X-pack security module for a cluster on internet

Hi,

From what I see in the previous topic, you are already using X-Pack, so you can configure TLS for your cluster ( see specifically this that talks about enabling TLS for the transport layer) .
TLS provides the following properties:

  • Node authentication Each node (mutually) authenticates the other nodes it connects to using public key cryptography
  • Confidentiality The communication between nodes is encrypted and protected from eavesdropping.
  • Integrity The communication between nodes is protected from alteration or undetected loss.

That said, you can use other layers of protection as you see fit for your environment, i.e. firewall rules on the host allowing ingress/egress traffic from/to specific hosts ( your other nodes )