The Open Network Insight (ONI) v1.0 project is an open source, Apache 2.0 licensed, community developed network data model that delivers visibility into security threats by providing advanced threat detection using big data analytics. ONI uses machine learning as a filter for separating suspicious network traffic from benign and to characterize the unique behavior of network traffic. ONI is extensible, enabling any number of vendors to enhance the open data model and develop their own innovative applications on top of it. ONI runs on top of Cloudera’s Enterprise Data Hub (EDH) and other open big data platforms.
ONI seeks to tackle the dual challenges of unlocking innovation in cybersecurity while helping each vendor to avoid having to reinvent the same wheel again and again. ONI will eliminate issues related to vendor data models that create silos between solutions and make it difficult for customers to harness innovation from multiple vendors. In short ONI will accelerate solution development and simplify customer consumption of different vendor products.
While ONI today is being deployed to help the cybersecurity community, Cloudera sees even more potential in this project. “We are very excited about ONI v1.0 and this is just the first step”, said Tom Reilly, chief executive officer of Cloudera. “Building from ONI v1.0 Cloudera’s goal is to foster development of open object models beyond network to include endpoint, and user / identity. Our cybersecurity focused partners are leveraging ONI to accelerate their delivery of advanced solutions capitalizing on a pre-built open data model coupled with the powerful compute capabilities of Cloudera’s Enterprise Data Hub. Customers are benefiting from these common objects and can easily extend to adjacent use cases beyond cybersecurity: network operations, fraud, and user experience optimization to name just a few. A single source of data built on an open data model creates tremendous value for our customers.”
“As one of the primary committers on Open Network Insight, I am thrilled to see the broad community adoption of the project,” said Alan Ross, chief cloud security architect at Intel and ONI committer. “As organizations and cybersecurity application developers alike continue to embed ONI into their infrastructure to scale to unprecedented volumes of data, the community as a whole continues to benefit. By sharing a common data model around network flows, facilitated by ONI, organizations can have interoperability between Cloudera certified cybersecurity solutions that leverage ONI.”
Cloudera’s rich ecosystem of cybersecurity partners have already begun to rally around ONI in order to accelerate new cybersecurity solutions to market. This allows applications that leverage ONI to share a common data set to accelerate the deployment of their solutions into ONI and Cloudera’s Apache Hadoop based users, and allow for cross community collaboration. As one organization discovers a new way to detect an advanced ever changing threat, everyone can quickly plug in the same analytics without having to rebuild an entire solution.
While ONI v1.0 is focused around network data, community members already have plans in place to extend to additional data sources creating net-new open data models that will strengthen everyone’s cybersecurity capabilities and unlock new business solutions. Dick Williams, CEO of Webroot, is one of the many supporters of ONI’s vision, “The Open Network Insight (ONI) project is exciting innovation and very much aligned with our own view of security as an information problem, one in which more data, organized well, can be applied to provide better defenses. Our own use of Hadoop with our machine learning clusters and partnership with Cloudera, combined with Webroot’s years of endpoint-to-cloud experience will enable us to contribute essential knowledge to the data models of ONI.”
One of ONI’s committers and an information security data scientist for eBay, Austin Leahy, said it best when he stated, “Cybersecurity as a field is at a real turning point; sitting with vendors in the field one easily gets the feeling that they know their products aren’t where they need to be. The best projects in data science tend to embody either disruptive or thoughtful principles.ONI represents the efforts of a rare group of people who have put together both of those things and brought them to the open source community.” The future is bright for the ONI project as the community continues to adopt and deploy ONI based business solutions. Providing a future proofed community led platform with Cloudera’s Apache Hadoop and ONI’s open data model as the core, these new business solutions will continue to unlock tremendous analytic value for our customers.
Learn more about ONI here.
Learn more about how Cloudera helps cybersecurity professionals here.