By Benjamin Nussbaum, President & CTO of AtomRain | October 17, 2017
In early 2016, we started pioneering a unique frontier in cloud where many companies including Amazon Web Services (AWS) have not ventured: The deployment automation of secure, globally connected virtual private clouds (VPCs). We see the ability to communicate securely rather than across public internet as a baseline security requirement for any organization.
Why Your Current Security Efforts Aren’t Enough
To date Neo4j Enterprise Edition hasn’t provided any encryption on traffic between cluster members. Meaning if you deploy three Neo4j instances in a cluster configuration in multiple regions (i.e., Virginia and Frankfurt) and let them communicate across the public internet, the data replication and status communication between instances is not encrypted and available to be monitored.
You may be thinking that you’ll just deploy inside of a VPC, which is a good thought and something you should do by default because you don’t want Neo4j running on the public internet. But if you do so without the proper security architecture (subnet isolation, security group controls and proper routing) you’re now limited to only deploying in a single region. You can’t even deploy a disaster recovery region because the instances from a VPC in one region will not be able to connect to the instances in the VPC in the other region.
If you’re reading this and realizing your data is exposed today, call us and we can migrate you over to a secure deployment immediately. If you’re just starting out and looking for a secure way to deploy Neo4j yourself checkout https://go.graphgrid.com to begin deploying Neo4j in a secure manner today.
How GraphGrid Provides Cross-Region Privacy (That Others Don’t)
You may be wondering why you can’t just use the images available on AWS and Microsoft Azure for such a thing. The Neo4j database in both Community and Enterprise Editions does not provide this capability and neither do AWS and Azure provide cross-region privacy for you either.
That means it is on you to secure communications across regions. This is not a trivial thing to do and yet is absolutely essential for cross-region replication.
We’ve spent a considerable amount of time designing, implementing and testing this security architecture because we understand the necessity of being able to scale globally in a fully automated manner as the business has need for it.
We’ve done this because security is a primary concern for GraphGrid so that we have the confidence the systems in our architecture are handling your data responsibly. In addition to cross-region secure data transfer, we undergo security audits at least annually across the architecture and use two-factor authentication mechanisms across the team to ensure that as far as it depends on us, we’ve taken the responsible steps we can to protect your data.
Scale Your Security Efforts Elastically
GraphGrid’s Secure Global Network Mesh is elastically scalable. Without GraphGrid, you’re left with the choice of deploying in a VPC in a single region with no disaster recovery capability or global reach – or you’re left with the choice of deploying outside of a VPC and allowing your traffic to flow unencrypted across the public internet from one Neo4j instance to another.
With GraphGrid you can start in a single region and then have the confidence to elastically scale to add a DR (Disaster Recovery) region or even go Global HA across multiple regions when your business needs require it.
This is such a baseline security requirement in our mind that GraphGrid includes this for free (no separate licensing) as part of every multi-region deployment. You still pay for the usage of the infrastructure required to run your multi-region deployment, but that is it.
We want your data to be safe and secure and we are taking every step we can to make that easy for you to get. Get started today on our website or email us and we’ll get you set up. We provide self-managed Neo4j cloud as well as fully managed services of Neo4j Enterprise Edition and our full connected data architecture. Contact us today to learn more.
We first spoke on securely deploying Neo4j earlier this year at GraphConnect Europe, and we demoed the first globally secure Neo4j cluster to Emil and other Neo4j, Inc. executives in December 2016. Now, we are making it available to everyone.
Come see us at our booth at GraphConnect New York on October 24 to get a demo and learn more.
GraphGrid is a Gold sponsor of GraphConnect New York. Use discount code
GRAPHGRID50to get 50% off your tickets and trainings.
Get your ticket to GraphConnect New York and we’ll see you on October 24th at Pier 36 in Manhattan!
Get My Ticket
About the Author
Benjamin Nussbaum, President & CTO of AtomRain
Benjamin Nussbaum is the President and CTO of AtomRain, the makers of GraphGrid. Benjamin brings to the table nearly 20 years of software architecture and engineering, server infrastructure, database design and technology innovation experience with implementation expertise in enterprise financial, media, medical and automotive software on web, mobile and desktop devices.
From the CEO
Have a Graph Question?
Reach out and connect with the Neo4j staff.Stackoverflow
Share your Graph Story?
Email us: firstname.lastname@example.org