Download PDF
Download page Cisco Secure Application Requirements.
Cisco Secure Application Requirements
This page describes the requirements, supported environments, and versions supported by the Cisco Secure Application.
Cisco and AppDynamics and its products are not affiliated with Google or Google products. All references to Google products herein are for informational purposes only and Google retains all rights in all Google product names, logos, marks, and other trademarks.
Software Requirements
The Cisco Secure Application capabilities are integrated with these APM Agents:
Java APM Agent
The Java APM Agent with Cisco Secure Application works on the following platforms:
- Operating Systems - AIX, Linux, and Windows
- Containers - All major container systems
- Languages - Java versions 8 to 16, inclusive, Oracle, OpenJDK, Azul, and IBM
- Application Framework Support - All major frameworks such as Spring (see Java Supported Environments)
- Application Server Platform Support - All major Application Servers (see Java Supported Environments)
- User Permissions - The user under which the JVM runs must have write privileges to the Cisco Secure Application extension directory (
<JAVA_AGENT_HOME>/ver<VERSION>/external-services/argentoDynamicService/). For more information on Java Agent installation requirements, see Install the Java Agent.
Review Install App Server Agents for instructions and guidance. AppDynamics provides an Agent Installer that simplifies the agent installation process and streamlines the deployment of Java and Machine Agents.
The Cisco Secure Application capabilities are integrated only with Java Agent JDK8+. The Java Agent Legacy does not support Cisco Secure Application. Ensure the following points to check if you have installed the correct agent:
- The Java Agent JDK8+ install directory includes
1.8in the directory name, for example,AppServerAagent-1.8-22.6.0. - The
argentoDynamicServicefolder is listed underexternal-services.
.NET APM Agent
The .NET Agent with Cisco Secure Application works on all frameworks that the .NET Agent instruments. To view the full list, see .NET Supported Environments and its Limitations.
Supported:
Reporting of vulnerability for .NET, and beta support for .NET Framework.
Reporting of Command Execution events.
Only process filtering policies are supported for this feature.
Azure Site Extension for Reporting of Command Execution events, and Vulnerability Reporting.
Not supported:
- Single file deployment for Vulnerability Reporting. This exception does not apply to Reporting Command Execution events.
Stack filtering for Command Execution events feature.
Node.js Agent
See Vulnerability Reporting on Node.js Agent.
Resource Utilization and Performance Impact
Within the Java Agent, the Cisco Secure Application capabilities require:
- Disk - 4 MB (install) and <15 mb (daily usage)
- Memory - consistently heap/mem usage should be 4-6 MB
- CPU - consistently < 1% - spikes < 5%
- Latency - consistently < 4-6 ms per transaction (average is lower) - spikes < 10ms
- Classes Instrumented: rules (12) classes (generally < 30 - based on implementations of some of the interface rules)
There is a negligible resource utilization with the .NET Agent. However, this may change based on the application usage.
Browser Requirements
Currently, Google Chrome is the supported browser for accessing Cisco Secure Application dashboard.
Before You Begin
To use Cisco Secure Application within the supported APM Agent, ensure:
- That you have met the preceding Cisco Secure Application Requirements.
- You have enough Cisco Secure Application licenses to cover the supported APM agent usage within the applications you plan on securing. To get a Cisco Secure Application license, contact the AppDynamics sales representative, or email salesops@appdynamics.com.
Controller >= 22.8.
Tip:
These versions reflect recommended minimum versions. We continually update our technology, so it's optimal to use the most recent agent version when possible.
Java Agent: Ensure that Java APM Agent >= 22.8 is installed and licensed. If you are using reverse proxy, ensure you configure properties to communicate from the APM Agent to the Controller. See Configure Properties to Use Reverse Proxy.
- .NET Core: Ensure that the .NET APM Agent >= 22.8 is installed and licensed.
- .NET Framework Agent: Ensure that the .NET APM Agent >= 22.11.0 is installed and licensed.
- You have successfully configured the supported APM Agent in your application environment.
Configure Properties to Use Reverse Proxy
Cisco Secure Application automatically interprets the APM agent setting for an HTTP Proxy server and uses the same server for communication between the agent and Controller. However, you must configure these settings for the APM agent to communicate with Controller through a reverse proxy:
- The reverse proxy configuration may change based on the reverse proxy solution that you use. Ensure that you use a pass-through reverse proxy to forward any requests containing
/argento-agent/v1orauth/v1/oauthto<tenant-name>.saas.appdynamics.com. - These steps are not applicable for the .NET Agent because the .NET Agent does not support reverse proxy.
- In the JVM, configure the reverse proxy details for Cisco Secure Application:
Specify the reverse proxy URL:
-Dargento.management.server.reverse.proxy.url=http://<reverse-proxy-host>:<reverse-proxy-port>/CODEHere, reverse-proxy-host and reverse-proxy-port are the hostname and port of the reverse proxy that will direct communications to the Controller.
Specify the domain:
-Dargento.management.server.add.headers=Host:<tenant-name>.saas.appdynamics.comCODEHere, tenant-name is the tenant name of the Controller.
In the JVM, configure these Cisco Secure Application system properties to use the reverse proxy:
Dargento.management.server.authentication.access.key-Dargento.management.server.authentication.access.key=<access-key>CODEHere, access-key is the access key specific to the tenant.
Dargento.management.server.authentication.user-Dargento.management.server.authentication.user=singularity-agent@<tenant-name>CODEHere, tenant-name is the tenant name of the Controller.