Apache Ignite

Monday January 08, 2018

Protecting Apache Ignite from 'Meltdown' and 'Spectre' vulnerabilities

The world was rocked after the recent disclosure of the Meltdown and Spectre vulnerabilities that literally affect almost all software ever developed. Both issues are related to the way all modern CPUs are designed and this is why they have opened unprecedented security breaches -- making the software, including Apache Ignite, vulnerable to hacker attacks.

The vulnerabilities are registered in the National Vulnerability Database under the following CVEs:

How to protect Apache Ignite deployments?

First, the vulnerabilities can be fixed only on the operating system (OS) or hardware levels. All OS and hardware vendors are working on and releasing patches to fill-in the security breaches. Depending on the type of your Apache Ignite deployment, make sure to do the following:


  • On-premise deployments - apply the patches prepared by your OS and hardware vendors. Consult with them to find out additional steps to act on. This page is a good place to start with.

  • Cloud deployments - major cloud providers such as Amazon and Microsoft are in a process of patching their cloud computing services. Consider a cloud provider's security announcements and recommendations or follow up with a representative for suggestions.

Second, an Apache Ignite cluster becomes vulnerable to the attacks only if someone gets unauthorized access to cluster machines (both on-premise or cloud deployments) and executes a malicious shell script or connects to the cluster directly and executes a Java, .NET or C++ computation there.

Do the following to prevent this from happening:


  • Make sure the cluster machines are secured with a hard-to-guess or hard-to-calculate password.

  • Consider using 3rd party security components provided by enterprise vendors (such as this one) to strengthen a security shield of your deployments.

Finally, researchers who discovered Meltdown and Spectre have said that the first issue can be fixed with software patches while the second can be fully addressed only with hardware upgrades/replacement. Luckily, it's much more difficult for hackers to exploit Spectre. Thus, if the two recommendations given above are taken seriously, the chances that you will be impacted from Spectre are low.

What is the performance impact of security patches?

Many security patches are rolled out with a precaution that some of the applications can see up to a 30% performance degradation. Apache Ignite community is planning to measure the impact of general usage scenarios and will follow up with the results in a consequent post.

This general performance testing might not cover your use case. Therefore, it's highly recommended that you assess and test a possible performance drop of your Apache Ignite deployments before applying the patches in production. If the drop is significant, then contact us on the dev list.

Comments:

Connect the latest app for the require you online best process in working you have to see all update forever to install this alarm clock for the support by window 10 forever many people have the install this computer.

Posted by alarm windows on May 29, 2018 at 11:36 AM UTC #

In this blog there are lots of information provided like How to protect Apache Ignite deployments and its solution.

Posted by Thrift Savings Plan Login on September 11, 2018 at 04:44 AM UTC #

Such a fantastic

Posted by Tesco eye test on September 11, 2018 at 07:32 AM UTC #

Posted by dich vu seo chuyen nghiep on November 04, 2018 at 11:44 AM UTC #

Hello, Its amazing guide. Such a great things.

Posted by Elephant Jewelry Set on December 15, 2018 at 06:52 AM UTC #

Connect the latest app for that require you online best process in working you must see all update forever to install this alarm clock for your support by window 10 forever many people contain the install this computer.

Posted by Alarm Windows 10 on January 04, 2019 at 06:46 AM UTC #

Posted by dịch vụ seo uy tin chuyên nghiệp on January 14, 2019 at 05:33 AM UTC #

Great

Posted by jk on February 06, 2019 at 05:25 PM UTC #

Thanks for the great content admin, I like to see more quality content on your website. you explained everything nicely. The Cisco Certifications exam is one of the toughest exams for IT professionals. Cisco focuses on network hardware and devices such as routers and network switches. This is why its certification program is geared toward the information technology field. KillerDumps is a reliable and trusty website that provides the most reliable Cisco dumps. Our Cisco Dump issue will help you pass the exam in first attempt. All Cisco exams are regularly updated and approved by our experts’ professionals. If you want to pass Cisco exam You can get Cisco Exams Dumps "https://www.killerdumps.com/cisco-exams"

Posted by david cameron on February 07, 2019 at 07:47 AM UTC #

Woah cool!

Posted by TITANIUM TV on Firestick on May 02, 2019 at 06:52 PM UTC #

detailed engineering layouts, style and drawing of bodily constructions, objects and solutions, enables a designer to generate and structure their design on display http://www.lampungservice.com/

Posted by iphone on May 19, 2019 at 06:08 AM UTC #

Personally, it seems to me that security patches have recently become particularly relevant. I will definitely use your advice for my website https://casinority.com/au/. Thanks a lot!

Posted by Casinority AU on May 20, 2019 at 02:18 PM UTC #

http://www.subway-game.blogspot.com http://www.gtagame100.com

Posted by zain on June 21, 2019 at 07:08 PM UTC #

Ngarep nya Fred performanya bisa lebih baik ketimbang pemain2 Brazil yang pernah merumput di United. https://fansbarcelona999.blogspot.com/2019/05/barcelona-menjalani-laga-liga-champions.html https://juventusindo.weebly.com/ https://www.storeboard.com/blogs/sports-and-fitness/fans-keren-manchester-united-indonesia/961863 https://fansliverpool.yolasite.com/ https://liverpool999.home.blog/2019/05/01/strategi-klopp-menangani-liverpool/ http://icalshare.com/calendars/8796 https://berandasehat.com/ahli-kunci-karawang/ Lenglet masuk inceran juga ya? baru satu setengah musim di Sevilla tapi cepet banget progressnya sampe Barca juga ngincer ini pemainn dan kayaknya condong kesana sih ketimbang kemari.

Posted by jadwal nonton bola on June 21, 2019 at 07:46 PM UTC #

Apache Ignite is an open-source dispersed database, reserving and handling stage intended to store and process on huge volumes of information over a group of hubs. Light was publicly released by GridGain Systems in late 2014 and acknowledged in the Apache Incubator program that equivalent year

Posted by https://www.assignmentspot.co.uk/ on June 27, 2019 at 05:30 AM UTC #

Do the following to prevent this from happening:

Posted by film izle on June 29, 2019 at 08:55 PM UTC #

Posted by web hài hước on July 01, 2019 at 05:35 PM UTC #

Well documented job, visual communication that is appealing as well as functional. Great! Thanks a lot for all the kind comments! It means a lot!

Posted by geschvestora1982 on July 20, 2019 at 04:49 PM UTC #

está super !!! cute pins

Posted by inpoewalri1970 on July 20, 2019 at 05:30 PM UTC #

outstanding case! Very nice Claire.

Posted by lenrabipul1983 on July 20, 2019 at 05:52 PM UTC #

Skate till 22pm only? That's so mean, even in that great design! GJ Amo il tuo stile e queste illustrazioni❤️

Posted by liacarrogas1985 on July 20, 2019 at 07:49 PM UTC #

wow! you are awesome, your imagination is very productive :-) Awesome presentation!

Posted by ecabbasdi1971 on July 20, 2019 at 11:33 PM UTC #

Sooo much fun! wow~ details!

Posted by tiygradalsteal1970 on July 21, 2019 at 01:25 AM UTC #

Lovely!!! Kolejna świetna praca Polaka (Polki). Super! :)

Posted by longdipeni1980 on July 21, 2019 at 03:05 AM UTC #

— Отлично! Thanks for sharing

Posted by netnenessri1982 on July 21, 2019 at 04:51 AM UTC #

Great!!! FEEDBACK ME) great illustrations !

Posted by laychrisatex1977 on July 21, 2019 at 05:24 AM UTC #

GREAT! Que manejo de colores tan increíble!

Posted by clicofmarce1978 on July 21, 2019 at 06:05 AM UTC #

Great! Amazing! diggn this!

Posted by voifaicode1970 on July 21, 2019 at 06:37 AM UTC #

Very nice work! I like the colors and the materials that you used! Oh yeah, still love pastell colors ❤️

Posted by tiouloniper1979 on July 21, 2019 at 07:10 AM UTC #

cool:) Awwwwwsssssooommmeee

Posted by thensigngicomp1974 on July 21, 2019 at 07:42 AM UTC #

Please see my last work, INSPIRATIONAL....loved it fam!!!!

Posted by battmujipe1977 on July 21, 2019 at 08:46 AM UTC #

Great project, love it. Gorgeous!!

Posted by siacaheapa1980 on July 21, 2019 at 09:19 AM UTC #

Amazing work! I love the colours :) 好看

Posted by bcenisarly1988 on July 21, 2019 at 09:52 AM UTC #

Very elegant design, Keep it up. I wish I can sit this on airbus one day :) Awesome work!

Posted by saccaparkher1979 on July 21, 2019 at 10:25 AM UTC #

Love how clean and complex this work is. Fantastic Nice! Good Work

Posted by distformsiberk1973 on July 21, 2019 at 10:58 AM UTC #

Hosting Ignite on cloud as a managed service can reduce IT administration overhead - monitoring, http://www.yandcconstruction.com/ac-installation/ , security, backups, configuration settings - of your Ignite deployment. Ignite can be hosted on cloud as a managed service by third party companies such as GridGain Cloud

Posted by Catherine21 on August 24, 2019 at 05:01 PM UTC #

Post a Comment:
  • HTML Syntax: NOT allowed

Calendar

Search

Hot Blogs (today's hits)

Tag Cloud

Categories

Feeds

Links

Navigation