X

Udacity, an online education company, aimed to penetrate the rapidly growing education market in China. However, they faced challenges due to strict internet regulations by the Chinese government and slow internet connections throughout the country. Their US-based content was difficult to access for Chinese customers, leading to frustration and potential loss of customers. The main issue was that the loading of assets from their classroom, hosted on Amazon Web Services (AWS), would take several minutes due to throttling of AWS CloudFront nodes to as little as 20Kbps.

Hostnet Brazil, one of the top web hosts in Brazil, was facing increasingly sophisticated cybersecurity threats, ranging from excessive bot crawling to distributed denial-of-service attacks (DDoS). The company was looking for a solution that could provide a more resilient hosting environment. They were previously using Amazon’s CloudFront, but they needed a solution that could offer integrated performance and security solutions to protect their platform and make it future-proof.

During the 2012 Eurovision Song Contest semi final, the busiest time of year for the website, Eurovision.tv was targeted with a large DDoS attack. Their content delivery network provider at that time could only do very little to mitigate the attack, and because they were using a CDN, their hosting partner couldn’t do much filtering either. The first flood of attack traffic was mitigated with some blocking techniques implemented by their CDN, but when the attack got more creative there was nothing more they could do. During the first semi-final, fans of the Eurovision Song Contest access the website to find out results and to watch online streams of the contest. With the site service disrupting, visitors from around the world to Eurovision.tv experienced difficulty accessing these results and streams.

Taringa!, the largest user-generated content platform in Latin America, was experiencing exponential growth with a user base expanding across Argentina, Mexico, Spain, Colombia, Chile, Peru, Venezuela, and the US Hispanic community. As the user base continued to grow, Taringa! executives were looking for a way to ensure a fast and reliable online experience. They needed a performance and security company that was aggressively expanding their network in countries where most of their users live.

BharatPe, a merchant payment processing company, was under constant cyberattacks from the moment it launched. The company was targeted with SQL injections and brute force attacks, which impeded its ability to scale effectively. The company's engineers were constantly pulled into time-intensive security projects, such as identifying their attackers' IPs, a task that took nearly three months. As a result, other important projects had to be put on hold. The attacks also risked the trust of their customers, which is crucial for a company in the payment business.

Replicated, an infrastructure software company, needed a development environment that runs on Kubernetes, as their product, Kubernetes Off-The-Shelf (KOTS) Software, runs in Kubernetes and manages the lifecycle of 3rd-party applications in the Kubernetes cluster. As their engineering team expanded to include dedicated front end engineers and other specialists, managing a local environment became a burden. They needed a solution that would simplify the process and maintain developer productivity. They were looking for a solution that would be simple to implement and maintain.

In December 2016, orderbird faced a heavy distributed denial-of-service (DDoS) attack that nearly took the company out of business. This was a serious problem even by the standards of many business-critical applications. Network connectivity and backend availability were essential parts of the overall POS system, and if it happened to go down for any reason, their customers’ businesses could not receive orders and may have then lost revenue.

San Miguel County, Colorado, is a popular tourist destination with a diverse region ranging from rugged mountain resort communities to arid ranching communities. Despite its peaceful and scenic locale, the county government is connected to the world through the Internet and is at risk from the same types of threats from cyber attackers. The county provides online constituent services and important information for citizens and visitors on its website. As residents become more dependent on the website, there is a growing requirement to protect against web-based attacks aimed at stealing data and distributed denial of service (DDoS) attacks that could bring the site down. The county needed a comprehensive network security solution that would protect the county’s sensitive data and maintain online services without disruption in the face of an increasingly dangerous Internet environment.

Fastmetrics, a full-service Internet service provider (ISP), was facing the challenge of ensuring uninterrupted service to its clients in the Bay Area and throughout California. The company was committed to protecting its infrastructure against the growing threat of distributed denial of service (DDoS) attacks. Internet access is business-critical for Fastmetrics’ clients. If Internet access, email, voice services and unified communications are slowed or, worse, unavailable, Fastmetrics’ clients would be unable to service their own customers. That means the ISP’s business would suffer if their customers move to other providers to ensure uninterrupted availability. Fastmetrics already had strong security measures in place, including locking down its servers to help thwart attempted intrusions. But it also saw that it was imperative to take proactive measures to improve the ISP’s ability to address the growing DDoS menace.

Pep Boys, a multibillion-dollar automotive services and retail chain, needed to protect its network of over 700 stores and corporate headquarters against malicious attacks that could result in the theft of sensitive customer and employee information. The company is the custodian of a myriad of customer and employee records from its stores, as well as its Philadelphia corporate headquarters. Personally identifiable information (PII) and corporate data are valuable targets for cyber-criminals. As an e-commerce company, Pep Boys is entrusted with a large amount of customer information and employee data, such as Social Security numbers. The company also stores customer information through its online “Glovebox” feature, which enables customers to record and conveniently access information about their vehicles and service history. Firewalls are essential to control access to Pep Boys’ corporate network and the sensitive data it holds, but far from sufficient in today’s threat environment.

Brady Distributing Company heavily relies on the Internet for its business operations, making it vulnerable to malware, viruses, and Denial of Service (DoS) attacks. The company's IT manager, Rick Baird, was particularly concerned about the lack of visibility into the network, especially on remote PCs. Despite having a firewall for its MPLS network and a content filtering appliance, these measures did not provide enough layers of security. The company was still plagued by malware and viruses, which threatened the business and consumed the IT department’s resources to remediate the problems. Baird decided to add an Intrusion Prevention System (IPS) to the company’s line of defense.

Telesystem and Line Systems (LSI), divisions of Block Communications, provide voice, internet, and cloud computing solutions to thousands of commercial customers across the east coast and Midwest. Their customers, which include universities, government agencies, schools, hospitals, and financial institutions, rely on constant connectivity. However, the companies were frequently targeted by DDoS attacks, which threatened their commitment to delivering reliable and highly available solutions. The operations team had to take provisional measures to prevent outages and began looking for a permanent DDoS defense solution.

Phase 2, a leading software-as-a-service (SaaS) provider servicing the federal and enterprise markets, needed to ensure superior data center architecture, flawless application performance, and dedicated expert support to ensure an uninterrupted, trouble-free customer experience. As one of the first cloud services providers to achieve Federal Information Security Management Act (FISMA) certification, Phase 2 needed to become even more hardened from a network and applications security perspective. The company serves hundreds of customers around the globe, including federal agencies and enterprises in the United States, the United Kingdom, Canada, Australia, Germany, Saudi Arabia, Syria, South Africa, and Japan. Given the threat climate and federal mandates, Phase 2 wanted to proactively strengthen its defenses with the best security technology available to ensure the utmost protection and uptime for its customers.

Zacks Investment Research is a unique institution with a very special purpose: To deliver sound investment advice their clients can take to the bank. But that means that Zacks must be free of intrusions. It must protect its site to not only ensure it is available to its users, it must also safeguard its information to maintain strong customer confidence. Voloshin said the DDoS attack identified attempts to penetrate the network. He called it “very sophisticated,” and said it was quite strong in volume. Credit cards, personally identifiable information, and PCI mandates, all require protection as well. Proprietary information as a result of the research needed to be protected including data researched and released to institutional clients.

Los Angeles Dedicated (LAD) is a cloud and Infrastructure-as-a-Service provider with a significant portion of its business involving providing dedicated servers and infrastructure to gaming clients. These gaming companies are prime targets for DDoS attacks, and LAD is concerned about its network being impacted by the rapid escalation of the DDoS attack landscape. Even one significant DDoS attack could cut off network connectivity to all of LAD’s customers, causing unacceptable collateral damage. LAD had experienced some attacks that it was not able to fend off using homegrown means, resulting in service outages that cost them a few customer contracts. The company’s president and CEO, Robby Hicks, initiated a search for a dedicated DDoS solution that could protect LA Dedicated’s systems and all of the company’s customers while under duress from attacks.

Liquid Web Inc., a managed web hosting and datacenter company, was facing a significant increase in distributed denial-of-service (DDoS) attacks, affecting its core business. These attacks could be either volumetric or nonvolumetric in nature. The company had an existing solution in place from a security provider that was used for attack detection. However, that solution was not doing enough to deal with mounting DDoS problems. When DDoS attacks were made on the Liquid Web network, incidents needed to be identified, isolated, and mitigated. Before Liquid Web onboarded the Corero solution, such attacks were routinely detected but not prevented. Another challenge was that 'innocent bystanders' (i.e., other customers on the network) could be impacted by a network slowdown even though they weren't the specific target of a DDoS attack.

Hivelocity, a data center services and cloud hosting provider, serves a wide range of customers from more than 130 countries around the world. The company’s network, which features 8 transit providers and 300+ private peers, has been designed to provide high levels of availability, reliability, and performance for every customer regardless of their geographic location. However, with DDoS attacks on the rise and being a global concern, Hivelocity needed to deploy a solution that would ensure that its customers stay online. The demographic of their customer base varies widely, hosting web applications, online games, audio and video streams as well as credit card processing services and health service companies who require a HIPAA compliant data center. These customers count on Hivelocity to provide them with a highly reliable network that keeps their businesses online at all times.

The Journal Register Company, a large newspaper publisher in the United States, experienced a network attack during its transformation from a print-only newspaper publisher to a digital-first news organization. Malware breached existing defenses at one of the company’s regional news-gathering locations and began degrading network performance. Midway through the audit, the Journal Register’s Michigan location experienced a DDoS [Distributed Denial of Service] attack, significantly impacting the content delivery. The company needed to stop the malicious attack quickly and adopt the appropriate technology to protect them going forward.

GamersFirst, a rapidly growing online video gaming company, was facing serious issues with Distributed Denial of Service (DDoS) attacks. These attacks were severely impacting the gaming experience, even preventing online play, which was costing the business tens of thousands of dollars. The attacks were slowing down games and in some cases, bringing them to a halt. This resulted in lost business and the risk of losing customers to other online video gaming sites. The sources of the attacks were typically angry and vindictive former players who had been banned from GamersFirst.com for cheating. These attackers mobilized large armies or “botnets” of hijacked computers to attack the online gaming service. At one point, the service was attacked daily over a four-month period, and an attack even succeeded in bringing down GamersFirst’s data center.

Moneycorp, a rapidly growing foreign exchange company in the UK, was facing the threat of Distributed Denial of Service (DDoS) attacks. These attacks could potentially paralyze their website, leading to lost revenue, customers, and damage to their reputation. The company had been targeted by such attacks, which could disrupt their service or even act as a smokescreen for a more damaging data theft attempt. The challenge was to find a solution that could protect their website and customer transactions from these attacks 24x7. The solution needed to be quick to respond and capable of keeping their business up and running even under attack.

Cesar Millan’s website, www.cesarsway.com, is a cornerstone of his business, engaging a vast community of dog lovers and generating about $100,000 in sales monthly. However, the site began experiencing issues with its Apache server crashing, initially believed to be due to a spike in legitimate traffic. The hosting service assured them that MySQL was performing at normal levels, and it was the Apache server, the one that hosted the website, which was crashing. After some discussion with a colleague at Acquia, a company that specializes in Drupal, the CMS that runs the Cesar’s Way website, they concluded that they were under a distributed denial of service (DDoS) attack, which was finally confirmed by the hosting provider.

On June 11, 2012, Virgin Gaming's servers were targeted by a sophisticated distributed denial of service (DDoS) attack. This attack was unlike any they had seen before as it was aimed directly at TCP port 80 and involved over a million unique IP addresses. The attack was so large that it overwhelmed Virgin Gaming's ISP's network, knocking virgingaming.com offline almost immediately. Seven hours into the attack, the traffic reached a volume of 3 Gbps on the ISP's network, and the ISP took the drastic and costly measure of completely blocking the HTTP and HTTPS ports (ports 80 and 443), shutting out end users completely.

Andy's Auto Sport, a leading provider of car body kits, operates entirely online, serving over 5,000 customers monthly from more than 20 countries. Their website is crucial to their success, with over a million unique visitors every month. However, in 2011, their website went down due to a DDoS attack. The servers were overwhelmed with requests, effectively shutting down the operation. The IT team spent about a day and a half trying to resolve the problem on their own before they looked for help. This was the second time they had been attacked, and they knew they couldn't afford to wait out the attackers.

Human Kinetics (HK), a publisher of kinesiology-related materials, was facing significant challenges with its third-party network solution. The system had become unstable, inflexible, and difficult to support, leading to significant downtime. The solution was also impairing performance, which led to customer complaints and lost revenue. HK's previous solution could not track users' IP addresses, which was crucial for applying the correct currency to a user's order. This led to a flood of customer complaints as orders couldn't be processed without the correct currency information. The updates from the third-party vendor caused high latency and system instability, leading to frequent crashes and up to four hours of downtime per week.

Pitney Bowes, a global technology company, launched a complete e-commerce solution in 2016 that streamlined everything from international payments to sales promotions. The Pitney Bowes Commerce Cloud offers a suite of global e-commerce capabilities delivered to customers and partners via mobile and the web. However, to further scale and secure customer access to Commerce Cloud, Pitney Bowes needed to find a solution. They conducted an extended search, evaluating over 15 identity service providers for a strong set of APIs to provide partners with secure access to services, flexible and scalable sign-on and provisioning options for desktop and mobile users, compatibility with modern protocols such as SAML and OAuth, and high availability and reliability.

Mobile service providers face an enormous challenge from the exponential growth in the data, video, and voice over IP (VoIP) traffic being consumed by users with smartphones, tablets, netbooks, and laptops. As data rates increase with each successive generation of IP-based services —from 2G and 3G, and ultimately to 4G— this challenge will only worsen. Fierce competition limits how much service providers can charge for these services, and maintaining satisfactory performance levels for the growing number of users and applications threatens to force some major and costly upgrades throughout service providers’ infrastructures. Furthermore, service providers want to offer a wide variety of plans to subscribers that range from basic to unlimited access, potentially with tiered performance levels. Subscriber plans that charge based on actual usage require detailed accounting, and unlimited plans often lead to excessive utilization that can degrade overall performance and limit the scalability of the existing network infrastructure.

IlliniCloud, a non-profit cooperative that hosts applications for school administration, facilities management, student performance tracking, multimedia, and library management for K–12 school districts throughout Illinois, was facing a challenge. The organization needed to optimize the delivery of these services through its private cloud and help member districts manage annual data growth of up to 300 percent. The districts were struggling with providing their own IT services, with budgets varying widely from district to district, leading to inefficiencies and duplicate efforts. Managing data was one of the biggest challenges districts faced; many were hardpressed to provide adequate storage capacity, and they needed better tools for managing, disseminating, and archiving data. Nearly 95 percent of school districts lacked disaster recovery (DR) plans, so applications and data were potentially at risk.

A.T. Kearney, a global management consulting firm, heavily relies on unified communication services such as email, instant messaging, VoIP, and others. With a significant portion of its workforce operating remotely, the company needed to ensure the security and availability of these tools from any location and on any device. The firm's existing load balancing solution was not flexible enough to support an active/active data center model, limiting them to an active/passive one. This meant they couldn't load balance traffic between their two data centers, resulting in the secondary data center being primarily a disaster recovery site that sat dormant most of the time. This was seen as a waste of costly, high-end resources. Additionally, downtime was an issue as the secondary data center had to be down to migrate and bring up applications there. To serve its growing number of users worldwide, the company was considering serving applications from regional or branch locations, which would have required building additional data centers or deploying application servers in each branch office.

The University of Groningen was facing issues with its IT infrastructure, which was causing downtime for users and inefficient utilization of server capacity. The workload on the university’s servers had grown dramatically as the number of people accessing the IT infrastructure increased. In addition to staff members and students, the university had opened up the network for alumni to access and use certain academic facilities. The variety of devices connecting to the infrastructure had also increased as mobile devices and laptops became more prevalent. These factors combined to further add to the server load.

VimpelCom, one of the world’s leading integrated telecommunication operators, was facing an escalating number of network attacks. As one of the largest Internet service providers and business entities in Russia, the company was witnessing a surge in DDoS attacks. Legacy defense systems were not only failing to prevent these attacks, but often became the target themselves. The company needed a solution that could provide full automatic protection against these attacks in seconds.