Blogs

Be the first person to recommend this.
We are aware of the recently published vulnerabilities in OpenSSL v3.0.0 - 3.0.6 ( CVE-2022-3602 & CVE-2022-3786 ). OpenSSL 1.1.1 and 1.0.2 are not affected by this issue.  These vulnerabilities are only realized in certain circumstances where an attacker can control the content of a certificate presented to either a client or server and either a CA has signed a malicious certificate or the victim continues certificate verification despite failure to construct a path to a trusted issuer.   Delphix products do not use any of the affected versions of OpenSSL. Impact: There is no impact to the Delphix Continuous Data (Virtualization) ...
0 comments
1 person recommends this.
MSSQL Advanced database connectors are widely used to permit customers to access their databases via a domain user account on the Delphix Continuous Compliance engine (KBA reference: Configuring_Masking_Connector_for_Microsoft_SQL_(MSSQL)_(KBA1214) ). However, starting from Delphix Continuous Compliance version 6.0.6.0, customers are able to provide a Customer Properties File where they can pass on to the JDBC driver all the extra properties required. Please consider updating your configuration to take advantage of this new functionality, as we may deprecate the MSSQL Advanced connectors in a future release. Advanced Connector Configuration ...
0 comments
3 people recommend this.
We are excited to announce that with the upcoming 6.0.15 release targeted for July 2022, we will have completed the transition of all of our masking algorithms to the new algorithm library. The completed algorithm library affords our customers a number of important improvements over our legacy algorithm technology, including performance, extensibility, security, and portability. As we have upgraded our algorithms, we have strived to make sure we are producing the same output values as before in order to minimize re-mask events in your environments. We took this approach because we are extremely sensitive to the amount of effort required to re-mask interdependent ...
0 comments
3 people recommend this.
We are aware of the recently reported denial of service (DoS) vulnerability in Spring Framework , reported as CVE-2022-22950 . This vulnerability is only realized in cases where the Spring Expressions Language (SpEL) is in use (see both the announcement from spring.io and the analysis from Checkmarx ).  Delphix products do not make use of SpEL and are not impacted by this vulnerability. Impact There is no impact to either the Delphix Virtualization (Continuous Data) engine or the Delphix Masking (Continuous Compliance) Engine. There is no impact to Data Control Tower (DCT) SaaS. There is no impact to Data ...
0 comments
1 person recommends this.
We are aware of the recently reported remote code execution (RCE) vulnerability in Spring Framework , reported as CVE-2022-22965 . The current state of analysis is that while this is potentially a serious vulnerability, it is only exploitable in certain conditions, notably JDK 9 or higher is required and Spring Framework versions 5.3.0 to 5.3.17, 5.2.0 to 5.2.19, and older versions are affected, in addition the application has to be packaged as a traditional WAR (in contrast to a Spring Boot executable jar).  JDK 8 is not impacted as the change that intersects with Spring Framework to create this vulnerability was introduced in Java 9+ (see both the ...
0 comments
1 person recommends this.
We are aware of the recently reported news regarding a potential security incident with Okta (and the update ). At this time we have no indication of impact to Delphix products, services, or customers. Okta is used as part of our integration with customer identity systems in our Data Control Tower SaaS product. Data Control Tower SaaS is used for Delphix Engine management and does not have access to the data managed by the engines. We are actively investigating and taking precautionary measures. We are in communication with our contacts at Okta and continue to monitor this event. This is a developing industry event and we will be providing updates here ...
1 comment
3 people recommend this.
Please take this opportunity to review and become familiar with the Delphix Masking Inventory Reassignment Guide found in the linked community libray. This guide will help you through the process of updating existing inventories to leverage the new Delphix algorithm frameworks using the API Client and/or DXM Toolkit.  The API Client includes a user interface, is delivered with Delphix Masking, and is recommended for most use cases discussed in the linked document.  The DXM Toolkit is an open source project created by Delphix Services which uses the API to ease repetitive activities. A download link for the DXM Toolkit is found in the appendix of the guide.   ...
0 comments
Be the first person to recommend this.
The Delphix TLS 1.0 and 1.1 End-of-Life was put into place to reduce risk related to any security vulnerabilities related to the legacy TLS versions. Customers who are interested in verifying whether they are impacted by the EOL should take the following steps: JDBC Connections (Masking only) Masking engines leverage TLS to secure JDBC connections. In order to verify whether any of your masking workloads are impacted by this EOL, please run the following checks: Check for potentially affected JDBC connectors. Only “Advanced” database connectors or JDBC connectors making use of the Connector's property interface (introduced in 6.0.6) may ...
0 comments
Be the first person to recommend this.
Hello Delphix Community, We are reaching out to let you know that with the upcoming Delphix 6.0.11 release (November 2021), Delphix will deprecate Oracle 11.1 and 12.1 and End-of-Life support for Oracle 10:  Oracle 10 End-of-Life:   Delphix features related to Oracle 10 have transitioned from primary to extended support effective immediately. This means that Delphix will no longer develop new patches or workarounds related to Oracle 10. Oracle 10 will not be supported in new versions of Delphix starting with the 6.0.11 release. Oracle 11.1 Deprecation:   Oracle 11.1 has reached “End of Extended Support” from Oracle and no longer qualifies for Oracle-sourced ...
0 comments
Be the first person to recommend this.
Hello Delphix Community, We are reaching out to let you know that TLS 1.0 and 1.1 support has reached End-of-Life (EOL) as of the 6.0.11.0 release for both virtualization and masking engines. The reason for this is to promote a security-centric product experience as TLS 1.0 and 1.1 are legacy protocols with known vulnerabilities.  What this means is that 6.0.11.0 will be the final release that will have TLS 1.0 and 1.1 as configuration options for the Delphix setup app. However, these options only apply for GUI and API calls and do not apply for masking and JDBC connections. Delphix encourages that customers move to TLS 1.2 or 1.3 for connection encryption ...
1 comment
1 person recommends this.
Introduction This post shows how to create a DataGuard standby database using V2P. The article uses a VDB as the source instance, however the procedure will also work with a V2P created directly from a dSource. It should be noted, This procedure is neither officially supported or tested by Delphix, as such cannot be guaranteed to function as described in future versions. Instructions are provided as a guide only and should be tested and verified against specific Delphix and Oracle versions being used in your environment.  Any VDB refresh/rewind operation performed after the standby is created will result in the DataGuard log transport failing. In ...
0 comments
Be the first person to recommend this.
Beginning with the introduction of our modern, Java-based extensible algorithm approach in the 6.0.3.0 release , Delphix has been creating new and improved versions of our existing algorithms.  We would like to provide formal notice of deprecation and planned End-of-Life (EoL) for the older algorithm versions and to inform customers that they should start planning their transition to the new and improved algorithms.  While both old and new algorithms will be available in releases up to July 1, 2022, the EoL algorithms will be removed from all Delphix releases shipped after that date. The below table can be found in our documentation and will be updated ...
0 comments
1 person recommends this.
Introduction Legacy Custom Algorithms (formerly known as Mapplets) will be EOL and removed from all Delphix Masking releases shipped after July 1st, 2022 . This guide explains how to check if you are using a Legacy Custom Algorithm, deprecated with the February, 2021 Deprecation/End-of-Life Notice - Legacy Masking Features/Version Support announcement, and how to convert them to an equivalent configuration using other supported options. How to identify if you are affected You can check if you have any legacy custom algorithms installed either through the GUI or API. Using the GUI Login to the Masking Engine. Navigate ...
0 comments
1 person recommends this.
Introduction The Database Rule Set options to specify a Table Suffix, Add Column, Join Table, and List on a table have been deprecated and will be removed from the product. This article describes how to identify if you are using these options, and, if so, how to convert them to an equivalent configuration using other, supported options. Background The Masking Engine allows a rule set table’s setting to be customized. These settings can be edited using the Edit Table Settings dialog  (Rule Set -> Edit -> Edit Table). This dialog is shown in the following screenshot: Note: This dialog is only applicable for database rule sets. ...
0 comments
2 people recommend this.
Delphix Dashboards App for Splunk Getting Started   Prerequisites Splunk version 7.x or later. One event type index named delphix_events . One metrics type index named delphix_metrics . Delphix Engine 5.3.x or later. Delphix Dashboards app from Splunkbase (https://splunkbase.splunk.com/app/4946/).   Steps: I nstall the Delphix Dashboards app on Splunk. Configure Splunk HEC Token.  Configure Splunk integration on each Delphix Engine. Install the Delphix Dashboards App on Splunk (Step 1) Launch Splunk, and then select Apps>Install app from file . Browse to the Delphix Dashboards app ...
1 comment
1 person recommends this.
This guide explains how to check if you are using one of the features in the February, 2021 Deprecation/End-of-Life Notice - Legacy Masking Features/Version Support announcement. The following resources provide helpful information on the new extensible algorithms: Extensible Algorithms in the Masking documentation. The Extensible Masking Algorithms community.  Further custom algorithm queries are handled through your Customer Success representative. Please reach out to them so they might direct you to the appropriate resources or services. Legacy Custom Algorithms (Custom Mapplets) You can check if you are using any ...
0 comments
1 person recommends this.
What is TDE? The Oracle Transparent Data Encryption feature encrypts the sensitive data (database tables and tablespaces) stored on the disk. This prevents misuse of the data, if the disks or storage mediums are lost or stolen. The data is transparently decrypted for the authorized users when they access the data. Data is encrypted with the help of encryption keys which are stored in an external module or file, known as the wallet or keystore .  (Note: terms which are in italics on their first usage are summarized in the Definitions section further in this document.) The keystore is managed by an authorized user, and can be either ...
0 comments
1 person recommends this.
Hello, I am trying to find compatibility information for HANA 2.0 Plugin Version 4.3.1. I can see that it is supported on SUSE 12 SP4 Operating System from the link below. However, it doesn't say if it is supported on SUSE on IBM POWER Architecture. https://docs.delphix.com/docs/release-notes/data-source-integration-plugin-release-notes/hana-release-notes/hana-2-0-plugin-version-4-3-1-release-notes#HANA2.0PluginVersion4.3.1ReleaseNotes-SUSELinux Could you please share if it is supported for SUSE on IBM POWER Architecture? Thank you #SUSE
1 comment
2 people recommend this.
Our security strategy incorporates industry best practices of identification, authentication, authorization, and auditing for each control we build into our platform. We cover our recent security enhancements and unpack how they align with evolving enterprise InfoSec standards and policies. This article was originally published on the Delphix website here  December 8, 2020. Security is consistently ranked as one of the top concerns of our customers. Sometimes, it’s even the gatekeeper for teams to adopt Delphix, the warden to keep your data safe, and the bridge builder to your existing enterprise systems. Security is paramount to ...
0 comments