I'm interested in the methods people use to secure a storm cluster from malicious network activity. Is there any way to require authentication of jars submitted to nimbus, and are the requests nimbus makes of the workers authenticated in any way? Is the best solution to firewall the cluster components, and if so, what's a flexible/scaleable way of doing that? Using Amazon security groups could get expensive, and updating the iptables on every node every time I bring up a new worker sounds complex and error prone.
Best regards, Alex
