Welcome back! In today’s post I will be continuing my discussion of my building a Solutions Designs for an enterprise level deployment of Delphix…
Jeannine Crownover
Jul 28, 2016
Share
Welcome back! In today's post I will be continuing my discussion of my building a Solutions Designs for an enterprise level deployment of Delphix Virtual Data systems in our fictitious healthcare company. If you are new to Delphix technology, please go to https://www.delphix.com or just search for Delphix online.
To bring you up to speed from the last post, here is the project history and requirements deliverables we are working toward, please refer to my previous blogs listed here in order...
You have Delphix Now What | Delphix Goals and Objectives
After the goals and objectives are determined, I generally move on to building out the solution design document. To me this will be the document I refer to most throughout all phases of the implementation. Solution Design Documents vary form architect to architect and the figure below shows the contents that I address for my Delphix Deployments. Feel free to use my template or develop your own. For brevity the table of contents shown here does not include the 3 level styles. If you would like the full template, I will be posting the deliverable templates and a PowerPoint on my final installment of this series.
1.0 Project Background............................................................................................. 6
1.1 Solution Goals Objectives................................................................................... 6
2.0 Technology Descriptions..................................................................................... 8
2.1 Delphix Virtual Data Engine ................................................................................ 8
2.2 Jet Stream Self-Service....................................................................................... 10
2.3 Agile Masking...................................................................................................... 13
2.4 Integration Services............................................................................................. 14
2.5 IT Operations....................................................................................................... 15
2.6 Data Services....................................................................................................... 16
2.7 Hosting ................................................................................................................ 16
2.8 Networking........................................................................................................... 17
3.0 Theory of Operations............................................................................................. 19
3.1 VCDMS Provisioning Flow.................................................................................... 19
3.2 Masking Process Flow.......................................................................................... 19
3.3 Roles and Responsibility...................................................................................... 19
3.4 Quality Management............................................................................................ 20
4.0 Next Practices (What changes with Delphix) ................................................... 25
4.1 VDB and VApp Request Process........................................................................ 25
4.2 Data Self Services............................................................................................... 28
4.3 CMDB Updates................................................................................................... 31
4.4 DBA Oprations .................................................................................................... 33
5.0 Migration Process................................................................................................ 36
5.1 RDBMS .............................................................................................................. 36
5.2 Applications........................................................................................................ 41
5.3 Automation Tasks............................................................................................... 48
6.0 Masking Process................................................................................................. 52
6.1 Corporate Security Policies................................................................................ 52
6.2 Databases........................................................................................................... 55
6.3 File Systems........................................................................................................ 61
6.3 Audit Trails........................................................................................................... 66
7.0 High Level Timeline.............................................................................................. 71
7.1 Preplanning and Solutioning .............................................................................. 71
7.2 Initialization and Startup..................................................................................... 72
7.3 Development Configuration and Integration....................................................... 73
7.4 Operations and Maintenance.............................................................................. 74
The section is used to describe each part of the integrated functional components to educate the audience on each piece. I break this part to the third and fourth level outline and summarize the function each plays in the company and in the Delphix VDCMS. I also include the summary diagram you see in figure 7.0; it provides a great a reference chart for QA or any augmented staff. The template will have the Delphix descriptions many of the standard IT functions. I will indicate areas that will be specific to the company you are engaged with. For instance, the template will discuss EMC's Symmetrix Storage Platform; but your company may be using Pure Storage so you will want to modify appropriately.
The following diagram depicts the high-level functional components identified for the Delphix DevOps enterprise rollout initiative:
For those of you new to Delphix, this tends to be the most complex task of defining yet it is as simple as explaining how the company will inject Delphix Operations into their current operational flows. In most instances the process of copy data management provisioning is well known in an organizations while some companies maintained a more formalized approach others can be less formal. In the end, Secure Delphix has 4 main operational areas: The VCDMS provision flow since now one must consider the Delphix objects; The masking process since Delphix Agile masking may eliminate the multiple tools used in current system or perhaps this would be a new process for some companies; there will be additional roles and responsibilities with administration tasks of the Delphix Software; and Data Governance processes change due to the data currency the masking process, and self service aspect of Delphix VCDMS.
The Delphix administrator will be the primary control point for requested virtual database (vDB) and Virtual Application (vApp) environments. The use of the ITIL service requests will be the means to communicate the need for a new vDB and vAPP for my fictitious healthcare company The ITIL tool will need to be configured to support the Delphix technology and will be setup during the Delphix implementation project. The swim lane diagrams shown here provide a glimpse of what a vDB and vApp request process will look like with Delphix VCDMS in place.
Remember Delphix VCDMS is provisioning databases from a dSource that is continually synchronizing with production level data prior to provisioning this data to non-production environment the sensitive data will be masked. What data elements to be masked and how to maintain reliable replacement data will be defined during the requirements analysis and design but the appropriate security and data analysts. The masking process itself is straightforward in terms of theory of operations, there will be more detail defined for each and every masking task decision point.
For operational controls only masking will be completed on all non- production database objects and readable files where HIPAA related data is stored. This means all database tables and database controlled external files, incoming files, all outgoing files and all application logs files. The only exception will be during a break fix scenario where these systems will be for short term as the teams work to fix a production data related issue. All Delphix database masking occurs on masking virtual databases that will then become the source for all down stream provisioning of vDB.
For this enterprise level deployment of Secure VDCMS a full masking solution will need to be identified and implemented. I will address that full process in a separate blog. For this Theory of Operations discussion on this topic, I will keep it specific to the agile masking routine only. The Agile masking process is summarized in the figure below.
Similarly, all incoming EDI files, Health Exchange Files, client FTP files with production level data used for non-production development and testing will be masked prior to being made available to DevOps. The Figure below summarizes the File Level Agile Masking process. Once again I have left a process open for Break fix operations.
The following chart provides a synopsis of the roles and responsibilities of the company's staff in terms of administrations and operations of the Delphix Reference Infrastructure. The list under each role heading mixes standard responsibilities along with where the Delphix piece fits in. For instance the Data Base Administrators do not give up any responsibilities they would have without Delphix VCDMS in terms of RDBMS licensing and installation tasks they just need to ensure Delphix best practices is followed and a Delphix DB user is created.
The data governance processes must be reviewed for changes in the data delivery. The refresh processes from production to the downstream systems will need to be controlled and appropriate test data interjection points identified. For instance, is refresh request a simple production refresh with masking to begin a new development on a new release or is the refresh in the middle of a release in which case what test data needs to be added back to the environment. The process flow chart shown here provides the decision tree process for a typical refresh data governance process.
This ends the blog for today. It looks like I made it through the Theory of Operation. I don't want to make these blogs too overwhelming; I hope to keep them to 20 minutes of reading at most. So next week I will continue discussing the content requirements for the last 4 TOC topics.