Crunchy MLS PostgreSQL was developed to support the relational database requirements of the U.S. Government’s Centralized Super Computer Facility. Crunchy is proud to be a part of the Multi-Level Security Ecosystem that includes participants such as Lockheed Martin, Red Hat® and Seagate to provide high performance at massive scale while protecting data internally and externally.

Crunchy CEO Bob Laurence said, “Crunchy MLS PostgreSQL provides an innovative open source alternative to legacy relational database technologies.  With this solution, mission-critical programs can benefit from the combined cost efficiencies of Multi-Level Security and Open Source Software.”

Crunchy and Lockheed Martin collaborated closely to provide PostgreSQL as an open source relational database for multi-level security (MLS) applications in a Red Hat® Enterprise Linux® 6.5+ environment, ensuring that the solution met specialized security requirements and took full advantage of the newly powerful Red Hat® environment.

Crunchy MLS PostgreSQL is built on PostgreSQL, the world’s most advanced open source database. Crunchy MLS PostgreSQL extends PostgreSQL through integration with the Red Hat® Enterprise Linux® 6.5+ SELinux functionality in order to provide:

• Ability to manage data creation and manipulation permissions based on Red Hat® Enterprise Linux® 6.5+ SELinux Security Policies.

• Ability to control all data access based on Red Hat® Enterprise Linux® 6.5+ SELinux
  Security Policies, network connections and users.

With the Red Hat® and Crunchy solution, users with a higher security level (such as Top Secret) can now read lower-level security data seamlessly, and the system automatically re-labels the data security level if higher-level users make changes.

Full source code of Crunchy Certified MLS PostgreSQL is available open source.

PostgreSQL is a powerful, open source, object-relational database system with more than 15 years of active development and a strong global development community. Enterprises with a focus on data management cost reduction can benefit from PostgreSQL’s proven architecture and reputation for reliability, data integrity, and correctness.

About Crunchy Data Solutions, Inc.

Crunchy Data Solutions, Inc. (Crunchy) is a leading provider of open source enterprise PostgreSQL support, technology and training to national security and critical infrastructure enterprises. Crunchy’s Secure Enterprise Support provides exclusively U.S.-based PostgreSQL support to enterprises with a particular focus on supply chain security. When combined with Crunchy’s on-premise PostgreSQL professional services and PostgreSQL training, Crunchy enables enterprises to confidently deploy PostgreSQL, the world’s most advanced open source database, as a dramatically less costly, and yet no less secure, open source relational database solution. ]]> https://blog.crunchydata.com/blog/crunchy-announces-open-source-multi-level-security-enabled-postgresql Thu, 25 Jun 2015 05:00:00 EDT 2015-06-25T09:00:00.000Z 2015-06-25T09:00:00.000Z https://www.crunchydata.com/blog/how-open-source-delivers-for-government Amid the well-deserved hype around the impact of cloud technology and big data analytics, it is possible that casual industry watchers may have missed the real story behind the recent wave of IT re-architecting.

Enabling many of these recent, powerful trends is a newly validated embrace of open source software technology. The movement to OSS solutions is empowering system designers and solution architects to re-examine methodologies that evolved out of the legacy proprietary, closed source software license model. Put simply, OSS allows developers of IT systems to create better results and cut costs.

Enterprise IT leaders in business and government have taken notice of the benefits of OSS. For example, the recently launched U.S. Digital Service published a Digital Services Playbook that urges agencies to "consider open source software solutions at all layers of the stack." The General Services Administration extended this thinking in the recently introduced Open Source First policy as part of its effort to modernize its organization, processes and technologies. Defense policy makers have gone further, directing those within the Department of Defense to identify barriers to the effective use of OSS within the DoD so that the military can continue to increase those benefits.

Better Outcomes

One of the key drivers of OSS adoption has been cost. But while the savings can be dramatic, cost reduction is not the whole story. OSS also creates the possibility of more reliable, more trustable, more functionally appropriate, and just plain better solutions.

Historically, companies needed to factor in the cost of closed source software at peak license distribution even if they routinely needed a smaller number of licenses. On top of that were support fees tied to the peak distribution. Solution designers had an incentive to constrain distribution of software even if the use case was under-served.

This is clearly not so in an open source world. Both the solution architect and budget manager need only to consider the support costs, not licensing costs; and outside vendor support is generally more cost effective than internal capability. In the case of a distributed database solution, the difference in cost can really add up.

A simple example of how the move toward OSS can improve IT architecture is by thinking about database backups. In the legacy regime of licensed closed source software, each license of an incremental database came with a cost -- often a steep cost. In the world of OSS, enterprise users are able to maintain replicas of databases as backups with no incremental license cost. The more copies of the database software you have, the more options you have when things go wrong. The more copies of the data management or analytics software you have, the more choices you have to efficiently move your data around.

Security and Reliability

Cost alone can carry the day for some projects, but security and dependability are the main drivers for many mission-critical needs.

Here too, open source is a great alternative to closed source. Contrary to a common myth of OSS, most of the development and support is performed by dedicated, highly trained professionals who are on par with the development shops of any of the top tech firms. In fact many of the best OSS projects have the support of leading commercial enterprises like Red Hat, Google and Salesforce.com.

Still, OSS must pass the close testing and rigorous examination of many interested parties. Researchers and scientists of all types are familiar with the withering gaze but necessary value of peer review, involving open and independent examination by many experts. With OSS, users in business, government, academia, and even hobbyists all get to look at and make judgments about OSS, and users are the ultimate beneficiaries.

Walmart's Eran Hammer, senior architect for the Node platform, echoes this idea, reporting that Walmart enjoys a "significant quality and stability boost" that results from the efforts of early adopters of OSS.

Even some in the national security community are taking advantage of open source and crowdsourcing. The National Geospatial Intelligence Agency uses OSS to help it develop apps for geospatial analysts. "While there are some security concerns, I believe the way we deployed this architecture really addresses those security concerns," said Dave White, NGA's chief information officer. "The risk is very manageable but what we are getting in return is innovation," he continued, "and it'really advancing our mission."

Of course, no matter how well-trained the solution developers are, and no matter how carefully scrutinized the solution is, users may discover vulnerabilities in software, which is true whether it was developed under the closed or open model. If those vulnerabilities are in proprietary software, "the only people who can identify and fix the problem are employed by the company that wrote it," notes Gunnar Hellekson, chief strategist for Red Hat's U.S. Public Sector Group. "They can be smart, they can be well-trained, and highly-skilled, and use only the best of the best practices of software development, and they still couldn't muster the number of eyeballs commanded by a high-functioning open source community." An enterprise that is supported by an expert in-house support team, backed up by an active, well functioning open source community, will be well served by the number and diversity of solution seekers.

By the same logic, it is also more difficult to hide a vulnerability in open source code since the source is readily available. That means no party can build in a back door or other security exposure without the prospect of peer review and user examination ringing an alert for all users to see. Any user of closed source products knows that they are entirely reliant on the ongoing commitments of the developer, with limited control over some of the risks involved. Independent testing methodologies and certifications can help, but these are only valid for the exact code certified -- not the next version, nor the next patch, and certainly not for the advanced features acquired separately. Healthy OSS projects are subject to constant, ongoing examination and communication among many invested parties, and that openness benefits all users.

Lessons Learned

The road to broad adoption of OSS has seen a few speed bumps and potholes.

It should be no surprise that OSS would follow something like the well-established adoption curve, complicated perhaps by the mix of technologies capturing the distribution approach. Nonetheless, OSS adoption has been characterized by early adopters who were both tech savvy and confident that they could respond to any difficulties. This is a proven strategy for testing new ideas.

As early adopters give way to the early majority, the market is recognizing the need for professional support options to supplement their skill base and permit more scaled deployment. Enterprise support from qualified providers is the leading value multiplier for OSS adopters. A growing community of support companies, staffed by experienced IT leaders, are providing first-rate services.

OpenStack, Hadoop, Linux, PostgreSQL and many other open source projects are creating new and innovative ways to serve business and government. OSS saves IT users billions of dollars every year, frees resources for other purposes, and delivers better outcomes. Could OSS be the mega-trend in technology for this century? ]]> https://blog.crunchydata.com/blog/how-open-source-delivers-for-government Fri, 13 Feb 2015 04:00:00 EST 2015-02-13T09:00:00.000Z 2015-02-13T09:00:00.000Z https://www.crunchydata.com/blog/red-hat-crunchy-data-solutions-database-service-openshift-enterprise January 22, 2015

11:00am - 12:00pm ET

As part of Carahsoft's Open Source Essentials Series, join Jeff McCormick, Crunchy Data Architect and Matt Zager, Red Hat Solution Architect for a complimentary webinar on how OpenShift and PostgreSQL can enable agencies to benefit from an open source infrastructure.

During this session our experts will cover:

• How OpenShift platform-as-a-service technology can help agencies rapidly deploy open source database technology such as PostgreSQL
• How Crunchy's PostgreSQL Management technology enables on-demand database provisioning
• Reference software architecture and sample performance benchmarks

Register now to participate in this complimentary webinar:

Register Here ]]> https://blog.crunchydata.com/blog/red-hat-crunchy-data-solutions-database-service-openshift-enterprise Fri, 09 Jan 2015 04:00:00 EST 2015-01-09T09:00:00.000Z 2015-01-09T09:00:00.000Z https://www.crunchydata.com/blog/deploying-postgresql-pod-openshiftv3

Crunchy Data Architect Jeff McCormick's guest post on the Red Hat OpenShit Blog demonstrates how to deploy a PostgreSQL Pod, running as a Docker container, in OpenShift v3 and end up with a deployed solution.

At Crunchy Data Solutions (Crunchy) we were excited to hear the recent announcement from the OpenShift team regarding the new public Origin repo integrating the work Red Hat has been doing for over twelve months in OpenShift Origin and related projects like Docker, Kubernetes, GearD and Project Atomic.

Crunchy has been working with the OpenShift team for some time and witnessed the value proposition of combining PostgreSQL, a leading open source object relational database, and OpenShift first hand by working with enterprise users as they deployed PostgreSQL on OpenShift v2.

In order to advance these enterprise deployments of PostgreSQL on the OpenShift platform, Crunchy has previously collaborated with the OpenShift team to build a High Availability PostgreSQL Cartridge and stand alone PostgreSQL 9.3 Cartridge for OpenShiftv2 and, in anticipation of OpenShiftv3, recently announced a private beta for Crunchy PostgreSQL Manager, a Docker based tool enabling enterprises to build High- Availability PostgreSQL Clusters.

As we began our deep dive into the new OpenShift Origin repo and Kubernetes orchestration, we wanted to pass along our initial learning on how to provision a simple PostgreSQL database on an OpenShift Pod in Kubernetes.

Specifically, in this blog post, we will provide an example of how to deploy a PostgreSQL Pod, running as a Docker container, in OpenShift v3 and end up with a deployed solution.

Continued at the OpenShift blog:

https://blog.openshift.com/deploying-postgresql-pod-openshift-v3/ ]]> https://blog.crunchydata.com/blog/deploying-postgresql-pod-openshiftv3 Fri, 07 Nov 2014 04:00:00 EST 2014-11-07T09:00:00.000Z 2014-11-07T09:00:00.000Z https://www.crunchydata.com/blog/balancing-database-storage-latency-throughput Brought to you by Crunchy's Greg Smith. Learn more about Balancing Database Storage Latency And Throughput. Crunchy Data Solutions

Video from PGCon 2014

https://www.youtube.com/watch?v=y9dDsoG0Q6E ]]> https://blog.crunchydata.com/blog/balancing-database-storage-latency-throughput Fri, 25 Jul 2014 05:00:00 EDT 2014-07-25T09:00:00.000Z 2014-07-25T09:00:00.000Z