View Source

This page describes the requirements, supported environments, and versions supported by the Cisco Secure Application.

All references to Google products herein are for informational purposes only and Google retains all rights in all Google product names, logos, marks, and other trademarks.

Software Requirements

The Cisco Secure Application capabilities are integrated with these APM Agents:

Java APM Agent

The Java APM Agent with Cisco Secure Application works on the following platforms:

Operating Systems: AIX, Linux, and Windows
Containers: All major container systems
Languages: Java versions 8 to 16, inclusive, Oracle, OpenJDK, Azul, and IBM
Application Framework Support: All major frameworks such as Spring. See Java Supported Environments.
Application Server Platform Support: All major Application Servers. See Java Supported Environments.
User Permissions: The user under which the JVM runs must have write privileges to the Cisco Secure Application extension directory: <JAVA_AGENT_HOME>/ver<VERSION>/external-services/argentoDynamicService/. See Install the Java Agent.

Review Install App Server Agents for instructions and guidance. provides an Agent Installer that simplifies the agent installation process and streamlines the deployment of Java and Machine Agents. The Cisco Secure Application capabilities are integrated only with Java Agent JDK8+. The Java Agent Legacy does not support Cisco Secure Application. Ensure the following if you have installed the correct agent:

The Java Agent JDK8+ install directory includes 1.8 in the directory name, for example, AppServerAagent-1.8-22.6.0.
The argentoDynamicService folder is listed under external-services.

.NET APM Agent

The .NET Agent with Cisco Secure Application works on all frameworks that the .NET Agent instruments. To view the full list, see .NET Supported Environments and its Limitations.

Supported:

Reporting of vulnerability for .NET, and beta support for .NET Framework.
Reporting of Command Execution events. Only process filtering policies are supported for this feature.
Azure Site Extension for Reporting of Command Execution events, and Vulnerability Reporting.

Not supported:

Single file deployment for Vulnerability Reporting. This exception does not apply to Reporting Command Execution events.
Stack filtering for Command Execution events feature.

Node.js Agent

See Vulnerability Reporting on Node.js Agent.

Resource Utilization and Performance Impact

Within the Java Agent, the Cisco Secure Application capabilities require:

Disk - 4 MB (install) and <15 mb (daily usage)
Memory - consistently heap/mem usage should be 4-6 MB
CPU - consistently < 1% - spikes < 5%
Latency - consistently < 4-6 ms per transaction (average is lower) - spikes < 10ms
Classes Instrumented: rules (12) classes (generally < 30 - based on implementations of some of the interface rules)

There is a negligible resource utilization with the .NET Agent. However, this may change based on the application usage.

Browser Requirements

Currently, Google Chrome is the supported browser for accessing Cisco Secure Application dashboard.

Before You Begin

To use Cisco Secure Application within the supported APM Agent, ensure:

That you have met the preceding Cisco Secure Application Requirements.
You have enough Cisco Secure Application licenses to cover the supported APM agent usage within the applications you plan on securing. To get a Cisco Secure Application license, contact the sales representative, or email salesops@appdynamics.com.
Controller >= 22.8. These versions reflect recommended minimum versions. We continually update our technology, so it's optimal to use the most recent agent version when possible.
Java Agent: Ensure that Java APM Agent >= 22.8 is installed and licensed. If you are using reverse proxy, ensure you configure properties to communicate from the APM Agent to the Controller. See Configure Properties to Use Reverse Proxy.
.NET Core: Ensure that the .NET APM Agent >= 22.8 is installed and licensed.
.NET Framework Agent: Ensure that the .NET APM Agent >= 22.11.0 is installed and licensed.
You have successfully configured the supported APM Agent in your application environment.

Configure Properties to Use Reverse Proxy

Cisco Secure Application automatically interprets the APM agent setting for an HTTP Proxy server and uses the same server for communication between the agent and Controller. However, you must configure these settings for the APM agent to communicate with Controller through a reverse proxy:

The reverse proxy configuration may change based on the reverse proxy solution that you use. Ensure that you use a pass-through reverse proxy to forward any requests containing /argento-agent/v1 or auth/v1/oauth to <tenant-name>.saas.appdynamics.com.
These steps are not applicable for the .NET Agent because the .NET Agent does not support reverse proxy.

In the JVM, configure the reverse proxy details for Cisco Secure Application:
1. Specify the reverse proxy URL:
  -Dargento.management.server.reverse.proxy.url=http://<reverse-proxy-host>:<reverse-proxy-port>/
  Here, reverse-proxy-host and reverse-proxy-port are the hostname and port of the reverse proxy that will direct communications to the Controller.
2. Specify the domain:
  -Dargento.management.server.add.headers=Host:<tenant-name>.saas.appdynamics.com
  Here, tenant-name is the tenant name of the Controller.
In the JVM, configure these Cisco Secure Application system properties to use the reverse proxy:
1. Dargento.management.server.authentication.access.key
  -Dargento.management.server.authentication.access.key=<access-key>
  Here, access-key is the access key specific to the tenant.
2. Dargento.management.server.authentication.user
  -Dargento.management.server.authentication.user=singularity-agent@<tenant-name>
  Here, tenant-name is the tenant name of the Controller.