Enterprise Security for Elasticsearch and Kibana

Search Guard can be used to secure your Elasticsearch cluster by working with different industry standard authentication techniques, like Kerberos, LDAP/Active Directory, JSON web tokens, TLS certificates and Proxy authentication/SSO.

Features

Encryption Community Enterprise Compliance
REST and inter-node encryption
PEM, JKS and PKCS#12 support
TLS1.3 and ECC support
OpenSLL support
Access Control Community Enterprise Compliance
Role-based access control
Cluster-level access control
Index-level access control
Document-level access control
Field-level access control
Field anonymization
Immutable indices
Authentication Community Enterprise Compliance
Internal user management
HTTP Basic authentication
Proxy authentication
PKI authentication
LDAP / Active Directory
Kerberos / SPNEGO
OpenID Connect and JSON web tokens
SAML
Custom implementations
Authorization Community Enterprise Compliance
Internal group managemet
Proxy headers
LDAP / Active Directory
JSON web tokens
SAML
Audit logging and compliance Community Enterprise Compliance
Security audit logging
Read-access audit logging
Write-access audit logging
Configuration change tracking
Configuration Community Enterprise Compliance
No cluster reboot
REST management API
Configuration GUI
Kibana Community Enterprise Compliance
Kibana access control
Single Sign On
Multi tenancy
Compatibility Community Enterprise Compliance
Elastic Stack compatibility
Cross-cluster search
Cross-cluster replication
SIEM
Certifications Community Enterprise Compliance
CA Veracode Verified