Cassandra Database Security
|
|
- Silas Scott Burke
- 5 years ago
- Views:
Transcription
1 Cassandra Database Security Author: Mohit Bagria NoSQL Database A NoSQL database (sometimes called as Not Only SQL) is a database that provides a mechanism to store and retrieve data other than the tabular relations used in relational databases. These databases are schema-free, support easy replication, have simple API, eventually consistent, and can handle huge amounts of data. The primary objective of a NoSQL database is to have Simplicity of design, Horizontal scaling, and Finer control over availability. History of Cassandra: Cassandra was developed at Facebook for inbox search. It was open-sourced by Facebook in July Cassandra was accepted into Apache Incubator in March It was made an Apache top-level project since February What is Apache Cassandra? Apache Cassandra is an open source, distributed and decentralized/distributed storage system (database), for managing very large amounts of structured data spread out across the world. It provides highly available service with no single point of failure.
2 Listed below are some of the notable points of Apache Cassandra: It is scalable, fault-tolerant, and consistent. It is a column-oriented database. Its distribution design is based on Amazon s Dynamo and its data model on Google s Big table. Created at Facebook, it differs sharply from relational database management systems. Cassandra implements a Dynamo-style replication model with no single point of failure, but adds a more powerful column family data model. Cassandra is being used by some of the biggest companies such as Facebook, Twitter, Cisco, Rackspace, ebay, Twitter, Netflix, and more. Features of Cassandra: 1. Elastic Scalability 2. Always on Architecture 3. Fast Linear Scale Performance 4. Flexible Data Storage 5. Easy Data Distribution 6. Transaction Support 7. Fast Writes Data Replication in Cassandra: In Cassandra, one or more of the nodes in a cluster act as replicas for a given piece of data. If it is detected that some of the nodes responded with an out-of-date value, Cassandra will return the most recent value to the client. After returning the most recent value, Cassandra performs a read repair in the background to update the stale values.
3 The following figure shows a schematic view of how Cassandra uses data replication among the nodes in a cluster to ensure no single point of failure. Security in NoSQL Database: In all the NoSQL databases, Security has been a weak point. No NoSQL database provides complete security. After recognizing this weak point in Cassandra and due to very high demands from customers and open source community, Apache Cassandra and Datastax enterprise decided to provide security feature in Apache Cassandra and Datastax enterprise.
4 There are two types of Security in Apache Cassandra and Datastax Enterprise. 1. Internal Authentication 2. Authorization What is Authentication and Authorization:- Internal authentication is basically validating user connection. The user is authenticated with login and password. All the user accounts are managed in Cassandra internally. Internal authorization deals with user's permission. It deals with what actions user can be performed. For example, we can give user's permission such as which user has only data read permission, which user has data write permission and which user has data delete permission. External authentication is the authentication that is supported with Kerberos (Kerberos is used to manage credentials securely) and LDAP (LDAP is used for holding authoritative information about the accounts, such as what they're allowed to access). Apache Cassandra does not support external authentication. Only Datastax enterprise supports external authentication with Kerberos and LDAP. Whereas internal authentication is supported both in Apache Cassandra as well as Datastax enterprise. Configure Authentication and Authorization In Cassandra, by default authentication and authorization options are disabled. You have to configure Cassandra.yaml file for enabling authentication and authorization. Open Cassandra.yaml file and uncomment lines that deals with internal authentication and authorization.
5 In Cassandra.yaml file, by default, authenticator value is 'AllowAllAuthenticator'. Change this authenticator value from 'AllowAllAuthenticator' to 'com.datastax.bdp.cassandra.auth.passwordauthenticator' Similarly, in Cassandra.yaml file, by default, authorizer value will be 'AllowAllAuthorizor'. Change this authorizer value from 'AllowAllAuthorizor' to 'com.datastax.bdp.cassandra.auth.cassandraauthorizor'. Cassandra Cqlsh: Cassandra provides a prompt Cassandra query language shell (cqlsh) that allows users to communicate with it. Using this shell, you can execute Cassandra Query Language (CQL). Using cqlsh You Can: Define a Schema Insert data Execute a Query
6 Starting Cqlsh: Start cqlsh using the command cqlsh as shown below. It gives the Cassandra cqlsh prompt as output. Cqlsh: As discussed above, this command is used to start the cqlsh prompt. In addition, it supports a few more options as well. The following table explains all the options of cqlsh and their usage.
7 Logging in Cassandra: Now authentication is enabled, if you try to access any key space, Cassandra will return an error. By default, Cassandra provides the super account with user name 'cassandra' and password 'cassandra'. By logging in to 'Cassandra' account, you can do whatever you want. Let's see the below screenshot for this, where it will not allow you to login if you are not using the default Cassandra "username" and "password". Now, in the second screenshot, you can see after using Cassandra default login credential, you are able to login. You can also create another user with this account. It is recommended to change the password from the default. Here is the example of login Cassandra user and change default password.
8 How to Create a New User New accounts can be created with the 'Cassandra' account. For creating a new user, login, the password is specified along with whether the user is super user or not. Only Super user can create new users. Command: cqlsh > create user robin with password manager superuser; Command: cqlsh> create user Laura with password newhire ; You can get a list of all users by the following syntax. Command: Cqlsh> list users; Output: Name User cassandra True Laura False Robin True Droop User by the Syntax:- Command: cqlsh drop user Laura; Authorization: Authorization is the assigning permission to users that what action a particular user can perform. Here is the generic syntax for assigning permission to users.
9 Syntax: GRANT permission ON resource TO user There are following types of permission that can be granted to the user: Here are examples of assigning permission to the user. Cqlsh> create user laura with password newhire ; Cqlsh> grant all on dev.emp to laura; Cqlsh> revoke all on dev.emp from laura; Cqlsh> grant select on dev.emp to laura; A new user 'laura' is created with password 'newhire'. Here is the example where user 'laura' try to access emp_bonus table. Laura has only permission to access dev.emp and no permission to this table dev.emp_bonus that's why an error was returned. Cqlsh:dev> select * from emp_bonus;
10 Bad Request: user laura has no select permission on <table dev.emp_bonus> or any of its parents. You can get a list of all permissions that is assigned to the user. Here is the example of getting permission information. Cqlsh> list all permissions of laura; You can also list all the permission on the resource. Here is the example of getting permission from a table. Other Security: Encryption: Datastax Enterprise includes support for transparent data encryption of data as it is written to disk, but it requires a secure local file system. In addition, if you require the commit logs to be encrypted, you will need a file system encryption capability such as that delivered by IBM Security Guardium Data Encryption.
11 Auditing: This is an area where Guardium provides significant added value. Although Cassandra has a general logging facility (which can be used for troubleshooting and point-in-time recovery) it would require a significant amount of work for an organization to create timely audit reports. And as stated in the product documentation, "increasing logging levels can generate heavy logging output on a moderately trafficked cluster. How Guardium facilitates compliance and protects Cassandra databases We will focus on Guardium Activity Monitoring. Capabilities such as database discovery, data classification, and vulnerability assessment are not currently available in Guardium for Cassandra at this time. How Guardium activity monitoring works Guardium continuously monitors data activity by using lightweight software probes, called S-TAPs, without relying on logs. The S-TAPs also do not require any configuration changes to the Cassandra servers or applications. The other major component in the Guardium architecture is the collector, which is tamper-resistant hardware, software, or virtual appliance. This architecture is optimized for speed and facilitates separation of duties.
12 To keep the processor usage on the database servers very low, the S-TAPS immediately intercept messages at the OS level and forward data activity to the collector. Depending on how much activity you decide to audit, the processor usage on the cluster should be no more than 2-4 percent. Audited data events are stored in the collector's tamper-resistant repository, which is inaccessible other than by the Guardium interfaces and cannot be deleted. These capabilities provide significant added value of reliance on native auditing, including: Separation of Duties: For security and compliance, it's an accepted best practice not to enable privileged users, such as DBAs, to also be in control of security; in addition, it s critical to monitor everything that they do on any system that includes sensitive data. The information security team can administer Guardium regardless of whether audit logging is enabled on the database server or not. Speed of detection and Integration with Security operations: Real-time alerts can be specified for a wide variety of conditions, and you will learn how to specify those here. When breaches occur, being able to detect and react quickly can mean the difference between a hugely damaging loss and a minor inconvenience. Speed of Compliance: Demonstrating compliance can be time consuming and burdensome as these often require some level of regular review and signoff. Guardium not only lets you create the reports that you need to satisfy audit requirements, it also has a robust workflow capability that integrates into your business processes and saves all sign-offs and reviews as part of the audit trail. You'll read more about this later in the article. Guardium includes hundreds of prebuilt reports, including reports that are designed to jump-start compliance reporting for SOX, HIPAA, PCI-DSS, and Data Privacy. See related topics for a link to a developer Works article on using accelerators.
13 Datastax enterprise provides Some Security Features: Client to node encryptions for Cassandra which includes an optional, secure form of communication from client machine to database cluster. Client to server SSL. This ensures that data is not compromised inflight. Administrators can create, drop and alter internal users using CQL that are authenticated to Cassandra database cluster Permissions can be granted to user to perform certain task after their initial authentication JMX authentication can be enabled and tools such as node tool and Datastax Ops Center can be configured to use this authentication Ability Configure and use external Security tools like Kerberos Provides a Transparent data encryption (TDE) to help protect at rest data. (At rest data is data that has been flushed from the memtable in system memory to the SSTables on disk) The following are security issues associated with NoSQL databases: Administrative user or authentication is not enabled by default. It has a very weak password storage Client communicates with server via plaintext(mongodb) Cannot use external encryption tools like LDAP, Kerberos etc Lack of encryption support for the data files Weak authentication both between client and the servers Vulnerability to SQL injection Denial of service attacks. Data at rest is Unencrypted. The Available encryption solution isn t production ready Encryption isn t available for client communication.
14 Configuration Firewall: If the firewall is running, following ports must be opened for communication between nodes including some Cassandra ports. If Cassandra ports will not be opened, Cassandra nodes will act as standalone database server rather than joining the database cluster. Cassandra Client Ports: Port Number Description 9042 Cassandra Client Port 9160 Cassandra Client Port Thrift Cassandra Inter-Node Ports: Public ports: Port Number Description 7000 Cassandra Internode Cluster Communication 7001 Cassandra SSL internode Communication 7199 Cassandra JMX Monitoring Port Port Number Description 22 SSH Ports 8888 Ops Center website. Browse Http Request. Cassandra Ops Center ports: Port Number Description Ops center Monitoring Port Ops Center Agent Port
15 Summary: This tutorial explains about security in Cassandra and configuring Cassandra.yaml file for enabling security. Besides this it also explains how new user account can be created, assignment of permission, configuring the firewall, and so on.
. International Journal of Advance Research in Engineering, Science & Technology. Identifying Vulnerabilities in Apache Cassandra
Impact Factor (SJIF): 4.542. International Journal of Advance Research in Engineering, Science & Technology e-issn: 2393-9877, p-issn: 2394-2444 Volume 4, Issue 4, April-2017 Identifying Vulnerabilities
More informationWhat s New in DataStax Enterprise 3.0? A Guide for Developers, Architects and IT Managers. White Paper
What s New in DataStax Enterprise 3.0? A Guide for Developers, Architects and IT Managers White Paper BY DATASTAX CORPORATION FEBRUARY 2013 Contents Introduction 3 Why DataStax Enterprise? 3 Use Cases
More informationAxway API Management 7.5.x Cassandra Best practices. #axway
Axway API Management 7.5.x Cassandra Best practices #axway Axway API Management 7.5.x Cassandra Best practices Agenda Apache Cassandra - Overview Apache Cassandra - Focus on consistency level Apache Cassandra
More informationKenna Platform Security. A technical overview of the comprehensive security measures Kenna uses to protect your data
Kenna Platform Security A technical overview of the comprehensive security measures Kenna uses to protect your data V3.0, MAY 2017 Multiple Layers of Protection Overview Password Salted-Hash Thank you
More informationCassandra- A Distributed Database
Cassandra- A Distributed Database Tulika Gupta Department of Information Technology Poornima Institute of Engineering and Technology Jaipur, Rajasthan, India Abstract- A relational database is a traditional
More informationChoosing the level that works for you!
The Encryption Pyramid: Choosing the level that works for you! Eysha S. Powers eysha@us.ibm.com IBM, Enterprise Cryptography Extensive use of encryption is one of the most impactful ways to help reduce
More informationCassandra, MongoDB, and HBase. Cassandra, MongoDB, and HBase. I have chosen these three due to their recent
Tanton Jeppson CS 401R Lab 3 Cassandra, MongoDB, and HBase Introduction For my report I have chosen to take a deeper look at 3 NoSQL database systems: Cassandra, MongoDB, and HBase. I have chosen these
More informationA NOVEL APPROACH FOR HOTEL MANAGEMENT SYSTEM USING CASSANDRA
A NOVEL APPROACH FOR HOTEL MANAGEMENT SYSTEM USING CASSANDRA Hima S 1, Varalakshmi P 2 and Surekha Mariam Varghese 3 Department of Computer Science and Engineering, M.A. College of Engineering, Kothamangalam,
More informationMySQL Enterprise Security
MySQL Enterprise Security Mike Frank Product Management Director Safe Harbor Statement The following is intended to outline our general product direction. It is intended for information purposes only,
More informationIntro Cassandra. Adelaide Big Data Meetup.
Intro Cassandra Adelaide Big Data Meetup instaclustr.com @Instaclustr Who am I and what do I do? Alex Lourie Worked at Red Hat, Datastax and now Instaclustr We currently manage x10s nodes for various customers,
More informationTop 10 Database Security Threats and How to Stop Them. Rob Rachwald Director of Security Strategy
Top 10 Database Security Threats and How to Stop Them Rob Rachwald Director of Security Strategy Data Has Value Data Has Value Top 7 Attacks Discussed in Hacker Forums 11% 9% 12% 12% 15% 21% 20% dos/ddos
More informationADVANCED DATABASES CIS 6930 Dr. Markus Schneider
ADVANCED DATABASES CIS 6930 Dr. Markus Schneider Group 2 Archana Nagarajan, Krishna Ramesh, Raghav Ravishankar, Satish Parasaram Drawbacks of RDBMS Replication Lag Master Slave Vertical Scaling. ACID doesn
More informationITS. MySQL for Database Administrators (40 Hours) (Exam code 1z0-883) (OCP My SQL DBA)
MySQL for Database Administrators (40 Hours) (Exam code 1z0-883) (OCP My SQL DBA) Prerequisites Have some experience with relational databases and SQL What will you learn? The MySQL for Database Administrators
More informationIT Service Delivery and Support Week Three. IT Auditing and Cyber Security Fall 2016 Instructor: Liang Yao
IT Service Delivery and Support Week Three IT Auditing and Cyber Security Fall 2016 Instructor: Liang Yao 1 Infrastructure Essentials Computer Hardware Operating Systems (OS) & System Software Applications
More informationIntroduction to Big Data. NoSQL Databases. Instituto Politécnico de Tomar. Ricardo Campos
Instituto Politécnico de Tomar Introduction to Big Data NoSQL Databases Ricardo Campos Mestrado EI-IC Análise e Processamento de Grandes Volumes de Dados Tomar, Portugal, 2016 Part of the slides used in
More informationCS 655 Advanced Topics in Distributed Systems
Presented by : Walid Budgaga CS 655 Advanced Topics in Distributed Systems Computer Science Department Colorado State University 1 Outline Problem Solution Approaches Comparison Conclusion 2 Problem 3
More informationMySQL ENTERPRISE EDITION
MySQL ENTERPRISE EDITION THE WORLD S MOST POPULAR OPEN SOURCE DATABASE HIGHLIGHTS Oracle MySQL Service Cloud MySQL Database MySQL Document Store MySQL Enterprise Backup MySQL Enterprise High Availability
More informationBig Data Development CASSANDRA NoSQL Training - Workshop. November 20 to (5 days) 9 am to 5 pm HOTEL DUBAI GRAND DUBAI
Big Data Development CASSANDRA NoSQL Training - Workshop November 20 to 24 2016 (5 days) 9 am to 5 pm HOTEL DUBAI GRAND DUBAI ISIDUS TECH TEAM FZE PO Box 9798 Dubai UAE, email training-coordinator@isidusnet
More informationMySQL for Database Administrators Ed 3.1
Oracle University Contact Us: 1.800.529.0165 MySQL for Database Administrators Ed 3.1 Duration: 5 Days What you will learn The MySQL for Database Administrators training is designed for DBAs and other
More informationSecurity in the Privileged Remote Access Appliance
Security in the Privileged Remote Access Appliance 2003-2018 BeyondTrust, Inc. All Rights Reserved. BEYONDTRUST, its logo, and JUMP are trademarks of BeyondTrust, Inc. Other trademarks are the property
More informationPrivate Clouds: Opportunity to Improve Data Security and Lower Costs. InfoTRAMS Fusion Tematyczny, Bazy Danych, Kariera I Prywatny Sprzęt t W Pracy
Private Clouds: Opportunity to Improve Data Security and Lower Costs InfoTRAMS Fusion Tematyczny, Bazy Danych, Kariera I Prywatny Sprzęt t W Pracy Private Clouds: Opportunity to Improve Data Security and
More informationSecurity in Bomgar Remote Support
Security in Bomgar Remote Support 2018 Bomgar Corporation. All rights reserved worldwide. BOMGAR and the BOMGAR logo are trademarks of Bomgar Corporation; other trademarks shown are the property of their
More informationOracle Audit Vault. Trust-but-Verify for Enterprise Databases. Tammy Bednar Sr. Principal Product Manager Oracle Database Security
Oracle Audit Vault Trust-but-Verify for Enterprise Databases Tammy Bednar Sr. Principal Product Manager Oracle Database Security Agenda Business Drivers Audit Vault Overview Audit
More informationInformation Security Practices
3 Phillip Street, 13-03 Royal Group Building, Singapore 048693 www.trustsphere.com Information Security Practices TrustSphere Pte Ltd Co Reg No. 200614342Z Contents 1 Physical security... 4 2 Network security...
More informationPrivileged Account Security: A Balanced Approach to Securing Unix Environments
Privileged Account Security: A Balanced Approach to Securing Unix Environments Table of Contents Introduction 3 Every User is a Privileged User 3 Privileged Account Security: A Balanced Approach 3 Privileged
More informationMySQL for Database Administrators Ed 4
Oracle University Contact Us: (09) 5494 1551 MySQL for Database Administrators Ed 4 Duration: 5 Days What you will learn The MySQL for Database Administrators course teaches DBAs and other database professionals
More informationStudy of NoSQL Database Along With Security Comparison
Study of NoSQL Database Along With Security Comparison Ankita A. Mall [1], Jwalant B. Baria [2] [1] Student, Computer Engineering Department, Government Engineering College, Modasa, Gujarat, India ank.fetr@gmail.com
More informationIT infrastructure layers requiring Privileged Identity Management
White Paper IT infrastructure layers requiring Privileged Identity Management Abstract Much of today s IT infrastructure is structured as different layers of devices (virtual and physical) and applications.
More informationOracle Directory Services 11g: Administration
Oracle University Contact Us: 0180-2000-526 / +49 89-14301200 Oracle Directory Services 11g: Administration Duration: 5 Days What you will learn After completing this course, you should be able to perform
More informationCompleting your AWS Cloud SECURING YOUR AMAZON WEB SERVICES ENVIRONMENT
Completing your AWS Cloud SECURING YOUR AMAZON WEB SERVICES ENVIRONMENT Introduction Amazon Web Services (AWS) provides Infrastructure as a Service (IaaS) cloud offerings for organizations. Using AWS,
More informationVirtual Machine Encryption Security & Compliance in the Cloud
Virtual Machine Encryption Security & Compliance in the Cloud Pius Graf Director Sales Switzerland 27.September 2017 Agenda Control Your Data In The Cloud Overview Virtual Machine Encryption Architecture
More informationCompliance and Privileged Password Management
Introduces Compliance and Privileged Password Management [ W H I T E P A P E R ] Written by Kris Zupan, CEO/CTO e-dmz Security, LLC April 13, 2007 Compliance and Privileged Password Management Overview
More informationAdvanced iscsi Management April, 2008
April, 2008 Gene Nagle, istor Networks SNIA Legal Notice The material contained in this tutorial is copyrighted by the SNIA. Member companies and individuals may use this material in presentations and
More informationSecuring Amazon Web Services (AWS) EC2 Instances with Dome9. A Whitepaper by Dome9 Security, Ltd.
Securing Amazon Web Services (AWS) EC2 Instances with Dome9 A Whitepaper by Dome9 Security, Ltd. Amazon Web Services (AWS) provides business flexibility for your company as you move to the cloud, but new
More informationIT Services IT LOGGING POLICY
IT LOGGING POLICY UoW IT Logging Policy -Restricted- 1 Contents 1. Overview... 3 2. Purpose... 3 3. Scope... 3 4. General Requirements... 3 5. Activities to be logged... 4 6. Formatting, Transmission and
More informationSQL Security Whitepaper SECURITY AND COMPLIANCE SOLUTIONS FOR PCI DSS PAYMENT CARD INDUSTRY DATA SECURITY STANDARD
SQL Security Whitepaper SECURITY AND COMPLIANCE SOLUTIONS FOR PCI DSS PAYMENT CARD INDUSTRY DATA SECURITY STANDARD The Payment Card Industry Data Security Standard (PCI DSS), currently at version 3.2,
More informationTRACKVIA SECURITY OVERVIEW
TRACKVIA SECURITY OVERVIEW TrackVia s customers rely on our service for many mission-critical applications, as well as for applications that have various compliance and regulatory obligations. At all times
More informationDuration: 5 Days Course Code: M20764 Version: B Delivery Method: Elearning (Self-paced)
Administering a SQL Database Infrastructure Duration: 5 Days Course Code: M20764 Version: B Delivery Method: Elearning (Self-paced) Overview: This five-day instructor-led course provides students who administer
More informationCPSC 426/526. Cloud Computing. Ennan Zhai. Computer Science Department Yale University
CPSC 426/526 Cloud Computing Ennan Zhai Computer Science Department Yale University Recall: Lec-7 In the lec-7, I talked about: - P2P vs Enterprise control - Firewall - NATs - Software defined network
More informationRSA SecurID Implementation
Partner Information Partner Name Website Product Name Barracuda Networks Version & Platform x60 Series Product Description Product Category Solution Summary www.barracudanetworks.com Product Information
More informationOracle Database 11g: Security Release 2
Oracle University Contact Us: 001-855-844-3881 & 001-800-514-06-97 Oracle Database 11g: Security Release 2 Duration: 5 Days What you will learn In this course, you'll learn how to use Oracle Database features
More informationWHITE PAPER Cloud FastPath: A Highly Secure Data Transfer Solution
WHITE PAPER Cloud FastPath: A Highly Secure Data Transfer Solution Tervela helps companies move large volumes of sensitive data safely and securely over network distances great and small. We have been
More informationConfiguring the Oracle Network Environment. Copyright 2009, Oracle. All rights reserved.
Configuring the Oracle Network Environment Objectives After completing this lesson, you should be able to: Use Enterprise Manager to: Create additional listeners Create Oracle Net Service aliases Configure
More informationALERT LOGIC LOG MANAGER & LOG REVIEW
SOLUTION OVERVIEW: ALERT LOGIC LOG MANAGER & LOG REVIEW CLOUD-POWERED LOG MANAGEMENT AS A SERVICE Simplify Security and Compliance Across All Your IT Assets. Log management is an essential infrastructure
More informationGoing Without CPU Patches on Oracle E-Business Suite 11i?
Going Without CPU Patches on E-Business Suite 11i? September 17, 2013 Stephen Kost Chief Technology Officer Integrigy Corporation Phil Reimann Director of Business Development Integrigy Corporation About
More informationLoad Balancing Web Servers with OWASP Top 10 WAF in AWS
Load Balancing Web Servers with OWASP Top 10 WAF in AWS Quick Reference Guide V1.0.1 ABOUT THIS GUIDE This document provides a quick reference guide on how to load balance Web Servers and configure a WAF
More informationOutline. Introduction Background Use Cases Data Model & Query Language Architecture Conclusion
Outline Introduction Background Use Cases Data Model & Query Language Architecture Conclusion Cassandra Background What is Cassandra? Open-source database management system (DBMS) Several key features
More informationTechnical Overview. Access control lists define the users, groups, and roles that can access content as well as the operations that can be performed.
Technical Overview Technical Overview Standards based Architecture Scalable Secure Entirely Web Based Browser Independent Document Format independent LDAP integration Distributed Architecture Multiple
More informationManaging and Auditing Organizational Migration to the Cloud TELASA SECURITY
Managing and Auditing Organizational Migration to the Cloud 1 TELASA SECURITY About Me Brian Greidanus bgreidan@telasasecurity.com 18+ years of security and compliance experience delivering consulting
More informationCloud FastPath: Highly Secure Data Transfer
Cloud FastPath: Highly Secure Data Transfer Tervela helps companies move large volumes of sensitive data safely and securely over network distances great and small. Tervela has been creating high performance
More informationW H IT E P A P E R. Salesforce Security for the IT Executive
W HITEPAPER Salesforce Security for the IT Executive Contents Contents...1 Introduction...1 Background...1 Settings Related to Security and Compliance...1 Password Settings... 1 Session Settings... 2 Login
More informationSecurely maintaining sensitive financial and
How the Guardium Platform Helped Dell IT Simplify Enterprise security By Phil Neray Addison Lawrence David McMaster Venugopal Nonavinakere Safeguarding data is critical for many organizations, but auditing
More informationDirectory Integration with Okta. An Architectural Overview. Okta Inc. 301 Brannan Street San Francisco, CA
Directory Integration with Okta An Architectural Overview Okta Inc. 301 Brannan Street San Francisco, CA 94107 info@okta.com 1-888-722-7871 Contents 1 User Directories and the Cloud: An Overview 3 Okta
More informationVirtual Support Engineer
Virtual Support Engineer Remote Access and Monitoring Solutions for OEMs & System Integrators Rev 5058-CO900C Copyright 2012 Rockwell Automation, Inc. All rights reserved. Copyright 2012 Rockwell Automation,
More informationCisco Network Admission Control (NAC) Solution
Data Sheet Cisco Network Admission Control (NAC) Solution New: Updated to include the Cisco Secure Network Server (SNS) Cisco Network Admission Control (NAC) solutions allow you to authenticate wired,
More informationepldt Web Builder Security March 2017
epldt Web Builder Security March 2017 TABLE OF CONTENTS Overview... 4 Application Security... 5 Security Elements... 5 User & Role Management... 5 User / Reseller Hierarchy Management... 5 User Authentication
More informationVeritas NetBackup Appliance Security Guide
Veritas NetBackup Appliance Security Guide Release 2.7.2 NetBackup 52xx and 5330 Veritas NetBackup Appliance Security Guide Documentation version: 2.7.2 Legal Notice Copyright 2016 Veritas Technologies
More informationCOURSE 20462C: ADMINISTERING MICROSOFT SQL SERVER DATABASES
Page 1 of 11 ABOUT THIS COURSE This five-day instructor-led course provides students with the knowledge and skills to maintain a Microsoft SQL Server 2014 database. The course focuses on teaching individuals
More informationVendor: Oracle. Exam Code: 1Z Exam Name: Oracle Database 11g Security Essentials. Version: Demo
Vendor: Oracle Exam Code: 1Z0-528 Exam Name: Oracle Database 11g Security Essentials Version: Demo QUESTION 1 Which of the following tasks is the first task to perform when implementing Oracle Database
More informationIBM services and technology solutions for supporting GDPR program
IBM services and technology solutions for supporting GDPR program 1 IBM technology solutions as key enablers - Privacy GDPR Program Work-stream IBM software 2.1 Privacy Risk Assessment and Risk Treatment
More informationHOW SNOWFLAKE SETS THE STANDARD WHITEPAPER
Cloud Data Warehouse Security HOW SNOWFLAKE SETS THE STANDARD The threat of a data security breach, someone gaining unauthorized access to an organization s data, is what keeps CEOs and CIOs awake at night.
More informationSAML-Based SSO Solution
About SAML SSO Solution, page 1 SAML-Based SSO Features, page 2 Basic Elements of a SAML SSO Solution, page 2 SAML SSO Web Browsers, page 3 Cisco Unified Communications Applications that Support SAML SSO,
More informationSystem Structure. Steven M. Bellovin December 14,
System Structure Steven M. Bellovin December 14, 2015 1 Designing a System We have lots of tools Tools are rarely interesting by themselves Let s design a system... Steven M. Bellovin December 14, 2015
More informationOracle Security Products and Their Relationship to EBS. Presented By: Christopher Carriero
Oracle Security Products and Their Relationship to EBS Presented By: Christopher Carriero 1 Agenda Confidential Data in Corporate Systems Sensitive Data in the Oracle EBS What Are the Oracle Security Products
More informationFeatures Comparison Sheet
ManageEngine Password Manager Pro Vs Thycotic Secret Server Features Comparison Sheet (As per information available on Thycotic Secret Server s website on March 23, 2018.) Feature ManageEngine Password
More informationAxway Validation Authority Suite
Axway Validation Authority Suite PKI safeguards for secure applications Around the world, banks, healthcare organizations, governments, and defense agencies rely on public key infrastructures (PKIs) to
More informationColumn-Family Stores: Cassandra
Course NDBI040: Big Data Management and NoSQL Databases Practice 03: Column-Family Stores: Cassandra Martin Svoboda 1. 12. 2015 Faculty of Mathematics and Physics, Charles University in Prague Outline
More informationWhat s New in DataStax Enterprise 3.1? A Guide for Developers, Architects and IT Managers. White Paper BY DATASTAX CORPORATION November 2013
What s New in DataStax Enterprise 3.1? A Guide for Developers, Architects and IT Managers White Paper BY DATASTAX CORPORATION November 2013 1 Table of Contents Abstract 3 Introduction 3 What s New in DataStax
More informationGetting to know. by Michelle Darling August 2013
Getting to know by Michelle Darling mdarlingcmt@gmail.com August 2013 Agenda: What is Cassandra? Installation, CQL3 Data Modelling Summary Only 15 min to cover these, so please hold questions til the end,
More informationMS-20462: Administering Microsoft SQL Server Databases
MS-20462: Administering Microsoft SQL Server Databases Description This five-day instructor-led course provides students with the knowledge and skills to maintain a Microsoft SQL Server 2014 database.
More informationSQL Server Solutions GETTING STARTED WITH. SQL Secure
SQL Server Solutions GETTING STARTED WITH SQL Secure Purpose of this document This document is intended to be a helpful guide to installing, using, and getting the most value from the Idera SQL Secure
More informationDatabase Centric Information Security. Speaker Name / Title
Database Centric Information Security Speaker Name / Title The following is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated
More informationAdministering a SQL Database Infrastructure
Administering a SQL Database Infrastructure 20764B; 5 Days; Instructor-led Course Description This five-day instructor-led course provides students who administer and maintain SQL Server databases with
More informationMigrating to Cassandra in the Cloud, the Netflix Way
Migrating to Cassandra in the Cloud, the Netflix Way Jason Brown - @jasobrown Senior Software Engineer, Netflix Tech History, 1998-2008 In the beginning, there was the webapp and a single database in a
More informationIBM Security Guardium Data Activity Monitor
IBM Guardium Data Activity Monitor Continuously monitor data access and protect sensitive data across the enterprise Highlights Uncover risks to sensitive data through data discovery, classification and
More informationCIB Session 12th NoSQL Databases Structures
CIB Session 12th NoSQL Databases Structures By: Shahab Safaee & Morteza Zahedi Software Engineering PhD Email: safaee.shx@gmail.com, morteza.zahedi.a@gmail.com cibtrc.ir cibtrc cibtrc 2 Agenda What is
More informationOracle NoSQL Database Enterprise Edition, Version 18.1
Oracle NoSQL Database Enterprise Edition, Version 18.1 Oracle NoSQL Database is a scalable, distributed NoSQL database, designed to provide highly reliable, flexible and available data management across
More informationInterCall Virtual Environments and Webcasting
InterCall Virtual Environments and Webcasting Security, High Availability and Scalability Overview 1. Security 1.1. Policy and Procedures The InterCall VE ( Virtual Environments ) and Webcast Event IT
More informationSAML-Based SSO Solution
About SAML SSO Solution, page 1 Single Sign on Single Service Provider Agreement, page 2 SAML-Based SSO Features, page 2 Basic Elements of a SAML SSO Solution, page 3 Cisco Unified Communications Applications
More information"Charting the Course... MOC C: Administering an SQL Database Infrastructure. Course Summary
Description Course Summary This five-day instructor-led course provides students who administer and maintain SQL databases with the knowledge and skills to administer a SQL server database infrastructure.
More informationVormetric Data Security
Vormetric Data Security Simplifying Data Security for the Enterprise www.vormetric.com Agenda! Introductions! Vormetric Overview! Data Security Architecture Challenges! Product Architecture & Use Cases!
More informationInformation Security at Veritext Protecting Your Data
Information Security at Veritext Protecting Your Data The Veritext Security Model Introduction Information security and privacy are built into the fabric of everything we do at Veritext. Helping to protect
More informationLaserfiche Rio 10.3: Deployment Guide. White Paper
Laserfiche Rio 10.3: Deployment Guide White Paper January 2018 Table of Contents How Laserfiche Licensing Works... 4 Types of Licenses... 4 Named User Licenses... 4 WebLink Public Portal Licenses... 6
More informationConfiguring Vulnerability Assessment Devices
CHAPTER 10 Revised: November 10, 2007 Vulnerability assessment (VA) devices provide MARS with valuable information about many of the possible targets of attacks and threats. They provide information useful
More informationSECURITY ON AWS 8/3/17. AWS Security Standards MORE. By Max Ellsberry
SECURITY ON AWS By Max Ellsberry AWS Security Standards The IT infrastructure that AWS provides has been designed and managed in alignment with the best practices and meets a variety of standards. Below
More informationOracle Database Auditing
By Craig Moir craig@mydba.co.za http://www.mydba.co.za August 2012 Version 1 WHY AUDIT? Allows organizations to enforce the trust-but-verify security principle. Satisfying compliance regulations. Enables
More informationVeritas NetBackup Appliance Security Guide
Veritas NetBackup Appliance Security Guide Release 2.7.3 NetBackup 52xx and 5330 Veritas NetBackup Appliance Security Guide Document version: 2.7.3 Legal Notice Copyright 2016 Veritas Technologies LLC.
More informationC1: Define Security Requirements
OWASP Top 10 Proactive Controls IEEE Top 10 Software Security Design Flaws OWASP Top 10 Vulnerabilities Mitigated OWASP Mobile Top 10 Vulnerabilities Mitigated C1: Define Security Requirements A security
More informationSponsored by Oracle. SANS Institute Product Review: Oracle Audit Vault. March A SANS Whitepaper. Written by: Tanya Baccam
Sponsored by Oracle SANS Institute Product Review: Oracle Audit Vault March 2012 A SANS Whitepaper Written by: Tanya Baccam Product Review: Oracle Audit Vault Page 2 Auditing Page 2 Reporting Page 4 Alerting
More informationMicrosoft Administering a SQL Database Infrastructure
1800 ULEARN (853 276) www.ddls.com.au Microsoft 20764 - Administering a SQL Database Infrastructure Length 5 days Price $4290.00 (inc GST) Version C Overview This five-day instructor-led course provides
More informationArcGIS Enterprise Security: An Introduction. Randall Williams Esri PSIRT
ArcGIS Enterprise Security: An Introduction Randall Williams Esri PSIRT Agenda ArcGIS Enterprise Security for *BEGINNING to INTERMIDIATE* users ArcGIS Enterprise Security Model Portal for ArcGIS Authentication
More informationLoad Balancing Nginx Web Servers with OWASP Top 10 WAF in AWS
Load Balancing Nginx Web Servers with OWASP Top 10 WAF in AWS Quick Reference Guide V1.0.2 ABOUT THIS GUIDE This document provides a quick reference guide on how to load balance Nginx Web Servers and configure
More informationRAPID7 INSIGHT PLATFORM SECURITY
RAPID7 INSIGHT PLATFORM SECURITY Understanding the architecture, security mechanisms, and technical foundations that make up the Rapid7 Insight platform 051618 TABLE OF CONTENTS Overview...3 Data Collection...4
More informationSoftLayer Security and Compliance:
SoftLayer Security and Compliance: How security and compliance are implemented and managed Introduction Cloud computing generally gets a bad rap when security is discussed. However, most major cloud providers
More informationBitnami Cassandra for Huawei Enterprise Cloud
Bitnami Cassandra for Huawei Enterprise Cloud Description Apache Cassandra is an open source distributed database management system designed to handle large amounts of data across many commodity servers,
More informationTraining 24x7 DBA Support Staffing. Administering a SQL Database Infrastructure (40 Hours) Exam
Administering a SQL Database Infrastructure (40 Hours) Exam 70-764 Prerequisites Basic knowledge of the Microsoft Windows operating system and its core functionality. Working knowledge of Transact-SQL.
More informationQualys Integration with CyberArk Application Identity Manager (AIM)
Qualys Integration with CyberArk Application Identity Manager (AIM) User Guide February 25, 2019 Copyright 2019 by Qualys, Inc. All Rights Reserved. Qualys and the Qualys logo are registered trademarks
More informationColumn-Family Databases Cassandra and HBase
Column-Family Databases Cassandra and HBase Kevin Swingler Google Big Table Google invented BigTableto store the massive amounts of semi-structured data it was generating Basic model stores items indexed
More informationWindows Server 2003 Network Administration Goals
Objectives Differentiate between the different editions of Windows Server 2003 Explain Windows Server 2003 network models and server roles Identify concepts relating to Windows Server 2003 network management
More informationAdministering a SQL Database Infrastructure (20764)
Administering a SQL Database Infrastructure (20764) Formato do curso: Presencial e Live Training Preço: 1630 Nível: Avançado Duração: 35 horas This five-day instructor-led course provides students who
More information