This article explains, at a high-level, the primary functions for of Data Security Manager (DSM). This article also offers Armor's recommendations for creating Vormetric policies.
Video Tutorial
...
Widget Connector | ||||||||||
---|---|---|---|---|---|---|---|---|---|---|
|
Prerequisites
...
Before you begin, you must have:
General understanding of the Vormetric product
General knowledge of the directories/folders on your server that potentially contain encrypted data
Primary DSM Functions
...
DSM serves two main functions:
Expand | ||
---|---|---|
| ||
Also known as at-rest file encryption, transparent file encryption performs two tasks:
|
Expand | ||
---|---|---|
| ||
The DSM configures policies that control access to encrypted directories. These Vormetric-protected directories are called GuardPoints. These GuardPoints allow the DSM Security Administrator to:
|
Policy Functions
...
There are two main parts to every policy:
Security rules
Encryption Key
Each policy contains a set of rules called Access Control Rules. These rules control:
Access to specific GuardPoints
The encryption key used for encrypting and decrypting
When you create these rules, keep in mind that:
The policy's rules read in descending order, similar to firewall rules.
Each policy rule consist of five criteria that must be met before Vormetric grants users or processes permission to access the GuardPoints.
There can be several rules in each policy, but only one encryption key per operational policy.
There can only be one policy per GuardPoint.
Policy Creation
...
The number of policies to create varies on the type of data and server you want to guard. Different GuardPoints require different access rules; web servers, database servers, and file servers all host different types of sensitive data and should be protected accordingly. Using the same policy for multiple servers may weaken your security.
...
To better understand how many policies you should create, Armor recommends that you create a policy for each server role, similar to the following example:
Web_Server_Policy
Application_Server_Policy
Database_Server_Policy
File_Server_Policy
Next Step: Create a Starter Policy with Learn Mode
...
Topics Discussed
Table of Contents | ||||
---|---|---|---|---|
|