DATA SHEET

FireEye Endpoint Security Agent Software

The latest version of the Endpoint Security Agent software is 32 for use with Server version 5.0 or greater. Tables 1, 2, & 3 list supported agents for Windows, macOS,
and Linux operating systems. Unless otherwise shown, all editions of these operating systems are supported. See page 6 for support notes. Tables 4 & 5 list no longer
supported for Windows operating systems. Tables 6, 7, & 8 provide specifications for each operating system using the Endpoint Security Agent.

Table 1. Endpoint Security Agent supported features

AGENT: V32
Windows Audit Real Time IOC ExploitGuard Malware Protection MalwareGuard IA Modules
Windows 7 ✓ ✓ ✓ ✓ ✓ ✓
Windows 8 ✓ ✓ ✓ ✓ ✓ ✓
Windows 10 ✓ ✓ ✓ ✓ ✓ ✓
Server 2008R2 ✓ ✓ ✓ ✓ ✓ ✓
Server 2012 & 2012R2 ✓ ✓ ✓ ✓ ✓ ✓
Server 2016 ✓ ✓ ✓ ✓ ✓ ✓
Server 2019 ✓ ✓ ✓ ✓ ✓ ✓
macOS Audit Real Time IOC ExploitGuard Malware Protection MalwareGuard IA Modules
OS 10.9 – 10.11 ✓ ✓ X X X ✓
OS 10.12 – 10.15 ✓ ✓ X ✓ X ✓
Linux Audit Real Time IOC ExploitGuard Malware Protection MalwareGuard IA Modules
RHEL 6.8-6.10, 7.2+, 8+ ✓ ✓ X X X ✓
CentOS 6.8-6.10, 7.2+,8+ ✓ ✓ X X X ✓
Ubuntu 14.04, 16.04, 18.04, 19.04 ✓ ✓ X X X ✓
SUSE 11.3, 11.4 ✓ X X X X ✓
SUSE 12.2, 12.3, 15 ✓ ✓ X X X ✓
Open SUSE 15.1 ✓ ✓ X X X ✓
Amazon AMI 2018.3, AMI2 ✓ ✓ X X X ✓
Oracle Linux 6.10 & 7.6 ✓ ✓ X X X ✓

✓ Available in current version

X Not Available
Table 2. Supported Operating Systems, Microsoft Windows
AGENT VERSION 32.30 31.28 30.19 29.7 11.12
MINIMUM ENDPOINT SECURITY SERVER VERSION 5.0 4.9 4.8.0 4.7.0 3.0 MIR 3.0.5
XP SP2 (32-bit)
X X X X P1 P1
XP SP3 (32-bit) X X ✓ ✓ P2 P2
Vista SP1, SP2 (32-bit and 64-bit) X X ✓ ✓ ✓ ✓
Win 7, SP1 (32-bit and 64-bit) ✓ ✓ ✓ ✓ ✓ ✓
Win 8 (32 -bit and 64-bit) ✓ ✓ ✓ ✓ ✓ ✓
Win 8.1, Update 1 (32 -bit and 64-bit) ✓ ✓ ✓ ✓ ✓ ✓
Win 10 1511, 1607, 1703, 1709, LTSB
(32 -bit and 64-bit)
✓ ✓ ✓ ✓ P3 P3
Win 10 1803, 1903, 1909, 2004
(32-bit AND 64-bit)
✓ ✓ ✓ ✓ X X
Win 10 1909 LTSC
(32-bit AND 64-bit)
✓ ✓ X X X X

Server 2003 SP2, R2 SP2

X X ✓ ✓ ✓ ✓
(32-bit and 64-bit)
Server 2008 Standard,
X X ✓ ✓ ✓ ✓
(32 bit and 64-bit)
Server 2008 R2
✓ ✓ ✓ ✓ ✓ ✓
(32 bit and 64-bit)
Server 2012 (32-bit and 64-bit)
✓ ✓ ✓ ✓ ✓ ✓
Server 2012 R2 (64-bit)
Server 2016 (64-bit)
✓ ✓ ✓ ✓ X X
Server 2019 (64-bit) ✓ ✓ ✓ ✓ X X
Windows Embedded POSReady 2009 is based on Windows XP SP3
P1: Does not record registry events in lookback cache.
P2: URL monitoring events are not supported
P3: Memory-related audits are not supported.
Table 3. Supported Operating Systems, macOS and Linux
AGENT VERSION 32.30 31.25 30.19 29.7
MINIMUM ENDPOINT SECURITY SERVER VERSION 5.0 4.9 4.8.0 4.7.0
Mavericks 10.9 (64-bit) ✓ ✓ ✓ ✓
Yosemite 10.10 (64-bit) ✓ ✓ ✓ ✓
El Capitan 10.11 (64-bit) ✓ ✓ ✓ ✓
Sierra 10.12 (64-bit) ✓ ✓ ✓ ✓
High Sierra 10.13 (64-bit) ✓ ✓ ✓ ✓
Mojave 10.14 (64-bit) ✓ ✓ ✓ ✓
Catalina 10.15 (64-bit) ✓ ✓ ✓ X
RHEL 6.8 (64-bit) ✓ ✓ ✓ ✓
RHEL 6.9, 6.10 (64-bit) ✓ ✓ ✓ ✓
RHEL 7.2, 7.3 (64-bit) ✓ ✓ ✓ ✓
RHEL 7.4, 7.5, 7.6 (64-bit) ✓ ✓ ✓ ✓
RHEL 7.7 (64-bit) ✓ ✓ ✓ X
RHEL 7.8+ (64-bit) ✓ ✓ ✓ X
RHEL 8+ (64-bit) ✓ ✓ ✓ ✓
CENTOS 6.8, 6.9, 6.10 (64-bit) ✓ ✓ ✓ ✓
CENTOS 7.2, 7.3, 7.4, 7.5, 7.6 (64-bit) ✓ ✓ ✓ ✓
CENTOS 7.7 (64-bit) ✓ ✓ ✓ X
CENTOS 7.8+ (64-bit) ✓ ✓ ✓ X
CENTO 8+ (64-bit) ✓ ✓ X X
SUSE Enterprise Linux 11.3 ✓ ✓ ✓ X
SUSE Enterprise Linux 11.4, 12.2, 12.3 ✓ ✓ ✓ ✓
SUSE Enterprise Linux 15 ✓ ✓ ✓ ✓
Open SUSE 15.1+ ✓ X X X
Ubuntu 12.04, 14.04, 16.04, 18.04 ✓ ✓ ✓ ✓
Ubuntu 18.04.3, 19.04 ✓ ✓ X X
Ubuntu 20.04 ✓ X X X
Amazon Linux AMI 2018.3 ✓ ✓ ✓ ✓
Amazon Linux AMI2 ✓ ✓ ✓ ✓
Oracle Linux 6.10 ✓ ✓ ✓ ✓
Oracle Linux 7.6 ✓ ✓ ✓ ✓
✓: Provides full support for the FireEye Endpoint Security Agent software features available in a target release,
except for features listed in “FireEye Endpoint Security Agent Feature Support Notes” on page 6.
X: The Endpoint Security Agent software version is not available (not supported) for the Windows, macOS, or Linux operating system version listed.
The Endpoint Security Agent versions are no longer supported are listed for reference only.

Table 4. No Longer supported version Microsoft Windows

AGENT VERSION 28.8 27.30 26.21 25.12*1 24.9.x*2 23.10* 22.41
MINIMUM ENDPOINT SECURITY SERVER VERSION 4.6.0 4.5 4.0.2 3.6 3.5 3.3 3.2**
XP SP2 (32-bit) X X X X X X X
XP SP33 (32-bit) ✓ ✓ ✓ P2 P2 P2 P2
Vista SP1, SP2
✓ ✓ ✓ ✓ ✓ ✓ ✓
(32-bit and 64-bit)
Win 7, SP1
✓ ✓ ✓ ✓ ✓ ✓ ✓
(32-bit and 64-bit)
Win 8
✓ ✓ ✓ ✓ ✓ ✓ ✓
(32 -bit and 64-bit)
Win 8.1, Update 1
✓ ✓ ✓ ✓ ✓ ✓ ✓
(32 -bit and 64-bit)
Win 10 1703, 1609, LTSB
✓ ✓ ✓ ✓ ✓ ✓ ✓
(32 -bit and 64-bit)
Win 10 1803
✓ ✓ X X X X X
(32-bit and 64-bit)
Win 10 1903
✓ X X X X X X
(32-bit and 64-bit)
Win 10 1909, 2004
X X X X X X X
(32-bit and 64-bit)
Win 10 1909 LTSC
X X X X X X X
(32-bit and 64-bit)
Server 2003 SP2, R2 SP2
✓ ✓ ✓ ✓ ✓ ✓ ✓
(32-bit and 64-bit)
Server 2008 R1, (64-bit) ✓ ✓ ✓ ✓ ✓ ✓ ✓
Server 2008, R2, R2 SP1 (64-bit) ✓ ✓ ✓ ✓ ✓ ✓ ✓
Server 2012 (32-bit and 64-bit)
✓ ✓ ✓ ✓ ✓ ✓ ✓
Server 2012 R2 (64-bit)
Server 2016 (64-bit) ✓ ✓ ✓ ✓ P3 X X
Server 2019 (64-bit) ✓ X X X X X X
✓: Provides full support for the FireEye Endpoint Security Agent software features available in a target release, except for features listed in “FireEye Endpoint Security Agent Feature
Support Notes” on page 6.
X: The Endpoint Security Agent software version is not available (not supported) for the Windows, macOS, or Linux operating system version listed.
P1: Does not record registry events in lookback cache.
P2: URL monitoring events are not supported.
P3: Memory-related audits are not supported.
1 Endpoint Security Agent software versions 25.12.1 and 25.12.2
2 Endpoint Security Agent software versions 24.9.0, 24.9.3, and 24.9.4
3 Windows Embedded POSReady 2009 is based on Windows XP SP3
*Endpoint Security Agent software versions 25.12, 24.9, and 23.10 support Windows endpoints only.
**Endpoint Security Server 3.2 and later do not provide FireEye Intel to FireEye Endpoint Security Agents earlier than version 11.
Table 5. No Longer supported versions on macOS and Linux
AGENT VERSION 28.8 27.30 26.21
MINIMUM ENDPOINT SECURITY SERVER VERSION 4.6.0 4.5.0 4.0.2
Mavericks 10.9 (64-bit) ✓ ✓ ✓
Yosemite 10.10 (64-bit) ✓ ✓ ✓
El Capitan 10.11 (64-bit) ✓ ✓ ✓
Sierra 10.12 (64-bit) ✓ ✓ ✓
High Sierra 10.13 (64-bit) ✓ ✓ ✓
Mojave 10.14 (64-bit) ✓ ✓ X
Catalina 10.15 (64-bit) X X X
RHEL 6.8 (64-bit) X ✓ ✓
RHEL 6.9 (64-bit) X ✓ X
RHEL 6.10 (64-BIT) X ✓ X
RHEL 7.2 (64-bit) X ✓ ✓
RHEL 7.3 (64-bit) X ✓ ✓
RHEL 7.4 (64-bit) X ✓ X
RHEL 7.5 (64-BIT) X ✓ X
RHEL 7.6 (64-BIT) X ✓ X
RHEL 7.7 (64-BIT) X X X
RHEL 8 (64-BIT) X X X
CENTOS 6.8 (64-BIT) X ✓ X
CENTOS 6.9 (64-BIT) X ✓ X
CENTOS 6.10 (64-BIT) X ✓ X
CENTOS 7.2 (64-BIT) X ✓ X
CENTOS 7.3 (64-BIT) X ✓ X
CENTOS 7.4 (64-BIT) X ✓ X
CENTOS 7.5 (64-BIT) X ✓ X
CENTOS 7.6 (64-BIT) X ✓ X
CENTOS 7.7 (64-BIT) X X X
SUSE Enterprise Linux 11.3 X X X
SUSE Enterprise Linux 11.4 X X X
SUSE Enterprise Linux 12.2 X X X
SUSE Enterprise Linux 12.3 X X X
SUSE Enterprise Linux 15 X X X
Ubuntu 14.04 X X X
Ubuntu 16.04 X X X
Ubuntu 18.04, 18.04.3 X X X
Ubuntu 19.04 X X X
Amazon Linux AMI 2018.3 X X X
Amazon Linux AMI2 X X X
Oracle Linux 6.10 X X X
Oracle Linux 7.6 X X X
✓: Provides full support for the FireEye Endpoint Security Agent software features available in a target release,
except for features listed in “FireEye Endpoint Security Agent Feature Support Notes” on page 6.
X: The Endpoint Security Agent software version is not available (not supported) for the Windows, macOS, or Linux operating system version listed.
 FireEye Endpoint Security Agent Feature Support Notes
• Windows Embedded Enterprise and IoT Enterprise versions are supported with the equivalent version of Windows desktop version
• ExploitGuard and MalwareGuard is not supported on Windows Server operating systems for agent versions 24 or earlier.
• ExploitGuard, Malware Protection and MalwareGuard is not supported on Windows Server 2003.
• Malware Protection, (Malware Detection, MalwareGuard, quarantine, and remediation) is supported not on Windows Server 2003R2, XP, or Vista, or Windows agent
versions 23 or earlier.
• MalwareGuard, a component of Malware Protection, is not available for FireEye Endpoint Security Agent versions 26 or earlier.
• ExploitGuard, Malware Protection and MalwareGuard are not supported for agents running on macOS prior to 10.12 and Linux operating systems.
• ExploitGuard and MalwareGuard are not supported for agents running on macOS 10.12 or greater
• Quarantine and remediation, components of malware protection, are not available for FireEye Endpoint Security Agent versions 25 or earlier.
• Memory-related audits are not supported for host endpoints running Windows Server 2016.
• Some Endpoint Security features require specific versions of FireEye Endpoint Security Agent software. See the FireEye Endpoint Security Server User Guide and the
FireEye Endpoint Security Agent Administration Guide for more details.

Endpoint Security System Requirements

FireEye Endpoint Security Agent requires a 1 Ghz or faster Pentium-compatible processor and at least 300 MB of free disk space. It works with the following operating
systems:

Table 6. Requirements for Windows operating systems . Table 7. Requirements for macOS.
WINDOWS OPERATING SYSTEM MINIMUM SYSTEM MEMORY (RAM) MAC OS VERSIONS MINIMUM SYSTEM MEMORY (RAM)
VERSIONS Mavericks 10.9 (64-bit) 1 GB
XP SP3 (32-bit) 512 MB Yosemite 10.10 (64-bit)
Server 2003 R2 SP2 (32-bit and 64-bit) El Capitan 10.11 (64-bit)
Vista SP1 and higher (32-bit, 64-bit) 1 GB (32-bit), Sierra 10.12 (64-bit)
Windows 7and Win 7 SP1 (32-bit, 64-bit) 2 GB (64-bit) High Sierra 10.13 (64-bit)
Win 8 (32-bit, 64-bit) Mojave 10.14 (64-bit)
Win 8.1 (32-bit, 64-bit) Catalina 10.15 (64-bit)
Win 10 (32-bit, 64-bit)
Server 2008 (32-bit, 64-bit) 2 GB (64-bit)
Server 2008 R1, R2, R2 SP1, R2 SP2 (32-bit, 64-bit) Table 8. Requirements for Linux operating systems.
Server 2012 (32-bit, 64-bit)
Server 2012 R2 (64-bit) LINUX OPERATING SYSTEM VERSIONS MINIMUM SYSTEM MEMORY (RAM)
Server 2016 (64-bit) RHEL 6.8+ (64-bit) 2 GB
Server 2019 (64-bit) RHEL 7.2+ (64-bit)
RHEL 8 (64-bit)
CentOS 6.9+ (64-bit)
CentOS 7.2+ (64-bit)
CentOS 8 (64-bit)
SUSE 11.3, 11.4,12.2,12.3,15
Open SUSE 15.1
Ubuntu 12.04, 14.04, 16.04, 18.04,
18.04.3, 19.04, 20.04
Amazon Linux AMI 2018.3, AM2
Oracle Linux 6.10, 7.6
To learn more about FireEye, visit: www.FireEye.com

FireEye, Inc. About FireEye, Inc.

601 McCarthy Blvd. Milpitas, CA 95035 FireEye is the intelligence-led security company. Working as a
408.321.6300/877.FIREEYE (347.3393) seamless, scalable extension of customer security operations, FireEye
[email protected] offers a single platform that blends innovative security technologies,
nation-state grade threat intelligence and world renowned
Mandiant® consulting. With this approach, FireEye eliminates the
© 2020 FireEye, Inc. All rights reserved. FireEye is a registered trademark
complexity and burden of cyber security for organizations struggling
of FireEye, Inc. All other brands, products, or service names are or may be to prepare for, prevent and respond to cyber-attacks.
trademarks or service marks of their respective owners.