Sign up for our newsletter and get the latest big data news and analysis.

BlueData Delivers Enterprise-Class Security and Networking for On-Premises Big-Data-as-a-Service with Docker Containers

bluedata_logo_NEWBlueData, provider of a leading Big-Data-as-a-Service software platform, announced the new fall release for the enterprise edition of its BlueData EPIC software. Delivered as a flexible platform, this new release builds on the EPIC summer release to add deeper security integrations for complex enterprise environments.  It also provides networking and storage enhancements for managing Docker containers used to create Hadoop and Spark clusters in EPIC.

This new version of BlueData EPIC software helps enterprises transition in their Big Data journey from initial dev/test environments to full production deployments of Big-Data-as-a-Service (BDaaS).  BlueData has implemented its EPIC software to meet enterprise customer demands for a wide variety of Big Data use cases, ranging from dev/test labs to mission-critical batch processing jobs and advanced analytics use cases.

Based on our research, security is the most important attribute when considering Big Data technology solutions,” said Nik Rouda, senior analyst at Enterprise Strategy Group. “With this new release, BlueData addresses this need. BlueData offers a differentiated Big-Data-as-a-Service solution with enterprise-class security and data governance for on-premises deployments, from prototype to production.”

These customers – including Fortune 500 financial services firms, large healthcare and pharmaceutical companies, and major government and national security organizations – have deployed BlueData in on-premises production environments that require enterprise-class security, networking, and storage support for Big Data. For example, they can offload batch processing jobs from their production Hadoop data lake cluster to elastic Hadoop or Spark compute clusters in BlueData EPIC – without moving data from the data lake.

The new fall release of BlueData’s EPIC software platform incorporates the customer feedback and lessons learned from these and other on-premises enterprise BDaaS deployments.  It offers several important new capabilities to help rapidly onboard these workloads to a secure production environment using Docker containers – making it faster, easier, and more cost-effective to run Big Data analytics.

Some of the key features and benefits of this new release include:

  • Automated Kerberos setup for Hadoop clusters: Kerberos is the gold standard for securing clusters. However, enabling Kerberos on a Hadoop cluster is by far one of the most complex steps in an enterprise deployment – and it often takes several days or even weeks. It requires administrators to utilize the various wizards available in Hadoop management consoles such as Apache Ambari to manually configure Kerberos after provisioning the clusters. These tasks are cumbersome and slow; for example, the manual creation of users and/or LDAP groups for each of the cluster nodes. With this new release, BlueData has enhanced its on-demand cluster provisioning to include the automation of this Kerberos setup. BlueData EPIC utilizes the centrally configured parameters for the KDC (Key Distribution Center) or AD (Active Directory); it automates the end-to-end Kerberos security configuration, including users and groups at the Hadoop node level. With this new feature, BlueData administrators are guaranteed to have a Kerberos-enabled Hadoop cluster in minutes – with just a few mouse clicks.
  • Automated management of LDAP/AD users and groups: With this release, BlueData has even deeper integration with LDAP/AD for BlueData-managed Docker containers – building upon the integration introduced in the summer and spring releases. Now BlueData EPIC also accounts for users joining or leaving tenants, adding or deleting their credentials and home directories from the “virtual” Docker nodes in that tenant. BlueData EPIC now automates the end-to-end user and group management, including adding or removing user credentials within Docker containers. This helps minimize operational overhead while ensuring enterprise-class security, data governance, and compliance.
  • Integration with Linux privileged access management tools: Large enterprises often control what users can do after authenticating into a server by utilizing Linux privileged access management tools (e.g. BeyondTrust PowerBroker, FoxT ServerControl). These tools replace the ‘sudo’ (“super user do”) command access within Linux; they can delegate Unix and Linux privileges and authorization without disclosing the passwords for root or other privileged accounts. As such, these tools enable IT to control the list of Linux privileges, record all privileged sessions for audits (including keystroke information), and improve security controls. With this release, BlueData EPIC is fully compliant with these tools from installation to runtime.
  • Enhanced virtual networking and storage support: The fall release enhances software-defined networking and local storage support for the embedded, fully managed Docker containers in BlueData EPIC. BlueData utilizes OVS (Open vSwitch) to transparently create multi-host networks where each tenant is isolated using VXLANs (Virtual Extensible LANs). In this new release, BlueData adds new configurations to OVS, allowing network traffic into and out of the Docker containers to be routed through their individual hosts as opposed to a single controller host.  This improves scalability and performance for enterprise-class production use cases.  Similarly, the Docker container local storage has been enhanced to combine the root directory and data directory; this minimizes the overhead of monitoring and managing the size of the root directory that hosts log files for Hadoop management consoles, Hadoop services, and Spark services.

Security is always top of mind for organizations storing large amounts of sensitive data,” said Kumar Sreekanti, CEO of BlueData. “This latest version of BlueData EPIC makes it easy for customers to safeguard their Hadoop clusters, whether on-premises. As a result, organizations can ensure a secure multi-tenant environment for Big Data-as-as-a-Service in full production across the entire enterprise. It’s one step further on the Big Data journey.”

 

Sign up for the free insideBIGDATA newsletter.

Leave a Comment

*

Resource Links: