Setting up the single VM environment

Deployment Server Prerequisites

The Deployment Server is a Linux-based system used to initiate and manage the AppScan 360° deployment.


Category	Requirement
Operating system	Ubuntu Linux 24.04 or newer
Software	Bash shell Docker (for local container service to push images to a remote registry, see Docker Installation) Kubectl (for Kubernetes cluster management, see Kubectl Installation) Helm 3 (versions 3.14 to 3.17, see Helm Installation)
Configuration	Must connect to the designated MSSQL Server Must communicate with Kubernetes cluster services

External Dependencies

AppScan 360° relies on external services that must be configured and accessible.


Category	Requirement
Database	MSSQL Server 2019 or above, configured with db_creator permissions, accessible for storing scan data (approximately 150 KB per scan execution)
Authentication	SSO - OIDC (keycloak / Okta) OR Microsoft Active Directory / Domino (LDAP) via port 389/636/TCP For user authentication Default local users: Admin (password: Admin12!), User (password: User123!) created during installation
Email	SMTP Server via port 25/TCP for sending notifications
Licensing	Access to HCL License Management Portal via port 443/TCP for license activation (requires HCL ID)
Container Registry	Remote container registry (e.g., HCL Harbor) for storing and pulling AppScan 360 container images
Network	Trusted certificate for secure communication (import untrusted certificates into client JRE keystore if needed)
Storage	File storage for scan data (see Storage Requirements)

Storage Requirements

AppScan 360° requires MSSQL database and file storage. Estimated storage needs based on scan executions are:


Scan Executions	MSSQL Server Storage	File Storage
1,000	1GB	10GB
100.000	5GB	100GB
1,000,000	20GB	1000GB

Recommendation: Allocate a minimum of 200 GB for both MSSQL server storage and file storage to accommodate temporary logs. Storage must be encrypted, redundant, sharable between pods, and support ReadWriteMany (RWX) access mode. Old scans can be manually deleted to save space.

Resource Requirements

AppScan 360° Platform


Component	Memory (Min/Max)	CPU (vCore, Min/Max)
ASCP	42GB / 48GB	10/12

Scanning Resources


Scenario	Memory (Min/Rec)	CPU (vCore, Min/Rec)
Dynamic analysis scanning: single scan	3GB/4GB	2/3
Dynamic analysis scanning: five concurrent scans	15GB/20GB	10/15
Dynamic analysis scanning: ten concurrent scans	30GB/40GB	20/30
Static analysis scanning: single scan	16GB/28GB	2/4
Static analysis scanning: five concurrent scans	80GB/140GB	10/20
Static analysis scanning: ten concurrent scans	160GB/280GB	20/40
Software Composition Analysis (SCA) scanning: single scan	1GB/2GB	2/5
Software Composition Analysis (SCA) scanning: five concurrent scans	2GB/4GB	7/10
Software Composition Analysis (SCA) scanning: ten concurrent scans	4GB/6GB	10/12

Note: Resources scale with concurrent scans. Nodes require at least 28GB RAM and 4 cores for static scans, and 4GB RAM, 3 cores, and 200GB disk space for dynamic scans. Ensure sufficient AppScan 360° licenses and Kubernetes resource availability. Do not exceed 25 concurrent scans.

Additional Notes

HCL ID: Required for accessing HCL License and Download Portal and HCL Harbor.
Browser Support: Use the latest versions of Chrome, Safari, Edge, or Firefox for the AppScan 360 user interface.
Screen Resolution: Recommended resolution is 1920x1080 for optimal display.
Network Ports:
- 22/TCP (SSH to Deployment Server)
- 25/TCP (SMTP)
- 389/TCP (LDAP)
- 80, 443, 8080/TCP
Access Points:
- User Portal: https://<CK_CONFIGURATION_DISCLOSED_SITE_URL>
- User API: https://<CK_CONFIGURATION_DISCLOSED_SITE_URL>/api
- User API (Swagger): https://<CK_CONFIGURATION_DISCLOSED_SITE_URL>/swagger
Note: Publish the Ingress FQDN with the designated IP in the DNS server.

Additional information

The AppScan 360° single VM setup script ask a series of questions to configure your environment. Be prepared for the questions with the following information:

Is this installation intended to be a proof-of-concept installation of AppScan 360°? Or will this installation be used for production?
About how many concurrent scans do you expect to run? (Custom installation)
Do you want to enable Software Composition Analysis (SCA) for open source scanning?
What are your MSSQL configuration details? (Custom installation)
What are your Software Composition Analysis (SCA) database details? (Custom installation)
Will the install use an external certificate?
What will be the primary domain name for the installation?
Will the installation access external services?
Is the local VM connected to the local DNS server?
How much storage will be allocated for the installation?
Do you want to connect with your SMTP mail relay?
What are your Docker registry details? (Custom installation)
Will the installation use a proxy? (Custom installation)