The Delphix Engine provides robust, enterprise-quality security controls. Performing the steps listed in this document will allow you to easily bring your Delphix Engines into compliance with your organization’s security policies.
Perform a yearly audit
At least once annually, audit one or more Delphix Engines to ensure compliance with your security policies.
Delphix fully supports network security scans, using a tool of your choosing.
Many companies require security testing of applications in their environment using a Port Scanner or other Security Penetration Test tools. Delphix supports the use of these security tools with the application credentials available for the engine (e.g., delphix_admin). The Delphix Engine is a closed appliance, and OS credentials on the appliance are not provided for these tests.
You can configure a custom security banner that will be displayed to all the users prior to login.
Login to the CLI using the sysadmin username and password.CODE
Set the configuration and commit the changes.CODE
delphix > service security delphix service security > update delphix service security update * > set banner="Your Message Here" delphix service security update * > commit
The string set in the banner is in plain text only. You can also generate banners with multiple lines, however, this can only be done using the "securityConfig" API. Refer to the Delphix KB article for additional information.
Virtual database security
The Delphix Engine provides advanced storage capabilities and automation to allow rapid provisioning of virtual databases (VDBs), which use only a fraction of the physical storage used by full database copies. Nonetheless, a VDB is equivalent to a physical database and must be properly secured like any other database.
By far the most dangerous attack vectors in the Delphix ecosystem are the same ones that existed pre-Delphix: unauthorized access to your non-production systems containing sensitive production data. You must perform all the same actions to harden virtual databases as you would to harden physical clones.
For information on securing your virtual databases, consult vendor-specific material and security guides.