Cloudera Data Platform (CDP) combines Hortonworks and Cloudera technologies to deliver the industry’s first enterprise data cloud. CDP delivers powerful self-service analytics across hybrid and multi-cloud environments, along with sophisticated and granular security and governance policies that IT and data leaders demand. It was initially delivered as a public cloud service and followed up with Data Center, a comprehensive data management and analytics platform for on-premises IT environments. Cloudera Manager is a component of Cloudera Data Platform (CDP) that can be used to manage, configure, and monitor CDP Data Center clusters and Cloudera Runtime services.

This integration describes how to use Cloudera Manager for configuring Ranger KMS and Key Trustee Server that secure the Data at Rest Encryption Keys on Thales Luna HSM. The benefits of securing the cryptographic keys with a Thales Luna HSM include:

• Secure generation, storage and protection of keys on FIPS 140-2 level 3 validated hardware
• Full life cycle management of the keys
• Access to the HSM secure audit trail

Resources and Additional Information

Cloudera uses industry-standard AES-256 encryption as a transparent layer between applications and file systems to secure sensitive data without impacting datacenter performance. Customers can use Cloudera’s automatic encryption deployment and simple configuration to secure data with encryption in minutes instead of days. Cloudera Navigator Key Trustee Server also includes process-based access controls that allow authorized Hadoop processes to access encrypted data while simultaneously preventing administrators or super-users from accessing data outside of their job responsibilities.

Thales CipherTrust Manager integrates with Cloudera Navigator Key Trustee Server for the hardware storage of Cloudera encryption keys.

Resources and Additional Information

Cloudera Navigator Encrypt with Thales CipherTrust Manager for Enterprise Key Management - Solution Brief