Security
Download

Shield

Security for Elasticsearch

Protect your Data with Shield

With the rapid adoption of Elasticsearch, it is easier than ever to store, search, and analyze your data. Shield allows you to easily protect this data with a username and password, while simplifying your architecture. Advanced security features like encryption, role-based access control, IP filtering, and auditing are also available when you need them.

Your data is increasingly your most valuable asset. Password protect it with Shield. 

Get started in a few simple steps
Download
Get Product Updates

  • What's New?

    Shield now provides security for the entire Elastic Stack by including a Kibana plugin that features a login screen and session support. Notable recent features also include a configuration API, field- and document-level security, and an extensible realm framework enabling custom integrations. Learn more.

  • Authentication: Protect Elasticsearch with a Username and Password

    Your data is the lifeblood of your business; protecting it from unintentional modification or unauthorized access is a priority. Shield makes it easy to password protect your Elasticsearch cluster. Active Directory and LDAP support is included.

  • Login and Session Management in Kibana

    Shield contains a Kibana plugin that provides user authentication and session support, making it easier than ever to fully protect Kibana.

  • Simplify Your Architecture with Integrated Protection

    Avoid building, maintaining, and testing an external security solution. Shield is tightly integrated with Elasticsearch, verifying every request and offering the best performance without sacrificing security. Your time should be spent building your application or analyzing your data, not worrying about security. 

  • Role-Based Access Control: Give the Right Access to the Right People

    Shield lets you configure who can do what within your Elasticsearch cluster. Create a monitoring account for the IT/Operations team, which can see cluster health, but cannot access any data. Grant read-only access to your Kibana users, or even support multitenancy by granting access only to specific indexes.

  • Field- and Document-Level Security

    Get granular with your role-based access control in Elasticsearch. Shield lets you restrict access to individual fields in Elasticsearch and prevents users accessing to sensitive documents with true document-level security.

  • Encrypted Communications & IP Filtering: Protect Your Data on the Wire

    SSL/TLS encryption is the best way to protect your data in flight. Shield makes it easy to prevent snooping or tampering by encrypting both node-to-node and client communications. Shield also allows you to prevent unapproved hosts from joining or communicating with your cluster using IP filtering. 

  • Audit Logging: Track All Attempts to Access Elasticsearch

    Shield helps you meet and exceed a variety of security regulations and requirements. Whether it’s HIPAA, PCI DSS, FISMA, ISO, or your internal policies, Shield has you covered with a complete record of all system and user activity.