Remote Work Series Part 1: Firewall Monitoring, Steered by Metabase

Anatomy of a Secure, Remote Workplace

Part 1 of a 4-part series of blogs on how to create a secure remote workplace.

• Network records processed: 6 million
• Time: a little over 15 minutes
• Cost: USD 25

A simple, effective, and brilliant firewall solution for a remote office. Here’s what went down.

COVID-19 forced our hand at a lot of things while operating at full capacity from the shelter of our homes.

We had to move a few things around to continue making our remote work meaningful and secure.

About Metabase

Metabase – a San Francisco-based company, now operating over Zoom like most of us – is an open-source business intelligence tool that allows companies to measure, analyze, and share their data.

Unlike most BI tools, Metabase brings data tools with the elegance and simplicity of consumer products for all kinds of businesses (small-large).

The GUI has a query builder that eliminates the need to know database queries to access data, and it’s ridiculously fast to set up; you can be up and running in under 5 minutes!

Metabase’s utility and simplicity are remarkable and are being put to use by various companies across industries like finance, on-demand, and hospitality – some of which have funding’s as high as $50M, and over 70 million app downloads.

Going Remote with Our Firewall

Net Solutions needed to adapt its security measures for remote work, in response to the lockdown that led to us working from home.

Our requirement was a Firewall Monitor that would act as a single point of access for all incoming/outgoing activities.

The Problem

We required a single point of access to monitor all incoming and outgoing activities reported on our company’s Firewall.

• Monitoring for connectivity issues
• Time-based analysis
• Security threats
• Network consumption
• The health of the overall network of people and machines in our organization

Our source of information was a Firewall log file that contained unstructured data in the form of text files.

Can you guess how many entries their Firewall was generating daily?

Our Firewall generates log files with all network activities resulting in 6 million entries per day.

The Solution

Our team’s key decision drivers were – a solution that dealt with unstructured data is focused on security and quick to roll out (this was a time-sensitive project).

We explored existing ETL (extract, transform, load) + data visualization solutions like the ELK Stack (Elasticsearch, Kibana, Logstash), Microsoft Power BI, and Tableau SAP – to get a better context of Business Intelligence tools.

We implemented custom extract and load (ETL) pipelines to process unstructured Firewall log files and deployed it to an AWS ecosystem with Metabase as a Data visualization tool for the front-end.

Net Solutions is an AWS Consulting Partner – certified to design, architect, build, migrate, and manage our clients’ workloads and applications on AWS(Amazon web services).

With experience like that in the AWS cloud, and Metabase as the data visualization tool, we rolled out a complete solution within two days.

Highlights of our Solution Architecture for Firewall Monitor

• Firewall Monitor ingests 6 million requests per day
• 20 minute bootstrap time – where the system first starts, processes network traffic (taken in through a file), and shows output in Metabase within 20 minutes
• Infrastructure cost as low as USD 25 per month
• Responsive dashboard
• Role-based access control
• Report sharing
• Alerts and notifications

Tools/technology used for implementation

Results

Our Firewall Monitor solution for Metabase resulted in:

Business advantages like

• Low-cost infrastructure solution
• Data points for business decisions

Technology advantages like

• Near real-time monitoring
• Seamless experience
• Single source of truth