Additional Topics on

Memory Usage of the AP .Net

Mon, 01 Jan 0001 00:00:00 +0000

Using the Sample .Net Application to Test Memory Usage for Policies

This article provides information about memory requirements of the AP .Net. A sample .Net application is provided below. It can be used to test the memory requirements of policies of various sizes. Results of that testing are based on the memory usage of a single instance of a .Net process, excluding LogForwarder and RP Agent.

Sample application

The following is a sample .Net application.

Setting Up AP .Net Mock on Windows in a Development Environment

Mon, 01 Jan 0001 00:00:00 +0000

This section describes how to install Application Protector (AP) .Net on a Windows platform for development purposes.

Note: The Log Forwarder and RP Agent should not be installed in a development environment.

Verifying prerequisites

Ensure that the following prerequisites are met:

A supported version of .NET Standard 2.0 is installed on the machine.

Extracting the AP .Net Setup Scripts and Package

To extract the setup scripts and package:

Download the ApplicationProtector_WIN-ALL-64_x86-64_NET-STD-2.0-64_<version>.zip file to any location on the machine where you want to install the protector.
Extract the contents of the ApplicationProtector_WIN-ALL-64_x86-64_NET-STD-2.0-64_<version>.zip file.
The following setup files are extracted:
- ApplicationProtector_WIN-ALL-64_x86-64_NET-STD-2.0-64_<version>.zip
- signatures/ApplicationProtector_WIN-ALL-64_x86-64_NET-STD-2.0-64_<version>.zip_10.0.sig
Verify the digital signature of the signed AP .Net build.
For more information about verifying the signed AP .Net build, refer to Verification of Signed Protector Build.
Extract the contents of the AP .Net installation package again.
The following setup files are extracted:
- LogforwarderSetup_Windows_x64_<version>.exe
- RPAgentSetup_Windows_x64_<version>.exe
- APDotNetSetup_Windows_x64_<version>.exe
- APDotNetMockSetup_Windows_x64_<version>.exe

Installing AP .Net Mock on Windows in a Development Environment

This section describes how to install AP .Net Mock on a Windows platform for development purposes.

DevOps Approach for Application Protector

Mon, 01 Jan 0001 00:00:00 +0000

Note: The DLL file creation is supported only by .NET Core 8.0 and .NET Core 9.0. The .NET application can be run by using any supported versions.

The DevOps approach enables immutable package deployment. It uses a REST API call to download packages from the ESA in an encrypted format.

Note: The RP Agent should not be installed for immutable package deployments using DevOps.

For more information about package deployment approaches, refer to Resilient Package Deployment.

Application Protector API Return Codes

Mon, 01 Jan 0001 00:00:00 +0000

When an application is developed using the APIs of the Protegrity Application Protector Suite, you may encounter the Application Protector API Return Codes. For more information about log return codes, refer to Log return codes.

Sample Log for AP Return Codes

The following is a sample log generated in Discover on the Audit Store Dashboards in ESA.

Protection audit logs are stored in the Audit Store. Select the pty_insight_*audit* index to view the protection logs.

Config.ini file for Application Protector

Mon, 01 Jan 0001 00:00:00 +0000

The Application Protector can be configured using the config.ini file. By default, this file is located in the <installation directory>/sdk/<protector>/data/ directory.

The various configurations required for setting up the Application Protector are described in this section.

Sample config.ini file

The following represents a sample config.ini file.

# -----------------------------
# Protector configuration
# ----------------------------- 
[protector]

# Cadence determines how often the protector connects with shared memory to fetch the policy updates in background.
# Default is 60 seconds. So by default, every 60 seconds protector tries to fetch the policy updates.
#
# Default 60.
cadence = 60

# The time during which a session object is valid. Default = 15 minutes.
session.sessiontimeout = 15

###############################################################################
# Log Provider Config
###############################################################################
[log]

# In case that connection to fluent-bit is lost, set how audits/logs are handled
# 
# drop : (default) Protector throws logs away if connection to the fluentbit is lost
# error : Protector returns error without protecting/unprotecting 
# data if connection to the fluentbit is lost
mode = drop

# Host/IP to fluent-bit where audits/logs will be forwarded from the protector
#
# Default localhost
host = localhost

Different configurations for Application Protector

The following are the various configurations:

Multi-node Application Protector Architecture

Mon, 01 Jan 0001 00:00:00 +0000

The multi-node Application Protector (AP) architecture, its individual components, and how logs are collected using the Log Forwarder are described in this section.

The following figure describes the multi-node AP architecture.

For example, some AP nodes are connected to an ESA, which includes the Audit Store component. Each AP node contains a Log Forwarder, RP Agent, and AP instance for sending logs to the ESA.

Protector: The AP can be configured using the config.ini file.
For more information about the configurations, refer to Config.ini file for Application Protector.

Uninstalling the Application Protector

Mon, 01 Jan 0001 00:00:00 +0000

This section provides step-by-step instructions to uninstall Application Protector .Net (AP .Net) and its associated components from a Windows platform.

Uninstalling the Log Forwarder

Follow these instructions to uninstall the Log Forwarder.

Before you begin

To preserve all the configurations during an upgrade, ensure that all the files present under the C:\Program Files\Protegrity\logforwarder\data\config.d directory are backed up.
Close all AP .Net files and folders.

Instructions

For more information about uninstalling the Log Forwarder, refer to Uninstalling Log Forwarder on Windows.