Product Description


dbWatch Control Center is a database operations and monitoring platform designed to provide visibility, automation, and control over large-scale, multi-platform database environments. It supports database monitoring, job automation, reporting, and management across on-premises, cloud, and hybrid infrastructure.

This section provides a high-level product description with emphasis on architecture elements relevant to security design, identity and access control, encryption, and deployment architecture.


Core Architecture and Components

At the heart of any dbWatch deployment is the Control Center Server, which functions as the central management point. The Control Center Server can take on multiple roles, the most critical of which is:

For a visual overview of this architecture, see:

Additional key components include:

All components communicate over TLS-encrypted channels managed by the internal certificate infrastructure.


Supported Platforms

dbWatch Control Center is platform-agnostic and supports the following database systems:

It runs on both Windows and Linux operating systems, and can manage databases hosted in local datacenters, private clouds, or public cloud environments.


Multi-Tiered Deployment

A secure dbWatch setup typically includes:

This design allows for segmentation, scalability, and distributed workload processing, while keeping the trust model centralized through the Domain CA.


Internal Trust Model and Authentication

All Control Center components authenticate using certificates issued by the Domain CA. When new nodes are registered to the domain, they receive a signed certificate from the CA, enabling mutual TLS authentication between nodes.


Administrative Access and User Roles

User access to the system is controlled by an internal role-based access control (RBAC) system. Each user is assigned a set of privileges that govern:

For more information, see:


Secure Communication and Encryption

All communication between Control Center components is encrypted using TLS. Internally generated certificates ensure trusted communication without relying on external certificate authorities. For external interfaces (e.g., HTTPS), a customer-provided certificate may be used.


Additional Security Topics

For technical security configuration, see related documentation:


Summary

dbWatch Control Center follows a security-by-design approach, with:

This product architecture allows for flexibility and scalability without compromising on security fundamentals.