What are the requirements to run OnPrem?

The size of the Holm Security OnPrem may vary depending on the number of assets in the environment, the number of scans carried out and how frequently the scans are performed.

Below you can find the different sizes that we recommend depending on the installation and the environment where it is deployed.

The supported version for OnPrem to run on is VMWare.

In the future more hypervisors will be supported.

Hardware requirements

Proof of Concept (PoC)

Name

Description

CPU (Cores)

RAM
(GB)

Disk
(GB)

Quantity

Server A

Core system

4

16

200

1

Server B

Scanner appliance

2

8

200

1

 

 

 

 

 

 

Production - Small

Name

Description

CPU (Cores)

RAM
(GB)

Disk
(GB)

Quantity

Server A

Core system

8

24

200

1

Server B

Scanner appliance

2

8

200

2

 

 

 

 

 

 

Production - Medium

Name

Description

CPU (Cores)

RAM
(GB)

Disk
(GB)

Quantity

Server A

Core system

12

32

300

1

Server B

Scanner appliance

2

8

200

4

 

 

 

 

 

 

Production - Large

Name

Description

CPU (Cores)

RAM
(GB)

Disk
(GB)

Quantity

Server A

Core system

24

48

500

1

Server B

Scanner appliance

2

8

200

8

 

 

 

 

 

 

 

Public network access

Communication outbound is required for the instance to function properly on a set of different TCP ports. This is required to have daily updates of new vulnerability tests, take part of software updates provided by Holm Security and ensure the health state of the system.

The system only requires outbound access to these public endpoints (e.g. no inbound access is required).

The SMS service endpoints are used for Two factor authentication (2FA) and secured delivery of scanning reports.

Outbound IP network access to Holm Security Holm Security endpoints:

  • IPv4: 185.163.84.0/22
  • IPv6: 2a0b:6800::/29
  • Ports:
    • TCP 443
    • TCP 8022

SMS service endpoints:

  • IPv4: 83.138.162.64/29 and 159.135.143.144/29
  • Port(s): TCP 80 and 443

Outbound IP network access for 3rd party services

All service endpoints below are configurable, but are required for the system to work properly

  • NTP: UDP 123
  • DNS: TCP/UDP 53



Have more questions? Submit a request

0 Comments

Please sign in to leave a comment.