Security
CDP security components ensure the confidentiality, integrity, and availability of your CDP services and data. CDP’s comprehensive and centralized security features include user authentication, resource access authorization, data encryption, and data governance.
Authentication, a process that requires users and services to prove their identity when trying to access a system resource, is provided by integration with MIT Kerberos and LDAP/AD. Encryption for data at rest or data in motion is provided by TLS, HDFS transparent encryption, Cloudera NavEncrypt, Key Trustee Server, and Ranger KMS. Authorization, or control over who has access to a particular resource or service, is provided by Apache Ranger, Apache HDFS ACLs, traditional POSIX-style permissions for directories and files, and Apache HBase ACLs.
Configuring Authentication in Cloudera Manager
Configure Kerberos authentication in Cloudera Manager.
Cloudera Authorization
Control access to Cloudera Manager resources using LDAP.
Encrypting Data in Transit
Configure TLS/SSL secure networking in Cloudera Manager clusters.
Encrypting Data at Rest
Secure data at rest using encryption mechanisms and key management.
Ranger KMS
How to configure the Ranger KMS.
Navigator Encrypt
How to use Navigator Encrypt to transparently encrypt and secure data at rest.
Key Trustee Server and Key HSM
How to configure the Key Trustee Server key storage and management system and how to use Navigator Key HSM to integrate with a hardware security module (HSM).
Apache Ranger Access Control and Auditing
How to use Apache Ranger for fine-grained access control and auditing.
Apache Knox Authentication
Apache Knox provides perimeter security, a single point of authentication and access for your services, to your CDP cluster.
Additional Security Topics
A collection of How-to guides covering a wide range of advanced Cloudera Manager security topics.
