Part 1: Firewall Monitoring, Powered by Metabase
Anatomy of a Secure, Remote Workplace Part 1 of a 5-part series of blogs on how to create a secure remote workplace. Records processed: 6 million Time: a little over 15 minutes Cost: USD 25
A simple, effective, and brilliant solution. Here’s what went down.
COVID-19 forced our hand at a lot of things while operating at full capacity from the shelter of our homes.
We had to move a few things around to continue making our remote work meaningful and secure.
About Metabase Metabase – a San Francisco-based company, now operating over Zoom like most of us – is an open-source business intelligence tool that allows companies to measure, analyze, and share their data.
Unlike most BI tools, Metabase brings data tools with the elegance and simplicity of consumer products for all kinds of businesses (small-large).
The GUI has a query builder that eliminates the need to know database queries to access data, and it’s ridiculously fast to set up; you can be up and running in under 5 minutes!
Metabase’s utility and simplicity are remarkable and are being put to use by various companies across industries like finance, on-demand, and hospitality – some of which have funding’s as high as $50M, and over 70 million app downloads.
Going Remote with Our Firewall Net Solutions needed to adapt its security measures for remote work, in response to the lockdown that led to us working from home.
Our requirement was a Firewall Monitor that would act as a single point of access for all incoming/outgoing activities.
The Problem We required a single point of access to monitor all incoming and outgoing activities reported on our company’s Firewall.
Monitoring for connectivity issues
Time-based analysis
Security threats
Network consumption
The health of the overall network of people
and
machines
in
our
organization
Our source of information was a Firewall log file that contained unstructured data in the form of text files.
Can you guess how many entries their Firewall was generating daily?
Our Firewall generates log files with all network activities resulting in 6 million entries per day.
The Solution Our team’s key decision drivers were – a solution that dealt with unstructured data is focused on security and quick to roll out (this was a time-sensitive project).
We explored existing ETL (extract, transform, load) + data visualization solutions like the ELK Stack (Elasticsearch, Kibana, Logstash), Microsoft Power BI, and Tableau SAP – to get a better context of Business Intelligence tools.
We implemented custom extract and load (ETL) pipelines to process unstructured Firewall log files and deployed it to an AWS ecosystem with Metabase as a Data visualization tool for the front-end.
Net Solutions is an AWS Consulting Partner – certified to design, architect, build, migrate, and manage our clients’ workloads and applications on AWS.
With experience like that in the AWS cloud, and Metabase as the data visualization tool, we rolled out a complete solution within two days.
Highlights of our Solution Architecture for Firewall Monitor
Firewall Monitor ingests 6 million requests per day
20 minute bootstrap time – where the system first starts, processes
network traffic (taken in through a file), and shows output in Metabase within 20 minutes
Infrastructure cost as low as USD 25 per month
Responsive dashboard
Role-based access control
Report sharing
Alerts and notifications
Tools/technology used for implementation
Results Our Firewall Monitor solution for Metabase resulted in:
Business advantages like
Low-cost infrastructure solution
Data points for business decisions
Technology advantages like
Near real-time monitoring
Seamless experience
Single source of truth
Source - https://www.netsolutions.com/insights/firewall-monitoring-using-metabase-secure-remoteworkplace-series/