Encryption in Redis Enterprise Software

Encryption in Redis Enterprise Software.

Redis Enterprise Software uses encryption to secure communications between clusters, nodes, databases, and clients and to protect data in transit, at rest, and in use.

Encrypt data in transit

TLS

Redis Enterprise Software uses Transport Layer Security (TLS) to encrypt communications for the following:

  • Cluster Manager UI

  • Command-line utilities

  • REST API

  • Internode communication

You can also enable TLS authentication for the following:

  • Communication from clients or applications to your database

  • Communication from your database to other clusters for replication using Replica Of

  • Communication to and from your database to other clusters for Active-Active synchronization

Internode encryption

Internode encryption uses TLS to encrypt data in transit between cluster nodes.

By default, internode encryption is enabled for the control plane, which manages the cluster and databases. If you also want to encrypt replication and proxy communications between database shards on different nodes, enable data internode encryption.

Require HTTPS for REST API endpoints

By default, the Redis Enterprise Software API supports communication over HTTP and HTTPS. However, you can turn off HTTP support to ensure that API requests are encrypted.

Encrypt data at rest

File system encryption

To encrypt data stored on disk, use file system-based encryption capabilities available on Linux operating systems before you install Redis Enterprise Software.

Private key encryption

Enable PEM encryption to encrypt all private keys on disk.

Encrypt data in use

Client-side encryption

Use client-side encryption to encrypt the data an application stores in a Redis database. The application decrypts the data when it retrieves it from the database.

You can add client-side encryption logic to your application or use built-in client functions.

Client-side encryption has the following limitations:

  • Operations that must operate on the data, such as increments, comparisons, and searches will not function properly.

  • Increases management overhead.

  • Reduces performance.

RATE THIS PAGE
Back to top ↑