Protegrity Enterprise Security Administrator (ESA) Server provides customers with centralized, visual administration of data security policies, key management, auditing, and reporting. You must install, host, and manage Protegrity ESA Server outside of the VantageCloud Lake environment.
Review the following installation considerations for setting up Protegrity ESA Server to integrate with VantageCloud Lake on AWS:
- Make sure that your ESA Server is accessible through a VPC Service Endpoint in AWS using PrivateLink. This provides a secure and direct connection between your ESA server and the VantageCloud Lake environment.
- Optionally, you can introduce proxies between the Network Load Balancer associated with the VPC Service Endpoint and the ESA Server. Make sure that the ESA Server remains reachable through the VPC Service Endpoint to allow Data Protectors on VantageCloud Lake to connect to the server.
- Make sure that your ESA web server has a valid license that covers the maximum number of Data Protectors you plan to use in your VantageCloud Lake environment. TheProtegrity User-Defined Functions (UDFs) require Data Protectors to function properly. A Data Protector is installed for each Primary and Compute cluster node when Protegrity is enabled in VantageCloud Lake.
- Teradata recommends using a single ESA Server or ESA cluster with a single VantageCloud Lake environment. This helps streamline your setup and management processes.
For the instructions to install and setup Protegrity ESA Server, see Protegrity Installation Guide 9.1.0.0.