Apache Kafka has become the de facto message broker for event-driven microservice architectures, such as the SMACK stack. Kafka natively provides basic security features such as Java SSL, Kerberos/SASL, and simple ACLs. However, as we move into dynamic microservice environments with multiple tenants and clusters, native mechanisms can be difficult to operationalize and inadequate in regulated environments.
The Banyan Secure Service Mesh platform provides deep visibility and security controls for Kafka in such ephemeral, polyglot, security-conscious environments. We enable enterprises meet their security and compliance requirements without compromising development velocity or performance.
Encrypt data-in-motion between Kafka clients, brokers, and zookeeper, with zero changes to code/configs and secure certificate management
Use intuitive RBAC/ABAC, topic-level policies to provide leased access for short periods to specific producers and consumers
Leverage optimizations for high-speed TLS to achieve better than Java native SSL performance.
Visualize real-time and historical data via network maps and generate alerts to protect against security threats.
Leverage Banyan's connectors to Kubernetes, Mesos, and Docker clusters to easily control ephemeral containers accessing Kafka.
Audit trails and
Use Banyan's events stream to create audit logs and generate GDPR, PCI-DSS, FIPS, and SOC compliance reports.