Skip to content
Bastion EDR Docs

System Requirements

Agent requirements

Section titled “Agent requirements”

Supported operating systems

Section titled “Supported operating systems”
OSVersionsArchitecture
Windows10, 11, Server 2019, Server 2022x86-64
macOS12 (Monterey) and laterx86-64, Apple Silicon
LinuxUbuntu 20.04+, Debian 11+, RHEL 8+, Fedora 37+x86-64

Hardware

Section titled “Hardware”
ResourceMinimumRecommended
CPUAny dual-core (2010+)Any — agent uses <0.5% at idle
RAM256 MB free512 MB free
Disk100 MB500 MB (for quarantine store)

Ports (outbound from endpoint)

Section titled “Ports (outbound from endpoint)”
PortProtocolPurpose
50051TCP (gRPC)Agent → Backend telemetry
443TCP (HTTPS)Agent update check (optional)

The agent does not require any inbound ports. No firewall rules need to be opened on endpoints.

Backend requirements

Section titled “Backend requirements”

Hosting

Section titled “Hosting”

The backend can run on any x86-64 Linux host. Recommended minimum spec for production:

ResourceMinimumRecommended (500 endpoints)
CPU2 vCPU4 vCPU
RAM4 GB8 GB
Disk20 GB SSD100 GB SSD
OSUbuntu 22.04 LTSUbuntu 22.04 LTS

A single Hetzner CX22 (~$5/month) or AWS t3.medium comfortably serves a 500-endpoint deployment.

Ports (inbound to backend server)

Section titled “Ports (inbound to backend server)”
PortProtocolPurpose
8080TCP (HTTP/HTTPS)REST API for console
50051TCP (gRPC)Agent connections
8000TCPSurrealDB (localhost only)

Software dependencies

Section titled “Software dependencies”
DependencyVersionNotes
SurrealDB2.xInstalled automatically via Docker Compose
Docker24+For containerized deployment
Docker Composev2For containerized deployment

Console requirements

Section titled “Console requirements”

The Flutter desktop console runs natively on the IT administrator’s workstation.

OSMinimum version
Windows10 1903+ (64-bit)
macOS12 (Monterey)
LinuxUbuntu 20.04+, any X11/Wayland desktop

The console does not need to be installed on managed endpoints — only on the IT admin’s machine.

Network

Section titled “Network”
ConnectionProtocolRequired?
Endpoint → Backend (gRPC port 50051)TCPYes
Console → Backend (HTTP port 8080)TCPYes
Backend → SMTP serverTCP 587Only if email alerts configured
Backend → Splunk/Elastic/SentinelTCP 443/8088Only if SIEM configured
Backend → JiraTCP 443Only if Jira integration configured

No traffic leaves your network to Halden Technologies infrastructure.