Network connections into the IBM Event Streams deployment are secured using TLS. By default, data within the IBM Event Streams deployment is not encrypted. To secure this data, you must ensure that any storage and communication channels are encrypted as follows:
- Encrypt data at rest by using disk encryption or encrypting volumes using dm-crypt.
- Encrypt internal network traffic within the cluster with IPSec:
- On AMD64 platforms (x86-64), you must use IBM Cloud Private version 3.1.1 or later to encrypt traffic with IPsec.
- On s390x platforms, you must use IBM Cloud Private version 3.1.2 or later to encrypt traffic with IPsec.
- Encrypt messages in applications.