- About Us
-
Secure, unlimited storage to ensures efficiency as well as high and continuous data access demand.
Virtual server integration for 3D Rendering, AI or ML
Enhance application capacity and availability.
Access to an all-inclusive stack for AI development, driven by NVIDIA’s powerful technology!
FPT Web Application Firewall provides powerful protection for web applications
Advanced virtual server with rapid scalability
Backup and restore data instantly, securely and maintain data integrity.
Advanced virtual server with rapid scalability
Access to an all-inclusive stack for AI development, driven by NVIDIA’s powerful technology!
Enhance application capacity and availability.
Backup and restore data instantly, securely and maintain data integrity.
Recovery, ensuring quick operation for the business after all incidents and disasters.
Diverse throughput and capacity to meet various business workloads.
Secure, unlimited storage to ensures efficiency as well as high and continuous data access demand.
FPT Web Application Firewall provides powerful protection for web applications
Intelligent and Comprehensive Virtual Web Application Firewall - Security Collaboration between FPT Cloud and Penta Security.
The Next generation firewall security service
Easily store, manage, deploy, and secure Container images
Safe, secure, stable, high-performance Kubernetes platform
Provided as a service to deploy, monitor, backup, restore, and scale MongoDB databases on cloud.
Provided as a service to deploy, monitor, backup, restore, and scale Redis databases on cloud.
Provided as a service to deploy, monitor, backup, restore, and scale PostgreSQL databases on cloud.
System Monitoring Solution anywhere, anytime, anyplatform
Helps reduce operational costs by up to 40% compared to traditional BI solutions, while improving efficiency through optimized resource usage and infrastructure scaling. - Pricing
- Partner
- Event
Managed – FPT Database Engine
-
Concepts
-
Initial Setup
-
Tutorials
-
Peformance & Benchmark
-
Troubleshooting
-
FAQs
-
Glossary
-
This section describes how applications connect to database clusters in a FPT Database Engine environment, including endpoints, access models, and network security controls.
Database endpoint
A database endpoint is an access point provided for applications to connect to the database cluster. Depending on the deployment model, the endpoint may point to:
- A database instance (Single Node).
- A DB Proxy representing a database cluster (HA).
Using endpoints decouples application logic from database cluster architecture and minimizes the impact of topology changes or failover events.
Private and public access
The FPT Database Engine supports two access models:
- Private access: The database cluster is accessible only within a private network (VPC/VNet), suitable for high-security environments.
- Public access: The database cluster exposes a public endpoint, allowing Internet access with additional security controls.
Choosing an access model should consider security, performance, and application architecture requirements.
Security Groups and Floating IP
In a DBaaS environment, Security Groups and Floating IPs are used to control and manage network access to database clusters in a flexible and secure manner.
Security Group
A Security Group is a set of stateful firewall rules that allow or deny inbound and outbound traffic to a database instance based on:
- IP address / CIDR
- Port
- Protocol
Security Groups enforce the least privilege principle, allowing database cluster access only from authorized sources such as:
- Applications within the same VPC/VNet.
- Authorized bastion hosts or management systems.
Changes to Security Group rules take effect immediately and do not require database cluster restarts.
Floating IP
A Floating IP is a public IP address that can be dynamically associated or disassociated with a database instance, enabling Internet access when required. Floating IPs are commonly used for:
- Connectivity from external systems (on-premises or third-party services).
- Temporary administrative or operational access.
- Testing and integration environments.
When a Floating IP is enabled, users must combine it with Security Group to:
- Restrict allowed source IP ranges.
- Expose only required database ports (e.g., 3306, 5432, 1433).
Security notes
- Floating IPs should be enabled only when necessary.
- Private Access is recommended for production environments.
- Always apply minimum exposure when configuring Security Group rules.