Case Studies Archive Search Case Studies

MageMojo Boosts Security and Ensures Availability Using F5 Solution

Magento e-commerce hosting provider MageMojo needed to improve security after a series of distributed denial-of-service (DDoS) attacks that took its site offline on Cyber Monday. Consolidating its DDoS mitigation and firewall needs in a high-performance F5 solution, MageMojo strengthened both its security posture and its business.

Business Challenges

 

MageMojo didn’t realize it had a security problem until the worst possible time: Cyber Monday. The company hosts approximately 2,500 e-commerce sites running on the open-source Magento platform, and on one of the busiest shopping days of the year, a series of distributed denial-of-service (DDoS) attacks took out its network—and its customers’ sites—for several hours.

“Our customers lost business,” says MageMojo co-founder Eric Hileman, “and we lost business.” Even worse, MageMojo’s previously stellar reputation had been tarnished. Hileman knew they had to find a solution that would allow the company to mitigate any future attacks and regain the trust of their customers.

MageMojo maintains its own network to ensure fast page load times and boost its customers’ SEO rankings. Keeping its network in-house also allows the company to monitor and enhance site performance for its customers. However, MageMojo’s network had been challenged by the company’s rapid growth, as well as a sharp rise in DDoS attacks on online stores. “Our traffic has increased over 1,000 percent each year,” says Hileman, “and attacks are going up 20 percent each year.” And in a network built for high performance and low latency, security had taken a back seat.

MageMojo needed to implement a security solution that could mitigate malicious attacks and keep its customers’ stores available. However, the company also had to maintain low latency and high performance—all behind a network firewall as mandated by Payment Card Industry Data Security Standards (PCI DSS).

“What we needed,” says Hileman, “was a true data center firewall that scaled easily, was highly available, offered layer 7 inspection and manipulation, and was ICSA Labs certified.” So MageMojo set up a dedicated team and began to search for the solution to the company’s security problem—a solution that could make or break its business.

In terms of DDoS mitigation, F5 blows the competition away. Eric Hileman, Co-Founder, MageMojo Magento Hosting

Solution

 

“We invested a lot of time in evaluating all our options and discussing solutions with many vendors,” says Hileman. “We were looking for something that could protect our infrastructure, not just from the attacks we were seeing today, but from the attacks that we were going to see in the future.”

To reduce the possibility of further crippling DDoS attacks and network downtime, the MageMojo team looked at several solutions, but none of them offered the complete package of DDoS mitigation, application-layer security, and scalability the company required.

The breakthrough came while on a call with a sales rep from a major retailer who suggested that MageMojo talk with F5. “To us, F5 was just a load balancer and nothing more,” says Hileman, “but I’m sure glad we set up that call.”

After several calls with F5 engineers, MageMojo opted to implement the proposed solution, which is built upon the extremely high-performance VIPRION chassis and modular blade system to fulfill the company’s needs for seamless scalability.

BIG-IP Advanced Firewall Manager (AFM) provides MageMojo with the required ICSA Labs–certified firewall, while BIG-IP Application Security Manager (ASM) delivers visibility into and control over layer 7 application-based attacks. BIG-IP Local Traffic Manager (LTM) handles load balancing and ensures low latency and high availability regardless of network conditions.

“We feel good about Cyber Monday now,” says Hileman. “We sleep better at night knowing that we’ve really thoroughly looked at all the solutions for protection that are on the market today. And we know that with F5, we have the best solution—not just for now, but for the future.”

Thanks to F5, our business is not only stronger from a security perspective, but stronger financially as well. Eric Hileman, Co-Founder, MageMojo Magento Hosting

Benefits

 

MageMojo deployed an F5 solution portfolio that empowered the web hosting company to protect its network against DDoS attacks, improve layer 7 security and flexibility, enable rapid and easy infrastructure scaling, comply with PCI DSS regulations—and reduce costs.

DDoS mitigation ensures high availability

Built on a full-proxy architecture, BIG-IP Advanced Firewall Manager fulfills MageMojo’s needs for an ICSA Labs–certified firewall, while taking advantage of the high performance of the VIPRION system. And unlike traditional firewalls, BIG-IP AFM terminates and inspects all incoming connections, which means that it can mitigate many DDoS attacks before they even reach the company’s servers.

“In terms of DDoS mitigation,” Hileman says, “F5 blows the competition away. Their performance is higher, their numbers are higher, and they have a lot of advanced capabilities that allow you to mitigate many of the attacks we see today. That’s something that other vendors simply can’t offer.”

Protects critical applications

“When we first started,” Hileman says, “most of the attacks were just about flooding network connections, but they’ve evolved into more application-level types of attacks.” MageMojo deployed BIG-IP Application Security Manager to protect against those layer 7 attacks with its agile, certified web application firewall and comprehensive, policy-based web application security.

BIG-IP AFM also dynamically boosts performance and helps MageMojo keep latency low with application optimization and acceleration technologies such as compression and SSL offload. Equally important for the company is the flexibility of the F5 iRules scripting language, which allows MageMojo to manipulate layer 7 traffic and detect “the latest vulnerabilities,” says Hileman. “Which means that we can patch our infrastructure and protect ourselves almost immediately.”

Reduces expenses through consolidation

With the F5 solution, MageMojo has all the equipment it needs to mitigate DDoS attacks, strengthen application-layer security, ensure high availability, comply with PCI DSS regulations, and scale seamlessly—in one central device. And with only one vendor to contact for support, the company saves a lot of time.

The VIPRION system also allows the company to support large amounts of traffic, which enables it to buy bandwidth directly from the carriers in bulk—a significant cost savings. And even though the company doesn’t use all that bandwidth on a daily basis, it gives the IT team peace of mind to know they will be ready for their customers when they do large promotions or have extra bursts of traffic. “In the end,” Hileman says, “we saved over 70 percent consolidating with F5 instead of buying all the individual components or going with a third-party mitigation service.”

Ensures availability with seamless scalability

MageMojo remains focused on ensuring the availability of its customers’ sites. The VIPRION system allowed MageMojo to start small with a single blade and then scale quickly and seamlessly by inserting more blades into the chassis. And its performance impresses Hileman. “Even the base performance of a single blade is equal to the new connections per second of the largest firewalls at Cisco and Juniper,” he says.

With the combination of security, availability, performance, and scalability, the F5 technology gives MageMojo confidence that the solution is right for today—and tomorrow. “We’re growing rapidly,” says Hileman, “and F5 is right with us to scale their solutions and help us meet our needs. Thanks to F5, our business is not only stronger from a security perspective, but stronger financially as well.”