logo

Knowledge Base

Access official resources from Carbon Black experts

Threat Report: Exposing Malware in Linux-Based Multi-Cloud Environments | Download Now

EDR: Why Doesn't The Solr Database Require Authentication?

EDR: Why Doesn't The Solr Database Require Authentication?

Environment

  • EDR Server: All Supported Versions
  • RHEL: All Supported Versions
  • CentOS: All Supported Versions
  • Solr DB: 5.5.5 and lower

Question

Can authentication for connections to the Solr database be turned on?

Answer

It is not recommended to turn on authentication within Solr, as EDR employs a reverse proxy model using Nginx to secure access to the Solr database.

Additional Notes

  • Turning on or enabling authentication within Solr is not recommended and would put the system in an unsupported state (meaning the authentication would need to be disabled in order to get Engineering assistance for any Solr issues)
  • It is possible to turn on additional logging within Solr, but this would show every update and query, producing more noise with minimal benefits
  • All incoming access to Solr is authenticated through Nginx acting as a reverse proxy
  • Accessing the database directly must be done from the server hosting Solr

Related Content


Labels (1)
Labels:
Tags (2)
Was this article helpful? Yes No
No ratings
Article Information
Author:
CB_Support
Creation Date:
‎11-27-2018
Views:
894
Contributors
logo

Copyright © 2005-2023 Broadcom. All Rights Reserved. The term “Broadcom” refers to Broadcom Inc. and/or its subsidiaries.