Host Requirements¶
The NodeZero host acts as the foundation for Horizon3.ai’s autonomous penetration testing solution, serving as the launch point for security assessments. We strongly recommend a Linux-based system (e.g., Ubuntu), though Windows with Docker has been used successfully.
Position the host within the network segment where you want pentesting to start. Ensure the host is powered on during setup, deployment, and testing to download and run NodeZero. You may shut it down or remove it post-operation.
For Alternative Operating Systems¶
Contact the Horizon3.ai team to assess compatibility. While most distributions should work, we’ve only validated a subset, and support may be limited for untested systems.
Requirements¶
To manually set up a NodeZero host, your system must meet at least the minimum specifications below:
| Requirement | Minimum | Recommended |
|---|---|---|
| Operating System | Ubuntu 20.04 LTS or later, RHEL 9+ | Same as minimum If running NodeZero on an operating system not listed, Horizon3.ai will not be able to provide support in the event an issue arises. |
| CPU | 2 cores | 4 cores for optimal performance |
| RAM | 8 GB | 16 GB or more for heavy workloads |
| Storage | 40 GB free disk space | 80 GB SSD preferred for faster I/O |
| Network | Stable internet connection and internal network access from the host | Same as minimum |
| Software | Git, bash | Same as minimum |
| Container Runtime | Docker >= 20.10 or Podman >= 4.0 | Same as minimum |
| NFS Client | Required only for test portion that attacks an NFS mount. Omission will not block remainder of the test. | Install NFS Client library For Ubuntu, this library is nfs-common. |
EDRs on NodeZero Host
Do not install or configure any EDR (Endpoint Detection and Response) services on the NodeZero host. EDRs are known to disable NodeZero once they detect the deliberately malicious actions that our tests conduct. To get a complete test of your overall environment, NodeZero attacks must launch from the host machine unimpeded.
Scaling Larger Deployments¶
The minimum and recommended requirements above perform well for testing up to about 5,000 assets.
| Scale | Deployment Scenario | Typical IP/Asset Count | Host Configuration |
|---|---|---|---|
| Small | Single site or simple flat/segmented network | < 5,000 assets | 1 NodeZero host with 2–4 cores, 8–16 GB RAM, and 40–128 GB storage |
| Medium | Multi-site or multi-VLAN environments; hosts could be split by site or business unit | 5,000–20,000 assets | 1–2 NodeZero hosts; per host: 2–4 cores, 16 GB RAM, and 128 GB storage |
| Large | Multi-region, multi-site; plan this architecture with Horizon3.ai Customer Success | 20,000+ assets | Multiple NodeZero hosts (per site/region); per host: 4 cores, 16–32 GB RAM, and 128+ GB storage |
Notes:
-
These are basic configurations for each scenario. Depending on network configuration, more resources might be required.
-
Adding cores increases how many instances of each attack NodeZero can leverage at once. It does not directly accelerate processing speed per instance.