Securing connections from DataStax Studio to DataStax Enterprise

Methods to secure connections between DataStax Studio and DataStax Enterprise (DSE) cluster.

A connection from each notebook to a DSE cluster is required. Connect notebooks only to DSE clusters that run the relevant workload. See Creating a connection in DataStax Studio.

Secure connections between DataStax Studio and DataStax Enterprise (DSE) using SSL client-to-node encryption or internal/LDAP authentication.

Figure 1.

SSL client-to-node encryption

Client-to-node encryption protects in-flight data from client machines to a database cluster using SSL (Secure Sockets Layer) and establishes a secure channel between the client and the coordinator node. SSL must be configured and working on your DSE cluster. To use SSL to connect Studio to an SSL-enabled DataStax Enterprise cluster, see Using SSL connections in DataStax Studio.

Internal and LDAP authentication

Internal or LDAP authentication must be configured on the DSE server. To enable internal username-password authentication for the connection from DataStax Studio to DSE, set the authenticated username and password in DataStax Studio when Creating a connection in DataStax Studio.

Important: Changing the httpBindAddress setting from the default (localhost) can pose a security risk as users on external machines can gain access to Studio notebooks and the data in the DSE clusters those notebooks are connected to. Studio is designed to be used as a desktop application. Distributed deployment introduces potential security risks.