System Requirements and Firewall Exceptions

In order to have a good experience using the HEIMDAL Security products, we recommend you take a look at the following requirements and configure your environment accordingly.

1. Supported Architecture and OS
2. Requirements
3. IP Addresses and Ports
4. Exclusions

Supported Architectures and OS

The HEIMDAL Agent is developed on the 32-bit architecture and can be installed on computers/devices with the following Architectures:

• x86
• x64
• ARM

The HEIMDAL Agent can be installed on computers/devices running the following Operating Systems:

Windows

• Windows 8 (64-bit) - Support for Windows 8 32-bit stopped being offered on the 31st of March 2022;
• Windows 8.1 (64-bit) - Support for Windows 8.1 32-bit stopped being offered on the 31st of March 2022;
• Windows 10 (32 and 64-bit) - Support for Windows 10 32-bit stopped being offered on the 31st of March 2022;
• Windows 11 (64-bit);
• Windows Server 2008 R2 - Support for Windows Server 2008 R2 stopped being offered on the 31st of March 2022;
• Windows Server 2012/2012 R2 (32 and 64 bit) - Support for Windows Server 2012/2012 R2 32-bit stopped being offered on the 31st of March 2022;
• Windows Server 2016 (32 and 64-bit) - Support for Windows Server 2016 32-bit stopped being offered on the 31st of March 2022;
• Windows Server 2019 (32 and 64-bit) - Support for Windows Server 2019 32-bit stopped being offered on the 31st of March 2022;
• Windows Server 2022 (64-bit);

macOS

• macOS 10.15 (Catalina);
• macOS 11 (BigSur);
  
• macOS 12 (Monterey);
• macOS 13 (Ventura) and above.

Linux

• Ubuntu 18.04 LTS
• Ubuntu 20.04 LTS
• Ubuntu 22.04 LTS

Android

• Android Marshmallow (6.x)
• Android Nougat (7.x)
• Android Oreo (8.x)
• Android Pie (9)
• Android 10
• Android 11
• Android 12
• Android 13

Requirements

Windows

• Microsoft .NET Framework 4.6.1 (for the HEIMDAL Agent version up to 3.6.4) and Microsoft .NET Framework 4.8 or above (starting with HEIMDAL Agent version 3.7.0 RC);
• Up to 640 MB of disk space;
• At least 250 MB RAM;
• At least 3% of CPU usage when blocking a domain, up to 10% when opening the Heimdal™ Agent, and up to 40% during a scan;
• Local administrator or domain administrator permissions (if the computer is domain-joined) during the installation process;
• User permissions during execution;
• Internet access with the following ports open to traffic: port 53 (to apply the DarkLayer Guard DNS 127.7.7.x), port 443 (to filter traffic over https);
• The HEIMDAL Agent uses the following ports internally: 80 (Custom Block Page), 8001 (Application Control), 57127 (Peer2Peer).
• The HEIMDAL Threat Prevention Network Log Agent uses port 443.
• The Heimdal RD Viewer uses remote port: 7615. 

macOS

• At least 400 MB of disk space;
• At least 4 GB of RAM;
• Administrator permissions during the installation process;
• Manual approval of the TPE DNS Extension (for OSs older than Ventura);
• Internet access with the following ports open to traffic: port 53, port 443 (to filter traffic over https);

Linux (Ubuntu)

• Microsoft .NET 6 Framework
• At least 50 MB of disk space;
• At least 4 GB of RAM;
• sudo permissions during the installation process;
• The Heimdal Agent requires the following prerequisites: curl, unzip, gnupg, lsb-release, netcat and ca-certificates;
• Internet access with the following port open to traffic: port 443;
• (The HEIMDAL Agent is not supported on Red Hat Enterprise Linux at this time, but we are working on making it support these as well).

IP Addresses and Ports

By default, Windows Defender Firewall doesn't block the HEIMDAL Agent, but if you are behind a firewall or a proxy, the HEIMDAL Agent needs to be able to communicate with the following domains/IP Addresses:

• heimdalsecurity.com with remote port 443
• dashboard.heimdalsecurity.com with remote port 443
• rc-dashboard.heimdalsecurity.com with remote port 443
• coreservice.heimdalsecurity.com with remote port 443
• rc-coreservice.heimdalsecurity.com with remote port 443
• logagent-api.heimdalsecurity.com with remote port 443
• vigilance-update.heimdalsecurity.com with remote port 443
• prodcdn.heimdalsecurity.com with remote port 443
• heimdalprodstorage.blob.core.windows.net with remote 443
• rc-appcontrol.heimdalsecurity.com with remote port 443
• appcontrol.heimdalsecurity.com with remote port 443
• mailsentry.heimdalsecurity.com with remote port 443
• rc-mailsentry.heimdalsecurity.com with remote port 443
• blockedbyheimdalsecurity.com with remote port 443
• heimdalrd.heimdalsecurity.com with remote 443
• heimdalrd.islonline.net with remote 443
• 52.236.138.33 (dashboard.heimdalsecurity.com / rc-dashboard.heimdalsecurity.com / heimdalrd.heimdalsecurity.com)
• 20.31.148.77 (HEIMDAL PROD/RC Core Service - West Europe)
• 40.87.128.228 (HEIMDAL PROD/RC Core Service - UK)
• 40.121.66.93 (HEIMDAL PROD/RC Core Service - US)
• 52.172.28.76 (HEIMDAL PROD/RC Core Service - India)
  
• 40.119.146.250 (HEIMDAL PROD/RC Core Service)
• 52.140.46.52 (TPE - Full logging - India)
• 40.87.154.237 (TPE - Full logging - North Europe/UK)
• 40.117.169.91 (TPE - Full logging - US)
• 40.68.157.46 (TPE - Full logging - West Europe)
• 20.71.146.235 (rc-appcontrol.heimdalsecurity.com / appcontrol.heimdalsecurity.com)
• 13.95.20.191 (mailsentry.heimdalsecurity.com / rc-mailsentry.heimdalsecurity.com) 
• 52.166.12.23 (blockedheimdalsecurity.com / notblockedheimdalsecurity.com)
• 168.63.8.217 (vigilance-update.heimdalsecurity.com)
• 3.68.42.215 (logagent-api.heimdalsecurity.com)
• 3.122.156.8 (logagent-api.heimdalsecurity.com)
• 3.75.56.71 (logagent-api.heimdalsecurity.com)
• 91.217.255.149 (*.islonline.net)
• 152.199.21.175
• 195.201.56.244 (heimdalrd.islonline.net)
• 34.199.41.164 (prod-hs-fp-73.islonline-host.com), ports 443 and 32000
• 3.10.96.46 (prod-hs-fp-74.islonline-host.com), ports 443 and 32000
• 52.79.161.130 (prod-hs-fp-75.islonline-host.com), ports 443 and 32000
• 18.228.174.205 (prod-hs-fp-76.islonline-host.com), ports 443 and 32000
• 54.168.70.86 (prod-hs-fp-77.islonline-host.com), ports 443 and 32000
• 188.34.155.85 (prod-hs-fp-78.islonline-host.com), ports 443 and 32000
• 45.79.182.178 (prod-hs-fp-79.islonline-host.com), ports 443 and 32000

In order for HEIMDAL Email Security to be able to deliver emails to and from your mail environment, you need to add the following IP Addresses as Trusted IPs. Also, verify your firewall settings and allow SMTP from the IP Addresses below (Port 25 for SMTP traffic):

• 20.50.183.144 (eu-esec-01.heimdalsecurity.com)
• 20.50.183.146 (eu-esec-01.heimdalsecurity.com)
• 20.50.183.145 (eu-esec-02.heimdalsecurity.com)
• 20.50.183.147 (eu-esec-02.heimdalsecurity.com)
• 20.50.183.148 (eu-esec-outbound.heimdalsecurity.com)
• 20.50.183.149 (eu-esec-outbound.heimdalsecurity.com)
• 20.50.183.150 (eu-esec-backup.heimdalsecurity.com) 
• 20.50.183.151 (eu-esec-backup.heimdalsecurity.com) 
• 20.88.177.217 (us-esec-01.heimdalsecurity.com)
• 20.88.177.218 (us-esec-01.heimdalsecurity.com)
• 20.88.177.217 (us-esec-02.heimdalsecurity.com)
• 20.88.177.218 (us-esec-02.heimdalsecurity.com)
• 20.88.177.208 (us-esec-outbound.heimdalsecurity.com)
• 20.88.177.209 (us-esec-outbound.heimdalsecurity.com)
• 172.166.114.48 (uk-esec-01.heimdalsecurity.com)
• 172.166.114.49 (uk-esec-01.heimdalsecurity.com)
• 172.166.114.48 (uk-esec-02.heimdalsecurity.com)
• 172.166.114.49 (uk-esec-02.heimdalsecurity.com)
• 172.166.114.50 (uk-esec-outbound.heimdalsecurity.com)
• 172.166.114.51 (uk-esec-outbound.heimdalsecurity.com)