Cluster Security

User Security

By default, all users can perform any updates on the cluster, or upload arbitrary code to the cluster and perform remote code execution with distributed computing. To improve security, we recommend configuring user roles and enabling authorization on the cluster.

Communication

By default, nodes use plain-text communication that is vulnerable to malicious actions. GridGain separates communications between cluster nodes and communication with clients.

Node to Node Communication

Communication between nodes usually happens within the same data center. We recommend the following to improve the security of your cluster:

Enable SSL for cluster communication with the ignite.network.ssl node configuration.
Run the cluster in a trusted and isolated network.

Node to Client Communication

Communication to clients is exposed to the internet. Only the client port (10800 by default) is exposed. To secure interaction with your clients:

Enable SSL for client communication with the ignite.clientConnector.ssl node configuration.
Enable authentication on the cluster.

© 2025 GridGain Systems, Inc. All Rights Reserved. Privacy Policy | Legal Notices. GridGain® is a registered trademark of GridGain Systems, Inc.
Apache, Apache Ignite, the Apache feather and the Apache Ignite logo are either registered trademarks or trademarks of The Apache Software Foundation.

Last updated on Mar 14, 2025