Architectures
The architectures describe the working of the system. It shows how the various components work together for processing URP operations, policies, and the flow of logs.
Enterprise Security Administrator (ESA)
Enterprise Security Administrator (ESA) is a component of the Data Security Platform. Working in combination with other Protegrity protectors, it is used to encrypt or tokenize your data.
Protegrity Data Security Platform provides policy management and data protection. It has as its main component the ESA. Working in combination with a Protegrity database protector, application protector, file protector, or big data protector it can be used for managing data security policy, key management, and auditing and reporting.
- ESA: The ESA Manager provides information on how to install specific components, work with policy management tools, manage keys and key rotation and manage switching between Soft HSM and Key Store, configuring logging repositories and using logging tools. This document contains details for all these features.
- Audit Store: The Audit Store is a repository for the logs generated from multiple sources, such as the kernel, policy management, member source, application logs, and protectors. The Audit Store supports clustering for scalability.
- Insight: This feature displays forensics from the Audit Store on the Audit Store Dashboards. It provides options to query and display data from the Audit Store. Predefined graphs are available for analyzing the data from the Audit Store. It provides options for generating and saving customized queries and reports. An enhanced alerting system tracks the data in the Audit Store to monitor the systems and alert users if required.
- Data Security Gateway: The Data Security Gateway (DSG) is a network intermediary that can be classified under Cloud Access Security Brokers (CASB) and Cloud Data Protection Gateway (CDPG). CASBs provide security administrators a central check point to ensure secure and compliant use of cloud services across multiple cloud providers. CDPG is a security policy enforcement check point that exists between cloud data consumer and cloud service provider to interject enterprise policies whenever the cloud-based resources are accessed.
Protegrity Appliance Overview
Overview of the Appliances
Data Security Platform Overview
A general overview of the Protegrity Data Security Platform and the intended audience of this guide.
Installing ESA
Install ESA on-premise or on a cloud platform.
Logging In to ESA
Log in to the CLI Manager or Web UI of ESA.
Web User Interface (Web UI) Management
Describes the operations performed using the Web User Interface
VMware tools in appliances
VMware tools in appliances
Increasing the Appliance Disk Size
The steps to increase the total disk size of the Appliance.
Working with Keys
Protegrity Data Security platform uses many keys to protect your sensitive data.
Managing policies
Policies help to determine, specify and enforce certain data security rules
Working with Insight
Insight stores logs in the Audit Store. The Audit Store is a repository for all audit data and logs on the ESA. The Audit Store cluster is built to support multiple nodes making it scalable. Thus, you can add nodes to the Audit Store cluster as per your requirements. It uses certificates for inter-node communication, making it secure.
Maintaining Insight
Maintaining the logs and indexes in Insight includes the process for archiving and creating scheduled tasks.