Workstations
- Windows XP SP3 (32-bits)
NOTE: Installation on Windows XP requires a computer with cache role assigned. For more information, see this Knowledge Base article. - Windows Vista (32-bits and 64-bits)
- Windows 7 (32-bits and 64-bits)
- Windows 8 (32-bits and 64-bits)
- Windows 8.1 (32-bits and 64-bits)
- Windows 10 (32-bits and 64-bits)
- Windows 11 (64-bits)
Supported from Adaptive Defense 360 Windows protection version 8.00.19.0000.
Computers with an ARM microprocessor
- Windows 10 Pro and Home
- Windows 11 Pro and Home (from Adaptive Defense 360 Windows protection version 8.00.19.0010.)
Note that all the product's features work in ARM, except for some Patch Management and anti-exploit functionalities.
Servers
- Windows 2003 (32-bits, 64-bits and R2) SP2 and later
- Windows 2008 (32-bits and 64-bits) and 2008 R2
- Windows Small Business Server 2011, 2012
- Windows Server 2012, 2012 R2
- Windows Server 2016 and 2019
- Windows Server Core 2008, 2008 R2, 2012 R2, 2016, 2019 and 2022
- Windows Server 2022 (64-bits)
Supported from Adaptive Defense 360 Windows Protection version Windows 8.00.19.0000. - Windows Server 2025
NOTE: In Windows XP and Windows 2003 systems, IE7 or higher is required for the Advanced Protection to work.
IoT and Windows Embedded Industry
NOTE: Windows Embedded systems allow custom installations that could possibly impact the installation and working of the Panda protections. After you install the different protection modules, we recommend that you verify that they work correctly.
- Windows XP Embedded
- Windows Embedded for Point of Service
- Windows Embedded POSReady 2009, 7, 7 (64-bits)
- Windows Embedded Standard 2009, 7, 7 (64-bits), 8, 8 (64-bits),
- Windows Embedded Pro 8, 8 (64-bits)
- Windows Embedded Industry 8, 8 (64-bits), 8.1, 8.1 (64-bits)
- Windows IoT Core 10, 10 (64-bits)
- Windows IoT Enterprise 10, 10 (64-bits)
Hardware requirements
- Processor: CPU with x86 or x64 architecture and with support of at least SSE2
- Pre-checks before the installation
Verify that the processor meets the requirements:
-
- Download tool CPU-Z and run it on the computer where you want to install.
- CPU-Z will display the following, depending on whether the processor is supported or not:
Processor VALID for the installation:
Processor NOT VALID for the installation:
- RAM: 1 Gb
- Free space disk for the installation: 650 Mbytes
Root Certificates
Panda solutions require SHA-256 encryption algorithms in order to ensure secure communication between the endpoint and the Panda servers. However, certain operating systems, such as Windows XP SP3 and Windows 2003, do not include such certificates and ciphering methods by default. To solve this issue, please ensure the following Microsoft's KBs are installed:
- KB948963
This KB adds support for the Windows Server 2003 cipher suites TLS_RSA_WITH_AES_128_CBC_SHA AES128-SHA and TLS_RSA_WITH_AES_256_CBC_SHA AES256-SHA AES. If it is not installed, please download the x64 or the x32 version accordingly. To check availability of these packages, see the Microsoft catalog.
IMPORTANT! Please note that the download files are not hosted on a Microsoft official server as it is no longer supported. Should you require them in any other language, please contact Microsoft. - KB3072630
This KB verifies the digital signature of the Panda installation packages and their corresponding files. If the computer does not have this KB, download it from here and install it.
IMPORTANT! The installation requires restarting the computer. - KB3033929
This KB adds SHA 256 support for Windows 7 and 2008. If it is not installed, download the x64 or x32 version from here. - KB4474419
Adds Support to SHA-2 for Windows 7 + SP1 y Windows 2008 R2 + SP1. Access this link to download it. - KB4490628
Adds Support to SHA-2 for Windows 7 + SP1 y Windows 2008 R2 + SP1. Access this link to download it.
Once the KBs mentioned above are installed, download and run the PSInfo Check Certificates tool available from PSInfo.
If this continues failing, use the psexec tool to update the SYSTEM account certificate container.
Example: psexec.exe -s -i CertCheck.exe
X32 https://live.sysinternals.com/PsExec.exe
X64 https://live.sysinternals.com/PsExec64.exe
In Citrix environments we recommend running CertCheck.exe with the psexec tool.
- Rootsupd
Microsoft tool to update the computer's certificates. It has been withdrawn from the download site because Windows XP is no longer supported, so use it under your responsibility and preferably on a test box before you deploy it to more computers. Contact Microsoft for help if you have any questions.
Download rootsupd, unzip the file (password panda) and run the rootsupd.exe file.
NOTE: We strongly recommend to verify that the operating system does not block the execution of the rootsupd.exe file. To do so, go to the Properties of the file and unblock the file.
Communications TLS 1.2
For communications through TLS 1.2 protocol, ciphers TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 and TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 are required.
For further information, check this article.
NOTE: Windows 2008 R2 does not support TLS 1.2 natively, only by installing a patch available for certain winHTTP protocols. See article Update to enable TLS 1.1 and TLS 1.2 as default secure protocols in WinHTTP in Windows for further details.
Related articles