Greenplum Database Real Time Protection by DataSunrise
To secure Greenplum and ensure its safe usage either by employees or any third parties (e.g. developers, testers, engineers, etc.), it is required to know precisely where sensitive data resides, differentiate access to the database, provide entire control of all activity in respect of your Greenplum database. Put these tasks at the top of your priority list with Greenplum security appliances by DataSunrise.
Built-in interrelated Greenplum security components – data monitoring, firewall, masking and data discovery tools – represent comprehensive protection at every possible level.
Preset search filters of Data Discovery functionality search for database objects that comprise sensitive data for its further protection. As soon as the required information is located, security and masking rules may be easily applied for its privacy, integrity, confidentiality, and availability only on a need-to-know basis.
The access to these objects is limited by security policies initiated by the Firewall, controlled by the Data Monitoring component and concealed by Data Masking. DataSunrise Database Performance Monitoring Tools for Greenplum is an effective way of DBMS performance and software error assessment.
Operation algorithm of Greenplum security appliances by DataSunrise consists in interception of queries sent to the database and their redirection to Greenplum after checking for compliance with security policies. This ensures automatic SQL injection attack prevention and unauthorized access blocking.
DataSunrise may be successfully deployed in two modes depending on aims you strive to achieve. The Sniffer mode allows to monitor, analyze traffic and log Greenplum activity.
The Proxy mode is an entire control and interference in network traffic for complete protection from hacker attacks and data leak. Compared to the Sniffer mode, this DataSunrise configuration is considered to be a proxy between the target database and a user. It intercepts queries that are scrupulously and accurately inspected before they get the Greenplum database. Hackers, negligent employees or contractors are no more a threat to Greenplum security with DataSunrise integrated security appliances.
DataSunrise Database Security Suite supports Kerberos protocol for Greenplum databases, thus it can be used as an authentication proxy for DBaaS. It enables users included in the Active Directory domain connect to the cloud databases using AD credentials. All the connection security procedures will be done on the side of DataSunrise
DataSunrise runs on Windows and Linux and supports Greenplum version 4.2+.