There was a recent post about performance that also talked about using Open VPN to encrypt traffic from clients to server

http://www.mail-archive.com/user@cassandra.apache.org/msg20058.html


I've not looked at thrift encryption. 

Cheers


-----------------
Aaron Morton
Freelance Developer
@aaronmorton

On 1/02/2012, at 12:33 PM, Maxim Potekhin wrote:

Hello,

do you see any value in having a web service over cassandra, with actual client-clients talking to it via https/ssl?
This way the cluster can be firewalled and therefore protected, plus you get decent auth/auth right there.

Maxim


On 1/31/2012 5:21 PM, Xaero S wrote:

I have been trying to figure out how to secure/encrypt the traffic between the client (Hector) and the Cassandra Server. I looked at this link https://issues.apache.org/jira/browse/THRIFT-106 But since thrift sits on a layer after Hector, i am wondering how i can get Hector to use the right Thrift calls to have the encryption happen? Also where can i get the instructions for the any required setup for encrypting the traffic between the Hector client and the Cassandra Server?

Would appreciate any help in this regard. Below are the setup versions

Cassandra Version - 0.8.7
Hector - 0.8.0-2
libthrift jar - 0.6.1


On a side note, we have setup internode encryption on the Cassandra server side and found the documentation for that easily.