Ensure Elasticsearch is enforcing encryption for node to node communication

When running AWS ES clusters, all communication between the cluster nodes should go across and encrypted communication chanel to eliminate data ex-filtration possibility via a man in the middle attack. For this reason it is considered a security best practice to enforce HTTPS to be required on the Elasticsearch cluster. Ensuring this will help you with NIST, HIPPA and GDPR compliance.

Audit & Remediation

 

 

  • Select each Elasticsearch cluster and on the main tab look to validate the encryption settings.

 

 

  • If Node-to-node encryption is currently set to Disabled, you will want to select the Actions button at the top of this screen and select Modify encryptions.

 

 

  • Select the Node-to-node encryption.

 

  • Repeat all steps for each Elasticsearch cluster that you have.
  • Repeat all steps for each region.
See all of your AWS EC2 Instances in a single place!

Do you want to see all of your AWS EC2 Instances in once place for all regions and all accounts?
Login to our online demo to see exactly what this looks like.
demo.intelligentdiscovery.io

 

Other Key Features

Inventory

Consolidate your inventory management with consistent and frequent security logs, inventories, and change logs. Dashboard reporting for extensive analytical value.

learn more +

Cost & Usage

Access consolidated capacity, cost, and volume tools in a scaling environment without impacting production or breaking the bank.

learn more +