Download vShield Administration Guide - vShield Manager 5.5

vShield Data Security Management
15
vShield Data Security provides visibility into sensitive data stored within your organization's virtualized
and cloud environments. Based on the violations reported by vShield Data Security, you can ensure that
sensitive data is adequately protected and assess compliance with regulations around the world.
To begin using vShield Data Security, you create a policy that defines the regulations that apply to data
security in your organization and specifies the areas of your environment and files to be scanned. A
regulation is composed of content blades, which identify the sensitive content to be detected. vShield
supports PCI, PHI, and PII related regulations only.
When you start a Data Security scan, vShield analyzes the data on the virtual machines in your vSphere
inventory and reports the number of violations detected and the files that violated your policy.
You can perform all data security tasks using REST APIs. For more information, see the vShield API
Programming Guide.
This chapter includes the following topics:
n
“vShield Data Security User Roles,” on page 183
n
“Defining a Data Security Policy,” on page 184
n
“Editing a Data Security Policy,” on page 186
n
“Running a Data Security Scan,” on page 187
n
“Viewing and Downloading Reports,” on page 187
n
“Creating Regular Expressions,” on page 188
n
“Available Regulations,” on page 188
n
“Available Content Blades,” on page 204
n
“Supported File Formats,” on page 223
vShield Data Security User Roles
A user's role determines the actions that the user can perform.
Role
Actions Allowed
Security Administrator
Create and publish policies and view violation reports. Cannot start or stop a data security scan.
vShield Administrator
Start and stop data security scans.
Auditor
View configured policies and violation reports.
VMware, Inc.
183