Encryption in MapR

Describes encryption types available on the MapR Converged Data Platform.

MapR encryption restricts an external party's ability to read or modify data.

Data transmission between nodes in a secure MapR cluster is encrypted, preventing an attacker with access to that communication from gaining information about the transmission's contents.

MapR uses several technologies to protect network traffic:

  • The Secure Sockets Layer/Transport Layer Security (SSL/TLS) protocol secures several channels of HTTP traffic.

  • In compliance with the NIST standard, the Advanced Encryption Standard in Galois/Counter Mode (AES/GCM) secures several communication channels between cluster components.

  • Kerberos encryption secures several communication paths elsewhere in the cluster.

The Security Protocols Used by MapR section includes details on the specific technologies used by particular elements of a cluster.

Nodes with CPUs that support AES encryption at the hardware level provide superior performance on encryption tasks. You can determine if a node's CPU supports the AES instruction set by running the following command:

$ cat /proc/cpuinfo | grep flags | grep aes