Configure Data Encryption for Cache

Data Encryption for cache can be configured in the following way. Read more about how it works, here.

Configuring Data Encryption with NCache Management Center

For an existing cache, encryption can be enabled in the following steps:

  • Launch the NCache Management Center by browsing to http://localhost:8251 or <server-ip>:8251 on Windows and Linux.

  • In the left navigation bar, click on Clustered Caches or Local Caches, based on the cache to which the encryption will be added. Against the cache name, click on View Details.

Add Query Indexes

  • This opens up the detailed configuration page for the cache. Go to the Advanced Settings tab and click on Security and Encryption in the left bar.

  • Add Users or Groups in the Authorization section. Please note that you need to enable node security on all cache servers before adding cache users or groups.

  • Under Encryption, check the Enable Encryption checkbox to enable encryption.

  • Select the encryption provider as per your requirement from the given Providers dropdown list.

Encryption NCache Management Center

  • Enter the encryption key in the Key text box. This is a 32-character key for a 256-bit encryption algorithm.
Note

Different encryption providers require different key lengths.

Encryption NCache Management Center

  • Click on Save Changes to apply this configuration to the cache.
Note

Encryption can be enabled at the time of cache creation.

Configuring Data Encryption Using PowerShell Cmdlets

Encryption can also be configured using PowerShell Cmdlets to enable and disable encryption as discussed below.

Enable Encryption

To enable encryption on your cache server, run the following command. This command enables the encryption on the cache server 20.200.20.11 for the demoCache.

Enable-NCEncryption -CacheName demoCache -Server 20.200.20.11 -Key txujoegdxzwiophd -Provider AES 256

Disable Encryption

To disable encryption on your cache server, run the following command. This command disables the encryption on the cache server 20.200.20.11 for the demoCache.

Disable-NCEncryption -CacheName demoCache -Server 20.200.20.11

Manually Editing NCache Configuration

Your config.ncconf will contain the following tag:

<configuration>
...
    <encryption enable-encryption="True" key="ctzXMnyvK2qbZvBZQ3nLrTavQKI9Q9cz" provider="AES 256"/>
...
</configuration>

Configure TLS Encryption in NCache

While NCache offers encryption, simple encryption doesn't guarantee security without performance costs. NCache requires data to travel for out-of-process communication in various ways based on your setup, such as between servers and clients, different servers, caches, and bridges. You can secure specific communication streams with TLS if needed, based on vulnerability and network security assurance.

See Also

Configure TLS Encryption in NCache
Configure Security for Cache