maxkabakov - Fotolia
Zadara VPSAs help power Pratum security services
Security services firm Pratum was ahead of the curve in adopting Zadara Virtual Private Storage Array (VSPA) storage as a service to quickly scale capacity and performance.
Years before storage as a service became all the rage, IT security services firm Pratum used that model to meet demands for rapid scaling of its storage capacity and performance.
"We had the need ahead of the curve, I guess," Pratum CTO Steve Healey said. "We had already begun moving our compute into AWS EC2, and it was time to understand how we can work with a storage vendor to manage the back end the same way."
Pratum's need came four years ago, long before HPE GreenLake, NetApp Keystone and Dell Apex were conceived. Pratum turned to Zadara, a startup which sold storage as a service since 2014. Pratum, based in Ankeny, Iowa, uses Zadara Virtual Private Storage Arrays (VPSAs) and compute in AWS as the cornerstones of its security information and event management (SIEM) services.
Pratum often must deploy security monitoring in real time when a customer experiences a threat. The monitoring process generates reams of data, which Pratum must store, index and search. Its data under management also increases whenever a new client signs up or expands its services.
"We absolutely must scale on demand," Healey said. "We don't want to be the bottleneck there. If an organization wants to scale up, we want to be able to accommodate that."
Healey said Pratum switched from managing on-premises storage that it owned to using Zadara's VPSAs hosted at Equinix data centers. He said the storage managed service gives Pratum greater flexibility.
"We needed to scale at a quicker rate," he said. "We had prospective customers that we wanted to onboard. Managing storage ourselves locally was more of a burden on our team, for the time it takes actually getting the hardware shipped after purchase, and then scaling up and managing it. We knew that was not our bread and butter, and we needed someone who could do that better than us."
Healey said Zadara provided Pratum with similar benefits of AWS. Besides the ability to scale quickly, it offered pricing based on capacity and performance without much upfront cost.
Steve HealeyCTO, Pratum
But AWS couldn't meet Pratum's storage needs. Pratum's monitoring service never stops pulling in data, generating up to 35,000 events per second for analysis. That data must be kept for a year in case it is needed during security audits.
"If you have an auditor on site and they need to perform a security investigation, they can see any changes in your user accounts created nine, 10, 11 months back," Healey said.
Healey said Pratum started with about 90 TB of storage on Zadara, and is up to around 150 TB now. It went from VPSA 1000s with 10 CPUs and 36 GB of memory to VPSA 2400s with 24 CPUs and 100 GB of memory. The arrays use both solid-state drives and hard disk drives.
Healey said the ability to scale performance and capacity quickly are both priorities.
"I'd say they're equally important for us," he said. "We know that we're going to grow consistently year over year. We're looking to add new customers while retaining the old ones, so we're typically not going to hit a certain plateau. We're just going to consistently grow more and more data in the background.
Healey said low latency is important because Pratum's storage needs are more focused on reads than writes because its services are search-intensive. "Our workload is very sensitive to those reads," he said. "They need to have very low latency to make sure workers can extract all of the content they're searching for."
One limitation of Zadara VPSAs is a cap on how much capacity they can store on a volume. Pratum got around that by breaking them up into smaller volumes, with the help of Docker containers inside a VPSA.
"We were able to automate the process of migrating data into smaller buckets that were more management, and provide us visibility into what data was being queried and how often," Healey said.
Zadara helped smooth that process by writing a script to automate it, saving Pratum's staff from having to manually break up the volumes.
"Once we broke that one volume down into multiple sub-volumes, we will be able to actually designate here are the specific directories that are always going to be hot," Healey said.