Menu
we are building an opensource application which needs elasticsearch security feature. i am trying to find if the security feature is free for elastic search. elastic search website says Xpack is open now. Not sure if it is really opensource.
Could someone please share your experience?
203
The Elastic Stack security features use TLS to preserve the integrity of your data against tampering, while also providing confidentiality by encrypting communications to, from, and within the cluster. For even greater protection, you can increase the encryption strength. See Configure security for the Elastic Stack.
Kibana offers free authentication as part of our Basic license. This includes many x-pack features for free, and does not require any registration to use.
Is Elasticsearch free? Yes, the free and open features of Elasticsearch are free to use under either SSPL or the Elastic License. Additional free features are available under the Elastic License, and paid subscriptions provide access to support as well as advanced features such as alerting and machine learning.
Basic Elasticsearch Security features are free and include a lot of functionality to help you prevent unauthorized access, preserve data integrity by encrypting communication between nodes, and maintain an audit trail on who did what to your stack and with the data it stores.
These versions do not contain new features; they simply make the following core security features free in the default distribution of the Elastic Stack: Role-based access control for controlling user access to cluster APIs and indexes; also allows multi-tenancy for Kibana with security for Kibana Spaces
We are thrilled to announce that the core security features of the Elastic Stack are now free. This means that users can now encrypt network traffic, create and manage users, define roles that protect index and cluster level access, and fully secure Kibana with Spaces.
Elastic NV, the company behind the Elasticsearch document-oriented database and search engine technology, announced yesterday plans to make access to some its product's top security features free to everyone.
The keystore can optionally be password protected for additional security. Network-based attacks on Elasticsearch node data can be thwarted through traffic encryption using SSL/TLS, node authentication certificates, and more.
This blog post explained some of the reasons why Elastic "opened" their XPack code. "Open" here simply means that they merged their private XPack repositories into the open ones. One of the reasons that the blog post above doesn't mention is that this move was mostly motivated to facilitate tedious engineering tasks of having to keep all their product versions in synch. Anyway, the XPack code is now out in the open and visible for anyone to see, but it's not free as in "free beer".
As shown on the Elastic subscriptions page (see the red rectangle in the image below), XPack Security is only available starting with a Gold license.
Another alternative is to use their Elastic Cloud which provides Security out of the box and allows you to pay a lower amount on a monthly basis.
If the price burden is too heavy for you, you might want to check out SearchGuard which is an alternative Security plugin for ES, which provides a free Community tier for basic security features.
UPDATE (March 11th, 2019):
Since today, Amazon has released a fully open-sourced version of Elasticsearch with a Security (and Alerting) plugin. More info at: https://opendistro.github.io/for-elasticsearch/
UPDATE (May 20th, 2019):
Since version 6.8.0 and 7.1.0, some features of XPack Security are now included into the BASIC license, and are thus free.
UPDATE (Sep 4th, 2019):
Elastic has filed a lawsuit against SearchGuard for IP infringements: https://www.elastic.co/blog/dear-search-guard-users
Details of the lawsuit: https://www.pacermonitor.com/public/case/29887799/Elasticsearch,_Inc_et_al_v_Floragunn_GmBH
This impacts both SearchGuard users AND OpenDistro users since the latter repackage the SearchGuard plugin.
187
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
