Thales Partners



Cloudera offers a unified platform for big data - an enterprise data management hub built on Apache Hadoop. With Cloudera, enterprises have one place to store, access, process, secure, and analyze all their data so they can extend the value of their existing investments while also deriving new and innovative value from their data. Its open-source big data platform is widely adopted globally and is supported by their continued contributions to the open-source Hadoop ecosystem.


Cloudera Data Platform (CDP) and Thales Luna HSM

Cloudera Data Platform (CDP) combines Hortonworks and Cloudera technologies to deliver the industry’s first enterprise data cloud. CDP delivers powerful self-service analytics across hybrid and multi-cloud environments, along with sophisticated and granular security and governance policies that IT and data leaders demand. It was initially delivered as a public cloud service and followed up with Data Center, a comprehensive data management and analytics platform for on-premises IT environments. Cloudera Manager is a component of Cloudera Data Platform (CDP) that can be used to manage, configure, and monitor CDP Data Center clusters and Cloudera Runtime services.

This integration describes how to use Cloudera Manager for configuring Ranger KMS and Key Trustee Server that secure the Data at Rest Encryption Keys on Thales Luna HSM. The benefits of securing the cryptographic keys with a Thales Luna HSM include:

  • Secure generation, storage and protection of keys on FIPS 140-2 level 3 validated hardware
  • Full life cycle management of the keys
  • Access to the HSM secure audit trail


Resources and Additional Information


Cloudera Data Platform (CDP) and Thales Luna HSM - Integration Guide

Cloudera Navigator Key Trustee Server: Key Management with CipherTrust Manager

Cloudera uses industry-standard AES-256 encryption as a transparent layer between applications and file systems to secure sensitive data without impacting datacenter performance. Customers can use Cloudera’s automatic encryption deployment and simple configuration to secure data with encryption in minutes instead of days. Cloudera Navigator Key Trustee Server also includes process-based access controls that allow authorized Hadoop processes to access encrypted data while simultaneously preventing administrators or super-users from accessing data outside of their job responsibilities.

Thales CipherTrust Manager integrates with Cloudera Navigator Key Trustee Server for the hardware storage of Cloudera encryption keys.


Resources and Additional Information

Cloudera Navigator Encrypt with Thales CipherTrust Manager for Enterprise Key Management - Solution Brief