High availability of private network
Dedicated security team
Detailed analytics and reporting
Downtime caused by DDoS activity
Limited in-house cloud security expertise
Inadequate visibility into attacks
Financial swap execution facility TeraExchange needed to defend its private network from DDoS attacks that could threaten its reputation and its business. Using the F5 Silverline DDoS Protection solution, TeraExchange ensured high service availability for its customers and partners.
TeraExchange is a federally regulated and licensed swap execution facility offering non-deliverable forwards, interest-rate swaps, credit-default swaps, and equity derivatives. The New Jersey–based company created the first derivative for bitcoins as well as the first—and still only—regulated Bitcoin index.
“Currently, we gather pricing from a dozen different Bitcoin exchanges,” says TeraExchange CTO Paul Jenkins, “and we have a proprietary algorithm that calculates an index price for bitcoin.” TeraExchange’s clients and partners connect via VPN to the company’s internal network to gain access to its front-end application or send data from their own applications. When the company started experiencing DDoS activity, Jenkins knew he had to fix the problem—and do it quickly—to avoid loss of business and a damaged reputation.
“We did all the usual work of tightening up our firewall and making sure that we didn’t have any holes,” says Jenkins, but the activity continued. The problem was that the TeraExchange network could only handle a certain amount of traffic. “Because of the way the attacks clogged our pipes,” says Jenkins, “we could lose visibility as soon as the attack started, so it would be difficult to determine exactly what was happening.”
The company worked with its ISP to filter the bad traffic, but Jenkins knew that wasn’t a sustainable solution. TeraExchange needed to find a partner to protect its private network from DDoS attacks—and allow the company to provide its services with the high availability required by its clients.
It was like the bad guys knew that they weren’t getting through anymore, and they went to bother someone else.
TeraExchange worked with a network engineering partner that recommended they take a look at Silverline DDoS Protection—a cloud-scrubbing service delivered via the F5 Silverline cloud-based platform. Jenkins was impressed by the ability of the service to detect, identify, and mitigate threats in real time, and then deliver the legitimate traffic back to TeraExchange.
“We did consider a few other companies that provided the service,” says Jenkins, “but the others I spoke to put limits on the amount of bad data that they would clean before you had to pay for additional service.” This was a problem for a small company like TeraExchange with a limited technology budget.
Jenkins liked the fact that Silverline DDoS Protection was different. “By giving us unlimited scrubbing and only charging for the clean data coming through,” says Jenkins, “F5 made it so much easier for me to be comfortable getting into a contract.”
TeraExchange opted for the Always On subscription model, because even the shortest attack could disrupt their clients and not provide enough time to switch the traffic over to the Silverline service. “We had to keep our index running smoothly and without interruption,” says Jenkins, “because the accuracy and reliability of our data is everything to our clients.”
After a quick deployment, the Silverline DDoS Protection service was up and running. “We had a few days of activity that F5 mitigated really well. They never disrupted our good traffic at all,” says Jenkins. “And then the attacks simply stopped. It was like the bad guys knew they weren’t getting through and they went to bother someone else.”
The Security Operations Center team has been excellent… this relationship has been a big success.
By deploying Silverline DDoS Protection to defend against the attacks to its private network, TeraExchange ensured the availability of its services and bolstered its reputation, while enjoying improved visibility and technical support from the security experts at the F5 Security Operations Center (SOC).
After initial activity following the deployment of Silverline DDoS Protection, TeraExchange has not experienced any other attempted attacks. Ensuring the reliability and availability of the services that TeraExchange provides is crucial for the company and their partners. “Some of our clients are other exchanges with their own customers,” says Jenkins, “and they won’t trade on an exchange they don’t feel comfortable with, so this was a vital issue for our business.”
With the Always On Silverline DDoS Protection service, Jenkins is confident that TeraExchange will be able to continue to provide the services his clients and partners require. “It’s like a having a big dog in the yard,” says Jenkins. “Nobody tries to come in through the gate anymore because they’re afraid of the dog. It’s good to have that dog out there.”
Jenkins knew that he needed to look outside the company for help in deploying and managing TeraExchange’s DDoS protection. The expert SOC team fit the bill perfectly. “The SOC has been excellent,” says Jenkins. “Whenever I call, there’s somebody there to answer the phone and they walk me through the issue and keep the ticket open until I’m satisfied. This relationship has been a big success.”
During the first week, Jenkins was on the phone with the SOC team daily. Since the activity has been mitigated, he hasn’t needed to draw on their technical expertise as often. Still, he believes that having 24x7 access to a specialized security team has been crucial in the success of TeraExchange’s DDoS protection solution. “I just love having someone I can pick up the phone and talk to if we’re having problems,” he says.
One of the biggest benefits of Silverline DDoS Protection has been the F5 Customer Portal, which provides a simple interface where Jenkins can manage services and get detailed reporting about an attack in real time, including the type and size of the activity, IP origin, vectors, and all the actions taken by the SOC during the mitigation process. “Before F5, I had limited visibility into the attacks,” says Jenkins. “Now, I log in to the customer portal every day, just to make sure all systems are operating as expected by TeraExchange and our clients.”