Collector Requirements

Before installing a Collector, verify that your intended host machine and network meet the following requirements.

General Requirements and Recommendations

Consider the following before choosing a Collector host:

  • DO NOT install a Collector on a host that already runs a Security Console or Scan Engine.
  • Security Consoles and Scan Engines will not function properly if a Collector is present on the same host.
  • Only install one Collector per machine, whether physical or virtual.
  • Additionally, Rapid7 recommends that the host be entirely dedicated to the Collector’s use to maximize resource availability.
  • Your Collector host must be configured with a Fully Qualified Domain Name (FQDN).

Hardware Requirements and Recommendations

You can install a Collector on a network server or virtual machine that meets the following minimum hardware requirements:

  • 2 CPU cores
  • 8 GB RAM
  • 60 GB available disk space

For optimal performance, Rapid7 recommends the following hardware specifications:

Collector Size

Number of Agents

Recommended CPU Cores

Recommended RAM

Recommended Disk Space*

Small

Up to 500

4

8 GB

60 GB

Medium

Up to 2,400

4

8 GB

80 GB

Large

Up to 600 per CPU core**

4+

16 GB

100 GB

* Disk Space

In cases where a connection to the Insight platform is interrupted or lost, the Collector will hold data in the form of logs written to the disk until a connection can be reestablished.

The more disk space a Collector has, the longer it can operate without a connection to the Insight platform.

** CPU Cores

The Collector can only be responsible for 600 agents per CPU core. Mutlicore CPUs are recommended for taking on additional agents per Collector.

If your Collector CPU usage stays consistently above 40% under normal load, consider deploying an additional Collector.

Supported Operating Systems

Your Collector host must run one of the following 64-bit operating systems:

  • Ubuntu 11.04 - 17.04
  • Ubuntu Linux 10.04 LTS
  • Debian 7.0 - 8.2
  • CentOS 5.2 - 7.3
  • Oracle Enterprise Linux (OEL) 5.2 - 7.3
  • Fedora 17 - 25
  • SUSE Linux Enterprise Server (SLES) 11 -12
  • SUSE Linux Enterprise Desktop (SLED) 11 -12
  • openSUSE LEAP (42.1 - 42.2)
  • Amazon Linux
  • Red Hat Enterprise Linux (RHEL) 5.2 - 7.3
  • Microsoft Windows Server 2016
  • Microsoft Windows Server 2012 R2
  • Microsoft Windows Server 2008 R2
  • Windows 7 and newer

Supported Browsers

You need to access your InsightVM web interface in order to retrieve the installer and complete the activation process. To do so, use either of the following supported web browsers:

  • Mozilla Firefox (latest stable version)
  • Google Chrome (latest stable version)

Networking Requirements

The Collector communicates with your deployed agents and the Insight platform through the following TCP ports, all of which must be whitelisted for the designated target:

Data Type

Direction

Destination

Port

All relevant agent data to the platform

Outbound

All endpoint URLs ending with *.endpoint.ingress.rapid7.com

443*

Agent communication to Collector

Inbound

Rapid7 Collector

5508

Agent update requests to Collector

Inbound

Rapid7 Collector

6608

Agent file upload to Collector

Inbound

Rapid7 Collector

8037

* Whitelisting alternatives

If you need an alternative to the URL whitelisting method shown here, see the Insight Agent Networking page for a table of IP addresses by region that you can use instead.

NOTE - Additional Connectivity Required

This InsightVM use case also requires additional connectivity as noted in the “Data Upload” section on this platform communications page.