metron-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From John <j...@cephal.com>
Subject Re: Multitenancy and/or encryption?
Date Tue, 05 Apr 2016 20:32:48 GMT
Hey James,

Thanks for the quick answer! On the encryption question -- do you guys
imagine there being any application-level encryption that we should keep in
mind while coding? Or would it be transparent to the application solutions
(ex. database/filesystem/disk-level encryption).

And on the multitenancy part -- I just meant if I gave users access to
future-Metron, would I be able to limit their access to certain objects
(ex. NetID + IP Range) using ACL's or whatever within Metron? Or would I
spin up a hierarchy of Metron instances that mimic the required user
permission tree?


Thanks,
John

On Tue, Apr 5, 2016 at 4:46 AM, James Sirota <jsirota@hortonworks.com>
wrote:

> Hi John,
>
> Encryption of data at rest is definitely on our radar.  This is a
> fundamental feature of any enterprise deployment.  What is your definition
> of multi tenancy?  Having multiple instances of Metron run on the same
> cluster?  A single instance of Metron processing data streams from multiple
> data centers? Or having Metron co-located with other Hadoop applications?
>
> Thanks,
> James
>
>
>
> On 4/4/16, 6:40 PM, "zorklogic@gmail.com on behalf of John" <
> zorklogic@gmail.com on behalf of john@cephal.com> wrote:
>
> >Hello Dev@Metron,
> >
> >I've been reading through the awesome wiki -- definitely a lot of good
> >stuff there! Had a couple of high-level questions around data protection
> >though...
> >
> >Is it on the radar for Metron to support Multitenancy?
> >
> >And/or is it on the radar for Metron to support data encryption at rest?
> >
> >I don't know if this plays into the picture -- but I see a chunk of the
> >underlying services are supported by Ranger (ex. HBase, Storm, Kafka,
> >etc.)... the rest are maybe supported by Shield (ex. Elasticsearch,
> Kibana).
> >
> >
> >Thanks!
> >John
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message