cassandra-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Mohit Anchlia <mohitanch...@gmail.com>
Subject Re: security
Date Wed, 09 Nov 2011 15:19:17 GMT
We lockdown ssh to root from any network. We also provide individual
logins including sysadmin and they go through LDAP authentication.
Anyone who does sudo su as root gets logged and alerted via trapsend.
We use firewalls and also have a separate vlan for datastore servers.
We then open only specific ports from our application servers to
datastore servers.

You should also look at Cassandra authentication as additional means
of securing your data.

On Wed, Nov 9, 2011 at 6:39 AM, Sasha Dolgy <sdolgy@gmail.com> wrote:
> Firewall with appropriate rules.
>
>> On Tue, Nov 8, 2011 at 6:30 PM, Guy Incognito <dnd1066@gmail.com> wrote:
>>>
>>> hi,
>>>
>>> is there a standard approach to securing cassandra eg within a corporate
>>> network?  at the moment in our dev environment, anybody with network
>>> connectivity to the cluster can connect to it and mess with it.  this would
>>> not be acceptable in prod.  do people generally write custom authenticators
>>> etc, or just put the cluster behind a firewall with the appropriate rules to
>>> limit access?
>

Mime
View raw message