.
- For more information, reference How to Grant Full Disk Access for VMware Carbon Black Cloud Endpoint.
- macOS Monterey 12.0.0 and later
- macOS Big Sur 11.0.1 and later
- macOS Catalina 10.15.0 to 10.15.7
Note: VMware Carbon Black 3.6.1 and later offers native support for Apple M1-based processors. LiveOps (OSQuery) continues to leverage Rosetta.
Warning:
- For computers running macOS Mojave (10.14.5) or later, Full Disk Access is required.
- For more information, reference How to Grant Full Disk Access for VMware Carbon Black Cloud Endpoint.
- macOS Big Sur 11.0.1 and later
- macOS Catalina 10.15.0 to 10.15.7
- macOS Mojave 10.14.6
Warning:
- For computers running macOS Mojave (10.14.5) or later, Full Disk Access is required.
- For more information, reference How to Grant Full Disk Access for VMware Carbon Black Cloud Endpoint.
- For computers running macOS High Sierra (10.13) or later, Kernel Extensions must be approved for product functionality.
- For more information, reference How to Allow Dell Data Security Kernel Extensions on macOS.
- macOS Big Sur 11.0.1 and later
- macOS Catalina 10.15.0 to 10.15.7
- macOS Mojave 10.14.6
- macOS High Sierra 10.13.6
- macOS Sierra 10.12.6
Warning:
- For computers running macOS Mojave (10.14.5) or later, Full Disk Access is required.
- For more information, reference How to Grant Full Disk Access for VMware Carbon Black Cloud Endpoint.
- For computers running macOS High Sierra (10.13) or later, Kernel Extensions must be approved for product functionality.
- For more information, reference How to Allow Dell Data Security Kernel Extensions on macOS.
- macOS Catalina 10.15.0 to 10.15.7
- macOS Mojave 10.14.6
- macOS High Sierra 10.13.6
- macOS Sierra 10.12.6
- Mac OS X El Capitan 10.11.6
- Mac OS X Yosemite 10.10.5
Warning:
- For computers running macOS Mojave (10.14.5) or later, Full Disk Access is required.
- For more information, reference How to Grant Full Disk Access for VMware Carbon Black Cloud Endpoint.
- For computers running macOS High Sierra (10.13) or later, Kernel Extensions must be approved for product functionality.
- For more information, reference How to Allow Dell Data Security Kernel Extensions on macOS.
- macOS Catalina 10.15.0
- macOS Mojave 10.14.6
- macOS High Sierra 10.13.6
- macOS Sierra 10.12.6
- Mac OS X El Capitan 10.11.6
- Mac OS X Yosemite 10.10.5
Warning:
- For computers running macOS Mojave (10.14.5) or later, Full Disk Access is required.
- For more information, reference How to Grant Full Disk Access for VMware Carbon Black Cloud Endpoint.
- For computers running macOS High Sierra (10.13) or later, Kernel Extensions must be approved for product functionality.
- For more information, reference How to Allow Dell Data Security Kernel Extensions on macOS.
- macOS Mojave 10.14.6
- macOS High Sierra 10.13.6
- macOS Sierra 10.12.6
- Mac OS X El Capitan 10.11.6
- Mac OS X Yosemite 10.10.5
General Requirements:
- Sudo rights for installation
Click the appropriate Linux distribution below for additional software requirements. For more information, reference How to Identify the VMware Carbon Black Cloud Endpoint Sensor Version.
Note: VMware Carbon Black Cloud v2.12 introduces Background Scan to supported Linux operating systems.
| Distribution | Distribution Version | VMware Carbon Black Cloud Audit and Remediation | VMware Carbon Black Cloud Endpoint Standard | VMware Carbon Black Cloud Enterprise EDR |
|---|---|---|---|---|
| Amazon Linux 2 | 2.4.0 and later | 2.11.0 and later | 2.10.1 and later |
| Distribution | Distribution Version | VMware Carbon Black Cloud Audit and Remediation | VMware Carbon Black Cloud Endpoint Standard | VMware Carbon Black Cloud Enterprise EDR |
|---|---|---|---|---|
| CentOS 8 | 8.0 and later | 2.4.0 and later | 2.11.0 and later | 2.10.1 and later |
| CentOS 7 | 7.9 | 2.4.0 and later | 2.9.1 and later | 2.9.1 and later |
| CentOS 7 | 7.8 | 2.4.0 and later | 2.7.1 and later | 2.7.1 and later |
| CentOS 7 | 7.0 to 7.7 | 2.4.0 and later | 2.7.0 and later | 2.7.0 and later |
| CentOS 6 | 6.6 to 6.10 | 2.4.0 and later | 2.7.0 and later | 2.7.0 and later |
| CentOS 6 | 6.0 to 6.5 | 2.4.0 to 2.9.1 | N/A | N/A |
| Distribution | Distribution Version | VMware Carbon Black Cloud Audit and Remediation | VMware Carbon Black Cloud Endpoint Standard | VMware Carbon Black Cloud Enterprise EDR |
|---|---|---|---|---|
| Red Hat Enterprise Linux 8 | 8.0 and later | 2.4.0 and later | 2.11.0 and later | 2.10.1 and later |
| Red Hat Enterprise Linux 7 | 7.9 | 2.4.0 and later | 2.9.1 and later | 2.9.1 and later |
| Red Hat Enterprise Linux 7 | 7.8 | 2.4.0 and later | 2.7.1 and later | 2.7.1 and later |
| Red Hat Enterprise Linux 7 | 7.0 to 7.7 | 2.4.0 and later | 2.7.0 and later | 2.7.0 and later |
| Red Hat Enterprise Linux 6 | 6.6 to 6.10 | 2.4.0 and later | 2.7.0 and later | 2.7.0 and later |
| Red Hat Enterprise Linux 6 | 6.0 to 6.5 | 2.4.0 to 2.9.1 | N/A | N/A |
| Distribution | Distribution Version | VMware Carbon Black Cloud Audit and Remediation | VMware Carbon Black Cloud Endpoint Standard | VMware Carbon Black Cloud Enterprise EDR |
|---|---|---|---|---|
| Oracle 8 | 8.0 and later | 2.8.1 and later | 2.11.0 and later | 2.10.1 and later |
| Oracle 7 | 7.9 | 2.8.1 and later | 2.9.1 and later | 2.9.1 and later |
| Oracle 7 | 7.6 to 7.8 | 2.8.1 and later | 2.8.0 and later | 2.8.0 and later |
| Oracle 7 | 7.0 to 7.5 | 2.8.1 and later | N/A | 2.8.0 and later |
| Oracle 6 | 6.6 to 6.10 | 2.4.0 and later | N/A | 2.8.0 and later |
| Oracle 6 | 6.0 to 6.5 | 2.8.1 to 2.9.1 | N/A | N/A |
| Distribution | Distribution Version | VMware Carbon Black Cloud Audit and Remediation | VMware Carbon Black Cloud Endpoint Standard | VMware Carbon Black Cloud Enterprise EDR |
|---|---|---|---|---|
| Oracle 8 | 8.0 and later | 2.8.1 | 2.11.0 and later | 2.10.1 and later |
| Oracle 7 | 7.9 | 2.8.1 and later | 2.9.1 and later | 2.9.1 and later |
| Oracle 7 | 7.0 to 7.8 | 2.8.1 and later | 2.8.0 and later | 2.8.0 and later |
| Oracle 6 | 6.6 to 6.10 | 2.4.0 and later | 2.8.0 and later | 2.8.0 and later |
| Oracle 6 | 6.0 to 6.5 | 2.4.0 to 2.9.1 | 2.8.0 and later | N/A |
| Distribution | Distribution Version | VMware Carbon Black Cloud Audit and Remediation | VMware Carbon Black Cloud Endpoint Standard | VMware Carbon Black Cloud Enterprise EDR |
|---|---|---|---|---|
| OpenSUSE 42 | 42.2 to 42.3 | 2.4.0 and later | 2.11.0 and later | 2.10.1 and later |
| OpenSUSE 15 | 15.0 to 15.1 | 2.4.0 and later | 2.11.0 and later | 2.10.1 and later |
| Distribution | Distribution Version | VMware Carbon Black Cloud Audit and Remediation | VMware Carbon Black Cloud Endpoint Standard | VMware Carbon Black Cloud Enterprise EDR |
|---|---|---|---|---|
| SUSE 15 | 15.0 to 15.2 | 2.4.0 and later | 2.11.0 and later | 2.10.1 and later |
| SUSE 12 | 12.2 to 12.5 | 2.4.0 and later | 2.11.0 and later | 2.10.1 and later |
| Distribution | Distribution Version | VMware Carbon Black Cloud Audit and Remediation | VMware Carbon Black Cloud Endpoint Standard | VMware Carbon Black Cloud Enterprise EDR |
|---|---|---|---|---|
| Ubuntu 21 | 21.04 | 2.11.3 and later | 2.11.0 and later | 2.10.1 and later |
| Ubuntu 20 | 20.04 LTS | 2.4.0 and later | 2.11.0 and later | 2.10.1 and later |
| Ubuntu 19 | 19.04 LTS, 19.10 | 2.4.0 and later | 2.11.0 and later | 2.10.1 and later |
| Ubuntu 18 | 18.04 LTS, 18.10 | 2.4.0 and later | 2.11.0 and later | 2.10.1 and later |
| Ubuntu 16 | 16.04 LTS | 2.4.0 to 2.11.3 | 2.11.0 to 2.11.3 | 2.10.1 to 2.11.3 |
Note: For more information about the Carbon Black products listed in this section, reference What is VMware Carbon Black Cloud?
Minimum Hardware Requirements:
- CPU: 2 GHz multi-core
- RAM: 2 GB
- Disk Space: 500 MB
- +600 MB if local scanning is enabled or using ThreatHunter.
- Network Card: 100/1000 mbps
Protocols:
- TLS: 1.2 or later
External Destinations vary based on geographic zone of purchase. Click the appropriate region for more information.
Configure firewalls or proxies to allow outgoing and incoming connection to the following Destinations without packet inspection.
| Function | Primary Port | Backup Port | Destination | IP Address | Notes |
|---|---|---|---|---|---|
| Administration | 443 | 54443 | defense-prod05.conferdeploy.net/ | Dynamic | |
| Client | 443 | 54443 | dev-prod05.conferdeploy.net/ | Dynamic | |
| Integration Services (API) | 443 | 54443 | defense-prod05.conferdeploy.net/ | Dynamic | |
| Signature Updates | 80 | 4431 | updates2.cdc.carbonblack.io | Dynamic | |
| Content Management System | 443 | 54443 | Content.carbonblack.io | Dynamic | Required for 3.6 and newer agents |
| Online Certificate Status Protocol | 80 | N/A | ocsp.godaddy.com | Dynamic | |
| Online Certificate Status Protocol | 443 | N/A | d.symcb.com | Dynamic | Required for 3.7.0.1503 and later installers |
| Certificate Revocation List | 80 | N/A | crl.godaddy.com | Dynamic | |
| Certificate Revocation List | 80 | N/A | sv.symcb.com | Dynamic | Required for 3.7.0.1503 and later installers |
| Certificate Revocation List | 80 | N/A | s1.symcb.com | Dynamic | Required for 3.7.0.1503 and later installers |
| Certificate Revocation List | 80 | N/A | s2.symcb.com | Dynamic | Required for 3.7.0.1503 and later installers |
1To leverage 443, or SSL/TLS connections for Signature Updates, the assigned policy group must have https://updates2.cdc.carbonblack.io defined within the Update Servers For Onsite Devices, and/or Update Servers for Offsite Devices.
Note: Signature Updates are only required on Windows Carbon Black Cloud Endpoint sensors if using Local Scanning functionality and "Allow Signature Updates" is enabled in the VMware Carbon Black Cloud.
Configure firewalls or proxies to allow outgoing and incoming connection to the following Destinations without packet inspection.
| Function | Primary Port | Backup Port | Destination | IP Address | Notes |
|---|---|---|---|---|---|
| Administration | 443 | 54443 | defense-eu.conferdeploy.net/ | Dynamic | |
| Client | 443 | 54443 | dev-prod06.conferdeploy.net/ | Dynamic | |
| Integration Services (API) | 443 | 54443 | defense-eu.conferdeploy.net/ | Dynamic | |
| Signature Updates | 80 | 4431 | updates2.cdc.carbonblack.io | Dynamic | |
| Content Management System | 443 | 54443 | Content.carbonblack.io | Dynamic | Required for 3.6 and newer agents |
| Online Certificate Status Protocol | 80 | N/A | ocsp.godaddy.com | Dynamic | |
| Online Certificate Status Protocol | 443 | N/A | d.symcb.com | Dynamic | Required for 3.7.0.1503 and later installers |
| Certificate Revocation List | 80 | N/A | crl.godaddy.com | Dynamic | |
| Certificate Revocation List | 80 | N/A | sv.symcb.com | Dynamic | Required for 3.7.0.1503 and later installers |
| Certificate Revocation List | 80 | N/A | s1.symcb.com | Dynamic | Required for 3.7.0.1503 and later installers |
| Certificate Revocation List | 80 | N/A | s2.symcb.com | Dynamic | Required for 3.7.0.1503 and later installers |
1To leverage 443, or SSL/TLS connections for Signature Updates, the assigned policy group must have https://updates2.cdc.carbonblack.io defined within the Update Servers For Onsite Devices, and/or Update Servers for Offsite Devices.
Note: Signature Updates are only required on Windows Carbon Black Cloud Endpoint sensors if using Local Scanning functionality and "Allow Signature Updates" is enabled in the VMware Carbon Black Cloud.
Configure firewalls or proxies to allow outgoing and incoming connection to the following Destinations without packet inspection.
| Function | Primary Port | Backup Port | Destination | IP Address | Notes |
|---|---|---|---|---|---|
| Administration | 443 | 54443 | defense-prodnrt.conferdeploy.net/ | Dynamic | |
| Client | 443 | 54443 | dev-prodnrt.conferdeploy.net/ | Dynamic | |
| Integration Services (API) | 443 | 54443 | defense-prodnrt.conferdeploy.net/ | Dynamic | |
| Signature Updates | 80 | 4431 | updates2.cdc.carbonblack.io | Dynamic | |
| Content Management System | 443 | 54443 | Content.carbonblack.io | Dynamic | Required for 3.6 and newer agents |
| Online Certificate Status Protocol | 80 | N/A | ocsp.godaddy.com | Dynamic | |
| Online Certificate Status Protocol | 443 | N/A | d.symcb.com | Dynamic | Required for 3.7.0.1503 and later installers |
| Certificate Revocation List | 80 | N/A | crl.godaddy.com | Dynamic | |
| Certificate Revocation List | 80 | N/A | sv.symcb.com | Dynamic | Required for 3.7.0.1503 and later installers |
| Certificate Revocation List | 80 | N/A | s1.symcb.com | Dynamic | Required for 3.7.0.1503 and later installers |
| Certificate Revocation List | 80 | N/A | s2.symcb.com | Dynamic | Required for 3.7.0.1503 and later installers |
1To leverage 443, or SSL/TLS connections for Signature Updates, the assigned policy group must have https://updates2.cdc.carbonblack.io defined within the Update Servers For Onsite Devices, and/or Update Servers for Offsite Devices.
Note: Signature Updates are only required on Windows Carbon Black Cloud Endpoint sensors if using Local Scanning functionality and "Allow Signature Updates" is enabled in the VMware Carbon Black Cloud.
Dell and VMware recommend the following exclusions if you are planning to run VMware Carbon Black Cloud alongside an existing anti-virus.
Directories:
C:\Program Files\Confer\ C:\Programdata\CarbonBlack\
Files:
C:\Windows\System32\drivers\ctifile.sys C:\Windows\System32\drivers\ctinet.sys C:\Windows\System32\drivers\cbelam.sys C:\Windows\system32\drivers\cbdisk.sys C:\Windows\Syswow64\ctintev.dll C:\Program Files\confer\Blades\LiveQuery\osqueryi.exe C:\Program Files\confer\repmgr.exe C:\Program Files\confer\scanner\upd.exe
Click the appropriate VMware Carbon Black Cloud Endpoint version for additional software requirements. For more information, reference, reference How to Identify the VMware Carbon Black Cloud Endpoint Sensor Version.
Directories:
/Applications/VMware Carbon Black Cloud /Library/Application Support/com.vmware.carbonblack.cloud/ /Library/Extensions/CbDefenseSensor.kext
Directories:
/Applications/Confer.app/
Directories:
/Applications/Confer.app/
To contact support, reference Dell Data Security International Support Phone Numbers.
Go to TechDirect to generate a technical support request online.
For additional insights and resources, join the Dell Security Community Forum.
Videos
Article Properties
Affected Product
VMware Carbon Black
Last Published Date
20 Dec 2022
Version
26
Article Type
Solution