- Platform Release 6.5
- Privacera Platform Installation
- Privacera Platform User Guide
- Privacera Discovery User Guide
- Privacera Encryption Guide
- Privacera Access Management User Guide
- AWS User Guide
- Overview of Privacera on AWS
- Configure policies for AWS services
- Using Athena with data access server
- Using DynamoDB with data access server
- Databricks access manager policy
- Accessing Kinesis with data access server
- Accessing Firehose with Data Access Server
- EMR user guide
- AWS S3 bucket encryption
- Getting started with Minio
- Plugins
- How to Get Support
- Coordinated Vulnerability Disclosure (CVD) Program of Privacera
- Shared Security Model
- Privacera Platform documentation changelog
Introduction to Privacera Platform
Overview
Privacera is an Integrated Data Governance and Security Platform for the Cloud-First Enterprise. It enables enterprises to maximize the value of their data by ensuring consistent governance, security, and compliance across all their cloud and on-premises data and storage services. This online help describes the Portal features and functionalities as seen in the UI.
Login to Privacera Portal
Note
Privacera portal listens on port 6868. Access it using http://${Portal_HOST}:6868. You can also use the quick link from Ambari in the case of HDP. Privacera portal uses the same username and password as of Ambari Admin portal for HDP.
Go to http://${Portal_HOST}:${Portal_PORT}
Enter the Username and Password in the respective fields.
Click Login.
The Privacera home page displays.
User Interface
Header Section
This header has the options shown here:
Expand & Collapse: This option allows you to expand and collapse the left panel of the Privacera homepage.
Notification: This option allows you to view the list of critical issues or warnings with respect to activities performed in the application. For more information see Notifications.
Environment: This indicates the current environment of the application such as PRIVACERA_PROD.
Timezone: This option allows you to view and change the current timezone.
User Menu: This option allows you to view the current user of the application. This menu contains with Profile, About, Logout options.
Profile: This option allows you to view information about the current user and current user can change his password as well.
About: This option allows you to view the current version of the application.
Logout: This option allows you to logout from the application.
Left Panel Navigation
The left menus are displayed based on the Roles assigned to the user. For more information see User Management.
This section describes on a high level the different navigation options available to everyone:
Discovery: This feature helps enterprises to discover information about their data and usage. It takes files (HDFS), folders, databases such as Hive as input, scans it, and then adds a tag to sensitive data and classifies them as such.
Dashboard: This feature gives the overall scanning details such as total number of scanned files, scanned columns, etc. Additionally, it provides classification of resources.
Data Source: This feature allows you to add the resources for scanning.
Tags Information: This feature allows you to create and manage the tags. This is a critical element for discovery and access control.
Dictionaries: This feature uses content type and meta type based detectors to find specific data elements in your data resources. There are various common dictionaries provided by the Privacera platform to detect certain common dictionaries based on data elements such as PERSON_NAME, URL, etc.
Patterns: This feature uses regular expression based detectors to find specific data elements in your data resources. There are many common patterns provided by the Privacera platform that helps to find common patterns based on the data elements such as Email, URL etc.
Models: This feature works as a detector to find specific data elements in your data resources. The detection is done by using various algorithms and heuristics.
Rules: This feature allows you to configure custom rules and manage them along with system-provided rules that can be used for classification.
Scan Setup: This feature allows you to set up global settings for System Classification and to set the minimum review score.
Scan Status: This feature allows you to view offline scanning progress.
Data Inventory: This section contains following features:
Data Explorer: This feature allows you to view all the data for the applications. For example: in HDFS, it displays the actual HDFS folders and respective data. For Hive, it displays the list of databases and tables in the database.
Classifications: This feature allows you to view the list of resources that have been tagged.
Review: This feature allows you to view the list of resources that have been categorized for review.
File Explorer: This feature allows you to view all the data for the applications. This will allow you to upload a file using this feature.
Launch Pad:
Access Management: This feature helps to add and administer the various supported Services and Policies under the following:
Resource Policies: This feature allows you to add a new policy for a particular service.
Tag Policies: This feature allows you to use existing/familiar resource-based policy UI for tag-based policies.
Service Explorer:
User/Group/Roles: This feature allows you to create and give permissions to users, groups, and roles.
Permissions: The feature allows you to set permission to user roles.
Reports: The feature allows you to manage the policies more efficiently as the number of policies grow. This page will list all the policies from HDFS, HIVE, HBASE, KNOX, YARN, KAFKA, SOLR, and STORM.
Audits: Audits are a record of an action or attempted action by a user or service. Privacera provides the following different types of audits:
Admin - Administration operations inside the Portal. For creating users, groups, roles or creating or editing policies.
Login Sessions - Users logging into the Portal.
UserSync - shows records of the UserSync application pulling users and groups from an external service. Each time it tries to sync with the service a summary of the results will be recorded. (Number of new users, new groups, modified users, modified groups.. time of the sync. And some additional details depending on the type of service being synced.
Policy Sync - shows operations/queries that the Policy Sync application performs on the external service it is configured for. For example, creating users, group/role memberships, or modifying policy (permission grants/revokes).
Security Zone: This feature enables multiple administrators to set up security policies for a service, based on the admin rights that is set for those zones.
Compliance Workflow: This section contains following features:
Alerts Dashboard: This feature allows you to view the alerts based on data zone policy that is created.
Data Zone Dashboard: This feature allows you to group and mark the different areas within your data lake to serve specific, well-defined purpose.
Data Zone Movement: This feature allows you to view a summary of the Data Zone movement.
Data Zones: This feature allows you to group and mark different areas within your data lake to serve a specific and well-defined purpose. It also helps you to apply different policies and workflow on those resources for a more fine-grained control.
Encryption & Masking: This feature allows you to mask the sensitive data based on tags. For example, a data analyst might look at the person's name which does not reveal the subject but cannot look at both the person name and DOB. Privacera's dynamic data masking policies allows you to mask sensitive data depending on the role of the person. A call center agent who needs to verify the identity of a customer needs to be allowed to look at the unmasked value, while the data analysts and data scientists running advanced analytics should be prevented from looking at personal data.
Schemes:
Formats: This feature allows you to view the list of Datatypes with their scope which will be used during annoymization. While creating schemes, you can specify the format type.
Encryption: This anonymize data.
Reports: This feature allows you to view the various reports.
Built-in Reports: This feature allows you to view and generate various types of reports such as Discovery And Classification, Audit Summary, and Data Governance.
Saved Reports: This feature allows you to multi-select saved reports and export it as a CSV file.
Offline Reports: This feature allows you to save the reports if it contains large number of rows and exporting process requires time, then it gets move to Offline Reports section.
Settings: This section contains the following features:
Data Source Registration: This feature allows you to add and enable the application which need to be scanned.
User Management:This feature allows you to create user with multiple roles such as ROLE_SYS_ADMIN, Role_ADMIN etc. Also you can edit and delete the existing users if the user having permission with respect to role.
Data Subject Rights:
Databricks Policies:
Import / Export: This feature allows you to import or export Patterns, Dictionary, Model, Data Zones and Tag Information using JSON file.
Token Generator: This feature allows you to generate Certificate and JCEKS.
System Configurations: This feature allows you to set the System properties as well as Custom properties in the Privacera portal.
Diagnostics: This section contains following features:
Health Check: This feature allows you to check all the information related to system such as Kafka, HBase, Solr, HDFS, Discovery etc.
Logs: This feature displays all the information related to system logs such as Error, Warning, Information, and Unknown.
Metrics: Metrics provides a powerful toolkit of ways to measure the behavior of critical components in your production environment.
Events:
Help:
Menu Reordering
API Documentation: Links to Privacera API documentation.
