Integrating and Configuring EDB
This chapter describes how to configure and integrate Enterprise DB Postgres Advanced Server (EDB) with CTE in Linux. It contains the following sections:
Overview
EDB provides database management software to get more functionality from PostgreSQL. EDB offers secure, scalable, advanced and enterprise-class PostgreSQL solutions. Advanced Server extends PostgreSQL with the security and performance features that enterprises need. It’s also compatible with Oracle databases.
Prerequisites
Refer to EDB documentation for information on how to setup and configure EnterpriseDB.
Preparing to Create GuardPoints
Before you can safely reboot your machine, create GuardPoints, and administer any of the services, you must perform the following steps:
-
Stop the EDB service.
-
Open the
/lib/systemd/system/edb-as-13.servicefile. -
Below the [Unit] section, add the following line:
Requires=secfs-fs-barrier.service. -
Save the file and exit.
-
Open the file:
/lib/systemd/system/secfs-fs-barrier.service. -
At the end of the [Before] clause, add
edb-as-13.service. -
Save the file and exit.
-
Type:
systemctl daemon-reload. -
Type:
systemctl start edb-as-13.service. -
Reboot the system.
-
Stop the EDB.
-
Restart SecFS.
-
Start the EDB service again.
Integration with CTE
The following describes how to integrate EDB with CTE using an offline dataxform policy:
-
Enable and start EDB.
-
Create a database with sample data.
-
Install the latest CTE build. Refer to the CTE Agent Linux Quick Start Guide for more information.
-
Register CTE with a CipherTrust Manager.
-
Stop the EDB service.
-
Guard the EDB data and log directories with a Dataxform policy.
For example, create a policy that transforms from Clear key to AES256.
-
Perform a data transformation on both directories.
-
After Dataxform finishes, guard both directories with a policy using the correct key.
For example, use AES256 on both directories.
-
After the database and log directories are guarded, start the EDB service again.
