Use Case: Telecommunication & Network
Raima’s Database Manager is used by some of largest network and telecom providers. Companies like Adva, Cisco, Hewlett Packard, and many others have utilized our products in their equipment. Adoption of RDM database technology started with standalone voice and data switches and soon grew as advancements were made to these products. As the requirements for these systems expanded, so did the capabilities of our products. Requirements that once were "nice to have" features have developed into standard requirements. Examples of these requirements are 24x7 operations with system failover capabilities, distributed data across multiple processing units, and real-time and in-memory data processing needed to keep up with increasingly faster network speeds.
One application use case is a distributed IP intrusion detection system. The sole purpose of such a system is to capture IP packages and validate them against known patterns, and to shut down and prevent unwanted network traffic. One of the challenges to current solutions systems solutions is keeping up with the data speeds commonly found in modern networks. Not only does the application need to log at the speed of the network, it also needs to do complex intrusion validation on a wide range of IP packages. Additionally, it needs to trigger real-time alarms to network administrators and notify other IP units about blacklisted traffic origins.
Many of those original applications had implemented proprietary homegrown data management solutions because of this logging speed requirement. This has resulted in the proliferation of proprietary alarming mechanisms and data distribution solutions. These systems are often far from ideal due to the absence of true transaction support within their databases. Because of this shortcoming, it's common to find intrusion alarms being delayed, alarms not being delivered to appropriate personnel, and distributed blacklists updated based on a scheduled batch process instead of in real-time. An additional complication is the need to merge blacklists between units. Because of the lack of transactions, these merges must be followed by a complete destructive refresh list. This limitation exposes the serious vulnerability of the system which could potentially let through network traffic whose origin had already been detected as hazards at one unit, but not at another.
With the Raima Database Manager true in-memory and circular data buffering, IP intrusion units can efficiently add dynamic, transactional safe data logging with real-time pattern matching. This, combined with the data flow capabilities described previously in this document, real-time alarms can be pushed upstream to network administrators with ease, and distributed blacklist updates can be performed at a transactional level. One possible extension to this is the capability of alarms being pushed further up the system to management for on-the-fly reporting and trends analysis.