organizations use company solutions
billion threats are prevented annually.
Alert Logic develops, supplies, and supports hardware-software complexes for the control over enterprise network security. The company headquarters are located in Houston (the state of Texas), USA.
Alert Logic and Reksoft have been cooperating since 2007. Earlier, the services for the Threat Manager and Log Manager products were developed. They analysed customer host logs and the incoming traffic in enterprise networks respectively. Following the analysis, the products detected vulnerabilities and ensured security.
In 2017, Alert Logic has felt the need for a more scalable and higher-performing solution. They had to store a constantly growing volume of customer data (over two petabytes of new data a month), to process more than a million messages a second and to ensure a 24/7 operation of several thousand customers. To satisfy these requirements, the decision to develop a new cloud architecture has been made.
Reksoft was charged with the development of services for data search, storage and access.
For development purposes, the Erlang functional programming language was used. It perfectly fits the implementation of distributed processing systems and allows loading a new code without shutting down the server. This is especially important for Alert Logic because the security system should be up and running 24/7.
In those instances where specialized high-performance low-latency libraries were required, the C and C++ programming languages have been used.
For data processing, AWS Lambda, EC2, ECS as well as other services have been used. The employment of the Amazon cloud infrastructure provided unlimited resources and opportunities in terms of scalability of the system.
For data storage, Amazon S3 has been used. Thanks to it, Alert Logic can, on the one hand, get at any time an extra space to store information. And on the other hand, the company does not have to build a complex and costly infrastructure within its own network for the placement of tens of petabytes of data. All the information is now stored on the Amazon servers.
Reksoft has developed two services as part of the upgraded system:
Let’s see how it works. The system collects data from different sources, analyses them, generates a series of events, creates incidents on their basis and transfers them to analysts. For example, a customer has entered an incorrect password n times, then got the privileged access and downloaded a file. The following will happen next:
The upgraded system processes over one million messages per second. The customer base accounts for more than 4,000 customers, 30 petabytes of information are stored on the server.
Amazon Web Services (EC2, ECS, Lambda, Kinesis, S3, SQS, DynamoDB).