Elasticsearch domains should encrypt data transmitted between nodes

문서 > Datadog 보안 > OOTB Rules > Elasticsearch domains should encrypt data transmitted between nodes

이 페이지는 아직 한국어로 제공되지 않으며 번역 작업 중입니다. 번역에 관한 질문이나 의견이 있으시면 언제든지 저희에게 연락해 주십시오.

Description

This control verifies if node-to-node encryption is enabled for an Elasticsearch domain. The control will not pass if the Elasticsearch domain lacks node-to-node encryption. Additionally, it will generate failed findings if the Elasticsearch version does not support node-to-node encryption checks.

Using HTTPS (TLS) is recommended to prevent attackers from intercepting or altering network traffic through person-in-the-middle or similar attacks. Only encrypted connections via HTTPS (TLS) should be permitted. Enabling node-to-node encryption for Elasticsearch domains ensures that communication within the cluster is encrypted during transit.

There may be performance costs associated with this configuration. It is advisable to be aware of and evaluate the performance trade-offs before enabling this feature.

Remediation

For details on how to enable node-to-node encryption for both new and existing domains, refer to the section Enabling node-to-node encryption in the Amazon OpenSearch Service Developer Guide.