Have separate connection config for readers and writers. Let the writers
connect only to the SAFE DC.
readers can read from wherever they want.
Use replication to replicate from SAFE to UNSAFE dc.
From the server side, why not use the firewall to open ports for only the apps
that you want
Could you use Cassandra security roles so that only your application on the
untrusted site had write permissions?
http://docs.datastax.com/en/cassandra/2.1/cassandra/security/secure_intro.html
On Mon, 25 May 2015 at 7:34 pm Andreas Baumhof wrote:
> Hi,
>
>
>
> We operate several Cassandra cluste
Hi,
We operate several Cassandra clusters in various geographies. We are in the
process of extending this cluster into an "unfriendly" geography where we
may be forced not to trust anything. I obviously don't want to "pollute" my
main DC's with potential fraudulent writes, so I'm looking for a
