Discover LinuxSecurity Features
RavenDB 5.0: A Versatile Open-Source NoSQL Database with an Intense Focus on Security
RavenDB is at the forefront of data management innovation - leveraging open-source development and an intense focus on usability to offer efficient, versatile and highly secure database services to business application developers worldwide. The latest release of the open-source NoSQL document database, RavenDB 5.0, accommodates both local and hosted environments, and adds time series support and document compression to its robust feature set.
As open source security enthusiasts, we are particularly interested in RavenDB’s open-source approach to managing and securing data - and how this approach has enabled RavenDB to surpass competitors in areas including usability, integration and data security. To gain an in-depth understanding of the company’s latest release, we spoke with RavenDB Founder, CEO and Lead Developer Oren Eini about the defining features of RavenDB and RavenDB Cloud, some notable use cases, security considerations - and more.
Secure, User-Friendly Data Management for Both On-Premise and Hosted Environments
Through RavenDB 5.0 and RavenDB Cloud, the RavenDB 5.0 release brings efficient, integrated and highly secure data management supported by a robust feature set to both on-premise and database-as-a-service clients. All of the purpose-driven components that comprise RavenDB 5.0 were built from the ground up - resulting in a database that is fast, fully integrated and widely available.
RavenDB also offers enhanced data security through usability - a defining characteristic that sets the database apart from its competitors. The company uniquely views support as a cost center as opposed to a revenue center. Insight gained through RavenDB support calls is used to modify the database to make such calls unnecessary in the future. Eini explains, “Viewing support as a revenue center disincentivizes vendors to create user-friendly products, which has drastic negative implications for data security. Usability and security are closely tied. Database breaches continually demonstrate that having complex security is equivalent to having no security at all.” Eini elaborates, “Our approach to security embodies operational simplicity and automation.”
The Power of Community
Another defining characteristic of RavenDB is the company’s transparent, open-source approach to development. Eini feels that RavenDB’s use of the open-source development model has both contributed to the popularity of the database and greatly enhanced its feature set. He explains, “Feedback provided by members of the open-source community has been pivotal in improving RavenDB. It is extremely beneficial to be able to engage in a proper discussion with a customer, and the fact that our entire codebase is open-source and available in our code repository has made it easy to get to the root cause of issues quickly.” Eini adds, “Being a part of the open-source community has also enhanced the features we offer. RavenDB’s automatic indexing support and transparent data encryption, for instance, were created by the open-source community and are now among the database’s central features.”
The release of RavenDB 5.0 adds two key new features to a rapidly-expanding list: time series support, which enables users to track time series data, and document compression, a feature that analyzes documents to identify commonalities between them and efficiently compresses data between documents. The document compression feature cut cloud storage costs in version 5.0 by an impressive 50%.
RavenDB vs. RavenDB Cloud: How Do The Two Compare?
RavenDB 5.0 and RavenDB Cloud make the RavenDB 5.0 release ideal for developers looking to deploy an on-premise database, as well as those seeking a hosted platform. Eini explains the benefits of both scenarios, “For some users such as healthcare and financial institutions, having full control over the entire stack is important. Others need a database that can be deployed on the edge, where connectivity isn’t assured. For these users, the ability to deploy on location, without any external requirement, is very important.” He elaborates, “Running on cloud enables developers to push all the operations overhead to someone else, making it much easier to provision and make changes on the fly.”
That being said, the on-premise and cloud versions of RavenDB are essentially identical, both running the same binaries and offering the same capabilities. In terms of security, both take similar measures to protect sensitive data, including X509 certificate authentication and encryption of all data over the wire, the ability to limit connections to specific IP addresses or ranges at the network level and full auditing support for all operations.
RavenDB Cloud integrates a selection of additional awareness behaviors and automated security measures. Environmental information is incorporated into RavenDB instances to allow them to better calibrate themselves to environmental factors. For example, when using burstable instances, RavenDB Cloud reports the status of CPU credits to reduce background tasks when running low. In RavenDB Cloud, backups are encrypted by default, whereas the on-premise version of RavenDB requires users to select an encryption key if the database is not already encrypted.
Despite these differences, Eini feels that the level of security that users can expect from RavenDB Cloud and RavenDB 5.0 is roughly comparable. He reflects, “The main difference is the additional steps that on-premise users have to go through. With RavenDB Cloud’s fully-managed services, virtually everything is done for the user.” He adds, “With both versions, we pay a lot of attention to the security of the system in general.”
Although RavenDB Cloud offers a high level of convenience through increased automation and fully-managed services, the majority of RavenDB customers run on-premise or edge systems. Over 70% of these systems run on Linux, with the rest running on Windows servers. It is very common for RavenDB to be deployed on the edge. “RavenDB can operate in a disconnected manner, but the data will be synced to a central location - usually on the cloud,” Eini explains. “We have a customer who has deployed RavenDB inside industrial robots running Raspberry Pi and another running RavenDB in a Point of Sale system.”
RDI Software, a landmark RavenDB customer, has deployed the database on edge to over 36,000 restaurant locations, where the platform processes upward of 500,000 USD per minute. The company has a unique requirement for a database: robustness above all else. “The typical employee for a fast food restaurant is a teenager on minimum wage - not exactly your ideal IT worker. As such, we have to deal with very old hardware, used in often hazardous environments and operated by people with very little experience”, Eini explains. He elaborates, “RavenDB has been used in this capacity for over half a decade, because it is able to handle this situation and doesn’t require constant supervision. In particular, RavenDB’s zero admin capabilities mean that the database is able to adjust, independently, to each individual environment and behavior.”
The Bottom Line
RavenDB’s transparent open-source approach to data management and intense focus on operational simplicity make the database ideal for security-conscious users looking for a fast, user-friendly platform for business application development. Through RavenDB 5.0 and RavenDB Cloud, the RavenDB 5.0 release brings security, usability and efficiency to local and hosted environments alike.
Connect with RavenDB on social media: