Encryption in MapR

Encryption in a MapR system restricts an external party's ability to read or modify data.

Data transmission between nodes in a secure MapR cluster is encrypted, preventing an attacker with access to that communication from gaining information about the transmission's contents.

MapR uses several technologies to protect network traffic:

  • The Secure Sockets Layer/Transport Layer Security (SSL/TLS) protocol secures several channels of HTTP traffic.

  • In compliance with the NIST standard, the Advanced Encryption Standard in Galois/Counter Mode (AES/GCM) secures several communication channels between cluster components.

  • Kerberos encryption secures several communication paths elsewhere in the cluster.

The Security Protocols Used by MapR in the Architecture section includes details on the specific technologies used by particular elements of a cluster.

Nodes with CPUs that support AES encryption at the hardware level will provide superior performance on encryption tasks. You can determine if a node's CPU supports the AES instruction set by running the following command:
$ cat /proc/cpuinfo | grep flags | grep aes