We use all aspects of it. We are using it for WAF and DDoS protection.
We use all aspects of it. We are using it for WAF and DDoS protection.
The response time to web-based attacks on things like credential stuffing is usually two minutes or less. So the response time is very good. For DDoS, they are able to scale and absorb fairly quickly. Usually, within three to five minutes, they have absorbed it and deflected it fully. I have tested this with unannounced tests.
The solution's presentation of all the traffic, not just the blocked requests, gives us a little deeper understanding of what the clients look like. It gives us fairly good fingerprinting on systems, what browsers they are using and the load geography. We have a pretty good indication of where everybody is coming from.
When we are troubleshooting an issue, sometimes they will have insight from the error messages that they receive from our infrastructure, in particular for the casino product. That message might say, "Hey, we are seeing that your systems are not handling the load. You may need to do this, this, or this." We have used them quite a bit to help troubleshoot the product.
I do not know how much, but it has definitely saved us on some infrastructure costs because, obviously, in any cloud environment you get charged for egress. Since they block out the malicious actors and unauthorized locations, that helps save us money. We do not have extended costs coming out of China, Russia, and other places.
Definitely the DDoS solution is always good to have. We have actually had a few tests done against them, unannounced, to simulate a DDoS, and they reacted very quickly. In our business, it costs us $52,000 a minute if we are down. So it is very important that we are up.
We also use their WAF extensively, with their automated blocking mechanisms and some of the heuristics that they have internally. They are the ones who monitor the vast majority of it. We use them as an MSSP so they are the first line of defense.
The real-time monitoring and reporting are very good. There are information updates in their portal every two minutes. They also have the ability to spill it into Sumo Logic, for example. It's very easy to use.
We have the VPC feature inserted in front of our casino product and they are deployed in a hybrid fashion. They are deployed to protect our casino product in AWS and in Google. And then the actual infrastructure is sitting in the data center.
We use the geo-blocking feature to block out areas that we're not authorized to have people betting from, or other geographies that are hostile like China, Russia, etc.
We have multiple products behind different instances of Reblaze. We have one instance for staging and then we have a production instance for multiple products. One of the things that we have requested is a unified view panel, so that we can see each of the instances in a unified view. That way, we won't have to go bouncing from instance to instance.
We've been using Reblaze for about two-and-a-half years. We are using public cloud right now. We are working with them on a possible hybrid cloud solution. We're in discussion on that right now.
It is very stable. We have not noticed any bugs or issues with it.
We have never run into a scalability issue at all with them. We are in the horse racing business, so we have five really busy times of the year which you can think of as similar to Black Friday levels of traffic. They have supported us through record growth.
We do have plans for increasing usage. We are rolling out a new application stack, and we are going to insert Reblaze in front of that. We have it in front of five of our six existing platforms.
Technical support is very good. They are always there when we need them. They are more of a partner. We have the telephone number of the CTO, the CEO, the COO, if needed, to escalate. But generally we just log a case or call their support line and they're on with us within a few minutes. They are very responsive. They are a valued partner and we're glad to be working with them.
We did have a previous solution. We were in a physical data center, so we had an appliance deployed which came from our vendor. It was part of UltraDNS. I don't remember the name, but the appliance could handle about 2 GBs of traffic and if it got beyond that, where it couldn't handle it, then it would have to throw up the GRE tunnels, which were always problematic. That usually resulted in an interruption of between five and 15 minutes and, for every minute we're down, it costs us about $52,000.
We are trying to get away from the older methods where you would put a sensor network in front of your application and then, if you are getting DDoS'ed, you have to create GRE tunnels and a number of things. We wanted to try to find a different way to do it.
Reblaze was recommended to us by Google.
The initial setup was fairly straightforward. Instead of advertising our DNS names, we advertise Reblaze's with our DNS provider, so it all goes directly to Reblaze. We have had to do a little bit of troubleshooting here and there for SEO and a few other things, but that was fairly minor — things like tweaking headers slightly with some code.
It took us two to three months to get it running. It usually does take a little bit to get used to how the product reacts and works.
We did the implementation ourselves, with Reblaze.
We have definitely seen a return on investment with the cost savings compared to the other solutions we looked at. It was pretty much a no-brainer.
You get very good coverage and capability for what it costs. Most other companies have legacy models where, for every different feature, they require more licensing.
I believe that for the six instances we have right now, it's costing us $16,000 per month.
There are no additional costs. That is the beauty with them. You negotiate the cost and that's it. We are using their MSSP solution, so they have their own SOC. They monitor for us and then, if needed, they will escalate to us, but they generally handle it. It's one price for the whole thing.
And there is also predictable pricing. Right now we are set up for seven domains within each of the instances. If we want to add another domain it would be $500 more. There are no extra costs for something like DDoS, for example.
We tested them against competitors such as Imperva, which is also a cloud solution, Cloudflare, and F5, but Reblaze had the best features and the best price as well.
Imperva, for the amount of protection we are getting out of Reblaze, would have been an additional $500,000 or more. Imperva had the capability but they license use for every piece of the product. If you want WAF, it costs you this much. If you want DDoS protection from 500 MB to a gigabyte, it is this much. There is a continuous amount of money required.
Cloudflare is basically a repackaged, open-source WAF solution. It is a repackaged version of a product whose name I do not remember off the top of my head. The reporting was very bad, and it actually failed our testing twice. We did initial testing across each of the products I mentioned above. Cloudflare tests literally failed. We then let them know and we retested them two weeks later and they still failed.
Because we are in the gambling business, one of the problems with F5 is that the state they are based in does not allow them to support a gambling company.
Reblaze was the best one for us. It doesn't have all the complexities of having an appliance in our environment and then seeing the DDoS traffic and having to spin up GRE tunnels and redirect our traffic.
The biggest thing we've learned from using this solution is that "it doesn't always have to be hard."
Know what your site's profile is and listen to Reblaze. They will put you into a learning mode to identify what they are seeing and what your normal traffic looks like and what traffic is suspicious. Work with them. As long as you work well with Reblaze, you will get a good solution out of it.
Reblaze has just made things simpler for us. We have them in fairly complex setups with the hybrid solution, which is in Google and AWS. They deployed it, they maintain it. All we do is make sure that it is operating as expected. We scan it weekly, just to be sure, but they are a trusted resource.
We've got system engineers, security engineers, and some network engineers all using this system and all of the different instances. We also have a third-party on the casino product, which is helping us to support that instance.
We will have to do some maintenance about once every three to six months, in general, for major upgrades. That would usually involve a system engineer and a security engineer. Beyond that, the rules and the other methods that they are using for DDoS protection are fairly automated. We may tweak the rules here and there if we see a specific issue that we are sensing, but it is fairly low maintenance.
Your data and web assets need constant protection from Internet threats. Schedule a Demo with Reblaze to see how this cloud-based platform can provide the security that you need.