Architecture & Supported OS
Introduction
The Xshield agent is a low-impact software that can be installed on servers and endpoints running modern operating systems. The Xshield agent deploys and runs in user space, is not inline to traffic and does not make any kernel modifications. Below is a high-level architecture of the Xshield agent.
The Xshield agent consumes less than 1% CPU and 100MB of RAM, efficiently aggregates host and network metadata and compresses it by 1000x before transmission, ensuring minimal bandwidth usage.
The Xshield agent leverages a native OS filter and IP stack, ensuring minimal latency in packet processing and negligible impact to performance.
Firewal and Agent Resilience
Xshield agent will program computed rulesets into the OS native firewall. Rules will be in place indefinitely until a policy change occurs
Should the agent become unavailable or undergoing solution maintenance, the last known good rules remain in effect to provide continuous protection, ensuring a fail-safe architecture. In short, agent availability has zero impact to the security posture
Agent Platform
The agent software has two separate implementations:
- GoLang Implementation: Deployed on modern Linux and Windows operating systems
- C++ Implementation: Deployed on AIX, Solaris, and RHEL 6.x Operating Systems
Server Agents
Hardware Architecture Support
- Primary support for x86_64 (X86 64-bit architecture)
- ARM64 support for specific Linux versions, including AWS Graviton
- No support for:
- Windows 32-bit operating systems
- Solaris on SPARC hardware architecture
Supported Operating Systems
Linux Distributions
| Platform | Support | Notes |
|---|---|---|
| RHEL 4.x, 5.x | No | - |
| RHEL 6.x | WIP | Will be available in Q1 2025 (C++ Agent, iptables based) |
| RHEL 7.0, 7.1, 7.2 | No | nf-table support requires 4.x Kernel (available from 7.3) |
| RHEL ≥ 7.3 and < 8.0 | Yes* | *Only for vCloud machines. Not supported on Azure |
| RHEL 8.0 and above | Yes | Supported on both Azure and vCloud machines |
| CentOS 7.3 and above | Yes | - |
| Rocky Linux 8.x, 9.x | Yes | - |
| Oracle Linux 6.x, 7.x | Yes | - |
| Debian 7.7, 9 | Yes | - |
| Ubuntu 18, 20, 22, 24 | Yes | - |
| SUSE 12 | No | No support for nftables |
| SUSE 15 | Yes | - |
| Amazon Linux 2023 & 2 | Yes | Supported on Graviton |
| Huwaei Cloud Euler OS 2.0 | Yes | - |
Unix Systems
| Platform | Support | Notes |
|---|---|---|
| AIX 7.2, 7.3 | Yes | Support only on ppc6 and ppc8 |
| Solaris 11.0 (x86) | Yes | No support for Sparc architecture |
Windows Server
| Platform | Support | Notes |
|---|---|---|
| Windows Server 2003 | No | No support for WFP |
| Windows Server 2008 Enterprise | No | No support for WFP |
| Windows Server 2008 R2, 2008 Standard | Yes | - |
| Windows Server 2012, 2016, 2019, 2022, 2025 | Yes | - |
User Agents
The XShield 3.0 agent is available for modern user operating systems; however, it does not support Linux-based user distributions.
MacOS Support
- Available for both x86_64 and arm64 (M1/M2) processors
- Minimum supported OS version: MacOS 11
Supported Desktop Operating Systems
| Platform | Support | Notes |
|---|---|---|
| Windows 7 and below | No | No future support planned |
| Windows 10 and above | Yes | 64-bit support only |
| MacOS 11 and above | Yes | Supports both x86_64 and arm64 |