Elasticsearch and Kibana Quires

Hi,

I would like to enquire some technical questions on security.

Context: Elasticsearch and Kibana are running locally on host. Not connected to any cloud environments. The intent is to injest dataset into kibana dashboard for visualisation, and to be able to view the dashboard remotely on Machine B and C within the same LAN.

Here are some of the configurations:

  • Basic Authentication is enabled, planning to setup role base access control
  • Machine A is internet facing, and Machine B and C is non-internet facing

I have read the documentations on elastic.co but it didnt have the answer im looking for.

Questions:

  1. Is it possible to step up the authentication via API/token/SSO for the setup elaborated in this context?
  2. What are the steps required to better secure my configurations such that my dashboard is not exposed to the internet when i open the ports for remote accessing within the LAN? This is because of articles stating that malicious actors is able to gain access to kibana via IP lookup on shodan
  3. How can I make use of the feature ‘Traffic Filtering’ for locally hosted setup?
  4. Could you provide additional security implementations for locally hosted setup that could be useful?
  5. I faced an issue where i am unable to remote access.
  6. For local machine setup, am i able to have multiple concurrent sessions of kibana running? I tried once but i got kicked out of the other sessions.

I look forward to your replies. And thank you for your time.

For (5), i use the source from this website: https://dev.to/toour/enable-remote-access-to-kibana-and-elasticsearch-in-same-network-508f