Skip to main content
Skip table of contents

Additional topics

The Delphix Engine provides robust, enterprise-quality security controls. Performing the steps listed in this document will allow you to easily bring your Delphix Engines into compliance with your organization’s security policies.

Perform a yearly audit

At least once annually, audit one or more Delphix Engines to ensure compliance with your security policies.

Port scan

Delphix fully supports network security scans, using a tool of your choosing.

Security testing

Many companies require security testing of applications in their environment using a Port Scanner or other Security Penetration Test tools. Delphix supports the use of these security tools with the application credentials available for the engine (e.g., delphix_admin). The Delphix Engine is a closed appliance, and OS credentials on the appliance are not provided for these tests.

Security banner

You can configure a custom security banner that will be displayed to all the users prior to login.

  1. Login to the CLI using the sysadmin username and password.

    ssh sysadmin@yourdelphixengine
  2. Set the configuration and commit the changes.

    delphix > service security
    delphix service security > update
    delphix service security update * > set banner="Your Message Here"
    delphix service security update * > commit

The string set in the banner is in plain text only. You can also generate banners with multiple lines, however, this can only be done using the "securityConfig" API. Refer to the Delphix KB article for additional information.

Virtual database security

The Delphix Engine provides advanced storage capabilities and automation to allow rapid provisioning of virtual databases (VDBs), which use only a fraction of the physical storage used by full database copies. Nonetheless, a VDB is equivalent to a physical database and must be properly secured like any other database.

By far the most dangerous attack vectors in the Delphix ecosystem are the same ones that existed pre-Delphix: unauthorized access to your non-production systems containing sensitive production data. You must perform all the same actions to harden virtual databases as you would to harden physical clones.

For information on securing your virtual databases, consult vendor-specific material and security guides.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.