With the free core security features, users can now define roles that protect index and cluster level access, encrypt network traffic, create and manage users, and fully secure Kibana with Spaces. The team had opened the code for these features last year and has finally made them free today which means the users can now run a fully secure cluster.
OMG, this is a huge announcement (for me at least): ElasticSearch base distribution includes free support for TLS and RBAC. I was so close to switching to Open Distro for Elastic because of these two features. https://t.co/woVtQmXhgj Guess the pressure by AWS worked… 😛
— Johannes Gilger (@heipei) May 20, 2019
Release of Elastic Stack versions 6.8.0 and 7.1.0
The team also made an announcement about releasing versions 6.8.0 and 7.1.0 of the Elastic Stack, today. These versions do not contain new features but they make the core security features free in the default distribution of the Elastic Stack.
The core security features include TLS for encrypted communications, file and native realm to create and manage users, and role-based access control to control user access to cluster APIs and indexes. The features also include allowing multi-tenancy for Kibana with security for Kibana Spaces. Previously, these core security features required a paid gold subscription, however, now, they are free as a part of the basic tier.
Alpha release of Elastic Cloud on Kubernetes
The team has also announced the alpha release of Elastic Cloud on Kubernetes (ECK) which is the official Kubernetes Operator for Elasticsearch and Kibana. It is a new product based on the Kubernetes Operator pattern that lets users manage, provision, and operate Elasticsearch clusters on Kubernetes.
It is designed for automating and simplifying how Elasticsearch is deployed and operated in Kubernetes. It also provides an official way for orchestrating Elasticsearch on Kubernetes and provides a SaaS-like experience for Elastic products and solutions on Kubernetes. The team has moved the core security features into the default distribution of Elastic Stack to ensure that all clusters launched and managed by ECK are secured by default at creation time.
The clusters that are deployed via ECK include free features and tier capabilities such as Kibana Spaces, frozen indices for dense storage, Canvas, Elastic Maps, and more. Users can now monitor Kubernetes logs and infrastructure with the help of Elastic Logs and Elastic Infrastructure apps.
Few users think that security shouldn’t be an added feature, it should be inbuilt. A user commented on HackerNews, “Security shouldn’t be treated as a bonus feature.” Another user commented, “Security should almost always be a baseline requirement before something goes up for public sale.”
Few others are happy about this news. A user commented, “I know it’s hard to make a buck with an open source business model but deciding to charge more for security-related features is always so frustrating to me. It leads to a culture of insecure deployments in environments when the business is trying to save money. Differentiate on storage or number of cores or something, anything but auth/security. I’m glad they’ve finally reversed this.”
To know more about this news, check out the blog post by Elastic.
*** This is a Security Bloggers Network syndicated blog from Security News – Packt Hub authored by Amrata Joshi. Read the original post at: https://hub.packtpub.com/core-security-features-of-elastic-stack-are-now-free/