Requirements for Alert Logic Log Manager for Amazon Web Services

United States firewall rules

Use the following firewall rules to communicate with the US Data Center.

Appliance inbound

Source	Destination	Protocol	Port	Description
0.0.0.0/0	Appliance	TCP	80	Virtual appliance claim only
204.110.218.96/27	Appliance	TCP	22	Optional and temporary- required for troubleshooting during provisioning only
204.110.219.96/27	Appliance	TCP	22	Optional and temporary- required for troubleshooting during provisioning only
208.71.209.32/27	Appliance	TCP	22	Optional and temporary- required for troubleshooting during provisioning only

Appliance outbound

Source	Destination	Protocol	Port	Description
Appliance	8.8.4.4	TCP/UDP	53	DNS
Appliance	8.8.8.8	TCP/UDP	53	DNS
Appliance	0.0.0.0/0	TCP	80	Appliance updates
Appliance	208.71.209.32/27	TCP	443	Data transport
Appliance	204.110.218.96/27	TCP	443	Data transport
Appliance	204.110.219.96/27	TCP	443	Data transport
Appliance	204.110.219.96/27	UDP	123	NTP, time sync
Appliance	208.71.209.32/27	UDP	123	NTP, time sync

Agent or remote collector outbound rules

Source	Destination	Protocol	Port	Description
Source host	208.71.209.32/27	TCP	443	Data transport
Source host	204.110.218.96/27	TCP	443	Data transport
Source host	204.110.219.96/27	TCP	443	Data transport

European Union firewall rules

Use the following firewall rules to communicate with the EU Data Center.

Appliance inbound

Source	Destination	Protocol	Port	Description
0.0.0.0/0	Appliance	TCP	80	Virtual appliance claim only
185.54.124.0/24	Appliance	TCP	22	Optional and temporary- required for troubleshooting during provisioning only

Appliance outbound

Source	Destination	Protocol	Port	Description
Appliance	185.54.124.0/24	TCP	443	Data transport
Appliance	8.8.8.8	TCP/UDP	53	DNS
Appliance	8.8.4.4	TCP/UDP	53	DNS
Appliance	0.0.0.0/0	TCP	80	Appliance updates
Appliance	185.54.124.0/24	UDP	123	NTP, time sync

Agent or remote collector outbound rules

Source	Destination	Protocol	Port	Description
Source host	185.54.124.0/24	TCP	443	Data transport

Supported AWS regions

Alert Logic supports the following AWS regions for Log Manager deployments.

AWS Region Name	Region
Africa (Cape Town)	af-south-1
Asia Pacific (Hong Kong)	ap-east-1
Asia Pacific (Tokyo)	ap-northeast-1
Asia Pacific (Seoul)	ap-northeast-2
Asia Pacific (Osaka-Local)	ap-northeast-3
Asia Pacific (Mumbai)	ap-south-1
Asia Pacific (Singapore)	ap-southeast-1
Asia Pacific (Sydney)	ap-southeast-2
Canada (Central)	ca-central-1
Europe (Frankfurt)	eu-central-1
Europe (Stockholm)	eu-north-1
Europe (Milan)	eu-south-1
Europe (Ireland)	eu-west-1
Europe (London)	eu-west-2
Europe (Paris)	eu-west-3
Middle East (Bahrain)	me-south-1
South America (São Paulo)	sa-east-1
US East (N. Virginia)	us-east-1
US East (Ohio)	us-east-2
US West (N. California)	us-west-1
US West (Oregon)	us-west-2

Virtual appliance

The following describes the basic requirements to install a virtual appliance: 

Components	System Requirements
CPU	2 cores
RAM	2 GB
Disk space	1 GB–50 GB
Supported virtual environment	VMware only
Log collection support	Syslog via agent or agent-less, Windows and flat-file via agent only
Encryption	TLS Standard (SSL): 2048-bit key encryption, 256-bit AES bulk encryption
Note	Not designed to run in a public cloud environment. Use agent-only deployments instead.

Virtual instance without the agent

The following describes basic requirements to install a virtual instance without the agent:

Components	System Requirements
Virtual CPUs	2
Storage	20 GB
Memory	2 GB
Virtual Network Interface(s)	Virtual network interface(s) One interface with DHCP or manual IP addressing for management If access to customer assets are restricted from management interface, an additional interface, internal to the customer environment with static access, is required for scanning. VMWare OVF Tool (for more information see VMware OVF Tool)

Alert Logic agent

The following table describes the basic requirements to install the agent:

Components	System requirements
Operating systems	For Windows users: Windows Server 2016 Windows 10 Windows Server 2003, SP1 Windows Server 2008 Windows Server 2012 Windows Vista Windows 7 Windows 8 Windows XP SP1 For Linux users: Debian (.deb) 5.x (lenny) 6.x (squeeze) 7.x (wheezy) 8.x (jessie) Ubuntu (.deb) 10.x 12.x 14.x 16.x CentOS (.rpm) 5.x 6.x 7.x Red Hat Enterprise Linux (.rpm) 5.x 6.x 7.x SUSE 12.1 12.0 11.4 11.3 Amazon Linux The Alert Logic agent can be used in AWS Workspaces in conjunction with a supported operating system.
Memory	96 MB of available memory
Disk space for agent	30 MB of available disk space
Disk space for local cache	500 MB of available disk space
Packet access	WinPcap 4.1.2
CPU Utilization	1-10% depending on log volume
RAM	15 MB minimum
Disk space	30 MB minimum
Log collection support	Windows, Flat File
Supported environments	Agent-only deployments with virtual and physical appliances, VPC, and Public Clouds
Encryption	TLS Standard (SSL): 2048-bit key encryption, 256-bit AES bulk encryption
Log collection frequency	At minimum, every five minutes logs are collected and sent to Alert Logic Cloud
Host permissions	LocalSystem account has all the necessary permissions by default

Remote collector

The following describes the basic requirements to install a remote collector:

Components	System Requirements
CPU	2 cores
RAM	2 GB
Disk space	10 GB minimum
Supported Operating Systems	Windows and Linux
Log collection support	Syslog only via port 1514
Encryption	TLS Standard (SSL): 2048-bit key encryption, 256-bit AES bulk encryption
Log collection frequency	Every five minutes (minimum)- logs collected and sent to Alert Logic Cloud
Host permissions	LocalSystem account has all the requisite permissions by default

Operating systems and browser support

The Alert Logic console supports the current version and the previous major version of the following operating systems and browsers: 

Operating system support	Browser support
Mac, Linux, and Windows	Chrome, Safari, Firefox, Opera, and Internet Explorer

Related topics