A PK Protect installation consists of a controller, repository database, and one or more IDPs (Intelligent Data processors).
The controller interacts with the user via the PK Protect User Interfaces (both normal and admin), the PKWARE Command Line (DGCL), or the PK Protect REST APIs. It mediates the interactions between the IDPs and the PK Protect front end. It authenticates users, routes requests to the appropriate IDP(s), conveys results back to the user, and logs all activities for auditing purposes. It stores data such as connection information, search parameters, and masking instructions.
The repository database is used by the controller to store and retrieve the user, access control, IDP details, task definitions, and job results. Postgres is the default database that is shipped with the product, however, MySQL, SQL Server, or Oracle, as well as RDS variants of these can also be used.
There are four IDPs:
RDBMS Detection: Scans the network for databases and searches their content for sensitive data. Also referred to as Discover or Discovery IDP.
RDBMS Masker: Masks sensitive data in RDBMSs such as Oracle, SQL Server, and DB2.
Files: Detects sensitive data in files and, optionally, masks it.
Cloud IDP: Can be configured for either GCS or S3. Creates a cluster installed with PK Protect’s S3 or GCS IDP.
Once the controller, repository database, and IDPs are installed, and configured, PK Protect can be launched using a web browser or from the Start menu. PK Protect is bundled with a default set of software it needs to function.