Configure Data Encryption for Cache
Data Encryption for cache can be configured in the following way. Read more about how it works, here.
Configuring Data Encryption with NCache Management Center
For an existing cache, encryption can be enabled in the following steps:
Launch the NCache Management Center by browsing to http://localhost:8251 or
<server-ip>:8251
on Windows and Linux.In the left navigation bar, click on Clustered Caches or Local Caches, based on the cache to which the encryption will be added. Against the cache name, click on View Details.
This opens up the detailed configuration page for the cache. Go to the Advanced Settings tab and click on Security and Encryption in the left bar.
Add Users or Groups in the Authorization section. Please note that you need to enable node security on all cache servers before adding cache users or groups.
Under Encryption, check the Enable Encryption checkbox to enable encryption.
Select the encryption provider as per your requirement from the given Providers dropdown list.
- Enter the encryption key in the Key text box. This is a 32-character key for a 256-bit encryption algorithm.
Note
Different encryption providers require different key lengths.
- Click on Save Changes to apply this configuration to the cache.
Note
Encryption can be enabled at the time of cache creation.
Configuring Data Encryption Using PowerShell Cmdlets
Encryption can also be configured using PowerShell Cmdlets to enable and disable encryption as discussed below.
Enable Encryption
To enable encryption on your cache server, run the following command. This command enables the encryption on the cache server 20.200.20.11 for the demoCache.
Enable-NCEncryption -CacheName demoCache -Server 20.200.20.11 -Key txujoegdxzwiophd -Provider AES 256
Disable Encryption
To disable encryption on your cache server, run the following command. This command disables the encryption on the cache server 20.200.20.11 for the demoCache.
Manually Editing NCache Configuration
Your config.ncconf will contain the following tag:
<configuration>
...
<encryption enable-encryption="True" key="ctzXMnyvK2qbZvBZQ3nLrTavQKI9Q9cz" provider="AES 256"/>
...
</configuration>
Configure TLS Encryption in NCache
While NCache offers encryption, simple encryption doesn't guarantee security without performance costs. NCache requires data to travel for out-of-process communication in various ways based on your setup, such as between servers and clients, different servers, caches, and bridges. You can secure specific communication streams with TLS if needed, based on vulnerability and network security assurance.
See Also
Configure TLS Encryption in NCache
Configure Security for Cache