Deploying BOSH Add-Ons

Page last updated:

Warning: Pivotal Cloud Foundry (PCF) v2.4 is no longer supported because it has reached the End of General Support (EOGS) phase as defined by the Support Lifecycle Policy. To stay up to date with the latest software and security updates, upgrade to a supported version.

This documentation explains how to deploy optional BOSH Add-ons as a part of installing the Pivotal Cloud Foundry (PCF) platform.

Overview

BOSH Add-ons are optional platform extensions that you deploy with BOSH rather than installing them as Ops Manager tiles.

Pivotal recommends installing BOSH Add-ons immediately after deploying BOSH and Ops Manager, before you use Ops Manager to add tiles to the platform.

BOSH Add-ons from Pivotal include IPsec, ClamAV, and File Integrity Monitoring, which enhance PCF platform security and security logging.

Open-source BOSH Add-ons include a syslog forwarder, a custom SSH login banner, and a tool for adding SSH users.

See Deploying Software with BOSH for an overview of the BOSH deployment process.

Contents

  • IPsec Add-on for PCF secures data transmissions inside PCF following IPSec standards.

  • ClamAV Add-on for PCF logs PCF internal antivirus protection activity, to demonstrate to auditors that it complies with industry standards and government regulations.

  • File Integrity Monitoring Add-on for PCF (FIM) logs PCF internal file integrity monitoring activity, to demonstrate to auditors that it complies with industry standards and government regulations.