Securing an Anzo Environment

This topic lists the recommended procedures to follow to strengthen the security of Anzo environments.

Set up Firewall Rules

In order to protect the environment from malicious systems and prevent man-in-the-middle attacks or leaking of data source credentials, firewall rules should be configured for the Anzo network. Rules should allow outbound connections only to trusted data sources and services. For information about the ports that need to be opened for inbound and outbound connections to support normal operations, see Firewall Requirements.

Review the Default Access Policies

Default Access Policies are the security policies that are applied by default to the artifacts that are stored in Anzo. Artifacts are all of the objects that are created when connections to data sources and applications are made and when data is onboarded to Anzo. For example, when users connect to a database or a file source, those connections are stored as artifacts, and when the data from a data source is ingested, the resulting schema, model, graphmart, and any generated datasets are also artifacts. All artifacts of the same type are stored in a particular registry, and each registry has a Default Access Policy associated with it. The Default Access Policies control the base permissions to assign to an artifact when it is created—before permission inheritance and user-configured sharing is applied. For more information about Default Access Policies, permission inheritance, and sharing, see Artifact Access Control Concepts.

By default, most Default Access Policies give the creator of an artifact Admin rights to that artifact, meaning the creator can view, modify, and delete that artifact. In addition, the Everyone role (i.e. all authenticated users) is given View permissions for the artifacts, meaning all authenticated users can see that an artifact exists but they cannot modify or delete it. After installation and before new artifacts are created, Cambridge Semantics recommends that you review the Default Access Policy configuration for your server and make any desired modifications. For more details and instructions, see Managing Default Access Policies.

Replace the Self-Signed Certificate with a Trusted Certificate

Anzo installations include a self-signed certificate that can be replaced with your own trusted file. For instructions on replacing the default certificate, see Replacing the Self-Signed Certificate.

Use Query Contexts to Store Sensitive Information

When you connect to data sources with manually written Graph Data Interface (GDI) queries (see Onboarding or Virtualizing Data with SPARQL Queries), you may be required to include sensitive connection and authorization information such as keys, tokens, and user credentials. When configuring data layers or steps, Cambridge Semantics strongly recommends that you store all sensitive connection and authorization values in a Query Context and then refer only to the context keys in GDI queries. Values in Query Contexts are abstracted from the requests that are sent to the data source and AnzoGraph. Any values that are specified directly in a query are transmitted as part of the request. For details about Query Contexts, see Using Query Contexts.