BRIX relies on a set of proven security technologies for data storage and exchange: PostgreSQL, MongoDB, S3, RabbitMQ, and Redis. Interactions with external systems are secure due to JWT authentication and server-side authorization check. The communication between microservices is organized through secure HTTP and gRPC protocols. Ingress rules are used to expose the services from within the cluster to services outside the cluster via HTTP and WebSocket protocols. Due to such configuration, direct access to cluster services is not allowed.
PostgreSQL is used as a primary database, providing all the necessary security features. For the BRIX Cluster, we advise hosting DBMS on dedicated servers and managing its security separately from the primary system. Make sure that you have read the server installation and security instructions carefully:
- PostgreSQL installation guide.
- Server administration.
- Server setup and operation.
- Connections and authentication.
- Client authentication.
- Database roles.
The BRIX system also uses the MongoDB database. For the BRIX Enterprise edition, we advise hosting database software on a dedicated cluster managed separately. Read the installation and security configuration guide carefully:
The BRIX system uses S3-compatible object storage to store user and temporary files. By default, we offer an S3 MinIO solution that is relatively simple to deploy and administer. MinIO ensures confidentiality and integrity of the processed data through server-side encryption and digital signatures with a limited validity period. For the BRIX Enterprise edition, we advise hosting S3-compatible object storage in a dedicated cluster. If you decided to deploy S3 MinIO, read the corresponding security manual carefully:
Please note that the security of the server operating system, virtualization provider, and the physical server is a client’s responsibility and is not part of BRIX On‑Premises security framework.