System and network requirements
You'll need the following system and network requirements to install and use the Insight Orchestrator. The Insight Orchestrator will run as either a virtualized Ubuntu appliance (OVA method or script installer) or on a dedicated Red Hat Enterprise Linux (RHEL) (physical or virtual) host.
CentOS 7 orchestrator is no longer supported
On June 1, 2024, the CentOS 7 Insight Orchestrator reached end-of-life. As a result, orchestrators using this operating system will no longer receive security updates or patches from CentOS Linux.
To keep your environment secure, it is highly recommended that you install the new Ubuntu orchestrator or migrate to Ubuntu if you have existing CentOS 7 orchestrators in your environment.
Operating environment
The Insight Orchestrator runs as a virtualized machine on the following virtualization platforms:
- VirtualBox
- VMWare
- AWS (conversion to AMI needed)
VMWare version requirements
The orchestrator .ova requires SHA256 support. If you are a VMWare user, make sure you have a VMWare ESXi Server version number above 6.5.0.
If you need to convert the OVA for compatibility, visit the resource here: https://www.sonicwall.com/en-us/support/knowledge-base/180411180839044.
Required production hardware
The orchestrator requires the following resources:
- 4-core CPU
- 8GB+ available RAM
- 64-128GB available storage
Disk Space Requirements
You should provision at minimum 64GB of disk space for the orchestrator. The more workflows you intend to use, you should allocate more disk space in advance.
Network connectivity requirements
Ensure that the following domains and ports are accessible to the orchestrator:
{region}.api.connect.insight.rapid7.com- Replace the
{region}section with the code for your area:us,us2,us3,eu,ap,ca, orau
- Replace the
{region}.plugins.connect.insight.rapid7.com- Replace the
{region}section with the code for your area:us,us2,us3,eu,ap,ca, orau
- Replace the
- Port 443 / TCP for HTTPS egress
mirrors.fedoraproject.org(EPEL packages)download.docker.com(Docker packages)packagecloud.io(For nightly updates to the orchestrator)
If XFS is your current filesystem, the ftype setting must be correct for Docker. To check that you have this setting, run xfs_info / | grep ftype=1 | wc -l in a terminal window. The command should return 1. If it doesn't, your XFS filesystem is not compatible with our Docker installation.
When using the script installer with a RHEL 7 or 8 image, ensure SELinux is disabled or set to permissive mode.
Software requirements
In order for InsightConnect plugins to run on the Insight Orchestrator, Docker Community Edition (CE) is required for all supported operating systems. The virtual appliance will ensure Docker CE is already installed while the install script will ensure the necessary Yum or Apt repo is added and that Docker is installed for Ubuntu version 20.04 or 22.04 and RHEL version 7 or 8.
Supported container engines for Red Hat Enterprise Linux
Although Docker CE is not directly supported by Red Hat, it remains a system requirement for running InsightConnect on Red Hat Enterprise Linux and is the only container engine currently supported. The Red Hat Container Tools module (such as Podman) is not a supported replacement for Docker CE, has not been known to work, and has not been tested by Rapid7.