scalability - Database security / scaling question -
Usually I use a database like MySQL or PostGreSQL on the same machine because the application using it, which makes it easy to access And becomes safer. I'm just building the first site in which there will be a separate physical database server (later this year). I am thinking of 3 things:
- (Security) What should I consider for security related initiatives to access a different machine database?
- (scalability) Should they consider scalability issues related to their (technology Ahnostic)?
- (More
ServerFault
ish but related) If DB is started on the same physical server (using separate VMVero VM) and later on going to a different physical server Are there unequivocal problems that I have to deal with?localhost
? Still, another VMM has not been used through
if these questions are completely ridiculous, then I apologize to you DB experts.
Easy, I'll provide you safe .. well, security with the physical location of the database server There is a lot to do.
However to get your three questions:
- First of all, see how you can limit access to database tables using the database server security model . That is, if your application is not required to drop a table, make sure that the user is not used to connect to it, the second does not have the ability to encrypt the connection between the database server and your application. See. Through Kerbero in windows it is very transparent and can also be implemented by group policy settings, is not certain about other platforms. Third, what are the databases in the database to encrypt the data, "in the comfort", what It basically supports the encryption of real data files?
The issue here is that your application has only one entry point on the database server. Ask yourself, what if someone could connect directly without leaving their app using your application credentials? Next, ask if they can get SQL injection issues. Also, ask yourself, if any one is able to keep track of your IP traffic going between your app and server, what information should be taken? May be. Can they see any data? Finally, ask yourself, what if they found a copy of the database?
The length you go to # 1 is going to depend on many factors such as how valuable the data is (example: what would happen to you, your company, or your customers if it was lost); And, how much time do you have to come up with an ideal solution?
-
Scalability: This is the work of pure load. Unfortunately, the only way to measure most database applications is to scale. Which means that you can get a large database server, as needed. The heap overflow went through this very long ago. Some database types (nosql, mongodb, etc.) support a concept called shredding or comb creator, not MySQL, PostGreSql, etc. Instead you have to design the app specifically to handle it. It means that not using things like rising keys of auto, etc. It can be a royal pitcher ... That's why scaling up is a very easy possibility depending on your application.
-
Another VM is not available through "localhost" The localhost defines access to your current server whether or not the server is a VM, it is useless. You must refer to your database server by name. Now, when moving the database from another physical server to VM, it should have zero effect because it is referencing it by name. There is no other idea than this.
Comments
Post a Comment