SynxDB Security Configuration Guide

This guide describes how to secure a SynxDB system. The guide assumes knowledge of Linux/UNIX system administration and database management systems. Familiarity with structured query language (SQL) is helpful.

Note Synx Data Labs supports PostgresSQL 9.4 until SynxDB 2 is End of Support /End of Life (EOS/EOL). For the exact support period timeframes for each SynxDB release, contact Synx Data Labs.

Important SynxDB is based on PostgreSQL, therefore certain commercial security scanning software, when trying to identify SynxDB vulnerabilities, may use a PostgreSQL database profile. The reports generated by these tools can produce misleading results, and cannot be trusted as an accurate assessment of vulnerabilities that may exist in SynxDB. For further assistance, or to report any specific SynxDB security concerns, contact SynxDB.

Because SynxDB is based on PostgreSQL 9.4, this guide assumes some familiarity with PostgreSQL. References to PostgreSQL documentation are provided throughout this guide for features that are similar to those in SynxDB.

This information is intended for system administrators responsible for administering a SynxDB system.

• Securing the Database
  Introduces SynxDB security topics.
• SynxDB Ports and Protocols
  Lists network ports and protocols used within the SynxDB cluster.
• Configuring Client Authentication
  Describes the available methods for authenticating SynxDB clients.
• Configuring Database Authorization
  Describes how to restrict authorization access to database data at the user level by using roles and permissions.
• Auditing
  Describes SynxDB events that are logged and should be monitored to detect security threats.
• Encrypting Data and Database Connections
  Describes how to encrypt data at rest in the database or in transit over the network, to protect from eavesdroppers or man-in-the-middle attacks.
• Security Best Practices
  Describes basic security best practices that you should follow to ensure the highest level of system security. 

About Endpoint Security Software

If you install any endpoint security software on your SynxDB hosts, such as anti-virus, data protection, network security, or other security related software, the additional CPU, IO, network or memory load can interfere with SynxDB operations and may affect database performance and stability.

Refer to your endpoint security vendor and perform careful testing in a non-production environment to ensure it does not have any negative impact on SynxDB operations.