Elastic.co announcement : xpack security core becomes free, but .

Hi Simone,

today elastic.co published the security core feature as free , starting from 6.8.

by luck, I checked their comparison chart, and RoR still not affected by this : several element are still missing form their “free core”.



but they still have one advantage : TLS on transport


Well I have one question :
Do you plan to go to a RoR Transport security module, or will you let the elasticsearch xpack module to handle this point?



Hi @ld57,

Yes, good that Elastic finally is rising the bar on free security.

ReadonlyREST will keep developing in parallel SSL and all the other features, because in ES and in Kibana, ROR and XPack security are not compatible: you either activate the one or the other.

To recap, what you get with ReadonlyREST Free edition that you don’t get with X-pack Free:

  • LDAP
  • Field level security
  • Document level security

What you get with ReadonlyREST Enterprise:

  • SAML
  • (soon OpenID Connect)
  • SLA support
  • Tweak/Augment Kibana UI with custom Javascript and CSS
  • Hide Kibana Apps for certain users/groups

You get all this for free and open source licensed with Amazon Open Distro for Elasticsearch https://opendistro.github.io/for-elasticsearch/ (including docker and kubernetes support and a lot more features like alerting)

@tom in my experience, the people I talked to have mixed feelings about Opendistro. On our side, since Opendistro launched, we did lose 3 old contracts to it, but we keep on growing nevertheless.

Bah, If i go with opendistro here, i will meet real issue, as most of our engineers are proSoft…
the stack here is full windows.

Another thing none of the competitors have is the custom CSS/JS injection. That is, the ability to tweak the Kibana look and feel without messing with the ephemeral “optimized” files or forking Kibana).