Db2 or Db2 Warehouse security on Red Hat OpenShift

Db2 or Db2 Warehouse on Red Hat OpenShift supports Transport Layer Security (TLS) to encrypt data in transit.

In addition, client-server communications are fully encrypted at both the network and disk level.

On Red Hat® OpenShift® version 3.11, you can optionally configure additional network-layer security like IPsec. For more information, see Encrypting traffic between nodes with IPsec in the Red Hat OpenShift documentation. Applying IPsec can significantly affect performance for Db2 MPP. Hardware-based crypto offloading is the generally accepted best practice to help mitigate encryption-decryption overhead, but some performance degradation is likely to occur even with that method.