As a classic catalog retailer, Schneider Versand is Europe’s largest specialist for promotional gifts and commercial products. The company launched its online business in 1996, relaunched it in 2000 and now offers a full range of over 5,000 products, including technical products, products for the garden and leisure, interior decoration, fashion accessories and much more. With over 1 million additional visitors per year, the online business is showing double-digit growth. In 2009, Schneider’s Internet presence underwent a makeover featuring a new look and feel, allowing visitors an even more convenient product selection and order process.
The success of an online store depends on the best possible web experience. As part of that, it’s essential to employ a comprehensive end-to-end security strategy that enables the site to adapt and react to ever-more frequent and sophisticated attacks. To ward off such attacks Schneider had implemented an open source web server module, which could detect abnormal events and block IP addresses. But the company lacked a wide-ranging defense strategy.
In December 2011 Schneider experienced a Distributed Denial-of-Service (DDoS) attack, with much of the attack traffic coming from Japan, Korea and the former Soviet republic (Ukraine etc.). Thousands of HTTP queries, which at peak reached 500,000 requests per minute, aimed at the website generated a massive traffic jam in front of the firewall. The firewall could no longer distinguish the attack traffic from legitimate customer requests. Counter tactics such as a rewrite rule in Apache (reject requests and sit out) or the diversion of all Internet traffic to the Amazon cloud only enabled short-term availability of the shop. The attack lasted for a week and forced Schneider to go offline for three days, compelling the company to look for a strategic cloud security solution.
Schneider needed to meet three key requirements to support its objectives:
To ward off a massive storm of requests triggered by DDoS attack traffic, it was obvious to Schneider that it had to rely on a distributed infrastructure. After considering different solutions, Schneider quickly opted for Akamai and the Kona Site Defender solution. The decisive factor thereby was the comprehensive content delivery network (CDN) server platform offered by Akamai. The Akamai Intelligent Platform™, consisting of more than 100,000 distributed servers, provides an enterprise architecture that can ward off online DDoS attacks already at the point of entry. In other words, it provides the necessary bandwidth and capacity to absorb requests and filter out malicious web traffic before it hits the corporate data center.
Kona Site Defender identifies and stops DDoS attacks as well as application- level attacks and enables comprehensive security without compromising site performance and availability. Moreover, Akamai’s cloud-based security approach enables effective protection against cyber attacks, without making any investment in hardware and software necessary.
After a test run of only three months, Schneider fully implemented Kona Site Defender in October 2012. With the help of Akamai Professional Services identifying Schneider’s pressing needs when it came to web performance, the company was able to implement a service model that perfectly fits its requirements.
“For us Akamai is the best choice to build a flexible defense strategy,” explains Henning Dürkop, IT Coordinator, e-Commerce at Schneider Versand. “The Akamai team has extensive know- how to defend against DDoS attacks, so we know we have best support.”
The cost-benefit of leveraging Akamai’s cloud security services can be calculated quite simply by offsetting the revenue loss of a DDoS attack – which can be estimated at 100,000 euro per day offline – against the monthly service fees.
“Kona Site Defender protects us from massive economic losses as a result of an online attack and works like a liability insurance policy,” says Dürkop. “The Akamai solution protects against possible financial damage by identifying and filtering the attack traffic at an early stage. In addition, by having a license model in place, the potentially high costs incurred at peak times in a large-scale DDoS attack are capped from the start.”
Schneider has realized that online video is becoming increasingly important for retail. So the company is considering leveraging streaming video services from Akamai starting in 2013. In addition, it’s also looking at implementing Akamai’s web acceleration services in the long term to support potential expansion in Asia and the United States.
“Security is key for an online business and no concessions are acceptable. Akamai provides us with effective protection against DDoS attacks. Remember: It’s never too early to secure your online business – a DDoS attack during the Christmas season can always happen again,” concludes Dürkop.
For over 10 years, Schneider Versand GmbH is considered the No. 1 in Europe for promotional products and awards, having over 40 years of experience to base its market leader- ship on. The focus is on the sale of advertising materials and commercial. For 25 years now customers can select promotional products tailored to their requirements from the Schneider catalogues. Per year four main catalogs are issued each containing around 2,800 products, as well as various intermediate seasonal catalogs, so that customers can find the full range of advertising articles. For further information: www.schneider.de