Hardware and operating system requirements

This article describes the minimum hardware and operating system requirements your endpoints need for EDR and its related applications to perform properly.

EDR agent

The Datto EDR platform uses software agents to record and remotely store system-level behaviors of your endpoints. An endpoint security agent must be deployed to each endpoint that you want monitored and protected.

To use the Datto EDR, Datto AV, Ransomware, and Rollback and File Recovery functionality, there is no additional agent deployment required on your part. You only need to associate and configure the Datto EDR, Datto Antivirus and/or Ransomware Detection policy with the desired devices. Then, the endpoint security agent will take care of installing any required agents or enabling the functionality.

Each functionality has its own minimum operating system requirements for which your endpoints must comply.

Hardware requirements

You can successfully run any combination of Datto EDR, Datto AV, Ransomware Detection, and Rollback and File Recovery with the following minimum hardware requirements.

RAM: 4 GB
CPU: Quad-core
Disk: 4 GB free space

Individual components can function with a minimum of 2 GB RAM, dual-core CPU, and 2 GB of free disk space. However, it is recommended you use the higher specifications above to avoid resource issues that can occur when running monitoring, scanning, and detection security services.

Supported operating systems

The minimum operating system requirements for each application are specified below.

Application	Windows	Mac	Linux
Datto EDR	Workstation: Win 10 (Home, prod, education, and enterprise) and above. Server: 2012 and 2012 R2 32 and 64-bit and above. IMPORTANT: The EDR agent may run on older Windows versions. However, you may encounter installation or upgrade issues due to legacy operating systems not containing required DLLs or other files supported by current versions of Windows. If the EDR agent cannot be upgraded to the latest release because of the Windows version on the endpoint, the EDR/AV support team will not be able to assist.	macOS X El Capitan and above.	32 and 64-bit systems that contain systemd, system/init.d. IMPORTANT: The agent supports Linux distributions that are actively maintained by their official vendors or associated communities. To be eligible for support, the operating system must be within its official maintenance lifecycle and continue to receive regular security updates and patches. Distributions that have reached End-of-Life (EOL) or End-of-Support (EOS) and are no longer receiving security updates are not supported.
Datto AV	Current Installer: Workstation: Win 10 21H2 (Home, prod, education, and enterprise) and above. Server: 2016 with Azure Code Signing (ACS) 21H2 and above. See the Datto AV considerations section below.	macOS version 13 (Ventura) and above. DNS Secure is not supported on macOS. IMPORTANT: For Datto AV to successfully quarantine threats across all file path locations on macOS, Full Disk Access (FDA) must be enabled. See How do I enable Full Disk Access on macOS?	N/A
Ransomware Detection	Workstation: Win 10 (Home, prod, education, and enterprise) and above. Server: 2012 and 2012 R2 32 and 64-bit and above.	N/A	N/A
Ransomware Rollback	Workstation: Win 10 (Home, prod, education, and enterprise) and above. Server: 2012 and 2012 R2 32 and 64-bit and above.	N/A	N/A

Datto AV considerations

The Datto AV legacy installer (for Windows Server 2012 R2 and earlier) will automatically enable Windows Firewall. This behavior should be considered before deploying to legacy Windows systems. Requirements for using the legacy installer include: the server must be running Windows Server 2012 or later, Azure Code Signing must be enabled, and all Windows patches must be fully up to date.
Currently, Datto AV is not supported on hosts using FSLogix for roaming user profiles in virtual desktop environments due to compatibility conflicts. It is recommended you create a Windows Defender policy and apply it to those devices. Refer to the article, Leveraging Microsoft Defender Antivirus with Datto EDR.
Datto AV updates may time out in high‑latency environments. Timeouts occur when either of the following thresholds is exceeded:
- Download duration exceeds 180,000 ms.
- Connection to the download endpoint exceeds 30,000 ms.
  
  For devices operating in high‑latency conditions, we recommend applying Datto AV updates on demand using the force‑update command-line option if automatic updates fail due to latency: agent.exe datto-av --force-update

Revision	Date
Edited Datto EDR: Linux Important note.	4/17/25
Added Important for Ransomware Detection, Rollback: Not supported on Windows devices using ARM based processors.	5/1/25
Datto AV - added Important: Currently, Datto AV is not supported on hosts using FSLogix for roaming user profiles...	5/9/25
Added section Datto AV Considerations.	6/2/25
Datto AV Considerations: Added bullet: Code Integrity Signing Levels.	6/26/25
Datto AV Considerations: Added bullet: Removing Windows Defender.	7/2/25
Datto AV Considerations: Deleted bullets: By default, Datto DNS Secure blocks UDP traffic..., and Starting with Windows 8.1, Microsoft introduced Code Integrity Signing Levels...	9/5/25
Datto AV considerations: Deleted bullets: By default, Datto DNS Secure blocks UDP traffic on ports 80 and 443 to disable the HTTP/3 QUIC protocol... Starting with Windows 8.1, Microsoft introduced Code Integrity Signing Levels as part of the Protected Process framework...	10/7/25
Datto AV considerations: Added Datto AV updates may time out in high‑latency environments.	1/20/26
AV for mac: Added IMPORTANT: Full disk access must be enabled on macOS.	2/27/26
Removed content stating AV, ransomware detection, and ransomware rollback not supported on Windows ARM based processors. Datto AV: Added DNS Secure is not supported on macOS.	4/23/26
Datto AV considerations: Deleted redundant Datto AV legacy installer bullet.	5/8/26
Linux: Edited to 32 and 64-bit systems that contain systemd, system/init.d - deleted Upstart.	5/12/26

	Need help? Submit a Kaseya Helpdesk request.
	Want to talk about it? Head over to Kaseya Community.
	Have a new feature idea? Visit the Kaseya Ideas portal.
	Provide feedback for the Documentation team.