SlideShare ist ein Scribd-Unternehmen logo

Webinar: MongoDB 2.6 New Security Features

MongoDB
MongoDB

This webinar will cover new security features in MongoDB 2.6 including x.509 authentication, user defined roles, collection level access control, enterprise features like LDAP authentication and auditing, and many other SSL features. We will first give a brief overview of security features through MongoDB 2.4 then cover new features in 2.6 and coming releases.

Technologie
1 von 29
Downloaden Sie, um offline zu lesen
MongoDB 2.6 New Security Features Matt Kalan, Sr. Solutions Architect, MongoDB Dylan Tong, Sr. Solutions Architect, MongoDB
Agenda • Review security capabilities in v2.4 • New features in v2.6 – User Defined Roles – Access Control Improvements – Authentication • x509 • LDAP – Auditing – SSL improvements 2
Review Security in 2.4
Authentication • User authentication – Basic challenge-response • Hashed password managed in MongoDB – Kerberos integration using SASL (Enterprise) • Connects to an existing Kerberos infrastucture • Passwords managed in existing system, not MongoDB – Can combine these if desired in same server • Cluster authentication via shared keyfile 4
Authorization/Access Control • Standard roles assigned in MongoDB • Usernames are in MongoDB and have role(s) assigned to them • You can add standard roles together to build permissioning you need for a user • Lowest granularity is for the database 5
Auditing • Only a small set of operations are logged • Logged in the main Mongo server log • IBM Guardium integration for enterprise policybased security monitoring 6
Encryption • Data in transit – SSL between all MongoDB components is in the Enterprise version – Or build in your own SSL library from the open source version • Data at rest – Customer chooses to use an encrypted file system 7
Upcoming Features in 2.6
Access Control
Role Access Control Application Server Role BI Role DBA Role 10 • Read & Write on Application Database • Read Only on Application Database • Read & Write on Application Database • Administration on Application Databases • Administration on MongoDB Cluster
Advanced Role Access Control Scenario: Multi-tenant Database as a Service Land Lord Clusterwide Administration Rights: provision and remove tenants (eg. create and drop database) Land Lord Assistant Service-Wide Scope Tenant DBA Tenant-Level Scope DBA Rights within Scope of a Single Tenant: eg Delegate rights within the scope of the tenant Tenant App Server 11 Tenant BI Role
Enhancements Needed! Current Version: 1. Privileges are limited to what is pre-defined. 2. Access Controls are limited to database-level Upcoming Version 2.6: 1. User defined privileges and roles are possible! 2. Access Controls can be defined at the collection-level! 12
Access Management Previous to version 2.6… User-privileges are pre-defined: Read: Provides the privilege to run read type operations on a database like find(). Read/Write: Provides the privilege to run write type operations on a database like update(), insert() and remove(). User Admin: Provides the privilege to modify users such as creating users and modifying user privileges. Database Admin: Provides the privileges to run administrative type commands that are related to the scope of a database. Cluster Admin: Provides the privileges to run administrative type commands that are related to the scope of a cluster. 13
Example of Privilege Read Privilege = find aggregate checkShardingIndex cloneCollectionAsCapped collStats count dataSize dbHash dbStats distinct filemd5 geoNear geoSearch geoWalk group mapReduce (inline output only.) text (beta feature.) 14 The actual privilege definition is a pre-defined list of operations.
User Defined Role Concept Privilege A set of actions on a given resource Eg. Read action (run find query) on “Tweets” collection Role A grouping of privileges May also contain other roles User Users are assigned roles 15 Action: an operation eg. find, ensureIndex Resource: some system object that an action can be performed on. eg. Database, collection
Example Use Case Scenario: Multi-tenant Database as a Service Landlord Administrator (example role): 16
Authentication
Leverage Existing Standards Existing Security Infrastructure Identity Management Infrastructure Access Management Directory Services  Leverage existing security infrastructure.  Corporate Security Policies  Industry Standards and Compliance.  Centralized Management: eg. Centralized user/identity management. 18
Authentication Existing Security Infrastructure Partner Integrations: eg. Linux IdM Kerberos Version 2.4+ Identity Management Infrastructure Access Management LDAP Directory Services Version 2.6+ X509 Version 2.6+ Primary Client Authentication 19 Secondary Inter-process Authentication
Authentication Existing Security Infrastructure Identity Management Infrastructure Access Management Directory Services Spoofed Secondary Primary Client Authentication 20 Secondary Inter-process Authentication
X509 Authentication Benefits Don’t have infrastructure in place? No problem! Easy to leverage external infrastructure: - Cloud solutions are commonplace. You use x509 certificates everyday through your web browsers! Client Authentication without disadvantages of passwords: • • • • 21 Weak-password: Guessable, Brute-force, Can be stolen: wiretap, careless misplacing Maintenance: easy to forget. Too many passwords! Re-usable: leaked by the weakest link
MongoDB LDAP Authorization Integration Application Driver 3) Use $external Db.auth( {…} ) Permissioning Product 8) Success = 1 Failed = 0 Mongod Password in cleartext => SSL recommendedç 7) OK or NO 4) Uname/pw saslauthd 6) OK or NO 0) db.addUser( …, userSource: $external, … }) 2) setParameter - saslauthdPath=… - authenticationMechanisms=... - auth=true 22 1) saslauthd config file 5) LDAP Server
Auditing
MongoDB Native Auditing Audited events • Schema (DDL) Operations • Replica Set Operations • Authentication and Authorization Operations • General Operations Application Mongo shell Driver Mongos --auditLog --auditPath --auditFilter Shard 1 Shard N Primary Primary Primary Secondary Secondary Secondary 24 Shard 2 Secondary … Secondary Secondary Output • Syslog • Console • Text file • BSON file
SSL Improvements
SSL Improvements • Optionally Prompt for SSL Certificate Passphrases at Server Startup • Command-line Tools Now Support SSL • MongoDB Allows Only Strong SSL Ciphers • Support for SSL and non-SSL Connections on the Same Port 26
Summary • New features in v2.6 – User Defined Roles – Access Control Improvements – Authentication • x509 • LDAP – Auditing – SSL improvements • Release Notes for MongoDB 2.6 (Development Series 2.5.x) http://docs.mongodb.org/master/release-notes/2.6/ 27
For More Information Resource MongoDB Downloads mongodb.com/download Free Online Training education.mongodb.com Webinars and Events mongodb.com/events White Papers mongodb.com/white-papers Case Studies mongodb.com/customers Presentations mongodb.com/presentations Documentation docs.mongodb.org Additional Info 28 Location info@mongodb.com
Webinar: MongoDB 2.6 New Security Features

Empfohlen

MongoDB 2.4 Security Features
MongoDB 2.4 Security FeaturesMongoDB 2.4 Security Features
MongoDB 2.4 Security FeaturesMongoDB
 
Securing Your Deployment with MongoDB and Red Hat's Identity Management in Re...
Securing Your Deployment with MongoDB and Red Hat's Identity Management in Re...Securing Your Deployment with MongoDB and Red Hat's Identity Management in Re...
Securing Your Deployment with MongoDB and Red Hat's Identity Management in Re...MongoDB
 
Securing Your MongoDB Implementation
Securing Your MongoDB ImplementationSecuring Your MongoDB Implementation
Securing Your MongoDB ImplementationMongoDB
 
Securing Your MongoDB Deployment
Securing Your MongoDB DeploymentSecuring Your MongoDB Deployment
Securing Your MongoDB DeploymentMongoDB
 
Mdb dn 2016_11_ops_mgr
Mdb dn 2016_11_ops_mgrMdb dn 2016_11_ops_mgr
Mdb dn 2016_11_ops_mgrDaniel M. Farrell
 
Beyond the Basics 4: How to secure your MongoDB database
Beyond the Basics 4: How to secure your MongoDB databaseBeyond the Basics 4: How to secure your MongoDB database
Beyond the Basics 4: How to secure your MongoDB databaseMongoDB
 
MongoDB Launchpad 2016: Moving Cybersecurity to the Cloud
MongoDB Launchpad 2016: Moving Cybersecurity to the CloudMongoDB Launchpad 2016: Moving Cybersecurity to the Cloud
MongoDB Launchpad 2016: Moving Cybersecurity to the CloudMongoDB
 
Hadoop Security Preview
Hadoop Security PreviewHadoop Security Preview
Hadoop Security PreviewHadoop User Group
 

Empfohlen

MongoDB 2.4 Security Features
MongoDB 2.4 Security FeaturesMongoDB 2.4 Security Features
MongoDB 2.4 Security FeaturesMongoDB
 
Securing Your Deployment with MongoDB and Red Hat's Identity Management in Re...
Securing Your Deployment with MongoDB and Red Hat's Identity Management in Re...Securing Your Deployment with MongoDB and Red Hat's Identity Management in Re...
Securing Your Deployment with MongoDB and Red Hat's Identity Management in Re...MongoDB
 
Securing Your MongoDB Implementation
Securing Your MongoDB ImplementationSecuring Your MongoDB Implementation
Securing Your MongoDB ImplementationMongoDB
 
Securing Your MongoDB Deployment
Securing Your MongoDB DeploymentSecuring Your MongoDB Deployment
Securing Your MongoDB DeploymentMongoDB
 
Mdb dn 2016_11_ops_mgr
Mdb dn 2016_11_ops_mgrMdb dn 2016_11_ops_mgr
Mdb dn 2016_11_ops_mgrDaniel M. Farrell
 
Beyond the Basics 4: How to secure your MongoDB database
Beyond the Basics 4: How to secure your MongoDB databaseBeyond the Basics 4: How to secure your MongoDB database
Beyond the Basics 4: How to secure your MongoDB databaseMongoDB
 
MongoDB Launchpad 2016: Moving Cybersecurity to the Cloud
MongoDB Launchpad 2016: Moving Cybersecurity to the CloudMongoDB Launchpad 2016: Moving Cybersecurity to the Cloud
MongoDB Launchpad 2016: Moving Cybersecurity to the CloudMongoDB
 
Hadoop Security Preview
Hadoop Security PreviewHadoop Security Preview
Hadoop Security PreviewHadoop User Group
 
Beyond the Basics 4 MongoDB Security and Authentication
Beyond the Basics 4 MongoDB Security and AuthenticationBeyond the Basics 4 MongoDB Security and Authentication
Beyond the Basics 4 MongoDB Security and AuthenticationMongoDB
 
CUBRID Inside - Architecture, Source & Management Components
CUBRID Inside - Architecture, Source & Management ComponentsCUBRID Inside - Architecture, Source & Management Components
CUBRID Inside - Architecture, Source & Management ComponentsCUBRID
 
A Backend to tie them all?
A Backend to tie them all?A Backend to tie them all?
A Backend to tie them all?LDAPCon
 
Kerberos Survival Guide - St. Louis Day of .Net
Kerberos Survival Guide - St. Louis Day of .NetKerberos Survival Guide - St. Louis Day of .Net
Kerberos Survival Guide - St. Louis Day of .NetJ.D. Wade
 
امنیت پایگاه داده MongoDB
امنیت پایگاه داده MongoDBامنیت پایگاه داده MongoDB
امنیت پایگاه داده MongoDBAminM17
 
1 hadoop security_in_details_hadoop_summit2010
1 hadoop security_in_details_hadoop_summit20101 hadoop security_in_details_hadoop_summit2010
1 hadoop security_in_details_hadoop_summit2010Hadoop User Group
 
Build your LDAP Web Interface with LinID Directory Manager
Build your LDAP Web Interface with LinID Directory ManagerBuild your LDAP Web Interface with LinID Directory Manager
Build your LDAP Web Interface with LinID Directory ManagerLDAPCon
 
Tutorial: Managing Protected Data with Globus Connect Server v5
Tutorial: Managing Protected Data with Globus Connect Server v5Tutorial: Managing Protected Data with Globus Connect Server v5
Tutorial: Managing Protected Data with Globus Connect Server v5Globus
 
Distributed Virtual Transaction Directory Server
Distributed Virtual Transaction Directory ServerDistributed Virtual Transaction Directory Server
Distributed Virtual Transaction Directory ServerLDAPCon
 
Kerberos Survival Guide: SharePoint Saturday Nashville 2015
Kerberos Survival Guide: SharePoint Saturday Nashville 2015Kerberos Survival Guide: SharePoint Saturday Nashville 2015
Kerberos Survival Guide: SharePoint Saturday Nashville 2015J.D. Wade
 
Low Hanging Fruit, Making Your Basic MongoDB Installation More Secure
Low Hanging Fruit, Making Your Basic MongoDB Installation More SecureLow Hanging Fruit, Making Your Basic MongoDB Installation More Secure
Low Hanging Fruit, Making Your Basic MongoDB Installation More SecureMongoDB
 
Making Storage Systems Accessible via Globus (GlobusWorld Tour West)
Making Storage Systems Accessible via Globus (GlobusWorld Tour West)Making Storage Systems Accessible via Globus (GlobusWorld Tour West)
Making Storage Systems Accessible via Globus (GlobusWorld Tour West)Globus
 
SambaXP 2014: Trusting Active Directory with FreeIPA: a story beyond Samba
SambaXP 2014: Trusting Active Directory with FreeIPA: a story beyond SambaSambaXP 2014: Trusting Active Directory with FreeIPA: a story beyond Samba
SambaXP 2014: Trusting Active Directory with FreeIPA: a story beyond SambaAlexander Bokovoy
 
Do The Right Thing! How LDAP servers should help LDAP clients
Do The Right Thing! How LDAP servers should help LDAP clientsDo The Right Thing! How LDAP servers should help LDAP clients
Do The Right Thing! How LDAP servers should help LDAP clientsLDAPCon
 
Introduction to Globus (GlobusWorld Tour West)
Introduction to Globus (GlobusWorld Tour West)Introduction to Globus (GlobusWorld Tour West)
Introduction to Globus (GlobusWorld Tour West)Globus
 
Hadoop security
Hadoop securityHadoop security
Hadoop securityshrey mehrotra
 
CUBRID Developer's Course
CUBRID Developer's CourseCUBRID Developer's Course
CUBRID Developer's CourseCUBRID
 
Securing Your MongoDB Deployment
Securing Your MongoDB DeploymentSecuring Your MongoDB Deployment
Securing Your MongoDB DeploymentMongoDB
 
Apache Hadoop India Summit 2011 talk "Making Apache Hadoop Secure" by Devaraj...
Apache Hadoop India Summit 2011 talk "Making Apache Hadoop Secure" by Devaraj...Apache Hadoop India Summit 2011 talk "Making Apache Hadoop Secure" by Devaraj...
Apache Hadoop India Summit 2011 talk "Making Apache Hadoop Secure" by Devaraj...Yahoo Developer Network
 
GWAVACon 2013: Novell GroupWise Windermere Deep Dive
GWAVACon 2013: Novell GroupWise Windermere Deep DiveGWAVACon 2013: Novell GroupWise Windermere Deep Dive
GWAVACon 2013: Novell GroupWise Windermere Deep DiveGWAVA
 
Mongo Performance Optimization Using Indexing
Mongo Performance Optimization Using IndexingMongo Performance Optimization Using Indexing
Mongo Performance Optimization Using IndexingChinmay Naik
 
Webinar: Architecting Secure and Compliant Applications with MongoDB
Webinar: Architecting Secure and Compliant Applications with MongoDBWebinar: Architecting Secure and Compliant Applications with MongoDB
Webinar: Architecting Secure and Compliant Applications with MongoDBMongoDB
 

Weitere ähnliche Inhalte

Was ist angesagt?

Beyond the Basics 4 MongoDB Security and Authentication
Beyond the Basics 4 MongoDB Security and AuthenticationBeyond the Basics 4 MongoDB Security and Authentication
Beyond the Basics 4 MongoDB Security and AuthenticationMongoDB
 
CUBRID Inside - Architecture, Source & Management Components
CUBRID Inside - Architecture, Source & Management ComponentsCUBRID Inside - Architecture, Source & Management Components
CUBRID Inside - Architecture, Source & Management ComponentsCUBRID
 
A Backend to tie them all?
A Backend to tie them all?A Backend to tie them all?
A Backend to tie them all?LDAPCon
 
Kerberos Survival Guide - St. Louis Day of .Net
Kerberos Survival Guide - St. Louis Day of .NetKerberos Survival Guide - St. Louis Day of .Net
Kerberos Survival Guide - St. Louis Day of .NetJ.D. Wade
 
امنیت پایگاه داده MongoDB
امنیت پایگاه داده MongoDBامنیت پایگاه داده MongoDB
امنیت پایگاه داده MongoDBAminM17
 
1 hadoop security_in_details_hadoop_summit2010
1 hadoop security_in_details_hadoop_summit20101 hadoop security_in_details_hadoop_summit2010
1 hadoop security_in_details_hadoop_summit2010Hadoop User Group
 
Build your LDAP Web Interface with LinID Directory Manager
Build your LDAP Web Interface with LinID Directory ManagerBuild your LDAP Web Interface with LinID Directory Manager
Build your LDAP Web Interface with LinID Directory ManagerLDAPCon
 
Tutorial: Managing Protected Data with Globus Connect Server v5
Tutorial: Managing Protected Data with Globus Connect Server v5Tutorial: Managing Protected Data with Globus Connect Server v5
Tutorial: Managing Protected Data with Globus Connect Server v5Globus
 
Distributed Virtual Transaction Directory Server
Distributed Virtual Transaction Directory ServerDistributed Virtual Transaction Directory Server
Distributed Virtual Transaction Directory ServerLDAPCon
 
Kerberos Survival Guide: SharePoint Saturday Nashville 2015
Kerberos Survival Guide: SharePoint Saturday Nashville 2015Kerberos Survival Guide: SharePoint Saturday Nashville 2015
Kerberos Survival Guide: SharePoint Saturday Nashville 2015J.D. Wade
 
Low Hanging Fruit, Making Your Basic MongoDB Installation More Secure
Low Hanging Fruit, Making Your Basic MongoDB Installation More SecureLow Hanging Fruit, Making Your Basic MongoDB Installation More Secure
Low Hanging Fruit, Making Your Basic MongoDB Installation More SecureMongoDB
 
Making Storage Systems Accessible via Globus (GlobusWorld Tour West)
Making Storage Systems Accessible via Globus (GlobusWorld Tour West)Making Storage Systems Accessible via Globus (GlobusWorld Tour West)
Making Storage Systems Accessible via Globus (GlobusWorld Tour West)Globus
 
SambaXP 2014: Trusting Active Directory with FreeIPA: a story beyond Samba
SambaXP 2014: Trusting Active Directory with FreeIPA: a story beyond SambaSambaXP 2014: Trusting Active Directory with FreeIPA: a story beyond Samba
SambaXP 2014: Trusting Active Directory with FreeIPA: a story beyond SambaAlexander Bokovoy
 
Do The Right Thing! How LDAP servers should help LDAP clients
Do The Right Thing! How LDAP servers should help LDAP clientsDo The Right Thing! How LDAP servers should help LDAP clients
Do The Right Thing! How LDAP servers should help LDAP clientsLDAPCon
 
Introduction to Globus (GlobusWorld Tour West)
Introduction to Globus (GlobusWorld Tour West)Introduction to Globus (GlobusWorld Tour West)
Introduction to Globus (GlobusWorld Tour West)Globus
 
CUBRID Developer's Course
CUBRID Developer's CourseCUBRID Developer's Course
CUBRID Developer's CourseCUBRID
 
Securing Your MongoDB Deployment
Securing Your MongoDB DeploymentSecuring Your MongoDB Deployment
Securing Your MongoDB DeploymentMongoDB
 
Apache Hadoop India Summit 2011 talk "Making Apache Hadoop Secure" by Devaraj...
Apache Hadoop India Summit 2011 talk "Making Apache Hadoop Secure" by Devaraj...Apache Hadoop India Summit 2011 talk "Making Apache Hadoop Secure" by Devaraj...
Apache Hadoop India Summit 2011 talk "Making Apache Hadoop Secure" by Devaraj...Yahoo Developer Network
 
GWAVACon 2013: Novell GroupWise Windermere Deep Dive
GWAVACon 2013: Novell GroupWise Windermere Deep DiveGWAVACon 2013: Novell GroupWise Windermere Deep Dive
GWAVACon 2013: Novell GroupWise Windermere Deep DiveGWAVA
 

Was ist angesagt? (20)

Beyond the Basics 4 MongoDB Security and Authentication
Beyond the Basics 4 MongoDB Security and AuthenticationBeyond the Basics 4 MongoDB Security and Authentication
Beyond the Basics 4 MongoDB Security and Authentication
 
CUBRID Inside - Architecture, Source & Management Components
CUBRID Inside - Architecture, Source & Management ComponentsCUBRID Inside - Architecture, Source & Management Components
CUBRID Inside - Architecture, Source & Management Components
 
A Backend to tie them all?
A Backend to tie them all?A Backend to tie them all?
A Backend to tie them all?
 
Kerberos Survival Guide - St. Louis Day of .Net
Kerberos Survival Guide - St. Louis Day of .NetKerberos Survival Guide - St. Louis Day of .Net
Kerberos Survival Guide - St. Louis Day of .Net
 
امنیت پایگاه داده MongoDB
امنیت پایگاه داده MongoDBامنیت پایگاه داده MongoDB
امنیت پایگاه داده MongoDB
 
1 hadoop security_in_details_hadoop_summit2010
1 hadoop security_in_details_hadoop_summit20101 hadoop security_in_details_hadoop_summit2010
1 hadoop security_in_details_hadoop_summit2010
 
Build your LDAP Web Interface with LinID Directory Manager
Build your LDAP Web Interface with LinID Directory ManagerBuild your LDAP Web Interface with LinID Directory Manager
Build your LDAP Web Interface with LinID Directory Manager
 
Tutorial: Managing Protected Data with Globus Connect Server v5
Tutorial: Managing Protected Data with Globus Connect Server v5Tutorial: Managing Protected Data with Globus Connect Server v5
Tutorial: Managing Protected Data with Globus Connect Server v5
 
Distributed Virtual Transaction Directory Server
Distributed Virtual Transaction Directory ServerDistributed Virtual Transaction Directory Server
Distributed Virtual Transaction Directory Server
 
Kerberos Survival Guide: SharePoint Saturday Nashville 2015
Kerberos Survival Guide: SharePoint Saturday Nashville 2015Kerberos Survival Guide: SharePoint Saturday Nashville 2015
Kerberos Survival Guide: SharePoint Saturday Nashville 2015
 
Low Hanging Fruit, Making Your Basic MongoDB Installation More Secure
Low Hanging Fruit, Making Your Basic MongoDB Installation More SecureLow Hanging Fruit, Making Your Basic MongoDB Installation More Secure
Low Hanging Fruit, Making Your Basic MongoDB Installation More Secure
 
Making Storage Systems Accessible via Globus (GlobusWorld Tour West)
Making Storage Systems Accessible via Globus (GlobusWorld Tour West)Making Storage Systems Accessible via Globus (GlobusWorld Tour West)
Making Storage Systems Accessible via Globus (GlobusWorld Tour West)
 
SambaXP 2014: Trusting Active Directory with FreeIPA: a story beyond Samba
SambaXP 2014: Trusting Active Directory with FreeIPA: a story beyond SambaSambaXP 2014: Trusting Active Directory with FreeIPA: a story beyond Samba
SambaXP 2014: Trusting Active Directory with FreeIPA: a story beyond Samba
 
Do The Right Thing! How LDAP servers should help LDAP clients
Do The Right Thing! How LDAP servers should help LDAP clientsDo The Right Thing! How LDAP servers should help LDAP clients
Do The Right Thing! How LDAP servers should help LDAP clients
 
Introduction to Globus (GlobusWorld Tour West)
Introduction to Globus (GlobusWorld Tour West)Introduction to Globus (GlobusWorld Tour West)
Introduction to Globus (GlobusWorld Tour West)
 
Hadoop security
Hadoop securityHadoop security
Hadoop security
 
CUBRID Developer's Course
CUBRID Developer's CourseCUBRID Developer's Course
CUBRID Developer's Course
 
Securing Your MongoDB Deployment
Securing Your MongoDB DeploymentSecuring Your MongoDB Deployment
Securing Your MongoDB Deployment
 
Apache Hadoop India Summit 2011 talk "Making Apache Hadoop Secure" by Devaraj...
Apache Hadoop India Summit 2011 talk "Making Apache Hadoop Secure" by Devaraj...Apache Hadoop India Summit 2011 talk "Making Apache Hadoop Secure" by Devaraj...
Apache Hadoop India Summit 2011 talk "Making Apache Hadoop Secure" by Devaraj...
 
GWAVACon 2013: Novell GroupWise Windermere Deep Dive
GWAVACon 2013: Novell GroupWise Windermere Deep DiveGWAVACon 2013: Novell GroupWise Windermere Deep Dive
GWAVACon 2013: Novell GroupWise Windermere Deep Dive
 

Andere mochten auch

Mongo Performance Optimization Using Indexing
Mongo Performance Optimization Using IndexingMongo Performance Optimization Using Indexing
Mongo Performance Optimization Using IndexingChinmay Naik
 
Webinar: Architecting Secure and Compliant Applications with MongoDB
Webinar: Architecting Secure and Compliant Applications with MongoDBWebinar: Architecting Secure and Compliant Applications with MongoDB
Webinar: Architecting Secure and Compliant Applications with MongoDBMongoDB
 
Oracle database threats - LAOUC Webinar
Oracle database threats - LAOUC WebinarOracle database threats - LAOUC Webinar
Oracle database threats - LAOUC WebinarOsama Mustafa
 
NoSQL Now! Webinar Series: Migrating Security Policies from SQL to NoSQL
NoSQL Now! Webinar Series: Migrating Security Policies from SQL to NoSQLNoSQL Now! Webinar Series: Migrating Security Policies from SQL to NoSQL
NoSQL Now! Webinar Series: Migrating Security Policies from SQL to NoSQLDATAVERSITY
 
Webinar - Security and Manageability: Key Criteria in Selecting Enterprise-Gr...
Webinar - Security and Manageability: Key Criteria in Selecting Enterprise-Gr...Webinar - Security and Manageability: Key Criteria in Selecting Enterprise-Gr...
Webinar - Security and Manageability: Key Criteria in Selecting Enterprise-Gr...DataStax
 
Cassandra and Solid State Drives
Cassandra and Solid State DrivesCassandra and Solid State Drives
Cassandra and Solid State DrivesDataStax Academy
 
MongoDB Linux Porting, Performance Measurements and and Scaling Advantage usi...
MongoDB Linux Porting, Performance Measurements and and Scaling Advantage usi...MongoDB Linux Porting, Performance Measurements and and Scaling Advantage usi...
MongoDB Linux Porting, Performance Measurements and and Scaling Advantage usi...MongoDB
 
Overcoming Scaling Challenges in MongoDB Deployments with SSD
Overcoming Scaling Challenges in MongoDB Deployments with SSDOvercoming Scaling Challenges in MongoDB Deployments with SSD
Overcoming Scaling Challenges in MongoDB Deployments with SSDMongoDB
 
SSecuring Your MongoDB Deployment
SSecuring Your MongoDB DeploymentSSecuring Your MongoDB Deployment
SSecuring Your MongoDB DeploymentMongoDB
 
Ops Jumpstart: MongoDB Administration 101
Ops Jumpstart: MongoDB Administration 101Ops Jumpstart: MongoDB Administration 101
Ops Jumpstart: MongoDB Administration 101MongoDB
 
Mongo db security guide
Mongo db security guideMongo db security guide
Mongo db security guideDeysi Gmarra
 
Replication and Replica Sets
Replication and Replica SetsReplication and Replica Sets
Replication and Replica SetsMongoDB
 
Why does my choice of storage matter with cassandra?
Why does my choice of storage matter with cassandra?Why does my choice of storage matter with cassandra?
Why does my choice of storage matter with cassandra?Johnny Miller
 
Cassandra and Solid State Drives
Cassandra and Solid State DrivesCassandra and Solid State Drives
Cassandra and Solid State DrivesRick Branson
 
Evgeniy Karelin. Mongo DB integration example solving performance and high lo...
Evgeniy Karelin. Mongo DB integration example solving performance and high lo...Evgeniy Karelin. Mongo DB integration example solving performance and high lo...
Evgeniy Karelin. Mongo DB integration example solving performance and high lo...Vlad Savitsky
 
MongoDB in a Mainframe World
MongoDB in a Mainframe WorldMongoDB in a Mainframe World
MongoDB in a Mainframe WorldMongoDB
 
Lessons Learned from Building a Multi-Tenant Saas Content Management System o...
Lessons Learned from Building a Multi-Tenant Saas Content Management System o...Lessons Learned from Building a Multi-Tenant Saas Content Management System o...
Lessons Learned from Building a Multi-Tenant Saas Content Management System o...MongoDB
 

Andere mochten auch (20)

Mongo Performance Optimization Using Indexing
Mongo Performance Optimization Using IndexingMongo Performance Optimization Using Indexing
Mongo Performance Optimization Using Indexing
 
Webinar: Architecting Secure and Compliant Applications with MongoDB
Webinar: Architecting Secure and Compliant Applications with MongoDBWebinar: Architecting Secure and Compliant Applications with MongoDB
Webinar: Architecting Secure and Compliant Applications with MongoDB
 
Oracle database threats - LAOUC Webinar
Oracle database threats - LAOUC WebinarOracle database threats - LAOUC Webinar
Oracle database threats - LAOUC Webinar
 
NoSQL Now! Webinar Series: Migrating Security Policies from SQL to NoSQL
NoSQL Now! Webinar Series: Migrating Security Policies from SQL to NoSQLNoSQL Now! Webinar Series: Migrating Security Policies from SQL to NoSQL
NoSQL Now! Webinar Series: Migrating Security Policies from SQL to NoSQL
 
Webinar - Security and Manageability: Key Criteria in Selecting Enterprise-Gr...
Webinar - Security and Manageability: Key Criteria in Selecting Enterprise-Gr...Webinar - Security and Manageability: Key Criteria in Selecting Enterprise-Gr...
Webinar - Security and Manageability: Key Criteria in Selecting Enterprise-Gr...
 
Cassandra and Solid State Drives
Cassandra and Solid State DrivesCassandra and Solid State Drives
Cassandra and Solid State Drives
 
MongoDB Linux Porting, Performance Measurements and and Scaling Advantage usi...
MongoDB Linux Porting, Performance Measurements and and Scaling Advantage usi...MongoDB Linux Porting, Performance Measurements and and Scaling Advantage usi...
MongoDB Linux Porting, Performance Measurements and and Scaling Advantage usi...
 
Overcoming Scaling Challenges in MongoDB Deployments with SSD
Overcoming Scaling Challenges in MongoDB Deployments with SSDOvercoming Scaling Challenges in MongoDB Deployments with SSD
Overcoming Scaling Challenges in MongoDB Deployments with SSD
 
SSecuring Your MongoDB Deployment
SSecuring Your MongoDB DeploymentSSecuring Your MongoDB Deployment
SSecuring Your MongoDB Deployment
 
Indexing In MongoDB
Indexing In MongoDBIndexing In MongoDB
Indexing In MongoDB
 
Ops Jumpstart: MongoDB Administration 101
Ops Jumpstart: MongoDB Administration 101Ops Jumpstart: MongoDB Administration 101
Ops Jumpstart: MongoDB Administration 101
 
Mongo db security guide
Mongo db security guideMongo db security guide
Mongo db security guide
 
Replication and Replica Sets
Replication and Replica SetsReplication and Replica Sets
Replication and Replica Sets
 
Why does my choice of storage matter with cassandra?
Why does my choice of storage matter with cassandra?Why does my choice of storage matter with cassandra?
Why does my choice of storage matter with cassandra?
 
Cassandra and Solid State Drives
Cassandra and Solid State DrivesCassandra and Solid State Drives
Cassandra and Solid State Drives
 
Evgeniy Karelin. Mongo DB integration example solving performance and high lo...
Evgeniy Karelin. Mongo DB integration example solving performance and high lo...Evgeniy Karelin. Mongo DB integration example solving performance and high lo...
Evgeniy Karelin. Mongo DB integration example solving performance and high lo...
 
MongoDB in a Mainframe World
MongoDB in a Mainframe WorldMongoDB in a Mainframe World
MongoDB in a Mainframe World
 
Lessons Learned from Building a Multi-Tenant Saas Content Management System o...
Lessons Learned from Building a Multi-Tenant Saas Content Management System o...Lessons Learned from Building a Multi-Tenant Saas Content Management System o...
Lessons Learned from Building a Multi-Tenant Saas Content Management System o...
 
Phplx mongodb
Phplx mongodbPhplx mongodb
Phplx mongodb
 
Tuning Linux for MongoDB
Tuning Linux for MongoDBTuning Linux for MongoDB
Tuning Linux for MongoDB
 

Ähnlich wie Webinar: MongoDB 2.6 New Security Features

Securing Hadoop in an Enterprise Context
Securing Hadoop in an Enterprise ContextSecuring Hadoop in an Enterprise Context
Securing Hadoop in an Enterprise ContextHellmar Becker
 
Kangaroot EDB Webinar Best Practices in Security with PostgreSQL
Kangaroot EDB Webinar Best Practices in Security with PostgreSQLKangaroot EDB Webinar Best Practices in Security with PostgreSQL
Kangaroot EDB Webinar Best Practices in Security with PostgreSQLKangaroot
 
Webinar: Best Practices for Securing and Protecting MongoDB Data
Webinar: Best Practices for Securing and Protecting MongoDB DataWebinar: Best Practices for Securing and Protecting MongoDB Data
Webinar: Best Practices for Securing and Protecting MongoDB DataMongoDB
 
Application hardening, Secure Socket Layer(SSL) & Secure Electronic Transacti...
Application hardening, Secure Socket Layer(SSL) & Secure Electronic Transacti...Application hardening, Secure Socket Layer(SSL) & Secure Electronic Transacti...
Application hardening, Secure Socket Layer(SSL) & Secure Electronic Transacti...Jayesh Naik
 
Application hardening
Application hardeningApplication hardening
Application hardeningJayesh Naik
 
Thick Application Penetration Testing - A Crash Course
Thick Application Penetration Testing - A Crash CourseThick Application Penetration Testing - A Crash Course
Thick Application Penetration Testing - A Crash CourseNetSPI
 
RES Software Online Seminar 10 mei 2011
RES Software Online Seminar 10 mei 2011RES Software Online Seminar 10 mei 2011
RES Software Online Seminar 10 mei 2011RES Software Nederland
 
Securing Hadoop in an Enterprise Context (v2)
Securing Hadoop in an Enterprise Context (v2)Securing Hadoop in an Enterprise Context (v2)
Securing Hadoop in an Enterprise Context (v2)Hellmar Becker
 
Centralizing users’ authentication at Active Directory level 
Centralizing users’ authentication at Active Directory level Centralizing users’ authentication at Active Directory level 
Centralizing users’ authentication at Active Directory level Hossein Sarshar
 
Db2.security.slides
Db2.security.slidesDb2.security.slides
Db2.security.slidesasderww
 
Securing Your Enterprise Web Apps with MongoDB Enterprise
Securing Your Enterprise Web Apps with MongoDB Enterprise Securing Your Enterprise Web Apps with MongoDB Enterprise
Securing Your Enterprise Web Apps with MongoDB Enterprise MongoDB
 
Session 3 - Windows Server 2012 with Jared Thibodeau
Session 3 - Windows Server 2012 with Jared ThibodeauSession 3 - Windows Server 2012 with Jared Thibodeau
Session 3 - Windows Server 2012 with Jared ThibodeauCTE Solutions Inc.
 
Protecting Windows Passwords and Preventing Windows Computer / Password Attacks
Protecting Windows Passwords and Preventing Windows Computer / Password AttacksProtecting Windows Passwords and Preventing Windows Computer / Password Attacks
Protecting Windows Passwords and Preventing Windows Computer / Password AttacksZoho Corporation
 
Chapter_11_LDAP_and_Kerberos-converted.pptx
Chapter_11_LDAP_and_Kerberos-converted.pptxChapter_11_LDAP_and_Kerberos-converted.pptx
Chapter_11_LDAP_and_Kerberos-converted.pptxahmedsayed947221
 
Cause 2013: A Flexible Approach to Creating an Enterprise Directory
Cause 2013: A Flexible Approach to Creating an Enterprise DirectoryCause 2013: A Flexible Approach to Creating an Enterprise Directory
Cause 2013: A Flexible Approach to Creating an Enterprise Directoryrwgorrel
 
Creating a Multi-Layered Secured Postgres Database
Creating a Multi-Layered Secured Postgres DatabaseCreating a Multi-Layered Secured Postgres Database
Creating a Multi-Layered Secured Postgres DatabaseEDB
 
Thick Application Penetration Testing: Crash Course
Thick Application Penetration Testing: Crash CourseThick Application Penetration Testing: Crash Course
Thick Application Penetration Testing: Crash CourseScott Sutherland
 
Java Development on Bluemix
Java Development on BluemixJava Development on Bluemix
Java Development on BluemixRam Vennam
 

Ähnlich wie Webinar: MongoDB 2.6 New Security Features (20)

Securing Hadoop in an Enterprise Context
Securing Hadoop in an Enterprise ContextSecuring Hadoop in an Enterprise Context
Securing Hadoop in an Enterprise Context
 
Kangaroot EDB Webinar Best Practices in Security with PostgreSQL
Kangaroot EDB Webinar Best Practices in Security with PostgreSQLKangaroot EDB Webinar Best Practices in Security with PostgreSQL
Kangaroot EDB Webinar Best Practices in Security with PostgreSQL
 
Webinar: Best Practices for Securing and Protecting MongoDB Data
Webinar: Best Practices for Securing and Protecting MongoDB DataWebinar: Best Practices for Securing and Protecting MongoDB Data
Webinar: Best Practices for Securing and Protecting MongoDB Data
 
Application hardening, Secure Socket Layer(SSL) & Secure Electronic Transacti...
Application hardening, Secure Socket Layer(SSL) & Secure Electronic Transacti...Application hardening, Secure Socket Layer(SSL) & Secure Electronic Transacti...
Application hardening, Secure Socket Layer(SSL) & Secure Electronic Transacti...
 
Application hardening
Application hardeningApplication hardening
Application hardening
 
Thick Application Penetration Testing - A Crash Course
Thick Application Penetration Testing - A Crash CourseThick Application Penetration Testing - A Crash Course
Thick Application Penetration Testing - A Crash Course
 
RES Software Online Seminar 10 mei 2011
RES Software Online Seminar 10 mei 2011RES Software Online Seminar 10 mei 2011
RES Software Online Seminar 10 mei 2011
 
Securing Hadoop in an Enterprise Context (v2)
Securing Hadoop in an Enterprise Context (v2)Securing Hadoop in an Enterprise Context (v2)
Securing Hadoop in an Enterprise Context (v2)
 
Securing Hadoop in an Enterprise Context
Securing Hadoop in an Enterprise ContextSecuring Hadoop in an Enterprise Context
Securing Hadoop in an Enterprise Context
 
Centralizing users’ authentication at Active Directory level 
Centralizing users’ authentication at Active Directory level Centralizing users’ authentication at Active Directory level 
Centralizing users’ authentication at Active Directory level 
 
Db2.security.slides
Db2.security.slidesDb2.security.slides
Db2.security.slides
 
Securing Your Enterprise Web Apps with MongoDB Enterprise
Securing Your Enterprise Web Apps with MongoDB Enterprise Securing Your Enterprise Web Apps with MongoDB Enterprise
Securing Your Enterprise Web Apps with MongoDB Enterprise
 
Auditing DB2 on z/OS with DBARS
Auditing DB2 on z/OS with DBARSAuditing DB2 on z/OS with DBARS
Auditing DB2 on z/OS with DBARS
 
Session 3 - Windows Server 2012 with Jared Thibodeau
Session 3 - Windows Server 2012 with Jared ThibodeauSession 3 - Windows Server 2012 with Jared Thibodeau
Session 3 - Windows Server 2012 with Jared Thibodeau
 
Protecting Windows Passwords and Preventing Windows Computer / Password Attacks
Protecting Windows Passwords and Preventing Windows Computer / Password AttacksProtecting Windows Passwords and Preventing Windows Computer / Password Attacks
Protecting Windows Passwords and Preventing Windows Computer / Password Attacks
 
Chapter_11_LDAP_and_Kerberos-converted.pptx
Chapter_11_LDAP_and_Kerberos-converted.pptxChapter_11_LDAP_and_Kerberos-converted.pptx
Chapter_11_LDAP_and_Kerberos-converted.pptx
 
Cause 2013: A Flexible Approach to Creating an Enterprise Directory
Cause 2013: A Flexible Approach to Creating an Enterprise DirectoryCause 2013: A Flexible Approach to Creating an Enterprise Directory
Cause 2013: A Flexible Approach to Creating an Enterprise Directory
 
Creating a Multi-Layered Secured Postgres Database
Creating a Multi-Layered Secured Postgres DatabaseCreating a Multi-Layered Secured Postgres Database
Creating a Multi-Layered Secured Postgres Database
 
Thick Application Penetration Testing: Crash Course
Thick Application Penetration Testing: Crash CourseThick Application Penetration Testing: Crash Course
Thick Application Penetration Testing: Crash Course
 
Java Development on Bluemix
Java Development on BluemixJava Development on Bluemix
Java Development on Bluemix
 

Mehr von MongoDB

MongoDB SoCal 2020: Migrate Anything* to MongoDB Atlas
MongoDB SoCal 2020: Migrate Anything* to MongoDB AtlasMongoDB SoCal 2020: Migrate Anything* to MongoDB Atlas
MongoDB SoCal 2020: Migrate Anything* to MongoDB AtlasMongoDB
 
MongoDB SoCal 2020: Go on a Data Safari with MongoDB Charts!
MongoDB SoCal 2020: Go on a Data Safari with MongoDB Charts!MongoDB SoCal 2020: Go on a Data Safari with MongoDB Charts!
MongoDB SoCal 2020: Go on a Data Safari with MongoDB Charts!MongoDB
 
MongoDB SoCal 2020: Using MongoDB Services in Kubernetes: Any Platform, Devel...
MongoDB SoCal 2020: Using MongoDB Services in Kubernetes: Any Platform, Devel...MongoDB SoCal 2020: Using MongoDB Services in Kubernetes: Any Platform, Devel...
MongoDB SoCal 2020: Using MongoDB Services in Kubernetes: Any Platform, Devel...MongoDB
 
MongoDB SoCal 2020: A Complete Methodology of Data Modeling for MongoDB
MongoDB SoCal 2020: A Complete Methodology of Data Modeling for MongoDBMongoDB SoCal 2020: A Complete Methodology of Data Modeling for MongoDB
MongoDB SoCal 2020: A Complete Methodology of Data Modeling for MongoDBMongoDB
 
MongoDB SoCal 2020: From Pharmacist to Analyst: Leveraging MongoDB for Real-T...
MongoDB SoCal 2020: From Pharmacist to Analyst: Leveraging MongoDB for Real-T...MongoDB SoCal 2020: From Pharmacist to Analyst: Leveraging MongoDB for Real-T...
MongoDB SoCal 2020: From Pharmacist to Analyst: Leveraging MongoDB for Real-T...MongoDB
 
MongoDB SoCal 2020: Best Practices for Working with IoT and Time-series Data
MongoDB SoCal 2020: Best Practices for Working with IoT and Time-series DataMongoDB SoCal 2020: Best Practices for Working with IoT and Time-series Data
MongoDB SoCal 2020: Best Practices for Working with IoT and Time-series DataMongoDB
 
MongoDB SoCal 2020: MongoDB Atlas Jump Start
MongoDB SoCal 2020: MongoDB Atlas Jump Start MongoDB SoCal 2020: MongoDB Atlas Jump Start
MongoDB SoCal 2020: MongoDB Atlas Jump StartMongoDB
 
MongoDB .local San Francisco 2020: Powering the new age data demands [Infosys]
MongoDB .local San Francisco 2020: Powering the new age data demands [Infosys]MongoDB .local San Francisco 2020: Powering the new age data demands [Infosys]
MongoDB .local San Francisco 2020: Powering the new age data demands [Infosys]MongoDB
 
MongoDB .local San Francisco 2020: Using Client Side Encryption in MongoDB 4.2
MongoDB .local San Francisco 2020: Using Client Side Encryption in MongoDB 4.2MongoDB .local San Francisco 2020: Using Client Side Encryption in MongoDB 4.2
MongoDB .local San Francisco 2020: Using Client Side Encryption in MongoDB 4.2MongoDB
 
MongoDB .local San Francisco 2020: Using MongoDB Services in Kubernetes: any ...
MongoDB .local San Francisco 2020: Using MongoDB Services in Kubernetes: any ...MongoDB .local San Francisco 2020: Using MongoDB Services in Kubernetes: any ...
MongoDB .local San Francisco 2020: Using MongoDB Services in Kubernetes: any ...MongoDB
 
MongoDB .local San Francisco 2020: Go on a Data Safari with MongoDB Charts!
MongoDB .local San Francisco 2020: Go on a Data Safari with MongoDB Charts!MongoDB .local San Francisco 2020: Go on a Data Safari with MongoDB Charts!
MongoDB .local San Francisco 2020: Go on a Data Safari with MongoDB Charts!MongoDB
 
MongoDB .local San Francisco 2020: From SQL to NoSQL -- Changing Your Mindset
MongoDB .local San Francisco 2020: From SQL to NoSQL -- Changing Your MindsetMongoDB .local San Francisco 2020: From SQL to NoSQL -- Changing Your Mindset
MongoDB .local San Francisco 2020: From SQL to NoSQL -- Changing Your MindsetMongoDB
 
MongoDB .local San Francisco 2020: MongoDB Atlas Jumpstart
MongoDB .local San Francisco 2020: MongoDB Atlas JumpstartMongoDB .local San Francisco 2020: MongoDB Atlas Jumpstart
MongoDB .local San Francisco 2020: MongoDB Atlas JumpstartMongoDB
 
MongoDB .local San Francisco 2020: Tips and Tricks++ for Querying and Indexin...
MongoDB .local San Francisco 2020: Tips and Tricks++ for Querying and Indexin...MongoDB .local San Francisco 2020: Tips and Tricks++ for Querying and Indexin...
MongoDB .local San Francisco 2020: Tips and Tricks++ for Querying and Indexin...MongoDB
 
MongoDB .local San Francisco 2020: Aggregation Pipeline Power++
MongoDB .local San Francisco 2020: Aggregation Pipeline Power++MongoDB .local San Francisco 2020: Aggregation Pipeline Power++
MongoDB .local San Francisco 2020: Aggregation Pipeline Power++MongoDB
 
MongoDB .local San Francisco 2020: A Complete Methodology of Data Modeling fo...
MongoDB .local San Francisco 2020: A Complete Methodology of Data Modeling fo...MongoDB .local San Francisco 2020: A Complete Methodology of Data Modeling fo...
MongoDB .local San Francisco 2020: A Complete Methodology of Data Modeling fo...MongoDB
 
MongoDB .local San Francisco 2020: MongoDB Atlas Data Lake Technical Deep Dive
MongoDB .local San Francisco 2020: MongoDB Atlas Data Lake Technical Deep DiveMongoDB .local San Francisco 2020: MongoDB Atlas Data Lake Technical Deep Dive
MongoDB .local San Francisco 2020: MongoDB Atlas Data Lake Technical Deep DiveMongoDB
 
MongoDB .local San Francisco 2020: Developing Alexa Skills with MongoDB & Golang
MongoDB .local San Francisco 2020: Developing Alexa Skills with MongoDB & GolangMongoDB .local San Francisco 2020: Developing Alexa Skills with MongoDB & Golang
MongoDB .local San Francisco 2020: Developing Alexa Skills with MongoDB & GolangMongoDB
 
MongoDB .local Paris 2020: Realm : l'ingrédient secret pour de meilleures app...
MongoDB .local Paris 2020: Realm : l'ingrédient secret pour de meilleures app...MongoDB .local Paris 2020: Realm : l'ingrédient secret pour de meilleures app...
MongoDB .local Paris 2020: Realm : l'ingrédient secret pour de meilleures app...MongoDB
 
MongoDB .local Paris 2020: Upply @MongoDB : Upply : Quand le Machine Learning...
MongoDB .local Paris 2020: Upply @MongoDB : Upply : Quand le Machine Learning...MongoDB .local Paris 2020: Upply @MongoDB : Upply : Quand le Machine Learning...
MongoDB .local Paris 2020: Upply @MongoDB : Upply : Quand le Machine Learning...MongoDB
 

Mehr von MongoDB (20)

MongoDB SoCal 2020: Migrate Anything* to MongoDB Atlas
MongoDB SoCal 2020: Migrate Anything* to MongoDB AtlasMongoDB SoCal 2020: Migrate Anything* to MongoDB Atlas
MongoDB SoCal 2020: Migrate Anything* to MongoDB Atlas
 
MongoDB SoCal 2020: Go on a Data Safari with MongoDB Charts!
MongoDB SoCal 2020: Go on a Data Safari with MongoDB Charts!MongoDB SoCal 2020: Go on a Data Safari with MongoDB Charts!
MongoDB SoCal 2020: Go on a Data Safari with MongoDB Charts!
 
MongoDB SoCal 2020: Using MongoDB Services in Kubernetes: Any Platform, Devel...
MongoDB SoCal 2020: Using MongoDB Services in Kubernetes: Any Platform, Devel...MongoDB SoCal 2020: Using MongoDB Services in Kubernetes: Any Platform, Devel...
MongoDB SoCal 2020: Using MongoDB Services in Kubernetes: Any Platform, Devel...
 
MongoDB SoCal 2020: A Complete Methodology of Data Modeling for MongoDB
MongoDB SoCal 2020: A Complete Methodology of Data Modeling for MongoDBMongoDB SoCal 2020: A Complete Methodology of Data Modeling for MongoDB
MongoDB SoCal 2020: A Complete Methodology of Data Modeling for MongoDB
 
MongoDB SoCal 2020: From Pharmacist to Analyst: Leveraging MongoDB for Real-T...
MongoDB SoCal 2020: From Pharmacist to Analyst: Leveraging MongoDB for Real-T...MongoDB SoCal 2020: From Pharmacist to Analyst: Leveraging MongoDB for Real-T...
MongoDB SoCal 2020: From Pharmacist to Analyst: Leveraging MongoDB for Real-T...
 
MongoDB SoCal 2020: Best Practices for Working with IoT and Time-series Data
MongoDB SoCal 2020: Best Practices for Working with IoT and Time-series DataMongoDB SoCal 2020: Best Practices for Working with IoT and Time-series Data
MongoDB SoCal 2020: Best Practices for Working with IoT and Time-series Data
 
MongoDB SoCal 2020: MongoDB Atlas Jump Start
MongoDB SoCal 2020: MongoDB Atlas Jump Start MongoDB SoCal 2020: MongoDB Atlas Jump Start
MongoDB SoCal 2020: MongoDB Atlas Jump Start
 
MongoDB .local San Francisco 2020: Powering the new age data demands [Infosys]
MongoDB .local San Francisco 2020: Powering the new age data demands [Infosys]MongoDB .local San Francisco 2020: Powering the new age data demands [Infosys]
MongoDB .local San Francisco 2020: Powering the new age data demands [Infosys]
 
MongoDB .local San Francisco 2020: Using Client Side Encryption in MongoDB 4.2
MongoDB .local San Francisco 2020: Using Client Side Encryption in MongoDB 4.2MongoDB .local San Francisco 2020: Using Client Side Encryption in MongoDB 4.2
MongoDB .local San Francisco 2020: Using Client Side Encryption in MongoDB 4.2
 
MongoDB .local San Francisco 2020: Using MongoDB Services in Kubernetes: any ...
MongoDB .local San Francisco 2020: Using MongoDB Services in Kubernetes: any ...MongoDB .local San Francisco 2020: Using MongoDB Services in Kubernetes: any ...
MongoDB .local San Francisco 2020: Using MongoDB Services in Kubernetes: any ...
 
MongoDB .local San Francisco 2020: Go on a Data Safari with MongoDB Charts!
MongoDB .local San Francisco 2020: Go on a Data Safari with MongoDB Charts!MongoDB .local San Francisco 2020: Go on a Data Safari with MongoDB Charts!
MongoDB .local San Francisco 2020: Go on a Data Safari with MongoDB Charts!
 
MongoDB .local San Francisco 2020: From SQL to NoSQL -- Changing Your Mindset
MongoDB .local San Francisco 2020: From SQL to NoSQL -- Changing Your MindsetMongoDB .local San Francisco 2020: From SQL to NoSQL -- Changing Your Mindset
MongoDB .local San Francisco 2020: From SQL to NoSQL -- Changing Your Mindset
 
MongoDB .local San Francisco 2020: MongoDB Atlas Jumpstart
MongoDB .local San Francisco 2020: MongoDB Atlas JumpstartMongoDB .local San Francisco 2020: MongoDB Atlas Jumpstart
MongoDB .local San Francisco 2020: MongoDB Atlas Jumpstart
 
MongoDB .local San Francisco 2020: Tips and Tricks++ for Querying and Indexin...
MongoDB .local San Francisco 2020: Tips and Tricks++ for Querying and Indexin...MongoDB .local San Francisco 2020: Tips and Tricks++ for Querying and Indexin...
MongoDB .local San Francisco 2020: Tips and Tricks++ for Querying and Indexin...
 
MongoDB .local San Francisco 2020: Aggregation Pipeline Power++
MongoDB .local San Francisco 2020: Aggregation Pipeline Power++MongoDB .local San Francisco 2020: Aggregation Pipeline Power++
MongoDB .local San Francisco 2020: Aggregation Pipeline Power++
 
MongoDB .local San Francisco 2020: A Complete Methodology of Data Modeling fo...
MongoDB .local San Francisco 2020: A Complete Methodology of Data Modeling fo...MongoDB .local San Francisco 2020: A Complete Methodology of Data Modeling fo...
MongoDB .local San Francisco 2020: A Complete Methodology of Data Modeling fo...
 
MongoDB .local San Francisco 2020: MongoDB Atlas Data Lake Technical Deep Dive
MongoDB .local San Francisco 2020: MongoDB Atlas Data Lake Technical Deep DiveMongoDB .local San Francisco 2020: MongoDB Atlas Data Lake Technical Deep Dive
MongoDB .local San Francisco 2020: MongoDB Atlas Data Lake Technical Deep Dive
 
MongoDB .local San Francisco 2020: Developing Alexa Skills with MongoDB & Golang
MongoDB .local San Francisco 2020: Developing Alexa Skills with MongoDB & GolangMongoDB .local San Francisco 2020: Developing Alexa Skills with MongoDB & Golang
MongoDB .local San Francisco 2020: Developing Alexa Skills with MongoDB & Golang
 
MongoDB .local Paris 2020: Realm : l'ingrédient secret pour de meilleures app...
MongoDB .local Paris 2020: Realm : l'ingrédient secret pour de meilleures app...MongoDB .local Paris 2020: Realm : l'ingrédient secret pour de meilleures app...
MongoDB .local Paris 2020: Realm : l'ingrédient secret pour de meilleures app...
 
MongoDB .local Paris 2020: Upply @MongoDB : Upply : Quand le Machine Learning...
MongoDB .local Paris 2020: Upply @MongoDB : Upply : Quand le Machine Learning...MongoDB .local Paris 2020: Upply @MongoDB : Upply : Quand le Machine Learning...
MongoDB .local Paris 2020: Upply @MongoDB : Upply : Quand le Machine Learning...
 

Kürzlich hochgeladen

Kuma Meshes Part I - The basics - A tutorial
Kuma Meshes Part I - The basics - A tutorialKuma Meshes Part I - The basics - A tutorial
Kuma Meshes Part I - The basics - A tutorialJoão Esperancinha
 
Bridging Between CAD & GIS: 6 Ways to Automate Your Data Integration
Bridging Between CAD & GIS: 6 Ways to Automate Your Data IntegrationBridging Between CAD & GIS: 6 Ways to Automate Your Data Integration
Bridging Between CAD & GIS: 6 Ways to Automate Your Data Integrationmarketing932765
 
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...Wes McKinney
 
Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Farhan Tariq
 
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality AssuranceInflectra
 
Assure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyesAssure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyesThousandEyes
 
Potential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsPotential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsRavi Sanghani
 
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Mark Goldstein
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesThousandEyes
 
Generative AI - Gitex v1Generative AI - Gitex v1.pptx
Generative AI - Gitex v1Generative AI - Gitex v1.pptxGenerative AI - Gitex v1Generative AI - Gitex v1.pptx
Generative AI - Gitex v1Generative AI - Gitex v1.pptxfnnc6jmgwh
 
QCon London: Mastering long-running processes in modern architectures
QCon London: Mastering long-running processes in modern architecturesQCon London: Mastering long-running processes in modern architectures
QCon London: Mastering long-running processes in modern architecturesBernd Ruecker
 
Infrared simulation and processing on Nvidia platforms
Infrared simulation and processing on Nvidia platformsInfrared simulation and processing on Nvidia platforms
Infrared simulation and processing on Nvidia platformsYoss Cohen
 
Testing tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesTesting tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesKari Kakkonen
 
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical InfrastructureVarsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructureitnewsafrica
 
Zeshan Sattar- Assessing the skill requirements and industry expectations for...
Zeshan Sattar- Assessing the skill requirements and industry expectations for...Zeshan Sattar- Assessing the skill requirements and industry expectations for...
Zeshan Sattar- Assessing the skill requirements and industry expectations for...itnewsafrica
 
React Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App FrameworkReact Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App FrameworkPixlogix Infotech
 
Transcript: New from BookNet Canada for 2024: BNC SalesData and LibraryData -...
Transcript: New from BookNet Canada for 2024: BNC SalesData and LibraryData -...Transcript: New from BookNet Canada for 2024: BNC SalesData and LibraryData -...
Transcript: New from BookNet Canada for 2024: BNC SalesData and LibraryData -...BookNet Canada
 
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better StrongerModern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better Strongerpanagenda
 
Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)Kaya Weers
 
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfSo einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfpanagenda
 

Kürzlich hochgeladen (20)

Kuma Meshes Part I - The basics - A tutorial
Kuma Meshes Part I - The basics - A tutorialKuma Meshes Part I - The basics - A tutorial
Kuma Meshes Part I - The basics - A tutorial
 
Bridging Between CAD & GIS: 6 Ways to Automate Your Data Integration
Bridging Between CAD & GIS: 6 Ways to Automate Your Data IntegrationBridging Between CAD & GIS: 6 Ways to Automate Your Data Integration
Bridging Between CAD & GIS: 6 Ways to Automate Your Data Integration
 
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
 
Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...
 
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
 
Assure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyesAssure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyes
 
Potential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsPotential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and Insights
 
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
 
Generative AI - Gitex v1Generative AI - Gitex v1.pptx
Generative AI - Gitex v1Generative AI - Gitex v1.pptxGenerative AI - Gitex v1Generative AI - Gitex v1.pptx
Generative AI - Gitex v1Generative AI - Gitex v1.pptx
 
QCon London: Mastering long-running processes in modern architectures
QCon London: Mastering long-running processes in modern architecturesQCon London: Mastering long-running processes in modern architectures
QCon London: Mastering long-running processes in modern architectures
 
Infrared simulation and processing on Nvidia platforms
Infrared simulation and processing on Nvidia platformsInfrared simulation and processing on Nvidia platforms
Infrared simulation and processing on Nvidia platforms
 
Testing tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesTesting tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examples
 
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical InfrastructureVarsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
 
Zeshan Sattar- Assessing the skill requirements and industry expectations for...
Zeshan Sattar- Assessing the skill requirements and industry expectations for...Zeshan Sattar- Assessing the skill requirements and industry expectations for...
Zeshan Sattar- Assessing the skill requirements and industry expectations for...
 
React Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App FrameworkReact Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App Framework
 
Transcript: New from BookNet Canada for 2024: BNC SalesData and LibraryData -...
Transcript: New from BookNet Canada for 2024: BNC SalesData and LibraryData -...Transcript: New from BookNet Canada for 2024: BNC SalesData and LibraryData -...
Transcript: New from BookNet Canada for 2024: BNC SalesData and LibraryData -...
 
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better StrongerModern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
 
Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)
 
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfSo einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
 

Webinar: MongoDB 2.6 New Security Features

  • 1. MongoDB 2.6 New Security Features Matt Kalan, Sr. Solutions Architect, MongoDB Dylan Tong, Sr. Solutions Architect, MongoDB
  • 2. Agenda • Review security capabilities in v2.4 • New features in v2.6 – User Defined Roles – Access Control Improvements – Authentication • x509 • LDAP – Auditing – SSL improvements 2
  • 4. Authentication • User authentication – Basic challenge-response • Hashed password managed in MongoDB – Kerberos integration using SASL (Enterprise) • Connects to an existing Kerberos infrastucture • Passwords managed in existing system, not MongoDB – Can combine these if desired in same server • Cluster authentication via shared keyfile 4
  • 5. Authorization/Access Control • Standard roles assigned in MongoDB • Usernames are in MongoDB and have role(s) assigned to them • You can add standard roles together to build permissioning you need for a user • Lowest granularity is for the database 5
  • 6. Auditing • Only a small set of operations are logged • Logged in the main Mongo server log • IBM Guardium integration for enterprise policybased security monitoring 6
  • 7. Encryption • Data in transit – SSL between all MongoDB components is in the Enterprise version – Or build in your own SSL library from the open source version • Data at rest – Customer chooses to use an encrypted file system 7
  • 10. Role Access Control Application Server Role BI Role DBA Role 10 • Read & Write on Application Database • Read Only on Application Database • Read & Write on Application Database • Administration on Application Databases • Administration on MongoDB Cluster
  • 11. Advanced Role Access Control Scenario: Multi-tenant Database as a Service Land Lord Clusterwide Administration Rights: provision and remove tenants (eg. create and drop database) Land Lord Assistant Service-Wide Scope Tenant DBA Tenant-Level Scope DBA Rights within Scope of a Single Tenant: eg Delegate rights within the scope of the tenant Tenant App Server 11 Tenant BI Role
  • 12. Enhancements Needed! Current Version: 1. Privileges are limited to what is pre-defined. 2. Access Controls are limited to database-level Upcoming Version 2.6: 1. User defined privileges and roles are possible! 2. Access Controls can be defined at the collection-level! 12
  • 13. Access Management Previous to version 2.6… User-privileges are pre-defined: Read: Provides the privilege to run read type operations on a database like find(). Read/Write: Provides the privilege to run write type operations on a database like update(), insert() and remove(). User Admin: Provides the privilege to modify users such as creating users and modifying user privileges. Database Admin: Provides the privileges to run administrative type commands that are related to the scope of a database. Cluster Admin: Provides the privileges to run administrative type commands that are related to the scope of a cluster. 13
  • 14. Example of Privilege Read Privilege = find aggregate checkShardingIndex cloneCollectionAsCapped collStats count dataSize dbHash dbStats distinct filemd5 geoNear geoSearch geoWalk group mapReduce (inline output only.) text (beta feature.) 14 The actual privilege definition is a pre-defined list of operations.
  • 15. User Defined Role Concept Privilege A set of actions on a given resource Eg. Read action (run find query) on “Tweets” collection Role A grouping of privileges May also contain other roles User Users are assigned roles 15 Action: an operation eg. find, ensureIndex Resource: some system object that an action can be performed on. eg. Database, collection
  • 16. Example Use Case Scenario: Multi-tenant Database as a Service Landlord Administrator (example role): 16
  • 18. Leverage Existing Standards Existing Security Infrastructure Identity Management Infrastructure Access Management Directory Services  Leverage existing security infrastructure.  Corporate Security Policies  Industry Standards and Compliance.  Centralized Management: eg. Centralized user/identity management. 18
  • 19. Authentication Existing Security Infrastructure Partner Integrations: eg. Linux IdM Kerberos Version 2.4+ Identity Management Infrastructure Access Management LDAP Directory Services Version 2.6+ X509 Version 2.6+ Primary Client Authentication 19 Secondary Inter-process Authentication
  • 20. Authentication Existing Security Infrastructure Identity Management Infrastructure Access Management Directory Services Spoofed Secondary Primary Client Authentication 20 Secondary Inter-process Authentication
  • 21. X509 Authentication Benefits Don’t have infrastructure in place? No problem! Easy to leverage external infrastructure: - Cloud solutions are commonplace. You use x509 certificates everyday through your web browsers! Client Authentication without disadvantages of passwords: • • • • 21 Weak-password: Guessable, Brute-force, Can be stolen: wiretap, careless misplacing Maintenance: easy to forget. Too many passwords! Re-usable: leaked by the weakest link
  • 22. MongoDB LDAP Authorization Integration Application Driver 3) Use $external Db.auth( {…} ) Permissioning Product 8) Success = 1 Failed = 0 Mongod Password in cleartext => SSL recommendedç 7) OK or NO 4) Uname/pw saslauthd 6) OK or NO 0) db.addUser( …, userSource: $external, … }) 2) setParameter - saslauthdPath=… - authenticationMechanisms=... - auth=true 22 1) saslauthd config file 5) LDAP Server
  • 24. MongoDB Native Auditing Audited events • Schema (DDL) Operations • Replica Set Operations • Authentication and Authorization Operations • General Operations Application Mongo shell Driver Mongos --auditLog --auditPath --auditFilter Shard 1 Shard N Primary Primary Primary Secondary Secondary Secondary 24 Shard 2 Secondary … Secondary Secondary Output • Syslog • Console • Text file • BSON file
  • 26. SSL Improvements • Optionally Prompt for SSL Certificate Passphrases at Server Startup • Command-line Tools Now Support SSL • MongoDB Allows Only Strong SSL Ciphers • Support for SSL and non-SSL Connections on the Same Port 26
  • 27. Summary • New features in v2.6 – User Defined Roles – Access Control Improvements – Authentication • x509 • LDAP – Auditing – SSL improvements • Release Notes for MongoDB 2.6 (Development Series 2.5.x) http://docs.mongodb.org/master/release-notes/2.6/ 27
  • 28. For More Information Resource MongoDB Downloads mongodb.com/download Free Online Training education.mongodb.com Webinars and Events mongodb.com/events White Papers mongodb.com/white-papers Case Studies mongodb.com/customers Presentations mongodb.com/presentations Documentation docs.mongodb.org Additional Info 28 Location info@mongodb.com