Documentation forThreat Monitor

VM collector requirements

The following specifications are required for a typical SolarWinds data collector deployment under VMware or Hyper-V environments. They are intended as a baseline and should be confirmed with SolarWinds prior to deployment.

type minimum requirements
  • VMware
    • 4 cores
    • 8GB RAM
    • 160GB HDD volume
  • Hyper-V
    • 8 cores (Will function with four, but with diminished performance)
    • 8GB RAM
    • 160GB HDD volume
  • 1 Ethernet Controller (NIC) for IP address management
  • 1 Ethernet Controller (NIC) for Intrusion Detection (optional)
Network connectivity and access control lists
  • Static IP address
    • Connected to an accessible vSwitch instance
  • TCP and UDP port 53 access to internal DNS servers
  • Outbound TCP port 443 (HTTPS) to SolarWinds VPN Gateway (to be determined at deployment time)
  • Local Network Inbound TCP and UDP port 514
    • For local Syslog data sources
  • Local Network bi-directional TCP and UDP port 1514
    • For OSSEC Agent connectivity
  • Inbound TCP port 9654
    • For OSSEC Agent key negotiation
  • Available Physical NIC on the HOST VMware/Hyper-V server
    • To connect to a SPAN/Monitor port within the core-switching environment to facilitate Intrusion Detection capabilities (optional). Specific configuration requirements will be provided prior to implementation.

No inbound connectivity is required from the Internet.