Correlation between changes made with improvements/degradations in application performance
Ability to spot suspicious behaviour then record the entire event to provide evidence for inspection
Scalability to quickly feed data into complex event processing platforms to manage risk and fraudulent activity
bet365 is one of the world's leading online gambling groups with over ten million customers in 200 different countries. The Group employs over 2,000 people and is one the world's largest online gambling companies with its reported figures to March 2012 showing amounts wagered on sports at £12.2 billion, revenues of £646 million and an operating profit of £116.5 million. bet365 has more than 11 million customers worldwide, and at peak times its systems can have up to 2 million concurrent users, generating hundreds of thousands of transactions per second.
Behind the scenes, the firm has multiple sites running highly critical IT infrastructure using both "off the shelf" and highly bespoke custom applications processing billions of digital transactions each year.
Alongside developers and operations teams working 24/7 to ensure its mission critical apps are delivered as expected to its users, a parallel security team continually examines its systems to prevent and detect any "irregular" activities. The company has a well-trained and capable IT department that uses an array of management tools and has tended to be an early adopter in terms of IT innovation to help gain a competitive edge and to maintain a positive customer experience.
We work in a very competitive marketplace, and minimizing service disruption is essential for maintaining customer retention. The ExtraHop solution provides the visibility we need to prevent issues before our performance is affected.
Neil Selby Head of Networks and Security, bet365
In 2012, the firm approached ExtraHop with a requirement to gain more visibility over its IT operations and to solve a few "niggling" challenges that it had never been able to fully resolve. One key stipulation was that the company wanted to avoid technology that put any additional clients, probes or performance burden on its carefully tuned servers. Its multiple requirements broadly spanned performance optimisation, development analyses and pervasive monitoring of the infrastructure that could provide early anomaly and security event detection in real time, as well as help guide the IT team on what exactly constituted anomalous behaviour in their evolving environment.
Unlike other monitoring tools that either rely on historical logs or agents to collect performance statistics, ExtraHop's Wire Data Analytics platform monitors all L2-L7 communications, including the full bi-directional payload. This network and application traffic, called "wire data" is the most complete source of information about the performance, availability, and security of an IT environment, whether it's on-premises, in the cloud, virtualized, or hybrid. The Wire Data Analytics platform goes beyond passive monitoring, delivering real-time reassembly of all packets into per-client transactions, flows, and sessions across a range of protocols including HTTP/S, MQ, SOAP, SQL, CIFS, LDAP and others commonly used by client server and web applications, all at up to 20Gbps. By mining and analysing wire data, ExtraHop's platform provides IT teams and the businesses that rely on them with actionable insights into the performance, availability, and security of the IT environment.