Skip to content

Data Access Security Virtual Appliance Cluster Creation

Data Access Security's Data Classification engine identifies and categorizes data based on data sensitivity, its impacts, and the importance of the data to the business. Data Classification enables organizations to identify business-critical information and “crown jewels”, such as intellectual property, as well as sensitive and regulated data, that need to be tightly governed to comply with regulations.

In order to take advantage of Data Classification within their environments, Administrators need to create and deploy dedicated Data Access Security Data Classification Collection Virtual Appliance (VA) Clusters and worker VA instances to perform the classification of information.

Creating a Data Access Security Data Classification Collection VA and VA Clusters is very similar to creating the Identity Security Cloud VAs and Clusters.

Perform the same steps as described in Deploying VAs.

Important

The only difference when creating a Data Classification Collection VA and Cluster is the type selection.

You can create a dedicated cluster for Data Access Security Data Classification Collection VA in one of two ways:

  • Creating a cluster through the Data Access Security Application Configuration wizard
  • Creating a cluster through IdentitySecurity Cloud VA Cluster Management screens

Cluster Creation with Data Access Security Application Configuration

  1. In the Data Classification configuration step in the Application Configuration Wizard, use the Data Collection Cluster dropdown to select an existing one to be used by the applications.

  1. If there are no available clusters in the dropdown or if the clusters are being used to capacity and you would like to associate the configured applications to a new cluster, select the plus (“+”) icon next to the Data Collection Cluster dropdown to add another cluster.
  2. A confirmation message is displayed asking you to confirm the operation. Upon approval, a new cluster is created with a default name of “DAS data classification collector cluster”. Subsequent clusters will have a number added to their name to differentiate the ones previously created.

Cluster Creation with IdentitySecurity Cloud

  1. To create a Data Access Security Data Classification Collection Cluster, go to Admin > Connections > Virtual Appliances.

The list of existing VA clusters can be viewed as cards or in a table.

Any previously created clusters that were created through the Data Access Security Application Wizard, mentioned above, will automatically appear here.

  1. On the VA Clusters page, select Create New to create a new cluster.

  1. Provide a unique Cluster Name and Cluster Description. You cannot have two clusters with the same name in your organization.
  2. Select a Time Zone. The cluster time zone determines the GMT offset when scheduling account aggregations and entitlement aggregations for the connected source.
  3. Within Cluster Type, select the Data Access Security Data Classification Collection.
  4. This step is optional. Select Enable Debugging to start 24 hours of debug-level (verbose) logging for all VAs in this cluster. This can be helpful in case you need to troubleshoot anything.
  5. Select Save.

Creating and Configuring Your Virtual Appliance

After configuring the new VA Cluster, continue to create VAs for this cluster by following the same steps to create a standard IdentitySecurity Cloud VA. Resume at Step 7 of Creating VAs.

Note

Create new VAs to associate them with the Data Access Security Data Classification Collections VA Clusters. Do not associate existing IdentitySecurity Cloud VAs with Data Access Security Data Classification Collections Clusters. VAs cannot migrate across cluster types.

A VA Cluster can contain one or more VAs. We recommend adding multiple VAs to support redundancy and high-availability, as well as scale per performance.

A VA Cluster can service multiple applications and can be associated with one or more applications. There is no need to create a separate cluster for each application performing Data Classification tasks, as there is no coupling between applications and clusters.

All application types, including cloud applications, require a Data Classification Collection VA to perform Data Classification data collection tasks.