You can deploy the App Control server within different cloud environments. Carbon Black already supports the product deployment on Amazon Web Services, Microsoft Azure, and Google Cloud.

You can deploy App Control to other cloud providers however, we are still in the process of validating the deployment with our own internal testing. We provide the best level of effort in supporting customers when deploying to these cloud services, but we cannot guarantee success. If provisioned cloud storage is validated with the CBPTest Tool, we anticipate a successful deployment in that environment.

Common Requirements

Restrictions

Beginning with v8.0.0, the console relies on the App Control API. An incorrectly configured IIS server can prevent console access.

• Clean operating system installation, with the latest version/patch/service pack.
• Microsoft IIS:  Version corresponding to the Windows Server installed. Configured as described in the Installing App Control Server guide.
• Microsoft .NET: Version 4.8 framework with latest patch level.
• Microsoft Installer: Version 5.0 or newer.
• Processor:  Intel Xeon/i7 processor/multi-core running at least 2.5 GHz. Although Intel processor is recommended, it is possible to use equivalent AMD processor.
• Ethernet connection: 1 Gbps or faster connection required.
• While TLS 1.3 communication is supported by the App Control Server, there are some third-party libraries and communications to external sites that do not support operating in a TLS 1.3-only environment. Due to this, TLS 1.2 should also be enabled to maintain full functionality at the current time.

The App Control Server should be deployed on a single computer that will house both the App Control Server and SQL Server. The following tables list the requirements for this computer.

Notes:

¹ "Logical Processors" represents the product of the number of cores and the number of threads per core.

² The baseline setup represented by these numbers is SQL Server Standard Edition 2019 using NVMe drives. (For bare metal deployments, this must be direct-attached storage.) If you use a version of SQL Server Standard Edition prior to 2016 SP1, you may not be able to support as many agents on the same platform, and you may need more disk space, or you may need to upgrade to SQL Server Enterprise Edition.

³ The baseline hypervisor for these numbers is VMware ESXi 7.0.2, 18426014.

⁴ For deployments of 100 agents or fewer, SQL Express may be used instead of SQL Standard. It will require two logical processors, 4 GB of RAM, 10 GB of disk space for the data file, and an additional 10 GB for the log file.

Associated with the storage sizes listed above are the following caveats:

• By default, the App Control Server saves no more than four weeks of events and no more than ten million events. Increasing these defaults will increase the size of the database. Under normal circum­stances, the largest portion of the database will be taken up with storage of instances of files on endpoints.
• The App Control Server carries out two scheduled database tasks described in the document Carbon Black App Control SQL Server Configuration Guide. Stopping these tasks can cause the database to grow beyond the sizes listed above.
• The steps listed under “Database Growth” in the document Carbon Black App Control SQL Server Configuration Guide are followed.

The SQL database should meet the following requirements:

• The OS and paging file must be on a separate physical partition from the SQL database.
• Any AV software must be configured to exclude SQL data directories.
• Performance of SQL storage should be validated with the CBPTest tool prior to deployment of App Control Server.
• Carbon Black recommends an NVMe x8 MU Card from any major vendor, according to the following description:
  • NVMe: non-volatile memory express
  • x8: motherboard PCIe 3.0 or 4.0 - x8 interface
  • MU: mixed use
  • Card: usually a half height form factor, which looks like a graphics card
• For recommendations on how to split your database files among different partitions or drives, see the Database Files topic of the Carbon Black App Control SQL Server Configuration Guide.

Since the App Control Server database is relatively large, SQL Server will take all the RAM it has at its disposal, potentially leading to system memory starvation. For that reason, a SQL Server memory cap should always be set on SQL Server. On systems with 16 GB RAM, set the memory cap to 12 GB. For systems with more RAM, make sure that the SQL maximum server memory is set to at least 5 GB less than the total RAM installed in the system for SQL Server Standard, and 10 GB for SQL Server Enterprise edition.

App Control Server does its own scheduled SQL DB Maintenance tasks on daily and weekly basis. This functionality is important in order to maintain database performance and limit growth. The maintenance tasks include:

• Deleting obsolete data
• Defragmenting indexes
• Rebuilding statistics

The App Control database uses the “Simple” recovery model. The “Full” recovery model should not be used to avoid a performance penalty and excessive database log growth.

App Control Server supports automated database backups, but only for deployments up to 100 endpoints. In all other cases, full database backups should be done using best SQL server practices. Also, a database consistency check should be done prior to backup to ensure that the database is not corrupt.

Recommended backup frequency is 2-3 full backups per week. More frequent backups might negatively impact server performance.

Database backup can take minutes or hours to run, depending on database size, network speed (when backups are sent over the network) and performance backup storage. Backups impact server performance should be avoided during busy times (for example, when many users rely on console performance), or during internal App Control Server maintenance times (see table below).

App Control supports the use of virtualized environments for its deployment. Virtual environments must meet the minimum hardware configurations listed in the tables above, and also must meet the following requirements:

• VMware ESXi hypervisor 7.0.2 and up; recommend patching to current level
• SQL and App Control Server must be installed on the same virtual machine
• Memory must be allocated as “reserved”
• For virtualized servers, the underlying disk architecture must still meet aforementioned minimum requirements. Physical DAS storage, solely dedicated to the App Control VM, is preferred, but SAN storage may be used instead, if it meets these criteria:
  • IO channel: Fibre channel
  • Sequential write latency: 0.85ms or faster
    • Measured as 40kb writes, one thread, over two hours
  • Random write latency: 1.75ms or faster
    • Measured as 8kb writes, 32 threads, over two hours

There are several pitfalls when purchasing and configuring hardware for the App Control Server. This section lists most common mistakes.

Use the following table to determine the product life cycle stage of your Carbon Black App Control Server software.

Versions not listed are in the status: End of Support.

See Carbon Black App Control Support Policy for product life cycle information.