Page tree
Skip to end of metadata
Go to start of metadata

This documentation page is no longer maintained and may contain obsolete information.

On this page:

Target audience:

Security Officers

Secured deployment – an introduction

Note that securely deploying CAST AIP is highly recommended whatever the size of your deployment, however, if you do not require a highly secure deployment, you can simply follow the Installing CAST AIP section.

This section of the cookbook provides IT infrastructure experts with the information they need to plan a secure deployment of the CAST Application Intelligence Platform.

The CAST Application Intelligence Platform (AIP) can be deployed either:

  • On-site: customers purchase classic software licenses and install and operate CAST AIP on their own infrastructure.
  • Managed Services: customers purchase services from CAST (or a service provider) to run analyses. They provide source code of their applications to CAST, and CAST publishes dashboards to access results.

 For both of these deployments, the same secure architecture can be used, except for some specific configuration settings. For example:

  • Network configuration (proxies, firewalls…)
  • Authentication and security rules (datacenters, virtualized desktops, secured workstations, authentication systems…)

This document provides information about implementing the most highly secure deployment.

Secured deployment architecture summary

The following digram shows the recommended layout for the various CAST AIP components using two distinct groups: Front Office and Back Office:

Front Office

These Front Office components are deployed on a specific network area (private cloud, …) which is accessed:

  • by consumers/Delivery Managers: all these users access resources through https and must be authenticated and have privileges on the corresponding applications. They use browser based dashboards to investigate the analysis and snapshot data or they query results using RestAPIs.

  • by CAST-users: all these users access resources via Client/Server (C/S) tools installed by the CAST AIP setup on a Windows machine and published as a XenApp application. The configuration is described below in Back Office.

Deployment process

Please see Front Office deployment.

Back Office

In the Back Office, there are two groups of users that require access to the resources:

  • CAST Platform Admins: Installation and upgrade of CAST components
  • CAST AI Admins: Configuration of the platform to produce the results

Deployment process

Please see Back Office deployment.

  • No labels