The components of Elastic Stack are unsecured, as it doesn't have inherent security built into it; this means it can be accessed by anyone. This poses a security risk when running Elastic Stack in production. In order to prevent unauthorized access in production, different mechanisms of imposing security, such as running Elastic Stack behind a firewall and securing via reverse proxies (such as nginx, HAProxy, and so on), are employed. Elastic.co offers a commercial product to secure Elastic Stack. This offering is part of X-Pack and the module is called Security.
The X-Pack security module provides the following ways to secure Elastic Stack:
- User authentication and user authorization
- Node/Client authentication and channel encryption
- Auditing