Deployment Options for Privacera
Deployment Options¶
Privacera offers three deployment options to meet different organizational needs and preferences: PrivaceraCloud, Self-Managed and PrivaceraCloud Data-Plane.
1. PrivaceraCloud¶
PrivaceraCloud Description¶
PrivaceraCloud is a fully managed, Software-as-a-Service (SaaS) offering of Privacera software. It allows customer to use all the features of the Privacera platform through a cloud-based portal without the need to install or manage the software. Additionally, PrivaceraCloud provides the option to deploy the data plane within the customer's Virtual Private Cloud ( VPC). This ensures that sensitive data remains within the customer’s control while leveraging the full capabilities of Privacera’s managed services for policy management, governance, and security.
Key Features:
- Managed Service: Privacera manages all infrastructure, maintenance, and updates, ensuring high availability and reliability.
- Flexible Integration: Organizations can choose to deploy connectors and the Discovery module within their own Virtual Private Cloud (VPC), allowing sensitive data to remain within their control while leveraging Privacera’s managed services.
- Compliance and Security: Benefit from Privacera's robust security practices and compliance certifications, ensuring customers data governance needs are met with the highest standards.
sequenceDiagram
%%{init: {'sequence': {'sequenceNumbers': true}}}%%
participant User
User->>PrivaceraCloud: 1. Create PrivaceraCloud account
User->>PrivaceraCloud: 2. Configure Connectors
User->>PrivaceraCloud: 3. Setup UserSync2. Self-Managed¶
The Self-Managed deployment option allows organizations to run the entire Privacera platform within their own Virtual Private Cloud (VPC). This approach gives organizations full control over the deployment, configuration, and management of Privacera, offering maximum flexibility and customization.
Key Features:
- Full Control: Organizations maintain full control over their infrastructure, data, and governance policies, allowing for customized configurations and optimizations.
- Cloud: Deploy Privacera within any cloud provider's VPC, aligning with the customer’s existing infrastructure and IT strategies.
- Data Security: All components, including control plane, connectors and the Discovery module, operate within the organization's VPC, ensuring sensitive data never leaves their controlled environment.
- Customization: Tailor the deployment to meet the customer’s organization-specific security, compliance, and operational requirements.
sequenceDiagram
%%{init: {'sequence': {'sequenceNumbers': true}}}%%
participant User
User->>CustomerVPC: 1. Basic installation on customer VPC
User->>CustomerVPC: 2. Setup Connectors on customer VPC
User->>CustomerVPC: 3. Setup UserSync
User->>CustomerVPC: 4. Make it production ready
3. PrivaceraCloud Data-plane¶
The Data-plane deployment option gives you best of both the deployment options listed above. You get to use the PrivaceraCloud to manage the data governance and security policies, and audit-store, and some components that access your data-sources are deployed in your cloud provider VPC, thereby ensuring that your data never leaves your cloud provider VPC.
Key Features:
- Compliance and Security: Customer data is retained entirely within the designated cloud provider’s VPC, ensuring maximum security.
- Credentials for Data-Sources: All credentials for data sources are securely stored within the customer’s cloud provider VPC, safeguarding access.
- Managed Service: PrivaceraCloud delivers comprehensive infrastructure, ongoing maintenance, and regular updates, guaranteeing high availability and reliability in managing data governance and security policies, as well as audit information.
sequenceDiagram
%%{init: {'sequence': {'sequenceNumbers': true}}}%%
participant User
User->>PrivaceraCloud: 1. Create PrivaceraCloud account
User->>CustomerVPC: 2. Basic installation on customer VPC
User->>CustomerVPC: 3. Setup Connectors on customer VPC
User->>CustomerVPC: 4. Make customer VPC setup production readyDeployment Options Comparison¶
By providing PrivaceraCloud, self-managed options, and data-plane deployment alternatives, Privacera empowers customers to select the most appropriate approach for their organization's data governance and security requirements. This enables organizations to choose between a fully managed service, complete control over their deployment, or a hybrid solution, thereby aligning with their specific operational needs.
To help customers select the most suitable deployment option, the table below outlines the key differences between PrivaceraCloud and Self-Managed deployments:
| Feature | PrivaceraCloud (SaaS) | Self-Managed | PrivaceraCloud Data-plane |
|---|---|---|---|
| Deployment Location | Hosted by Privacera | Customer's VPC | Management interface and Audit store are hosted by Privacera. Components accessing your data are hosted in your cloud provider VPC. |
| Management Responsibility | Managed by Privacera | Managed by Customer | Data-plane components managed by Customer |
| Scalability | Easily scalable; managed by Privacera | Customer-managed scaling | Data-plane components scaled by Customer |
| Infrastructure Maintenance | Handled by Privacera | Customer responsibility | Infrastructure for Data-plane components is Customer responsibility |
| Connector Deployment | Option to deploy in customer's VPC | Deployed in customer's VPC | Deployed in Customer's VPC |
| Discovery Module Deployment | Deployed in customer's VPC | Deployed in customer's VPC | Deployed in Customer's VPC |
| Control Over Environment | Limited to configuration and policies | Full control over infrastructure and environment | Full control over the Data-plane components |
| Compliance and Security | Managed compliance and security standards by Privacera | Customer-managed compliance and security | Customer-managed compliance and security of Data-plane components |
| Updates and Patches | Automatically managed by Privacera | Customer responsible for updates and patches | Customer responsible for updates and patches of Data-plane components |
| Operational Overhead | Minimal for the customer | Higher, as managed by the customer | Medium, only limited to data-plane components |
| Data Residency | Data can remain in customer's VPC with connectors and Discovery module | All data and components reside in customer's VPC | All data and credentials reside in customer's VPC |
By considering these differences, customers can select the deployment option that best aligns with their organization's operational preferences, control requirements, and resource capabilities.
Recommendation¶
Privacera recommends utilizing PrivaceraCloud with the data plane deployed within the customer’s Virtual Private Cloud (VPC). This configuration offers a comprehensive solution: Privacera oversees the management of data governance and security policies, as well as the audit store, while certain components that access the customer’s data sources are deployed within their cloud provider's VPC. This ensures that sensitive data remains securely within the customer’s cloud environment.
- Next: Base Installation