Deployment Options

Overview

Code42 Next-Gen DLP deployment options

Code42 Next-Gen DLP can be delivered in three ways. All three of our deployment options meet or exceed rigorous industry standards for data security.

  1. Cloud
  2. Cloud with customer-managed keystore
  3. On-premises

Code42 architecture defined

Authority
The Code42 authority serves three primary functions: it’s the central point of administration, it connects to existing directory services solutions (i.e. SSO, Active Directory) and it controls the provisioning of encryption keys.

Encryption keys
Encryption keys are used to encrypt data before transmission to storage as well as to decrypt data on the device when a file is recovered. Data is always stored separately from encryption keys.

Storage
The place where encrypted data blocks are kept in user-aligned archives. Archives are encrypted with keys that are unique to each user.

Code42 Next-Gen DLP app
The application installed on laptops and desktops that collects files and monitors file activity.

Cloud

Powerful features, streamlined deployment
Cloud deployment customers don’t need to oversee infrastructure or software. Code42 takes care of management, monitoring, upgrades and patches — allowing you to benefit from a simple, streamlined deployment with fast time to value. Cloud customers leverage Code42 data centers located throughout the world. Learn how encryption keys are managed in a cloud deployment.

Configuration diagram 1.

Code42 responsibilities
  • Deploy, manage and monitor the authority
  • Manage Code42 Cloud storage
  • Perform upgrades and patches
Customer responsibilities
  • Administer the Code42 Next-Gen DLP console and app
Technical considerations
  • Authentication takes place vis SSO using SAML 2.0
  • Provisioning (automated user management) takes place using SCIM 2.0
  • On-premises storage is not supported

Cloud with customer-managed keystore

Powerful features, keys you control
In this deployment, you get the same expert management and scalability of the standard cloud deployment, but with control over where encryption keys are located. You can store your encryption keys in your desired location — whether in your data center or in a virtual environment that you manage. Contact us to learn more about how you can manage your encryption keys.

Configuration diagram 2.

Code42 responsibilities
  • Deploy, manage and monitor the authority
  • Manage Code42 Cloud storage
  • Perform upgrades and patches
Customer responsibilities
  • Administer the Code42 Next-Gen DLP console and app
  • Host, upgrade, manage and patch an instance of Code42 Keystore in your environment
Technical considerations
  • Authentication takes place vis SSO using SAML 2.0
  • Provisioning (automated user management) takes place using SCIM 2.0
  • On-premises storage is not supported

On-premises

In this deployment, you manage the authority. Some or all backup data is stored in your data center or in a virtual environment that you manage. On-premises deployments are well-suited for organizations who require data to be stored in their own physical data centers.

Configuration diagram 3.

Code42 responsibilities

Issue upgrades and patches of the Code42 Next-Gen DLP server and application software only

Customer responsibilities
  • Host an authority on dedicated hardware or in a virtual environment
  • Procure storage hardware based on software system requirements
  • Manage, monitor, upgrade and patch the authority
  • Perform backups of the authority database
  • Maintain on-premises storage
  • Administer the Code42 Next-Gen DLP console and app
Technical considerations

Features offered in this deployment vary from features available in the cloud deployment model. The full functionality of Code42 Next-Gen DLP cannot be offered in an on-premises deployment

Code42 data center locations

  • United States
  • Amsterdam
  • Ireland
  • Singapore
  • Sydney

Want to learn more?

Contact Code42 to learn more about Next-Gen DLP.