When planning for securing a Hadoop cluster, what should be the steps to be performed in sequence? For example, we want to implement a complete security solution for Hadoop i.e. to kerberize our cluster for authentication, use knox for perimeter security, use ranger for authorisation and policy management and finally enable TDE.
Just wondering what should be the sequence of actions to be performed for this?
Below are the five pillars for Enterprise security -
5. Data Protection
For each of above pillar hortonworks provides respective tools and components to implement and achieve desired goal.
Please visit below url for more details -
In addition - here is what i can pass handy -
1. Setup authentication using ldap/AD/freeIPA
2. Integrate HDP cluster [Ambari] with LDAP/AD
3. Integrate ecosystem tools [like HUE] with LDAP/AD
4. TEST running sample jobs
5. Implement kerberos
6. Enable/Integrate kerberos with Ambari and HDP services
7. Implement Ranger
8. Enable ecosystem[HDFS/HIVE/YARN/KNOX,etc..] plugins in ranger
10. Test sample jobs.
11. Test ranger audits.