Hello,
I am not expert in security, but I am trying to give you answer based on my experience as End User.
1- What are the required HW specs required for the Machines (App, DB, Front end server) ?
Ans: Ubuntu/Cent OS installed with minimum 4GB RAM and 40GB hard disk.
You need more space if you are using large file attachment.
2- What is the SW required for servers as well ?
Ans: Frappe take care of all dependency
3- What is Backup methodology that ERP is following ?
Ans: One backup is taken after every 6 hour, you can also configure daily dropbox and AWS backup
4- What are the expected maximum number of users will connect to each server ?
Ans: No such limit. Also you can easily increase server configuration when you find server running slow.
5- What are the security concerns we can face with the current design ?
And - Frappe has Roles and User Permission Manager to show/hide record for particular user. (It may has security concerns which applicable to any cloud host/linux server, but you do/hire some expert into this)
For more details please see this: You are putting yourself and your data at risk
6- Can we lock the front end server from privileged users ?
Can you explain what you want to achieve?
7- Can we lock the front end server front changes on the SW level ?
Can you explain what you want to achieve?
Thanks,
Sambhaji