Thank you Tom for your response. I've been doing some reading about those you suggested; however if I'm not using Kerberos and Active Directory; I'm only using single user account then the multiple layers of security will not work for our environment correct?
Thanks, ~ Thuy On Thu, Apr 9, 2020 at 12:23 PM Yerex, Tom <[email protected]> wrote: > Good morning Thuy, > > > We are focused on multiple layers of security, beginning with the firewall > but also local access control and monitoring down to individual processes > running in the environment. > > Kerberos is a mechanism that is discussed as a security mechansim and I > have had it working with Active Directory and a UNIX-based Kerberos > provider (Ldap as well). Ranger provides a lot of auditing and insight. > > In our environment, we have a moat around the cluster with strictly > controlled and monitored access points. > > Cheers, > > Tom. > > > On 2020-04-08 14:16:13-07:00 ThuyT wrote: > > Hello all, > Has anyone try to secure Apache Metron cluster? I scanned for open ports > and there are about 30-50 open ports on each node of my 4-node cluster. I > know Storm uses majority of these ports for workers. I've enabled SSL on a > few component services, but don't know how to secure all open ports. Any > thoughts or ideas are welcome and appreciated. > thanks, > ~ Thuy > >
