Search Guard (®) is an alternative to other security solutions for Elasticsearch and offers the following features in addition :
You can choose whether to use Java Cryptography Extension (JCE) or native OpenSSL for SLL handling. OpenSSL is much faster than JCE, and offers a wider range of modern cipher suites, therefore we recommend using OpenSSL.
Authenticate users by providing JSON web tokens.
HTTP Proxy Authentication
Some organisations already have a single-sign-on or authentication solutions in place, like CA single sign on or Citrix Netscaler. Any of these authentication solutions that make the authenticated user available in the HTTP header can be integrated with Search Guard by using our proxy authentication module.
Source code available
Worried about backdoors or hidden functionality? Want to check that Search Guard does not “call home”? Need to do an internal audit before using Search Guard in production? While some of our features require a commercial license, we will keep the complete code open source. Download, inspect, evaluate.