Presented By O'Reilly and Cloudera
Make Data Work
22–23 May 2017: Training
23–25 May 2017: Tutorials & Conference
London, UK

A practitioner’s guide to securing your Hadoop cluster

Mark Donsky (Okera), Andre Araujo (Cloudera), Mubashir Kazia (Cloudera), Syed Rafice (Cloudera)
9:0012:30 Tuesday, 23 May 2017
Level: Intermediate
Average rating: ***..
(3.50, 4 ratings)

Who is this presentation for?

  • Hadoop admins and security ops

Prerequisite knowledge

  • General knowledge of Hadoop and system admin procedures

Materials or downloads needed in advance

  • A WiFi-enabled laptop with the ability to run an SSH client

What you'll learn

  • Learn how to secure a Hadoop cluster for production operations

Description

Many Hadoop clusters lack even the most basic security controls. This is due to several factors: some security features did not exist as recently as two years ago, and the complexity of Hadoop security has proved daunting to administrators.

Mark Donsky, André Araujo, Syed Rafice, and Mubashir Kazia walk you through securing a Hadoop cluster. You’ll start with a cluster with no security and then add security features related to authentication, authorization, encryption of data at rest, encryption of data in transit, and complete data governance.

For each security feature, Mark, André, Syed, and Mubashir cover the following topics:

  • Introduction: What the security feature is, what protection it provides, and best practices and recommendations
  • Planning: How to enable the feature in a phased manner with the fewest growing pains and least risk
  • Relevance: Why it’s important (demonstrated by live attacks against a cluster without the target security feature)
  • Implementation: An overview of how the implementation is performed, where the moving parts are, and potential pitfalls
Photo of Mark Donsky

Mark Donsky

Okera

Mark Donsky leads product management at Okera, a software provider that provides discovery, access control, and governance at scale for today’s modern heterogeneous data environments. Previously, Mark led data management and governance solutions at Cloudera. Mark has held product management roles at companies such as Wily Technology, where he managed the flagship application performance management solution, and Silver Spring Networks, where he managed big data analytics solutions that reduced greenhouse gas emissions by millions of dollars annually. He holds a BS with honors in computer science from the University of Western Ontario.

Photo of Andre Araujo

Andre Araujo

Cloudera

André Araujo is a principal solutions architect at Cloudera. An experienced consultant with a deep understanding of the Hadoop stack and its components and a methodical and keen troubleshooter who loves making things run faster, André is skilled across the entire Hadoop ecosystem and specializes in building high-performance, secure, robust, and scalable architectures to fit customers’ needs.

Photo of Mubashir Kazia

Mubashir Kazia

Cloudera

Mubashir Kazia is a principal solutions architect at Cloudera and an SME in Apache Hadoop security in Cloudera’s Professional Services practice, where he helps customers secure their Hadoop clusters and comply to internal security policies. He also helps new customers transition to Hadoop platform and implement their first few use cases and trains and mentors peers in Hadoop and Hadoop security. Mubashir has worked with customers from all verticals, including banking, manufacturing, healthcare, telecom, retail, and gaming. Previously, he worked on developing solutions for leading investment banking firms.

Photo of Syed Rafice

Syed Rafice

Cloudera

Syed Rafice is a principal system engineer at Cloudera specializing in big data on Hadoop technologies and both platform and cybersecurity. He is responsible for designing, building, developing, and assuring a number of enterprise-level big data platforms using the Cloudera distribution. Syed has worked across multiple sectors including government, telecoms, media, utilities, financial services, and transport.