APPRENDA CLOUD PLATFORM

ENVIRONMENT HARDENING GUIDE

Compatible with platform version 7.1.0+

Purpose of this Document

In order to ensure the availability, confidentiality, and integrity of data and services pertaining to the Apprenda Cloud Platform and guest applications deployed to the Platform, additional controls and procedures should be applied to Platform environments that are traditionally outside of the operational control of the Platform itself. By applying additional controls to server and network file systems, cryptographic settings, and network communication paths, you can properly give users and service control over essential functions and access points, while preventing access to nonessential privileges.

All security controls and procedures outlined in this document should be treated as “guidelines”, which refer to general rules and best practices for securing an ACP instance and environment as endorsed by Apprenda, Inc. When an ACP instance is deployed to an Apprenda customer-owned data center, and the Platform is operated and maintained by the customer, the customer can apply additional security controls that do not interfere with Platform operations. This document serves as a reference for Platform owners, Operators, and system administrators that want to provide further security controls to their environments and infrastructure.

Contents

• Hardening Guidelines
• Additional Documentation