I want to deploy a 3 node cluster of ES with x-pack (security)
I was wondering about security: My 3 nodes have to communicate (discovery, etc...). but of course, the question of the security is raised.
What is the best practice?
SIMPLEST: Is there a way of handling this thru elasticsearch configuration?
MIDDLE: Do I have to expose the ports (9300, 9200...) on internet and security from x-pack is taking care of the rest? what about DOS?
COMPLEX: Do I have to take care of the security by setting up a firewall like UFW to expose the 9XXX ports and create rules to enable only some IPs?