Cassandra supports TLS encryption of traffic between the nodes of a cluster. We do not currently encrypt inter-node traffic, but in the interest of security, must as a prerequisite to a multi-DC configuration.
Current status (2015-09-24): internode_encryption: dc, (encryption between the eqiad and codfw data-centers) is in place. internode_encryption: all (encryption between nodes in each of eqiad and codfw) remains to be done.
See also: T111113