Subito Mitigates DDoS Attacks and Achieves 100% Uptime with Akamai
Thanks to Akamai's Kona solution, our security experts can focus on designing new services and functionalities rather than defending against attacks to keep infrastructure up and running.Marco Cupidi, Chief Technology Officer, Subito
Launched in Italy in 2007, Subito is the country's leading website for buying and selling. Today, it ranks among Italy's ten most visited online brands. Subito is the leading online classified ad site with 8 million unique monthly users and more than 2 billion page visits month . With 37 categories — from cars to furniture, jobs to property — Subito provides a simple, quick, and safe place to buy and sell online. Sellers range from novices to online retail professionals, each using the site to reach a varied and geographically diverse target market within Italy.
Subito owes its success to a broad, high-quality offering (content is checked for enhanced security) and above all, an intuitive and effective platform, optimized for the best possible user experience. For the platform's users, whether occasional visitors or regular buyers and sellers, a fast and reliable site is essential to business.
With such a large user base connecting at peak traffic times, quickly providing content optimized for display on all devices is of utmost importance.
In addition to ensuring a high-performance website, Subito requires service availability during cyber attacks. As one of Italy's most visited websites, Subito has continuously been a target of distributed denial of services (DDoS) attacks and application-level attacks.
"For popular websites, being targeted by cyber attacks is a fact of life. Our platform has been the victim of dozens of attacks, most of them volumetric ones, with the largest exceeding 15 Gbps," explains Marco Cupidi, Chief Technology Officer for Subito. Before switching to Akamai, Subito was using a solution that could no longer handle continued threats nor ensure users optimum service. Moreover, the mitigation process caused loading delays, denying some users acess to the platform. As a result, it was necessary for Subito to find a new solution. A remedy that could provide constant protection from external intrusions, while simultaneously ensuring service continuity, even when the site was under attack.
Subito needed to meet four key requirements to support its business objectives:
- Ensure uninterrupted website availability. The organization needed to maintain a reliable and secure online presence, even under a cyber attack.
- Protection from multiple online security threats. Subito needed a solution to protect them from network and application level DDoS attacks, as well as web application attacks.
- Facilitate and improve management of security solutions. The company needed a security solution to dramatically reduce time and effort for attack mitigation.
- Release new application functionality. Subito needed to employ useful techniques for releasing applications and updates without interrupting service for its users.
Ensuring Service Even During Cyber Attacks
To protect itself from multiple online threats, Subito explored different options on the market. The company opted for Akamai’s Kona Site Defender, which includes protection from DDoS attacks at the network and application level. Additionally, this solution offers protection against the most sophisticated web application attacks, including SQL injection, Local File Inclusion, PHP Injection, and Cross Site Scripting, among others. Kona Site Defender combines mitigation of DDoS attacks with an extremely scalable and precise Web Application Firewall (WAF), all without compromising the web experience of its users. "Thanks to Akamai security solutions, we don't have to worry about cyber attacks anymore. The solutions are so effective that that we are free to go about our jobs without even thinking about these attacks," Cupidi explains. Each week, the Akamai Intelligent PlatformTM has detected and mitigated more than 5 million suspicious requests directed at www.subito.it, thereby reducing the risk of service interruptions, possible cyber attacks, and data theft.
At the same time, Subito also adopted Akamai's Fast DNS solution, which is built for performance, enabling availability and resilience despite DDoS attacks. The solution offloads DNS resolution from the company’s infrastructure to the Akamai platform, providing a fast and reliable DNS experience, even during major DDoS attacks. With the Akamai solution in place, today Subito records an availability at "five nines": "Because Akamai’s services are architected for DDoS resilience, our security experts can focus on designing new services and functionalities, rather than defending against attacks to keep infrastructure up and running," Cupidi says.
One Trusted Partner, Many Benefits
Akamai has become a trusted key advisor for Subito over the course of their long-standing collaboration. Until 2010, Subito used a proprietary network to deliver its content. While this solution was initially sound and effective, the growth in site traffic rendered it inadequate. Subito required a more advanced solution in terms of efficiency and time to market, one that could also face new challenges posed by constantly-connected users, providing highly available, secure, and scalable experiences. In 2011, the company adopted Akamai's Web Performance solutions, which have improved platform performance and user engagement. In addition to improved performance, Subito.it has enjoyed an offload rate of 90% for site requests, directly handled by Akamai without the need for additional infrastructure.
Releasing New Features without Interrupting the Service
The Akamai platform provides Subito the opportunity to employ useful techniques, such as blue-green deployment and canary release. With Akamai’s support, Subito can release applications and updates, minimizing service downtime. The organization can also route some real traffic from the blue stack to the green stack, using the monitoring system to track stability.
Overall, partnership with Akamai has enabled Subito to satisfy user needs for a fluid and high-quality web experience. "Akamai helps us offer a faster service with greater availability," Cupidi concludes.
Subito.it is the company of Subito’s digital platform. Founded in Milan in 2007, Subito offers the easiest, fastest, and safest e-commerce service to realized great business thanks to its efficacy, quality and offer size. With more than six million differentiated advertisements in 37 categories different for merchandise and geographic areas, more than eight milion unique monthly users and more than seventy millions of daily visited pages (internal source), Subito is the first advertisement service and amongst the six most visited websites in Italy (source: Media Audiweb Total Digital Audience 2015).
Subito is part of Schibsted Media Group (www.schibsted.com), the Norwegian multinational corporation founded in 1839 with 6.900 employees and successfully operating in 30 countries in different markets: publishing (daily newspapers, TV and free press), digital (news and classified advertisement) and mobile (services).