Working in a WAN

By Slavik Markovich  |  Posted 2010-04-21 Print this article Print

Issue No. 2: Working in a WAN

Many current database activity monitoring solutions utilize a network sniffing model to identify malicious queries-an approach that is simply not feasible in cloud environments where the network is essentially the entire Internet.

Adding a local agent that sends all traffic to a remote server for processing doesn't work well with these models either, for reasons outlined later. Instead, you'll need to find a solution that is designed for distributed processing where the local sensor is able to analyze traffic autonomously.

Keep in mind that the cloud computing resources you are procuring are likely to be on a WAN, and network bandwidth and network latency will make off-host processing inefficient. The very concept of cloud computing (where are those servers, anyway?) likely prevents you from being able to colocate a server close to your databases, which means the time and resources spent sending every transaction to a remote server for analysis will inhibit network performance and prevent timely interruption of malicious activity.

A better approach when securing databases in cloud computing is to utilize a distributed monitoring solution based on "smart" agents so that, once a security policy is set for a monitored database, that agent or sensor is able to implement the necessary protection and alerting locally. This will prevent the network from becoming the gating factor for performance.

For remote management of distributed data centers, you'll also want to test the WAN capabilities of your chosen software. It should encrypt all traffic between the management console and sensors in order to limit exposure of sensitive data. Performance can also be enhanced through various compression techniques so that policy updates and alerts are efficiently transmitted.

Slavik Markovich is co-founder and CTO of Sentrigo. Slavik has over 13 years of experience in infrastructure, security and software development. Previously, Slavik was vice president of R&D and chief architect at DB@net, a leading IT architecture consultancy, and led projects for clients such as Orange, Comverse, Actimize and Oracle. In addition, Slavik held positions at several IT consulting companies. Slavik is a renowned authority on Oracle and Java/JavaEE technologies, and has contributed to open-source projects such as Spring Framework Toplink integration (later incorporated by Oracle). He is a regular speaker at industry conferences. He holds a BS degree in Computer Science. He can be reached at ********(the slavikm@sentrigo email listed on this page above this bio is NOT his correct email address).

Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Rocket Fuel