An integrated, real-time view across all tiers and proactive early warning of potential problems
Detailed information on the activities of affiliate networks and partner transactions
An ability to quickly spot and counteract network security threats
From its headquarters in the UK, Sportingbet runs a dedicated IT department that manages operations spanning 50 different website brands processing millions of transactions worldwide each week. For an operation generating billions of pounds a year in revenues, the reliability of its IT systems plus the security of transactions is critical and Sportingbet runs extensive systems and processes to ensure it meets internal requirements and external regulatory compliance from agencies including the UK Gambling Commission.
Within its infrastructure, Sportingbet has a highly diverse environment including Unix, Linux, Windows and network elements from multiple vendors including Cisco and Juniper. Adding to the complexity, the company has an ethos to avoid reliance on a single vendor and mixes both off the shelf applications with software developed in house.
They also have to grapple with significant security concerns. According to Lee Riches, operational analyst for Sportingbet, "As a leading sports betting brand we are obviously a target and we run a dedicated team, all in house, to respond to any threats."
With huge volumes of transactions running across its complex and dynamic infrastructure, Sportingbet needed a solution to help it gain more insight into operational activities, deliver persistent security visibility into potential threats, and provide visibility into the quality of service delivered from each of its websites – all without adding additional complexity or latency.
ExtraHop has delivered a significant return on investment for us almost from day one.
Operational Analyst, Sportingbet
Prior to ExtraHop, Sportingbet had used a collection of logging and monitoring tools to deliver IT and security visibility. However, the sheer volume of traffic and growing number of systems meant this method required a lot of manual correlation to uncover issues and troubleshoot incidents – a process which was proving both cumbersome and unable to resolve the most complex issues.
ExtraHop technology overcomes these issues through the analysis of wire data and performs full-stream reassembly and full-content analysis of this data running across the network to extract IT and business insights. ExtraHop examines wire data passively using a copy of network traffic mirrored off a physical or virtual switch.
In order to gain real-time visibility across tiers, better understand their infrastructure, and ensure security and end-user performance, Sportingbet deployed an ExtraHop EH8100 appliance with 20 Gbps throughput able to analyse 825,000 transactions per second.
"With ExtraHop we don't need to place any additional monitoring applications on any of our servers, which is a major consideration. It also enables us to diagnose the root cause of application issues by dissembling the complex relationship and data flows between different parts of an overall process and giving us the granular visibility we need to understand those relationships and flows," says Riches. ExtraHop has also proved its value in a security context. In common with much of the online sports betting community, Sportingbet needs to be vigilant to prevent network security threats and other activities that can impact its business. Common threats such as brute force attempts to break into accounts as well as "scrapers" that attempt to gather data from multiple websites can be detected and subverted with real-time insight ExtraHop provides across the network.