The CA API Management product suite maintains two separate lines of upgrades for different parts of the products: application and platform. This article is specific to the platform.
The application consists of the Java-based application running on the appliance. This includes applications such as the API Gateway itself, the API Developer Portal, and the Mobile API Gateway.
The platform consists of the Red Hat Enterprise Linux (RHEL) host operating system that runs the Java-based application. These platform updates are OS-level updates that address potential security concerns in order to ensure the operating system remains secure. Platform updates can be applied without modifying the version of the application running on the appliance. This allows administrators or operators to maintain a certain functional level while being able to address security vulnerabilities within the host operating system. Note that the platform updates can also be referred to as security patches. Platform updates should be applied as soon as possible to keep the API Gateway appliance patched against any OS-level security vulnerabilities.
It is strongly recommended that an administrator take a full API Gateway backup or snapshot of a virtual machine prior to applying platform updates. This will ensure that data is retained in case of a catastrophic failure. Instructions for taking an API Gateway backup are documented within the Installation and Maintenance Manual (Appliance Edition). Instructions for capturing snapshots of virtual machines should be documented by the vendor of the applicable virtualisation platform.
It is important that the administrator be prepared to restart the API Gateway if the patch requires it. We highly recommend performing the update during a designated maintenance period.