XPack security is available, starting on GOLD license. Please take a look at our subscriptions page to see what features are available for each license.
The simplest solution is to put NGiNX in front of it on the same host as Kibana. Have Kibana only listen to 127.0.0.1 and configure NGiNX to forward to it and handle authentication. You can do the same for Elasticsearch. Although we try to convince customers to use something commercial like X-Pack or ReadonlyREST, we will at a minimum use NGiNX.
Assuming normal linux setup for NGiNX you would but a file like this in /etc/nginx/conf.d :
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.