The Big Data store components (Nodes) communicate between them. The components do not authenticate each other.
When deploying DPOD All-In-One appliance, all communication between the big data store components is done internally making the authentication between components less significant security wise.
When deploying DPOD in a distributed architecture we highly recommend restrict access to big data store components using network security components like firewall.
Encryption at Rest
Encryption at rest is only available in the Non-Appliance installation mode.
You may leverage the operating system (Red Hat Enterprise Linux) capabilities for handling encryption of data at rest, such as LUKS Disk Encryption.
The following links provide more information on that topic:
- https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/security_guide/sec-encryption
- https://www.redhat.com/sysadmin/disk-encryption-luks
- https://opensearch.org/docs/latest/troubleshoot/index/#encryption-at-rest
Please make sure to use xfs file system where required to match the product prerequisites.