Protecting Users, Data and Networks: Backed by Cassandra

Erick Ramirez on April 20, 2023

Barracuda Networks is a cybersecurity company that provides a range of solutions designed to protect networks, applications, and data. Barracuda has a global presence with offices in North America, Europe, Asia, Australia and headquarters in California. They have a wide array of security products sold in over 100 countries for protecting data, network devices, emails, and securing applications.

Barracuda’s cloud-based threat intelligence network ingests massive amounts of threat data from millions of global connection points. With the incredible volume of data the system analyses, processes and distributes around the globe to help businesses deal with ongoing security threats in real-time, Barracuda relies on the highly-scalable, distributed open-source database Apache Cassandra^®.

From SQL to NoSQL

Barracuda adopted Cassandra over 10 years ago when they sold virtual appliances for threat protection. Fleming Shi, CTO at Barracuda, said each machine was connected to a central nervous system for updates on the latest threats and behavior patterns and the underlying database technology was MySQL. 

“When I joined Barracuda Networks, we loved using MySQL. It was the glory days of the LAMP stack,” he says. But as Shi and his team started building a cloud-based security service, they needed a data architecture that could support the company’s widening global remit. MySQL’s asynchronous approach to data replication created significant latencies when Barracuda needed to quickly synchronize threat information from one global region to another. 

The NoSQL standard database Cassandra, with its distributed capabilities, solved the problem. 

“When we detect a particular threat and determine the best response, that response is kept in the database,” he says. “And when it’s needed in another region, with Cassandra we can easily sync over that decision. That level of efficiency, leveraging accelerated operational logic, makes our threat protection solutions more effective with high volumes of data, because we are looking at billions of emails and handling millions of file scans every day.”

Shi points to Barracuda’s Advanced Threat Protection microservice as a good example of how his company takes advantage of Cassandra’s strengths. The service scans files and links for malware at very high speeds, and performs a host of dynamic analytics. 

“When you have so much data coming in, you have a very small window to make a response determination. Once you make that determination, you want to make it available to other regions quickly,” he says. “That’s why we use Cassandra.

“It’s the most scalable, available database perfect for fast writes,” Shi adds. “Our database cannot go down. Email would stop. Threat detection would stop. Our business would stop.” 

The hunt for multi-region

Barracuda needed support for multi-region deployments. This was a critical capability that would enable Barracuda to reduce latency across its ever-expanding customer base. 

When data traffic travels across global regions, it can also travel through several network routers, which slows the data flows. Multi-region databases enable enterprises to replicate data to users’ regions, enabling them to deliver responsive customer experiences—and, in Barracuda’s case, timely protection for its users.

“Imagine having hundreds of thousands of customers running physical appliances, virtual appliances, or SaaS solutions that we offer in their neighborhoods or local network environments,” Shi says. “All those devices and workloads require threat response decisions to be made, which shouldn’t be limited by replication capabilities. Making one decision quickly serviceable to millions of people throughout the overall Barracuda ecosystem is critical to how we protect our customers.”