Installing The UTMStack Server
This installation guide provides instructions to perform the UTMStack installation on Ubuntu 20.04 LTS.
Resources for Master
|❗ Minimum Resources Requirements|
- MINIMUM REQUIRED for non-prod environments: 6 Cores, 8 GB of RAM, 20GB Disk Space (Minimum requered)
- For 100 GB of live logs: 6 Cores, 12 GB RAM, 180 GB Disk Space
- For 1000 GB of live logs: 16 Cores, 32 GB RAM, 1080 GB Disk Space
- For 10000 GB of cold data and 1000GB of live logs: 16 Cores, 32 GB RAM, 11080 Disk Space
- For 10000GB of live logs: A cluster of 10 servers with 16 Cores, 32 GB RAM, 1080GB Disk Space
Resources for Probe or Proxy server
- 50 GB Disk Space for system.
- 4 Cores.
- 8 GB of RAM. (The master can act as probe if a proxy is not used)
Open the following input ports on the master for access from the probe/proxy.
50051/TCP and 5044/TCP (Used to send logs)
5432/TCP and 9200/TCP (Used to data access. These ports must be closed from any other source, for security, only probes can reach these ports)
Open the following input ports on the probe/proxy for access from the master.
9390/TCP and 8888/TCP (Used to connect with the vulnerabilities scanner)
5000/TCP and 8000/TCP (Used to connect with the assets discovery service)
Open the following input ports for internet access to the master:
9999/TCP (Used to connect Zapier to UTMStack)
1194/TCP (Used to connect probe/proxy over the internet using VPN)
Open the following ports from agentless devices (firewalls, hypervisors, etc) to master or probe/proxy:
2055/UDP (Used to send Netflow packets)
514/UDP (Used to send syslog logs)
514/TCP (Used to send syslog logs)
Open the following ports on the master for agents communication with master or probe/proxy:
5044/TCP (Used to send logs)
1514-1516/TCP (Used for HIDS agent communications)
1514-1516/UDP (Used for HIDS agent communications)
55000/TCP (Used for HIDS management API)
23949/TCP (Used for connecting to the probe API)
Open port 443 for accessing the UTMStack Web console.
- Update packages list: apt update
- Install WGET and NET-TOOLS: apt install wget net-tools
- Download the latest version from https://github.com/UTMStack/installer/releases (You can use
# wget [URL]to download the installer directly to the server)
- Set execution permissions with
# chmod +x installer
Install using Terminal User Interface
- Execute the installer without parameters:
Install using the parameterized mode
You can replace the markups of the next examples by real values in order to use the parameterized mode to install UTMStack Master or Probe.
# ./installer master --datadir "/example/dir" --db-pass "ExAmPlEpaSsWoRd" --fqdn "server.example.domain" --customer-name "Your Business" --customer-email "email@example.com"
# ./installer probe --datadir "/example/dir" --db-pass "Master's DB password" --host "Master's IP or FQDN"
Once a UTMStack master server is installed, use admin admin as the default first time login user and password. Note: Use HTTPS in front of your server name or IP to access the login page.
|❗ Demo Environment|
To see a fully operating UTMStack environment access our demo at: https://utmstack.com/demo
Watch this short 10 minutes installation video if you still have questions.