SlideShare a Scribd company logo

Architecture_Masking_Delphix.pptx

S
shaikshazil1

this deck gives greater insight about architecturing masking using delphix

Technology
1 of 18
© 2019 Delphix. All Rights Reserved. Private and Confidential. © 2019 Delphix. All Rights Reserved. Private and Confidential. Data Masking Draft Architecture
© 2019 Delphix. All Rights Reserved. Private and Confidential. © 2019 Delphix. All Rights Reserved. Private and Confidential. 2 Data Masking-only
© 2019 Delphix. All Rights Reserved. Private and Confidential. Prod Database/Files Host Staging Target Host mounting DB to be masked Target DB Host mounting masked DB Customer process Delphix Masking Engine FIREWALL PROD NON PROD Delphix High Level Architecture – Data Masking-only • Customer creates and refreshes in prod a Golden Copy to be masked • Delphix Masks the database. Customer provides backup in order to rollback if needed • Customer delivers masked data to non prod JDBC SFTP
© 2019 Delphix. All Rights Reserved. Private and Confidential. Architecture – SQL Server 4 Production Host Staging Host Target Host 1433 Port Description 22 SSH 80 HTTP 443 HTTPS 1433 JDBC Delphix Engine 8 vCPU, 64-128 GB RAM 300 GB System Disk Delphix Storage <10ms latency, size 100GB Admin console Production Database DB Copies are Physical and requires DBA Support for continuous new copies. Can be on the same server or a different FIREWALL Customer process
© 2019 Delphix. All Rights Reserved. Private and Confidential. Data Masking-only assumptions • Delphix will only mask data, customer will refresh and deliver data to non prod • Delphix final architecture will be created after detailed assessment to validate: – Database/file size to be masked – Data refresh frequency – Time to complete masking
© 2019 Delphix. All Rights Reserved. Private and Confidential. Data Masking Engine - specs Description Qty Notes Comments Masking Engines 1 Each engine is a Vmware 6.x virtual appliance with: • 8 VCPU • 64 GB RAM • 400 GB disk (300GB system + 100GB for file masking) N. of engines will vary based on masking SLAs (es. Time to complete masking) Database Staging hosts 1 Staging host is used for DB Golden Copy masking Assume 1 staging for SQL SERVER Space for Golden Copy to be masked and staging areas to export/import XX TB 1 Copy of the DB + 1 copy as staging area
© 2019 Delphix. All Rights Reserved. Private and Confidential. Activity Delivery Time Customer Staff Delphix Server Install Fully Configured Delphix 5.3.x VMGuest 8vCPU 64GB 300GB base storage Masking Engine Started ~ 3 hours VMWare Admin Delphix Masking Admin Validate Masking Setup Connect SQL Environment Masking Training and Review 1 hour setup SQL Server DBA Delphix Masking Admin POV Delphix Masking – On Premise Activity Delivery Time Customer Staff Setup and Run Profiler In Scope domains are: Name, Addr, Birthdate,SSN,Subscriber ID ~ 8 hours Delphix Masking Admin (Architect) SQL DBA Run Masking Job Masking Jobs 4-8 hours Delphix Admin (Architect) SQL DBA Security Analyst Validate Masking Solution 5 items needed for masking Name, Addr, Birthdate,SSN,Subscriber ID 4 Hours Delphix Admin (Architect) Security Review SQL DBA
© 2019 Delphix. All Rights Reserved. Private and Confidential. © 2019 Delphix. All Rights Reserved. Private and Confidential. 8 Delphix requirements
© 2019 Delphix. All Rights Reserved. Private and Confidential. VMware prerequisites for Delphix Masking engine Refer Docs link for OS specific pre-reqs : https://docs.delphix.com/display/DOCS/Virtual+Machine+Requirements+for+VMware+Platform Component Requirements Notes Virtualization Platform VMware ESX/ESXi 6.x (recommended) VMware ESX/ESXi 5.x (supported) ▪ VMware HA: enable, VMWare DRS: generally disabled ▪ HT sharing: recommend “None”, no sharing of CPUs ▪ ESX Memory Overhead: must leave at least 6% of allocated free of ESX Virtual CPUs 8 vCPUs ▪ CPU reservation is strongly recommended Memory 64GB ▪ Memory reservation is required Storage 500GB of free space (system disk) < 8ms storage latency SCSI Controllers LSI Logic Parallel ▪ 4 vSCSI controllers are required with storage evenly spread across them to maximize data throughput Network < 1 ms network latency for VDB ▪ Between Delphix engine ad DB/File server where data are to be masked ▪ Jumbo frames (9000 bytes MTU) provides improvements to throughput ▪ 10GbE NIC in the ESX Server is recommended
© 2019 Delphix. All Rights Reserved. Private and Confidential. Inbound Network Ports – Masking engine • Delphix Masking engine will connect to databases to be masked via jdbc type 4 connection. Used ports will depend on the database type and configuration • Delphix Masking engine will connect to files to be masked via standard FTP/SFTP connection Protocol Port Numbers Use TCP 22 SSH connections to the Delphix Engine. TCP 80 HTTP connections to the Delphix GUI (optional). UDP 161 Messages from an SNMP Manager to the Delphix Engine (optional) TCP 443 HTTPS connections to the Delphix GUI.
© 2019 Delphix. All Rights Reserved. Private and Confidential. Outbound Network Ports – Masking engine to SQL Server • Delphix Masking engine will connect to databases to be masked via jdbc type 4 connection. Used ports will depend on the database type and configuration • Delphix Masking engine will connect to files to be masked via standard FTP/SFTP connection Protocol Port Numbers Use TCP 25 Connection to a local SMTP server for sending email. TCP/UDP 53 Connections to local DNS servers. UDP 123 Connection to an NTP server. UDP 162 Sending SNMP TRAP messages to an SNMP Manager. TCP 443 HTTPS connections from the Delphix Engine to the Delphix Support upload server. TCP/UDP 636 Secure connections to an LDAP server. TCP/UDP various Connections to target environments such as databases (JDBC) - for SQL Server default port is 1433 And for files (FTP, SFTP, NFS, or CIFS).
© 2019 Delphix. All Rights Reserved. Private and Confidential. © 2019 Delphix. All Rights Reserved. Private and Confidential. Best Practices – Masking
© 2019 Delphix. All Rights Reserved. Private and Confidential. Best Practices – Masking Important Considerations for Sizing & Configuration of a Masking Solution • Masking consists of a masking workload, which executes in a masking ecosystem • Masking involves two basic operations: 1. Movement of data via network back-and-forth between Data Store(s) and Masking Engine 2. Calculation/Generation of the masked values locally on the Masking Engine • The basic flow is PULL-MASK-PUSH (PULL = read/retrieve from data store, PUSH=write/send to data store) • “In-Place” masking reads a table, masks, then updates the original table (SELECT – mask – UPDATE) • Only the columns to be masked (and possibly a key) need be moved across the network • The database must locate the row to UPDATE when masked values are returned (extra work for DBMS) • “On-the-Fly” masking reads from one table, masks, the writes a new table (SELECT – mask – INSERT) • ALL columns of the table must be moved across the network • The database can merely add the new row to a heap (new rows can be contiguous, less work for DBMS) • Total masking workload is created by one or more masking Jobs, which can execute concurrently, or serially • How many tables, rows/table, columns/row, specific masking algorithm, in-place or on-the-fly • Ecosystem can constrain masking throughput/performance, balance is important. Masking can be throttled by send/receive.
© 2019 Delphix. All Rights Reserved. Private and Confidential. Best Practices – Masking Masking Engine Configuration a.Install Masking Engine in separate, dedicated VM (ie: not in same VM as Virtualization Engine) a. Use Combined OVA version of software, however run in isolated, separate VM CPU Resource Planning – per Masking Job a.Plan for 1 to 2 CPU Cores per Masking Job (depends on specifics of masking workload & capacities of masking ecosystem) Masking Job Configuration Settings a.For virtualized tables to be masked, use “in-place” masking method b. For un-virtualized tables/data sources, conduct analysis to choose method: “on-the-fly” or “in-place” masking b.The following recommendations apply to “in-place” masking of virtualized tables b. Configure ONE (1) Update Thread per Masking Job (Default value is 4; do NOT use Default) c. Configure ONE (1) Stream per Masking Job (Default is 20; Do NOT use Default) a. If you need to mask multiple objects concurrently, use multiple jobs, not multiple streams d. For ANY column being masked which is also indexed, specific the DROP INDEXES check box e. For ANY column being masked which is involved in a trigger, check the DISABLE TRIGGERS check box f. For ANY column being masked with is involved in Integrity Constraints/Declarative Integrity, check the DISABLE CONSTRAINTS check box
© 2019 Delphix. All Rights Reserved. Private and Confidential. Best Practices – Masking Database Specific Optimizations a. For SQL Server, make sure that an index exists to address the update, a. otherwise Masking will dynamically add an identity column at start of job, drop index at end of job a. Beware: this can have long-term space implications in the data store b. Since SQL Server must traverse an index for each row to be updated, size of table becomes important a. As row-count in table increases, causing index to grow in depth, more work needed per row to traverse c. A prototype technique exists to segment a single table for parallel masking, however is not universally applicable
© 2019 Delphix. All Rights Reserved. Private and Confidential. SQL Compatibility Matrix 16 Supported OS Version SQL Server 2008 SQL Server 2008 R2 SQL Server 2012 SQL Server 2014 SQL Server 2016 SQL Server 2017 SQL Server 2019 Windows Server 2008 R2 Supported Supported Supported Supported N/A N/A N/A Windows Server 2008 R2 SP1 Supported Supported Supported Supported N/A N/A N/A Windows Server 2012 Supported Supported Supported Supported Supported Supported N/A Windows Server 2012 R2 Supported Supported Supported Supported Supported Supported N/A Windows Server 2016 N/A N/A Supported Supported Supported Supported Supported Windows Server 2019 N/A N/A N/A N/A Supported Supported Supported https://docs.delphix.com/docs/datasets/sql-server-environments-and-data-sources/sql-server-support-and-requirements/sql- server-support-matrix
© 2019 Delphix. All Rights Reserved. Private and Confidential. Source and Provisioning Environment SQL Server Compatibility Matrix 17 Provisioning Target Environment Source Environment SQL Server 2008 SQL Server 2008 R2 SQL Server 2012 SQL Server 2014 SQL Server 2016 SQL Server 2017 SQL Server 2019 SQL Server 2008 X X X X X X SQL Server 2008 R2 X X X X X SQL Server 2012 X X X X X SQL Server 2014 X X X X SQL Server 2016 X X X SQL Server 2017 X X https://docs.delphix.com/docs/datasets/sql-server-environments-and-data-sources/sql-server-support-and-requirements/sql- server-support-matrix
© 2019 Delphix. All Rights Reserved. Private and Confidential. • SQL Server SQL Server • DB User Permission 18 • DB User Permission

Recommended

IBM Spark Meetup - RDD & Spark Basics
IBM Spark Meetup - RDD & Spark BasicsIBM Spark Meetup - RDD & Spark Basics
IBM Spark Meetup - RDD & Spark BasicsSatya Narayan
 
Cloud Bursting 101: What to do When Cloud Computing Demand Exceeds Capacity
Cloud Bursting 101: What to do When Cloud Computing Demand Exceeds CapacityCloud Bursting 101: What to do When Cloud Computing Demand Exceeds Capacity
Cloud Bursting 101: What to do When Cloud Computing Demand Exceeds CapacityAvere Systems
 
Handling Increasing Load and Reducing Costs Using Aerospike NoSQL Database - ...
Handling Increasing Load and Reducing Costs Using Aerospike NoSQL Database - ...Handling Increasing Load and Reducing Costs Using Aerospike NoSQL Database - ...
Handling Increasing Load and Reducing Costs Using Aerospike NoSQL Database - ...Aerospike
 
Accelerate and Scale Big Data Analytics with Disaggregated Compute and Storage
Accelerate and Scale Big Data Analytics with Disaggregated Compute and StorageAccelerate and Scale Big Data Analytics with Disaggregated Compute and Storage
Accelerate and Scale Big Data Analytics with Disaggregated Compute and StorageAlluxio, Inc.
 
Meetup Oracle Database MAD_BCN: 1.1 Servicios de Oracle Database en la nube
Meetup Oracle Database MAD_BCN: 1.1 Servicios de Oracle Database en la nube Meetup Oracle Database MAD_BCN: 1.1 Servicios de Oracle Database en la nube
Meetup Oracle Database MAD_BCN: 1.1 Servicios de Oracle Database en la nubeavanttic Consultoría Tecnológica
 
Mellanox Storage Solutions
Mellanox Storage SolutionsMellanox Storage Solutions
Mellanox Storage SolutionsMellanox Technologies
 
MongoDB World 2019: Implementation and Operationalization of MongoDB Sharding...
MongoDB World 2019: Implementation and Operationalization of MongoDB Sharding...MongoDB World 2019: Implementation and Operationalization of MongoDB Sharding...
MongoDB World 2019: Implementation and Operationalization of MongoDB Sharding...MongoDB
 
Provisioning server high_availability_considerations2
Provisioning server high_availability_considerations2Provisioning server high_availability_considerations2
Provisioning server high_availability_considerations2Nuno Alves
 

Recommended

IBM Spark Meetup - RDD & Spark Basics
IBM Spark Meetup - RDD & Spark BasicsIBM Spark Meetup - RDD & Spark Basics
IBM Spark Meetup - RDD & Spark BasicsSatya Narayan
 
Cloud Bursting 101: What to do When Cloud Computing Demand Exceeds Capacity
Cloud Bursting 101: What to do When Cloud Computing Demand Exceeds CapacityCloud Bursting 101: What to do When Cloud Computing Demand Exceeds Capacity
Cloud Bursting 101: What to do When Cloud Computing Demand Exceeds CapacityAvere Systems
 
Handling Increasing Load and Reducing Costs Using Aerospike NoSQL Database - ...
Handling Increasing Load and Reducing Costs Using Aerospike NoSQL Database - ...Handling Increasing Load and Reducing Costs Using Aerospike NoSQL Database - ...
Handling Increasing Load and Reducing Costs Using Aerospike NoSQL Database - ...Aerospike
 
Accelerate and Scale Big Data Analytics with Disaggregated Compute and Storage
Accelerate and Scale Big Data Analytics with Disaggregated Compute and StorageAccelerate and Scale Big Data Analytics with Disaggregated Compute and Storage
Accelerate and Scale Big Data Analytics with Disaggregated Compute and StorageAlluxio, Inc.
 
Meetup Oracle Database MAD_BCN: 1.1 Servicios de Oracle Database en la nube
Meetup Oracle Database MAD_BCN: 1.1 Servicios de Oracle Database en la nube Meetup Oracle Database MAD_BCN: 1.1 Servicios de Oracle Database en la nube
Meetup Oracle Database MAD_BCN: 1.1 Servicios de Oracle Database en la nubeavanttic Consultoría Tecnológica
 
Mellanox Storage Solutions
Mellanox Storage SolutionsMellanox Storage Solutions
Mellanox Storage SolutionsMellanox Technologies
 
MongoDB World 2019: Implementation and Operationalization of MongoDB Sharding...
MongoDB World 2019: Implementation and Operationalization of MongoDB Sharding...MongoDB World 2019: Implementation and Operationalization of MongoDB Sharding...
MongoDB World 2019: Implementation and Operationalization of MongoDB Sharding...MongoDB
 
Provisioning server high_availability_considerations2
Provisioning server high_availability_considerations2Provisioning server high_availability_considerations2
Provisioning server high_availability_considerations2Nuno Alves
 
Intro to Azure SQL database
Intro to Azure SQL databaseIntro to Azure SQL database
Intro to Azure SQL databaseSteve Knutson
 
Boston_sql_kegorman_highIO.pptx
Boston_sql_kegorman_highIO.pptxBoston_sql_kegorman_highIO.pptx
Boston_sql_kegorman_highIO.pptxKellyn Pot'Vin-Gorman
 
IaaS for DBAs in Azure
IaaS for DBAs in AzureIaaS for DBAs in Azure
IaaS for DBAs in AzureKellyn Pot'Vin-Gorman
 
MySQL's NoSQL -- SCaLE 13x Feb. 20, 2015
MySQL's NoSQL -- SCaLE 13x Feb. 20, 2015MySQL's NoSQL -- SCaLE 13x Feb. 20, 2015
MySQL's NoSQL -- SCaLE 13x Feb. 20, 2015Dave Stokes
 
Azure + DataStax Enterprise (DSE) Powers Office365 Per User Store
Azure + DataStax Enterprise (DSE) Powers Office365 Per User StoreAzure + DataStax Enterprise (DSE) Powers Office365 Per User Store
Azure + DataStax Enterprise (DSE) Powers Office365 Per User StoreDataStax Academy
 
Simplifying Hadoop with RecordService, A Secure and Unified Data Access Path ...
Simplifying Hadoop with RecordService, A Secure and Unified Data Access Path ...Simplifying Hadoop with RecordService, A Secure and Unified Data Access Path ...
Simplifying Hadoop with RecordService, A Secure and Unified Data Access Path ...Cloudera, Inc.
 
Data Analytics Using Container Persistence Through SMACK - Manny Rodriguez-Pe...
Data Analytics Using Container Persistence Through SMACK - Manny Rodriguez-Pe...Data Analytics Using Container Persistence Through SMACK - Manny Rodriguez-Pe...
Data Analytics Using Container Persistence Through SMACK - Manny Rodriguez-Pe...{code} by Dell EMC
 
Running Production CDC Ingestion Pipelines With Balaji Varadarajan and Pritam...
Running Production CDC Ingestion Pipelines With Balaji Varadarajan and Pritam...Running Production CDC Ingestion Pipelines With Balaji Varadarajan and Pritam...
Running Production CDC Ingestion Pipelines With Balaji Varadarajan and Pritam...HostedbyConfluent
 
Ceph Day New York 2014: Best Practices for Ceph-Powered Implementations of St...
Ceph Day New York 2014: Best Practices for Ceph-Powered Implementations of St...Ceph Day New York 2014: Best Practices for Ceph-Powered Implementations of St...
Ceph Day New York 2014: Best Practices for Ceph-Powered Implementations of St...Ceph Community
 
Cloud computing & lamp applications
Cloud computing & lamp applicationsCloud computing & lamp applications
Cloud computing & lamp applicationsCorley S.r.l.
 
From limited Hadoop compute capacity to increased data scientist efficiency
From limited Hadoop compute capacity to increased data scientist efficiencyFrom limited Hadoop compute capacity to increased data scientist efficiency
From limited Hadoop compute capacity to increased data scientist efficiencyAlluxio, Inc.
 
Data Orchestration Platform for the Cloud
Data Orchestration Platform for the CloudData Orchestration Platform for the Cloud
Data Orchestration Platform for the CloudAlluxio, Inc.
 
Improving Website Performance with Memecached Webinar | Achieve Internet
Improving Website Performance with Memecached Webinar | Achieve InternetImproving Website Performance with Memecached Webinar | Achieve Internet
Improving Website Performance with Memecached Webinar | Achieve InternetAchieve Internet
 
Improving Website Performance with Memecached Webinar | Achieve Internet
Improving Website Performance with Memecached Webinar | Achieve InternetImproving Website Performance with Memecached Webinar | Achieve Internet
Improving Website Performance with Memecached Webinar | Achieve InternetAchieve Internet
 
Automating a PostgreSQL High Availability Architecture with Ansible
Automating a PostgreSQL High Availability Architecture with AnsibleAutomating a PostgreSQL High Availability Architecture with Ansible
Automating a PostgreSQL High Availability Architecture with AnsibleEDB
 
X-DB Replication Server and MMR
X-DB Replication Server and MMRX-DB Replication Server and MMR
X-DB Replication Server and MMRAshnikbiz
 
Healthcare Claim Reimbursement using Apache Spark
Healthcare Claim Reimbursement using Apache SparkHealthcare Claim Reimbursement using Apache Spark
Healthcare Claim Reimbursement using Apache SparkDatabricks
 
VMworld 2015: The Future of Software- Defined Storage- What Does it Look Like...
VMworld 2015: The Future of Software- Defined Storage- What Does it Look Like...VMworld 2015: The Future of Software- Defined Storage- What Does it Look Like...
VMworld 2015: The Future of Software- Defined Storage- What Does it Look Like...VMworld
 
Multi-Tenancy Kafka cluster for LINE services with 250 billion daily messages
Multi-Tenancy Kafka cluster for LINE services with 250 billion daily messagesMulti-Tenancy Kafka cluster for LINE services with 250 billion daily messages
Multi-Tenancy Kafka cluster for LINE services with 250 billion daily messagesLINE Corporation
 
Networking Concepts and Tools for the Cloud
Networking Concepts and Tools for the CloudNetworking Concepts and Tools for the Cloud
Networking Concepts and Tools for the CloudAlex Amies
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 

More Related Content

Similar to Architecture_Masking_Delphix.pptx

Intro to Azure SQL database
Intro to Azure SQL databaseIntro to Azure SQL database
Intro to Azure SQL databaseSteve Knutson
 
MySQL's NoSQL -- SCaLE 13x Feb. 20, 2015
MySQL's NoSQL -- SCaLE 13x Feb. 20, 2015MySQL's NoSQL -- SCaLE 13x Feb. 20, 2015
MySQL's NoSQL -- SCaLE 13x Feb. 20, 2015Dave Stokes
 
Azure + DataStax Enterprise (DSE) Powers Office365 Per User Store
Azure + DataStax Enterprise (DSE) Powers Office365 Per User StoreAzure + DataStax Enterprise (DSE) Powers Office365 Per User Store
Azure + DataStax Enterprise (DSE) Powers Office365 Per User StoreDataStax Academy
 
Simplifying Hadoop with RecordService, A Secure and Unified Data Access Path ...
Simplifying Hadoop with RecordService, A Secure and Unified Data Access Path ...Simplifying Hadoop with RecordService, A Secure and Unified Data Access Path ...
Simplifying Hadoop with RecordService, A Secure and Unified Data Access Path ...Cloudera, Inc.
 
Data Analytics Using Container Persistence Through SMACK - Manny Rodriguez-Pe...
Data Analytics Using Container Persistence Through SMACK - Manny Rodriguez-Pe...Data Analytics Using Container Persistence Through SMACK - Manny Rodriguez-Pe...
Data Analytics Using Container Persistence Through SMACK - Manny Rodriguez-Pe...{code} by Dell EMC
 
Running Production CDC Ingestion Pipelines With Balaji Varadarajan and Pritam...
Running Production CDC Ingestion Pipelines With Balaji Varadarajan and Pritam...Running Production CDC Ingestion Pipelines With Balaji Varadarajan and Pritam...
Running Production CDC Ingestion Pipelines With Balaji Varadarajan and Pritam...HostedbyConfluent
 
Ceph Day New York 2014: Best Practices for Ceph-Powered Implementations of St...
Ceph Day New York 2014: Best Practices for Ceph-Powered Implementations of St...Ceph Day New York 2014: Best Practices for Ceph-Powered Implementations of St...
Ceph Day New York 2014: Best Practices for Ceph-Powered Implementations of St...Ceph Community
 
Cloud computing & lamp applications
Cloud computing & lamp applicationsCloud computing & lamp applications
Cloud computing & lamp applicationsCorley S.r.l.
 
From limited Hadoop compute capacity to increased data scientist efficiency
From limited Hadoop compute capacity to increased data scientist efficiencyFrom limited Hadoop compute capacity to increased data scientist efficiency
From limited Hadoop compute capacity to increased data scientist efficiencyAlluxio, Inc.
 
Data Orchestration Platform for the Cloud
Data Orchestration Platform for the CloudData Orchestration Platform for the Cloud
Data Orchestration Platform for the CloudAlluxio, Inc.
 
Improving Website Performance with Memecached Webinar | Achieve Internet
Improving Website Performance with Memecached Webinar | Achieve InternetImproving Website Performance with Memecached Webinar | Achieve Internet
Improving Website Performance with Memecached Webinar | Achieve InternetAchieve Internet
 
Improving Website Performance with Memecached Webinar | Achieve Internet
Improving Website Performance with Memecached Webinar | Achieve InternetImproving Website Performance with Memecached Webinar | Achieve Internet
Improving Website Performance with Memecached Webinar | Achieve InternetAchieve Internet
 
Automating a PostgreSQL High Availability Architecture with Ansible
Automating a PostgreSQL High Availability Architecture with AnsibleAutomating a PostgreSQL High Availability Architecture with Ansible
Automating a PostgreSQL High Availability Architecture with AnsibleEDB
 
X-DB Replication Server and MMR
X-DB Replication Server and MMRX-DB Replication Server and MMR
X-DB Replication Server and MMRAshnikbiz
 
Healthcare Claim Reimbursement using Apache Spark
Healthcare Claim Reimbursement using Apache SparkHealthcare Claim Reimbursement using Apache Spark
Healthcare Claim Reimbursement using Apache SparkDatabricks
 
VMworld 2015: The Future of Software- Defined Storage- What Does it Look Like...
VMworld 2015: The Future of Software- Defined Storage- What Does it Look Like...VMworld 2015: The Future of Software- Defined Storage- What Does it Look Like...
VMworld 2015: The Future of Software- Defined Storage- What Does it Look Like...VMworld
 
Multi-Tenancy Kafka cluster for LINE services with 250 billion daily messages
Multi-Tenancy Kafka cluster for LINE services with 250 billion daily messagesMulti-Tenancy Kafka cluster for LINE services with 250 billion daily messages
Multi-Tenancy Kafka cluster for LINE services with 250 billion daily messagesLINE Corporation
 
Networking Concepts and Tools for the Cloud
Networking Concepts and Tools for the CloudNetworking Concepts and Tools for the Cloud
Networking Concepts and Tools for the CloudAlex Amies
 

Similar to Architecture_Masking_Delphix.pptx (20)

Intro to Azure SQL database
Intro to Azure SQL databaseIntro to Azure SQL database
Intro to Azure SQL database
 
Boston_sql_kegorman_highIO.pptx
Boston_sql_kegorman_highIO.pptxBoston_sql_kegorman_highIO.pptx
Boston_sql_kegorman_highIO.pptx
 
IaaS for DBAs in Azure
IaaS for DBAs in AzureIaaS for DBAs in Azure
IaaS for DBAs in Azure
 
MySQL's NoSQL -- SCaLE 13x Feb. 20, 2015
MySQL's NoSQL -- SCaLE 13x Feb. 20, 2015MySQL's NoSQL -- SCaLE 13x Feb. 20, 2015
MySQL's NoSQL -- SCaLE 13x Feb. 20, 2015
 
Azure + DataStax Enterprise (DSE) Powers Office365 Per User Store
Azure + DataStax Enterprise (DSE) Powers Office365 Per User StoreAzure + DataStax Enterprise (DSE) Powers Office365 Per User Store
Azure + DataStax Enterprise (DSE) Powers Office365 Per User Store
 
Simplifying Hadoop with RecordService, A Secure and Unified Data Access Path ...
Simplifying Hadoop with RecordService, A Secure and Unified Data Access Path ...Simplifying Hadoop with RecordService, A Secure and Unified Data Access Path ...
Simplifying Hadoop with RecordService, A Secure and Unified Data Access Path ...
 
Data Analytics Using Container Persistence Through SMACK - Manny Rodriguez-Pe...
Data Analytics Using Container Persistence Through SMACK - Manny Rodriguez-Pe...Data Analytics Using Container Persistence Through SMACK - Manny Rodriguez-Pe...
Data Analytics Using Container Persistence Through SMACK - Manny Rodriguez-Pe...
 
Running Production CDC Ingestion Pipelines With Balaji Varadarajan and Pritam...
Running Production CDC Ingestion Pipelines With Balaji Varadarajan and Pritam...Running Production CDC Ingestion Pipelines With Balaji Varadarajan and Pritam...
Running Production CDC Ingestion Pipelines With Balaji Varadarajan and Pritam...
 
Ceph Day New York 2014: Best Practices for Ceph-Powered Implementations of St...
Ceph Day New York 2014: Best Practices for Ceph-Powered Implementations of St...Ceph Day New York 2014: Best Practices for Ceph-Powered Implementations of St...
Ceph Day New York 2014: Best Practices for Ceph-Powered Implementations of St...
 
Cloud computing & lamp applications
Cloud computing & lamp applicationsCloud computing & lamp applications
Cloud computing & lamp applications
 
From limited Hadoop compute capacity to increased data scientist efficiency
From limited Hadoop compute capacity to increased data scientist efficiencyFrom limited Hadoop compute capacity to increased data scientist efficiency
From limited Hadoop compute capacity to increased data scientist efficiency
 
Data Orchestration Platform for the Cloud
Data Orchestration Platform for the CloudData Orchestration Platform for the Cloud
Data Orchestration Platform for the Cloud
 
Improving Website Performance with Memecached Webinar | Achieve Internet
Improving Website Performance with Memecached Webinar | Achieve InternetImproving Website Performance with Memecached Webinar | Achieve Internet
Improving Website Performance with Memecached Webinar | Achieve Internet
 
Improving Website Performance with Memecached Webinar | Achieve Internet
Improving Website Performance with Memecached Webinar | Achieve InternetImproving Website Performance with Memecached Webinar | Achieve Internet
Improving Website Performance with Memecached Webinar | Achieve Internet
 
Automating a PostgreSQL High Availability Architecture with Ansible
Automating a PostgreSQL High Availability Architecture with AnsibleAutomating a PostgreSQL High Availability Architecture with Ansible
Automating a PostgreSQL High Availability Architecture with Ansible
 
X-DB Replication Server and MMR
X-DB Replication Server and MMRX-DB Replication Server and MMR
X-DB Replication Server and MMR
 
Healthcare Claim Reimbursement using Apache Spark
Healthcare Claim Reimbursement using Apache SparkHealthcare Claim Reimbursement using Apache Spark
Healthcare Claim Reimbursement using Apache Spark
 
VMworld 2015: The Future of Software- Defined Storage- What Does it Look Like...
VMworld 2015: The Future of Software- Defined Storage- What Does it Look Like...VMworld 2015: The Future of Software- Defined Storage- What Does it Look Like...
VMworld 2015: The Future of Software- Defined Storage- What Does it Look Like...
 
Multi-Tenancy Kafka cluster for LINE services with 250 billion daily messages
Multi-Tenancy Kafka cluster for LINE services with 250 billion daily messagesMulti-Tenancy Kafka cluster for LINE services with 250 billion daily messages
Multi-Tenancy Kafka cluster for LINE services with 250 billion daily messages
 
Networking Concepts and Tools for the Cloud
Networking Concepts and Tools for the CloudNetworking Concepts and Tools for the Cloud
Networking Concepts and Tools for the Cloud
 

Recently uploaded

Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEarley Information Science
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsRoshan Dwivedi
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 

Recently uploaded (20)

Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 

Architecture_Masking_Delphix.pptx

  • 1. © 2019 Delphix. All Rights Reserved. Private and Confidential. © 2019 Delphix. All Rights Reserved. Private and Confidential. Data Masking Draft Architecture
  • 2. © 2019 Delphix. All Rights Reserved. Private and Confidential. © 2019 Delphix. All Rights Reserved. Private and Confidential. 2 Data Masking-only
  • 3. © 2019 Delphix. All Rights Reserved. Private and Confidential. Prod Database/Files Host Staging Target Host mounting DB to be masked Target DB Host mounting masked DB Customer process Delphix Masking Engine FIREWALL PROD NON PROD Delphix High Level Architecture – Data Masking-only • Customer creates and refreshes in prod a Golden Copy to be masked • Delphix Masks the database. Customer provides backup in order to rollback if needed • Customer delivers masked data to non prod JDBC SFTP
  • 4. © 2019 Delphix. All Rights Reserved. Private and Confidential. Architecture – SQL Server 4 Production Host Staging Host Target Host 1433 Port Description 22 SSH 80 HTTP 443 HTTPS 1433 JDBC Delphix Engine 8 vCPU, 64-128 GB RAM 300 GB System Disk Delphix Storage <10ms latency, size 100GB Admin console Production Database DB Copies are Physical and requires DBA Support for continuous new copies. Can be on the same server or a different FIREWALL Customer process
  • 5. © 2019 Delphix. All Rights Reserved. Private and Confidential. Data Masking-only assumptions • Delphix will only mask data, customer will refresh and deliver data to non prod • Delphix final architecture will be created after detailed assessment to validate: – Database/file size to be masked – Data refresh frequency – Time to complete masking
  • 6. © 2019 Delphix. All Rights Reserved. Private and Confidential. Data Masking Engine - specs Description Qty Notes Comments Masking Engines 1 Each engine is a Vmware 6.x virtual appliance with: • 8 VCPU • 64 GB RAM • 400 GB disk (300GB system + 100GB for file masking) N. of engines will vary based on masking SLAs (es. Time to complete masking) Database Staging hosts 1 Staging host is used for DB Golden Copy masking Assume 1 staging for SQL SERVER Space for Golden Copy to be masked and staging areas to export/import XX TB 1 Copy of the DB + 1 copy as staging area
  • 7. © 2019 Delphix. All Rights Reserved. Private and Confidential. Activity Delivery Time Customer Staff Delphix Server Install Fully Configured Delphix 5.3.x VMGuest 8vCPU 64GB 300GB base storage Masking Engine Started ~ 3 hours VMWare Admin Delphix Masking Admin Validate Masking Setup Connect SQL Environment Masking Training and Review 1 hour setup SQL Server DBA Delphix Masking Admin POV Delphix Masking – On Premise Activity Delivery Time Customer Staff Setup and Run Profiler In Scope domains are: Name, Addr, Birthdate,SSN,Subscriber ID ~ 8 hours Delphix Masking Admin (Architect) SQL DBA Run Masking Job Masking Jobs 4-8 hours Delphix Admin (Architect) SQL DBA Security Analyst Validate Masking Solution 5 items needed for masking Name, Addr, Birthdate,SSN,Subscriber ID 4 Hours Delphix Admin (Architect) Security Review SQL DBA
  • 8. © 2019 Delphix. All Rights Reserved. Private and Confidential. © 2019 Delphix. All Rights Reserved. Private and Confidential. 8 Delphix requirements
  • 9. © 2019 Delphix. All Rights Reserved. Private and Confidential. VMware prerequisites for Delphix Masking engine Refer Docs link for OS specific pre-reqs : https://docs.delphix.com/display/DOCS/Virtual+Machine+Requirements+for+VMware+Platform Component Requirements Notes Virtualization Platform VMware ESX/ESXi 6.x (recommended) VMware ESX/ESXi 5.x (supported) ▪ VMware HA: enable, VMWare DRS: generally disabled ▪ HT sharing: recommend “None”, no sharing of CPUs ▪ ESX Memory Overhead: must leave at least 6% of allocated free of ESX Virtual CPUs 8 vCPUs ▪ CPU reservation is strongly recommended Memory 64GB ▪ Memory reservation is required Storage 500GB of free space (system disk) < 8ms storage latency SCSI Controllers LSI Logic Parallel ▪ 4 vSCSI controllers are required with storage evenly spread across them to maximize data throughput Network < 1 ms network latency for VDB ▪ Between Delphix engine ad DB/File server where data are to be masked ▪ Jumbo frames (9000 bytes MTU) provides improvements to throughput ▪ 10GbE NIC in the ESX Server is recommended
  • 10. © 2019 Delphix. All Rights Reserved. Private and Confidential. Inbound Network Ports – Masking engine • Delphix Masking engine will connect to databases to be masked via jdbc type 4 connection. Used ports will depend on the database type and configuration • Delphix Masking engine will connect to files to be masked via standard FTP/SFTP connection Protocol Port Numbers Use TCP 22 SSH connections to the Delphix Engine. TCP 80 HTTP connections to the Delphix GUI (optional). UDP 161 Messages from an SNMP Manager to the Delphix Engine (optional) TCP 443 HTTPS connections to the Delphix GUI.
  • 11. © 2019 Delphix. All Rights Reserved. Private and Confidential. Outbound Network Ports – Masking engine to SQL Server • Delphix Masking engine will connect to databases to be masked via jdbc type 4 connection. Used ports will depend on the database type and configuration • Delphix Masking engine will connect to files to be masked via standard FTP/SFTP connection Protocol Port Numbers Use TCP 25 Connection to a local SMTP server for sending email. TCP/UDP 53 Connections to local DNS servers. UDP 123 Connection to an NTP server. UDP 162 Sending SNMP TRAP messages to an SNMP Manager. TCP 443 HTTPS connections from the Delphix Engine to the Delphix Support upload server. TCP/UDP 636 Secure connections to an LDAP server. TCP/UDP various Connections to target environments such as databases (JDBC) - for SQL Server default port is 1433 And for files (FTP, SFTP, NFS, or CIFS).
  • 12. © 2019 Delphix. All Rights Reserved. Private and Confidential. © 2019 Delphix. All Rights Reserved. Private and Confidential. Best Practices – Masking
  • 13. © 2019 Delphix. All Rights Reserved. Private and Confidential. Best Practices – Masking Important Considerations for Sizing & Configuration of a Masking Solution • Masking consists of a masking workload, which executes in a masking ecosystem • Masking involves two basic operations: 1. Movement of data via network back-and-forth between Data Store(s) and Masking Engine 2. Calculation/Generation of the masked values locally on the Masking Engine • The basic flow is PULL-MASK-PUSH (PULL = read/retrieve from data store, PUSH=write/send to data store) • “In-Place” masking reads a table, masks, then updates the original table (SELECT – mask – UPDATE) • Only the columns to be masked (and possibly a key) need be moved across the network • The database must locate the row to UPDATE when masked values are returned (extra work for DBMS) • “On-the-Fly” masking reads from one table, masks, the writes a new table (SELECT – mask – INSERT) • ALL columns of the table must be moved across the network • The database can merely add the new row to a heap (new rows can be contiguous, less work for DBMS) • Total masking workload is created by one or more masking Jobs, which can execute concurrently, or serially • How many tables, rows/table, columns/row, specific masking algorithm, in-place or on-the-fly • Ecosystem can constrain masking throughput/performance, balance is important. Masking can be throttled by send/receive.
  • 14. © 2019 Delphix. All Rights Reserved. Private and Confidential. Best Practices – Masking Masking Engine Configuration a.Install Masking Engine in separate, dedicated VM (ie: not in same VM as Virtualization Engine) a. Use Combined OVA version of software, however run in isolated, separate VM CPU Resource Planning – per Masking Job a.Plan for 1 to 2 CPU Cores per Masking Job (depends on specifics of masking workload & capacities of masking ecosystem) Masking Job Configuration Settings a.For virtualized tables to be masked, use “in-place” masking method b. For un-virtualized tables/data sources, conduct analysis to choose method: “on-the-fly” or “in-place” masking b.The following recommendations apply to “in-place” masking of virtualized tables b. Configure ONE (1) Update Thread per Masking Job (Default value is 4; do NOT use Default) c. Configure ONE (1) Stream per Masking Job (Default is 20; Do NOT use Default) a. If you need to mask multiple objects concurrently, use multiple jobs, not multiple streams d. For ANY column being masked which is also indexed, specific the DROP INDEXES check box e. For ANY column being masked which is involved in a trigger, check the DISABLE TRIGGERS check box f. For ANY column being masked with is involved in Integrity Constraints/Declarative Integrity, check the DISABLE CONSTRAINTS check box
  • 15. © 2019 Delphix. All Rights Reserved. Private and Confidential. Best Practices – Masking Database Specific Optimizations a. For SQL Server, make sure that an index exists to address the update, a. otherwise Masking will dynamically add an identity column at start of job, drop index at end of job a. Beware: this can have long-term space implications in the data store b. Since SQL Server must traverse an index for each row to be updated, size of table becomes important a. As row-count in table increases, causing index to grow in depth, more work needed per row to traverse c. A prototype technique exists to segment a single table for parallel masking, however is not universally applicable
  • 16. © 2019 Delphix. All Rights Reserved. Private and Confidential. SQL Compatibility Matrix 16 Supported OS Version SQL Server 2008 SQL Server 2008 R2 SQL Server 2012 SQL Server 2014 SQL Server 2016 SQL Server 2017 SQL Server 2019 Windows Server 2008 R2 Supported Supported Supported Supported N/A N/A N/A Windows Server 2008 R2 SP1 Supported Supported Supported Supported N/A N/A N/A Windows Server 2012 Supported Supported Supported Supported Supported Supported N/A Windows Server 2012 R2 Supported Supported Supported Supported Supported Supported N/A Windows Server 2016 N/A N/A Supported Supported Supported Supported Supported Windows Server 2019 N/A N/A N/A N/A Supported Supported Supported https://docs.delphix.com/docs/datasets/sql-server-environments-and-data-sources/sql-server-support-and-requirements/sql- server-support-matrix
  • 17. © 2019 Delphix. All Rights Reserved. Private and Confidential. Source and Provisioning Environment SQL Server Compatibility Matrix 17 Provisioning Target Environment Source Environment SQL Server 2008 SQL Server 2008 R2 SQL Server 2012 SQL Server 2014 SQL Server 2016 SQL Server 2017 SQL Server 2019 SQL Server 2008 X X X X X X SQL Server 2008 R2 X X X X X SQL Server 2012 X X X X X SQL Server 2014 X X X X SQL Server 2016 X X X SQL Server 2017 X X https://docs.delphix.com/docs/datasets/sql-server-environments-and-data-sources/sql-server-support-and-requirements/sql- server-support-matrix
  • 18. © 2019 Delphix. All Rights Reserved. Private and Confidential. • SQL Server SQL Server • DB User Permission 18 • DB User Permission