ok, thx for the input!
On 09/11/2011 15:19, Mohit Anchlia wrote:
We lockdown ssh to root from any network. We also provide individual
logins including sysadmin and they go through LDAP authentication.
Anyone who does sudo su as root gets logged and alerted via trapsend.
We use firewalls and also have a separate vlan for datastore servers.
We then open only specific ports from our application servers to
datastore servers.
You should also look at Cassandra authentication as additional means
of securing your data.
On Wed, Nov 9, 2011 at 6:39 AM, Sasha Dolgy<sdo...@gmail.com> wrote:
Firewall with appropriate rules.
On Tue, Nov 8, 2011 at 6:30 PM, Guy Incognito<dnd1...@gmail.com> wrote:
hi,
is there a standard approach to securing cassandra eg within a corporate
network? at the moment in our dev environment, anybody with network
connectivity to the cluster can connect to it and mess with it. this would
not be acceptable in prod. do people generally write custom authenticators
etc, or just put the cluster behind a firewall with the appropriate rules to
limit access?
