Security

On This Page

Overview

The platform implements multiple mechanisms to secure access to resources and keep your data safe. All user and security management is done under a single pane of glass: the configuration is done in one place, in the user-friendly graphical platform dashboard, and applied across all platform interfaces. The result is a significantly simplified, yet robust, data-security solution that helps organizations meet their compliance objectives.

The platform allows you to define local users and import users from an external identity provider (IdP), authenticate user identities, and control users' access to resources, including the ability to define fine-grained data-access policies. To ensure proper security, the platform uses time-limited sessions and supports the HTTP Secure (HTTPS) protocol. You can view logs for security events and user actions (such as a failed login or deletion of a data container) on the Events | Audit dashboard tab.

HTTP Secure Data Transmission

For enhanced security, the platform's RESTful web and cluster-management APIs support the HTTP Secure (HTTPS) protocol (also known as HTTP over TLS), as defined in the RFC 2818 specification. See HTTPS Requests in the Securing Your Web-API Requests reference.

Encryption

The platform data-disks are encrytped using LUKS with 512-bit AES keys.

Authentication

See Authentication.

Authorization

See Authorization.

See Also