How GraphGrid Securely Deploys Neo4j in AWS

(Neo4j Blog)←[:BACK]

By Benjamin Nussbaum, President & CTO of AtomRain | April 20, 2016
 

Data in the enterprise today is a bi-directional, always-flowing, continuously changing business asset. Yet it remains largely segmented and disconnected.

We believe that to grow and succeed as a whole, an enterprise must increase the usability, quality, availability and constant flow of its data into a connected state. GraphGrid’s production-ready cloud data platform has been enabling enterprises to efficiently convert their data into business value and is making it even easier with this latest release.

The GraphGrid Data Platform enables us to deploy and manage your Neo4j infrastructure securely within Amazon Web Services (AWS).

Flexibility

GraphGrid supports deployments into both an AWS account managed by us or into your own AWS account. In both scenarios, the platform manages all of the heavy lifting to provide a secure, highly available Neo4j environment.

We’ve thought through and designed for the critical aspects of providing a robust Neo4j Enterprise cloud offering. The GraphGrid Data Platform provides all additional security, multi-region availability, failover for disaster recovery and zero downtime upgrades along with other data platform features to provide a turn-key Neo4j enterprise cloud offering.

When deploying into your AWS environment, the operational integration is very straightforward. You create a GraphGrid user that has permissions for the necessary AWS operations and provide us with those keys. That’s it! With that, we have all we need to create a VPC, subnets, ACL and other necessary networking components to securely deploy your Neo4j cluster.

By integrating with AWS Identity and Access Management (IAM), the GraphGrid Data Platform gives you the ability to control the actions that our AWS IAM user and group can take on specific AWS resources, from database instances through snapshots, parameter groups and option groups.

Already have existing VPCs, subnets, ACLs, etc. that you want to deploy into? Not a problem.

By default, the platform introspects your existing networking configuration, which we will then show you in the console for you to select which VPC, subnets and ACLs to use for deploying your Neo4j instances.

If AWS and IAM are completely new to you or not something you’re interested in managing, that’s completely fine too. Our core offering of providing secure Neo4j Enterprise deployments at the push of a button within a VPC dedicated to you isn’t going anywhere. Ask us for a secure Neo4j deployment, and we’ll have yours running in minutes.

Security

At GraphGrid, we understand that security is paramount always, but especially in the cloud. Security requires both technical architectures and personnel to be working together. GraphGrid is built and operated from a security-first approach across all our deployment options.

Employees with access to AWS Console are required to use IAM two-factor authentication and undergo a training on at least an annual basis on security best practices and compliance. Furthermore, access to customer instances is restricted to only those administrators that are managing the customer account.

All instances are deployed into a Virtual Private Cloud (VPC) with Subnets that allow for network isolation by CIDR ranges. Each instance in a Neo4j cluster is launched with a security group that allows access from within cluster-owned subnets. Further data security options, such as encryption, are available on request.

GraphGrid enables you to encrypt your databases using keys you manage through AWS Key Management Service (KMS). On a database instance running with volume-level encryption, data stored at rest in the underlying storage is encrypted, as are its automated backups, read replicas and snapshots.

In addition, GraphGrid always uses SSL to secure data in transit.

GraphGrid works with external Infosec partners to test and validate the security of the GraphGrid platform. These Infosec reports are available upon request.

Startups

While we’ve designed and built GraphGrid to meet the requirements of enterprise rigor, we’ve heard the voices of our startup customers too.

Most startups have the same need for all the capabilities large enterprises benefit from with the only difference being the infrastructure size and quantity on day one. We understand most startups and projects start small with big aspirations, and GraphGrid is now ready to walk with you from instance one.

GraphGrid supports single-instance Neo4j Enterprise deployments and provides fully managed DevOps support to let you focus on building your business. We are here to help you during the early days when your infrastructure needs to match your budget, and we can scale with one click to a Neo4j Enterprise cluster to support your business needs as you grow.

The single instance deployments adhere to all our security requirements and standards just like the Neo4j Enterprise clusters, which also makes these a great option for individuals or small teams working within an enterprise that are just getting started with Neo4j, but need an environment that meets their organization’s Infosec requirements.

Scale

Data complexity is a function of size, structure and connectedness. GraphGrid has been optimized for handling big graph data exceeding 1 billion nodes and edges with all the nuances involved.

Neo4j is great at storing and retrieving complex data, which makes big graph data feasible and powerful. Big graphs pose operational challenges because the “rules” for handling data change when data grows even into the low gigabytes in size.

Well before you reach the hundreds of gigabytes, terabytes and petabytes that most associate with the phrase “big data”, the way that data is handled surpasses the ability of out of the box data tooling. It is critical for business reliability and continuity in restoration and recovery scenarios that even a big graph can be backed up and restored in minutes.

GraphGrid provides zero-downtime compute scaling. You can scale the compute and memory resources powering your deployment up or down, up to a maximum of 32 vCPUs and 244 GB of RAM. Compute scaling operations typically complete in a few minutes. The number of instances in your Neo4j Enterprise cluster can also be scaled up and down with the push of a button.

GraphGrid has made storage scaling just as robust. As your storage requirements grow, you are able to increase the size of your Neo4j Enterprise graph database volume with zero downtime.

GraphGrid additionally provides auto-scaling capabilities, which helps you maintain application availability and allows you to scale your capacity up or down automatically according to conditions you define. You can use auto-scaling to help ensure that you are running your desired number of instances.

Auto-scaling can also automatically increase the number of instances during demand spikes to maintain performance and decrease capacity during lulls to reduce costs. Auto-scaling is well-suited both to applications that have stable demand patterns or that experience hourly, daily or weekly variability in usage.

Getting Started

GraphGrid is a comprehensive cloud platform for Neo4j that manages a secure Neo4j deployment within AWS and provides incredible benefits for integrating Neo4j with all other aspects of your technology stack. Contact us today to get your secure deployment of Neo4j in AWS.


GraphGrid is a Bronze Sponsor of GraphConnect Europe. Click below to register for GraphConnect and meet Ben, Brad and the rest of the GraphGrid team in London on 26 April 2016.

 

---