Print Email PDF

Replication: TLS Security

IN THIS ARTICLE

Outlines TLS security for Replication in Qumulo Core

REQUIREMENTS

  • Source and target cluster running the same version of Qumulo Core 2.7.0 and above

Note: You can replicate between any models of Qumulo hardware, including HPE.

DETAILS

Qumulo Core version 2.7.0 includes some major updates to Qumulo’s replication feature in regards to the security of your data in transit from cluster to cluster. 

  • Qumulo uses the OpenSSL library with protocol TLS v1.2 or TLSv1.3 (3.1.3 or above). All replication protocol traffic between source and target use the encrypted TLS channel.
  • Client authentication is included as part of the protocol so that both source and target verify their peer connection.
  • On the initial connection, both source and target persist a fingerprint of the peer certificate and use that to authenticate all subsequent connections.
  • Upon establishing a replication relationship all subsequent communication between the source and target clusters is secure. This includes prevention of man-in-the-middle attacks.

RESOLUTION

You should now understand TLS security for Replication in Qumulo Core

ADDITIONAL RESOURCES

QQ CLI: Replication

Replication: Continuous Replication

Video: Continuous Replication

 

Like what you see? Share this article with your network!

Was this article helpful?
0 out of 0 found this helpful

Comments

0 comments

Please sign in to leave a comment.

Have more questions?
Open a Case
Share it, if you like it.