BigMemory 4.4.0 | Product Documentation | BigMemory Max Security Guide | Introduction to Security | Extending Server Security
 
Extending Server Security
JMX messages are not encrypted. Therefore, server authentication does not provide secure message transmission after valid credentials are provided by a listening client. To extend security beyond the login threshold, consider the following options:
*Place Terracotta servers in a secure location on a private network.
*Restrict remote queries to an encrypted tunnel, such as one provided by SSH or stunnel.
*If using public or outside networks, use a VPN for all communication in the cluster.
*If using Ehcache, add a cache decorator to the cache that implements your own encryption and decryption.