Oracle Cloud Guard relies on Autonomous Database

Oracle Cloud Guard streams hundreds of millions of events per hour into Autonomous Database, and gives customers a view of their security posture.

Autonomous Database integrates with OCI Streaming and other open source tools we use to process millions of events per minute. Best of all, we don't have to worry about administration including backups, high availability, and performance tuning. This has saved us an estimated six full-time positions for database operations.

Raju UppalapatiSenior Director, Cloud Security Posture Management and Intelligence Platform, Oracle

Business challenges

Security is critically important for both Oracle Cloud and all customers who use it. Oracle Cloud Guard enables customers to gain a unified view of their cloud security posture across Oracle Cloud Infrastructure (OCI) customer tenants. It can detect misconfigured resources, insecure activity across tenants, and malicious threat activities. It also provides security administrators with the visibility to triage and resolve cloud security issues.

To do all this, Oracle Cloud Guard needs to stream data from the control planes of OCI services using OCI Streaming (a managed service compatible with Apache Kafka) and Apache Flink. All that data has to go somewhere, so a critical part of development was having the right repository for management and analysis.

Why Oracle chose Autonomous Database

Developers considered using Elasticsearch, but estimated that they would have needed six full-time site reliability engineers for manual administration.

Ultimately, the development team selected Oracle Autonomous Database for analytics and warehousing. Autonomous Database eliminated the need for that administration headcount, and was easy to integrate with the streaming services that Oracle’s architecture required.

Results

Today, Oracle Cloud Guard is deployed in all regions of Oracle Cloud Infrastructure. Each region is supported by one partitioned database instance for all customers. The largest region generates hundreds of millions of events per hour, which are all streamed into Autonomous Database via Apache Flink.

Because security is crucial, it was important to protect against downtime or data loss. The developers use Terraform to manage and operate their databases. Adding Autonomous Data Guard for intraregional failover was easy. The team runs failover testing quarterly to ensure that it continues to perform seamlessly. Cloud Guard control plane API availability is 99.9%.

The Cloud Guard team found Autonomous Database to be a reliable data store for the control plane data that is streamed in at high volume. It integrates with the open source software developers use. Most importantly, they don’t have to worry about database administration.

Published:May 6, 2022