At Continuent we take security seriously. All of the components of a Tungsten Cluster (Proxy/Connector, Manager and Replicator) can be configured with full SSL for all in-flight communication between components, and also for secure communication to the underlying database if supported by the database release/version in use within the customers environment.
For versions up to and including v6.1.13, SSL is disabled by default and can be enabled either before or post install.
From v7.0.0 onwards, SSL is enabled by default.
We have not formally certified/documented these under SOC2, ISO 27001 or any other certification programme. Whilst we manage your database for continuous availability, we do not touch or manage the customer’s data inside those databases, thus we do not believe these certifications would apply.
For more details on enabling and configuring SSL please review our online documentation at https://docs.continuent.com/tungsten-clustering-6.1/deployment-security.html.
From time to time, customers conduct their own internal security reviews, either as part of an internal audit or in preparation for external security certification.
We are often asked a number of questions regarding Tungsten Cluster and/or Tungsten Replicator with regards to our position, and therefore we have compiled the following FAQ that will serve to answer these queries.
Should you have further questions not covered by the below FAQ’s please do not hesitate to contact us.