Dataware for data-driven transformation

MapR Clarity Program: Your Clear Path to Security - Video

6 min read

Editor's Note: In this video interview, Bill Peterson and Mitesh Shah talk about the recently announced MapR Clarity Program. Watch this interview to learn how MapR’s platform-level security, which is secure by default, compares to that of Cloudera and Hortonworks. Some of the questions that are addressed in the video include:

  • Once Cloudera and Hortonworks merge, will they support Sentry or Ranger?
  • Why would you develop against a platform with uncertainty about how security will be addressed?

Learn more about the MapR Clarity program or how MapR compares to Cloudera.

If you’re interested in learning about what the MapR Clarity Program can do for you, watch the full on-demand webinar here.

Video Transcript

Hi. I'm Bill Peterson, VP of Industry Solutions. This is Mitesh Shah, Director of Product Marketing. We're going to talk today about security in our Clarity Program that we just recently announced.

So Mitesh, what are some of the concerns around security with the Cloudera or Hortonworks merger?

Well it really boiled down to one thing. Both Cloudera and Hortonworks today support two basically duplicate offerings, two add-on security tools around security. So Cloudera offers support for Sentry. Hortonworks has support for Ranger, and these are again two duplicate offerings that ultimately need to be quote-unquote “rationalized over time”, leaving their customers in a sort of point of confusion.

Okay. So what's better about our approach to security in the Clarity Program?

Yeah, that's a good question. So irrespective of the merger and all the uncertainty that will ensure there, our approach, MapR's approach to security is fundamentally better.

We take a platform level view and platform level approach to security, where security is really addressed in the platform itself, while our competitors at Cloudera and Hortonworks have chosen to support these add-on tools to support things like authorization, auditing, and a few other things.

So from a security perspective, obviously the MapR approach is, in fact, better, but beyond that, we've got very distinct capabilities that go above and beyond that. So in terms of authentication, for example, we offer flexible authentication with support not just for Kerberos, but also for really any username and password registry that the customer would like. Like LDAP Active Directory, for example, we offer built-in auditing and as of version 6.1, that auditing is streamed with the Event Store for Apache Kafka.

We offer expressive access controls with access and control expressions that can be applied at a volume level to all your data whether it's files, tables, or streams. So that really helps from a management perspective.

Then finally, around data protection, we offer encryption at rest and encryption on the wire and really maybe the most important thing here is that MapR is secure by default. As of version 6.1, we've taken all the pain away from having to configure the platform to be secure so that out of the box all of your connections are authenticated and encrypted on the wire.

So this really removes a lot of that headache and removes a lot of the problems that might ensue from having to configure something and perhaps getting it wrong. So this is something that our competitors here really haven't really caught up to in forever.

Forever. So let's put it in context for our viewers here. What's an example of how one of our customers is using security and better security?

Well broadly, Bill, we've got customers that are using our volume-based approach for applying permissions in a multi-tenant manner. So you can have different volumes for different departments across the clusters so that one volume is dedicated to marketing, for example, another volume is dedicated to the finance department, and the two organizations who should never really mix and match their data, well volumes really takes care of that. We've got customers across the board leveraging that capability. We've also got customers, very large customers, that don't want to deal with the headache of Kerberos. Managing Kerberos is a big-time pain, and you really want to be able to plug into their existing username password base registries and MapR uniquely affords that capability.

But again, by far the biggest thing now as of version 6.1, is our secure by default capability where basically anybody that's deploying MapR today, deploying 6.1, knows that essentially they're secure by default, and know that they don't have to go through the headache of configuring and modifying XML files etc. to configure all these security capabilities. So really, all of our customers are leveraging our security capabilities today.

Got it. Great detail. Thank you, Mitesh. Join us next time when we'll talk about the Clarity Program in regard to Containers. Exciting times.

Learn more about the MapR Clarity program or how MapR compares to Cloudera.

This blog post was published December 03, 2018.

50,000+ of the smartest have already joined!

Stay ahead of the bleeding edge...get the best of Big Data in your inbox.

Get our latest posts in your inbox

Subscribe Now