Tag: Couchbase Security

Alternate Address & Port Support for Couchbase/N1QL Clusters

In order to connect to Couchbase deployments on cloud (AWS, Azure or GCP) or Kubernetes, we support multi-addresses in the form of alternate addresses. External applications use this facility to communicate with the cluster, but not directly to the nodes....

May 13, 2021
Deep Dive on Multi-Factor Authentication

Deep Dive on Multi-Factor Authentication

In this article I will explain what multi-factor authentication is, why you should be using it and how to easily implement it with Couchbase Server.  We’ll look at using both software and hardware implementations, which offer a tradeoff between cost,...

TLS 1.3 encryption arrives to Couchbase Server 7.0

TLS 1.3 encryption arrives to Couchbase Server 7.0

The Couchbase Server 7.0 Beta is now available with some additional enhancements to strengthen the security of the platform.  Couchbase uses TLS encryption across our portfolio to ensure communication across the network is secure, meaning that outside parties cannot eavesdrop...

Node-to-Node Encryption with Couchbase Server 6.5

Node-to-Node Encryption with Couchbase Server 6.5

With security on everyone’s mind, organizations need to run sensitive workloads under stringent security and compliance standards. Couchbase 6.5 preview brings several new security capabilities, and node-to-node encryption has been a top wish list item for many customers. In this...

Managing LDAP groups for external users in 6.5

Managing LDAP groups for external users in 6.5

In the last blog, we described a new feature in Couchbase Server 6.5 called Couchbase groups. In this blog, we will discuss about the new LDAP group capability in Couchbase Server 6.5, along with easy to follow steps to get...

Managing Couchbase Users via Groups in 6.5

Managing Couchbase Users via Groups in 6.5

In large organizations, management of security across the enterprise becomes more and more challenging as the number of apps and users grow. Having a role based access control model enables you to fine control what users get access to. However,...

Cipher Suites in Couchbase Server 6.5

Cipher Suites in Couchbase Server 6.5

For many, “Cryptography” is the little green lock icon next to the web address of their favorite websites, and for others, they might recall the TLS vulnerabilities that have hit in recent years. Data is today’s digital gold, and in...

Couchbase Server 5.5 Released

Couchbase Server 5.5 Released

Announcing Couchbase Server 5.5 Couchbase Server 5.5 production release is now available! We are very excited to share more information about this substantial extension of the Couchbase Data Platform. This release introduces several new Enterprise Grade features relating to agility,...

July 23, 2018

Couchbase Server 5.5: Log Redaction

With security already a hot topic in the data space, the Couchbase Server 5.5 release introduces a new feature – “Log Redaction”. Logs are an important part of every platform.  Logs are used for multiple purposes ranging from security, to monitoring,...

March 13, 2018

Speculative Execution Processor Vulnerabilities – Performance Impact Analysis

Last week, we published a blog with recommendation on securing Couchbase data platform in response to industry-wide security vulnerabilities. We continued to analyze the potential performance impact caused by the patched OS binaries and this blog post captures the detailed evaluation. As...

Using Role-Based Access Control in N1QL

Using Role-Based Access Control in N1QL

In Couchbase 4.5, data was secured bucket by bucket. Each bucket had a password, and in order to access a bucket through a N1QL query, the user had to include the bucket password with the query. Passwordless buckets were possible,...

October 23, 2017

Configuring IPsec for a Couchbase Cluster

Introduction Some Couchbase deployments require secure communications between nodes across the network, this could be due to reasons like data governance policies or regulatory compliance.  Internet Protocol Security (IPsec) is a protocol suite for secure Internet Protocol (IP) communications by...

July 15, 2016