CDP security components ensure the confidentiality, integrity, and availability of your CDP services and data. CDP’s comprehensive and centralized security features include user authentication, resource access authorization, data encryption, and data governance.
Authentication, a process that requires users and services to prove their identity when trying to access a system resource, is provided by integration with MIT Kerberos and LDAP/AD. Encryption for data at rest or data in motion is provided by TLS, HDFS transparent encryption, Cloudera Navigator Encrypt, Navigator Key Trustee Server, and Ranger KMS. Authorization, or control over who has access to a particular resource or service, is provided by Apache Ranger, Apache HDFS ACLs, traditional POSIX-style permissions for directories and files, and Apache HBase ACLs.
Configure Kerberos authentication in Cloudera Manager.
Control access to Cloudera Manager resources using LDAP.
Configure TLS/SSL secure networking in Cloudera Manager clusters.
Secure data at rest using encryption mechanisms and key management.
How to configure the Key Trustee Server key storage and management system.
How to use Navigator Encrypt to transparently encrypt and secure data at rest.
How to use Navigator Key HSM to integrate with a hardware security module (HSM).
How to use Apache Ranger for fine-grained access control and auditing.
Apache Knox provides perimeter security, a single point of authentication and access for your services, to your CDP cluster.
A collection of How-to guides covering a wide range of advanced Cloudera Manager security topics.