Enterprise grade security in your Hadoop clusters on Azure

Slides:



Advertisements
Similar presentations
Review DirectQuery in SSAS 2016, best practices and use cases
Advertisements

Learn how the cloud is accelerating network transformation
BUILD BIG DATA ENTERPRISE SOLUTIONS FASTER ON AZURE HDINSIGHT
C# and VB code-focused development with Visual Studio
2/20/2018 7:04 PM BRK1038 Meet Azure Information Protection customers and learn about their success stories Jeffrey Kalfut Strategy & Architecture Manager,
BRK1017 Taking your hybrid management and security strategy to the cloud with Operations Management Suite Jeremy Winter and Srini Chandrasekar.
Microsoft Ignite /30/2018 9:28 PM BRK3174
Extending IT Best Practices to Microsoft Azure
Transform yourself and build your IT cloud career path
Deliver business insights with Microsoft Dynamics AX and Power BI
Examine information management in Cortana Intelligence
Microsoft Ignite /20/2018 3:40 PM BRK3068
Enterprise Security in Practice
Develop, debug and deploy containerized applications with Docker
Operational Analytics in SQL Server 2016 and Azure SQL Database
Azure File Sync Setup, configuration and management
Build interactive data analysis environments using Apache Spark
Microsoft Ignite /2/2018 6:37 AM BRK2293
Microsoft /2/2018 3:42 PM BRK3129 Query Big Data using the Expanded T-SQL footprint with PolyBase in SQL Server 2016 Casey Karst Program Manager.
BRK3288-Discover data-driven apps that learn and adapt
Microsoft /4/2018 8:21 AM BRK3082 Build solutions and apps with Microsoft OneDrive API and Microsoft Graph API Ryan Gregg Principal Program Manger,
Windows Server* 2016 & Intel® Technologies
Conduct a successful pilot deployment of Microsoft Intune
Review the Nutanix Cloud Platform System Standard solution
Microsoft Ignite /11/2018 1:18 AM BRK4017
Automate for Sales in Microsoft Dynamics CRM
Microsoft /23/2018 1:11 AM BRK3180 Migrate CRM OnPremise organizations to CRM Online cloud using Dynamics Lifecycle Services (LCS) Aditya Varma Ganapathy.
Web development productivity with Visual Studio
Deep Dive into the Azure Container Service
Innovate with Microsoft BI in the enterprise
Red Hat OpenShift on Microsoft Azure
Elastic database patterns for SaaS applications in Azure
Microsoft Ignite /17/ :54 PM BRK2092
Microsoft Ignite /22/2018 3:27 PM BRK2121
Secure Remote Access to on-premises Web Apps using Azure AD
BRK2264 Move 13,000+ global Dynamics CRM users from on-premises to Online at Caterpillar Inc. Todd Byrne & John Finney 1 Business Unit Name Here.
Master Modern PaaS for the Enterprise with Azure App Service
BRK1018 Discover how Manulife and Rackspace manage their hybrid environments today Satya Vel Principal Program Manager Operations Management Suite + System.
Easily secure your sensitive with Office 365 message encryption
Get Started with Common Data Model (CDM) and PowerApps
Microsoft Ignite /8/2018 3:50 PM BRK2112
Design Seamless Upgrades to SQL Server 2016 with Query Store
Microsoft /8/2018 4:45 PM BRK3062 BRK3062- Build smarter and scalable applications using Microsoft Azure Database Services Moshe Gutman CEO, GeoSafe.
Bring new levels of visibility to your datacenter with Cisco Tetration
Using AAD B2C for WordPress & Secure Deployment Scenario
Microsoft Ignite /16/2018 2:39 PM BRK3307
Add intelligence to Dynamics AX with Cortana Intelligence suite
Use server-based personal desktops in Windows Server 2016
Azure SQL Data Warehouse Scaling: Configuration and Guidance
Enterprise security for big data solutions on Azure HDInsight
Accelerate Your Transition from Traditional IT to the Cloud
Drive productivity with OneDrive and SharePoint file collaboration
Deploy Windows 10 Mobile for the mobile workforce
Protect your OneDrive and SharePoint files on mobile devices
Explore web development with Microsoft ASP.NET Core 1.0
Microsoft Ignite /14/ :21 AM BRK2101
Migrate to CRM Online - Tips and Tricks
Determine your role in a managed service
Dive into Predictive Maintenance using Cortana Intelligence Suite
Secure your Active Directory to mitigate risk in the cloud
Project Springfield Fuzz your code before hackers do
Microsoft Ignite /20/2018 2:21 PM
Microsoft Ignite /22/2018 3:58 PM BRK2254
Build and maintain applications with Azure Resource Manager
Automating Windows 10 and software deployments from the Cloud
Microsoft Connect /22/2018 9:50 PM
Task recorder in Dynamics AX
Learn how to use and customize the Dynamics AX interactive help system
Meetup User Experience Design for SharePoint
Ask the Experts: Windows 10 deployment, servicing, and provisioning
Presentation transcript:

Enterprise grade security in your Hadoop clusters on Azure Microsoft 2016 4/17/2018 5:35 PM BRK3186 Enterprise grade security in your Hadoop clusters on Azure Saurin Shah Sr. Program Manager © 2016 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Session Objectives Key Takeaways Microsoft Ignite 2016 4/17/2018 5:35 PM Session Objectives Overview of HDInsight – Hadoop and Spark offering on Azure cloud. Configure Perimeter security using Virtual networks Integrate HDInsight with Azure Active Directory Configure multi-user authentication, authorization, auditing using Apache Ranger Encryption of Data at Rest with HDInsight Key Takeaways HDInsight is the solution that will you need if you want enterprise grade security capabilities for your Hadoop environment on cloud © 2016 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

What is HDInsight? 4/17/2018 5:35 PM © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Demo Quickly create an HDInsight cluster Microsoft Ignite 2016 4/17/2018 5:35 PM Demo Quickly create an HDInsight cluster © 2016 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Move to Enterprise Readiness 4/17/2018 5:35 PM Move to Enterprise Readiness © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Hadoop clusters have grown by 60% in the last 2 years Microsoft Ignite 2016 4/17/2018 5:35 PM Hadoop clusters have grown by 60% in the last 2 years 89% of enterprise users consider Hadoop as opportunity for innovation Forrester report predicts that Hadoop will grow by 33% annually in next five years Hadoop is shifting from a buzzword to a real production service Ownership is shifting from department teams to Central IT. © 2016 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Meet Samer, Director of IT 4/17/2018 5:35 PM Meet Samer, Director of IT © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Microsoft Ignite 2016 4/17/2018 5:35 PM CustomerId Name CellPhone Email Address City State Zip Credit Card 413707 LUNA PARK 3122049789 luna.park@gmail.com 3250 W FOSTER AVE CHICAGO IL 60625 4147202109819679 391234 MARIE 3121069067 marie@outlook.com 4729 N LINCOLN AVE 5166550002516678 413751 MANU WORKY 8471909522 manu.work@gmail.com 11601 W TOUHY AVE 60666 5159550002367622 413708 STEVE BENCH 3122049411 steve.bench@outlook.com 325 N LA SALLE ST BLDG 60654 4149098188760969 … ... CustomerId Reviews Rating 413707 SPICY, YET HEALTHY. WOULD ORDER AGAIN 9.3 391234 HATS OFF TO MAINTAIN PROPER 4.6 413751 AMAZING FOOD PREPARED RIGHT AT 9.4 413708 Decent Food 7.1 … …. Id CustomerId OrdersPlaced Discount Date Revenue 102456 68252 277 $526.30 8/1/2016 $2,243.70 102457 413488 282 $84.60 $2,735.40 102458 250405 134 $281.40 $1,058.60 102459 114533 141 $253.80 $1,156.20 102460 315209 289 $346.80 $2,543.20 … Id Customer ID Time Taken Cost Date 102456 68252 63 $224.00 8/1/2016 102457 413488 65 $235.00 102458 250405 67 $245.00 102459 114533 71 $227.00 102460 315209 72 $213.00 … © 2016 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Product demand analysis Delivery and Operations Microsoft Ignite 2016 4/17/2018 5:35 PM Cluster Admin Product demand analysis Delivery and Operations Developer 2 Data Scientist 2 Developer 1 Data Scientist 1 © 2016 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

HDInsight Security – Rings of Defense Microsoft Ignite 2016 4/17/2018 5:35 PM HDInsight Security – Rings of Defense Perimeter Level Security Virtual Network Network Security (i.e. Firewalls) Gateway Authentication Kerberos Active Directory Authorization Hive policies HBase policies File and Folder level ACLS Data Security Encryption @ Rest © 2016 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Perimeter Security 4/17/2018 5:35 PM © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Using Virtual Network and Gateway Service Microsoft Ignite 2016 4/17/2018 5:35 PM Using Virtual Network and Gateway Service Perimeter Level Security Virtual Network Network Security (i.e. Firewalls) Gateway © 2016 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Gateway HiveServer2 Head Node Ambari Worker node (s) Oozie Services Microsoft Ignite 2016 4/17/2018 5:35 PM DataScientist Gateway Head Node HDInsight Cluster WASB ADLS VNET HiveServer2 Ambari Oozie Worker node (s) Services © 2016 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Demo Setup HDInsight cluster inside a VNET Microsoft Ignite 2016 4/17/2018 5:35 PM Demo Setup HDInsight cluster inside a VNET © 2016 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Authentication, Authorization and Auditing 4/17/2018 5:35 PM Authentication, Authorization and Auditing © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Integration with Azure Active Directory Microsoft Ignite 2016 4/17/2018 5:35 PM Integration with Azure Active Directory Authentication Kerberos Active Directory © 2016 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Application and Data-Level Authorization Microsoft Ignite 2016 4/17/2018 5:35 PM Application and Data-Level Authorization Authorization Hive policies HBase policies File and Folder level ACLS © 2016 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Azure VNET to VNET peering Microsoft Ignite 2016 4/17/2018 5:35 PM Active Directory Domain Services AAD tenant DataScientist 1 DataScientist 2 Domain Credentials VNET VNET Gateway Head Node HDInsight Cluster WASB ADLS Worker node (s) Kerberos AuthN Kerberos Ticket HiveServer2 Ambari Oozie LDAP Azure VNET to VNET peering Services Ranger Ranger DB OAuth Ticket © 2016 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Demo Authentication, Authorization and Auditing Microsoft Ignite 2016 4/17/2018 5:35 PM Demo Authentication, Authorization and Auditing © 2016 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Secure Endpoints in HDInsight cluster Access to all users Access to only Cluster Admin HiveServer2 Ambari & Views Ranger SSH WebHCat Oozie

Encryption of data @ Rest 4/17/2018 5:35 PM Encryption of data @ Rest © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Transparent Server Side Encryption Microsoft Ignite 2016 4/17/2018 5:35 PM Transparent Server Side Encryption Data Security Encryption @ Rest © 2016 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Transparent Server Side Encryption Azure Data Lake Storage Windows Azure Storage Blob Public Preview ALWAYS ON transparent encryption All reads/writes are encrypted/decrypted Service managed keys as well as Customer managed keys General Availability ALWAYS ON transparent encryption All reads/writes are encrypted/decrypted Service managed keys

Public Preview & Roadmap 4/17/2018 5:35 PM Public Preview & Roadmap © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Public Preview (in next few weeks) AAD Integration Multi-user Ambari Ranger for Hive All Tooling (Excel, Visual Studio, SDKs)

Session Objectives Key Takeaways Microsoft Ignite 2016 4/17/2018 5:35 PM Session Objectives Overview of HDInsight – Hadoop and Spark offering on Azure cloud. Configure Perimeter security using Virtual networks Integrate HDInsight with Azure Active Directory Configure multi-user authentication, authorization, auditing using Apache Ranger Encryption of Data at Rest with HDInsight Key Takeaways HDInsight is the solution that will you need if you want enterprise grade security capabilities for your Hadoop environment on cloud © 2016 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Free IT Pro resources To advance your career in cloud technology Microsoft Ignite 2016 4/17/2018 5:35 PM Free IT Pro resources To advance your career in cloud technology Plan your career path Microsoft IT Pro Career Center www.microsoft.com/itprocareercenter Cloud role mapping Expert advice on skills needed Self-paced curriculum by cloud role $300 Azure credits and extended trials Pluralsight 3 month subscription (10 courses) Phone support incident Weekly short videos and insights from Microsoft’s leaders and engineers Connect with community of peers and Microsoft experts Get started with Azure Microsoft IT Pro Cloud Essentials www.microsoft.com/itprocloudessentials Demos and how-to videos Microsoft Mechanics www.microsoft.com/mechanics Connect with peers and experts Microsoft Tech Community https://techcommunity.microsoft.com © 2016 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Please evaluate this session 4/17/2018 5:35 PM Please evaluate this session Your feedback is important to us! From your PC or Tablet visit MyIgnite at http://myignite.microsoft.com From your phone download and use the Ignite Mobile App by scanning the QR code above or visiting https://aka.ms/ignite.mobileapp © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

4/17/2018 5:35 PM © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.