- What type of security do you provide for replication?
- Replication can be secured via SSL such that all traffic that passes between data grid instance in the network is encrypted and secured. There are also more advanced mechanisms to control the communication at the byte buffer level which can be used for securing it.
- How can I manage the users access across the cluster?
- The default user and role definitions are based on a “directory file” which should be shared between all cluster nodes. When shared, this file controls the security configuration on all nodes in the cluster. The file can be shared either via a shared file system such as NFS, or via an http server which exposes in read only mode to the grid components.
- Do I need to login to each node separately?
- No, the user provides the security credentials once (either via API or one of the management tools) and the underlying infrastructure tries to log her in to each of the running components.
- Does the security work for other services in GigaSpaces such as messaging? Not just the data grid?
- Yes. Since all the higher level services such as messaging, remoting and map/reduce are based on the data grid, they can also be secured in the way the data grid can be.
- How can I ensure the level of isolation? For example can I declare that two application wouldn't share the same machine or data-center?
- Yes, this can be done by using the zones feature, which enables you to restrict the instances of each deployment unit to a certain set of nodes.
- If two applications doesn't want to share the data but do want to share the CPU and Memory – is that supported?
- No, the user provides the security credentials once (either via API or one of the management tools) and the underlying infrastructure tries to log her in to each of the running components
