IN THIS ARTICLE
Outlines TLS security for Replication in Qumulo Core
REQUIREMENTS
- Source and target cluster running the same version of Qumulo Core 2.7.0 and above
Note: You can replicate between any models of Qumulo hardware, including HPE.
DETAILS
Qumulo Core version 2.7.0 includes some major updates to Qumulo’s replication feature in regards to the security of your data in transit from cluster to cluster.
- Qumulo uses the OpenSSL library with protocol TLS v1.2 or TLSv1.3 (3.1.3 or above). All replication protocol traffic between source and target use the encrypted TLS channel.
- Client authentication is included as part of the protocol so that both source and target verify their peer connection.
- On the initial connection, both source and target persist a fingerprint of the peer certificate and use that to authenticate all subsequent connections.
- Upon establishing a replication relationship all subsequent communication between the source and target clusters is secure. This includes prevention of man-in-the-middle attacks.
RESOLUTION
You should now understand TLS security for Replication in Qumulo Core
ADDITIONAL RESOURCES
Replication: Continuous Replication
Like what you see? Share this article with your network!
Comments
0 comments