Are you currently experiencing an attack?
Are you currently experiencing an attack?
Formative (formative.com) provides student assessment and teaching capabilities to schools and districts around the world. As a leading EdTech platform, Formative includes a variety of interactive technologies: audio, video, digital whiteboards, messaging, live collaboration, and more. Continuous availability of its primary web application and API are vitally important.
“We were having some problems with Denial of Service attacks,” said Dobes Vandermeer, Formative’s Lead Developer. “HTTP request floods were being sent to our website, seemingly at random. There were some big attacks, with many thousands of requests per second.
“We were able to mitigate them using CloudFront and AWS Shield. But these can only cover the HTML part of an application.
“Our API isn’t suitable for caching, so CloudFront can’t protect it. So we started looking for DDoS protection that has the ability to protect our API.”
Mr. Vandermeer continued, “Also, we wanted a system that’s smart enough to handle the logic that we wanted. We want to be able to throttle incoming traffic based on multiple conditions, such as user IDs for example.”
Many web security solutions offer DDoS protection, but most are based on simple IP tracking. These solutions can be defeated by common hacker tactics such as IP rotation. Mr. Vandermeer noted, “We were looking for a product that was smarter, so we could have more precise targeting and protection. We wanted to block attacks on our API, without a lot of false positives.”
After evaluating several security solutions, Formative chose Reblaze. Mr. Vandermeer said, “Most of the others were eliminated because their DDoS rules engine wasn’t sophisticated enough.
“Reblaze is more intelligent, and it has a powerful rules system. We can specify the conditions to filter requests, and we can define separate rules for different URLs. The key thing for us is that it’s more than just throttling based on IP addresses. That was probably the biggest difference from most of the other products out there, that it can filter traffic based on headers and other things.”
Another plus is that Reblaze deploys either right in front of the protected environment, or even directly within the customer’s VPC. Mr. Vandermeer said,
“I don’t have to worry about adding latency, because my traffic isn’t going to someone else’s data center and then back to ours. We run Reblaze in the same AWS region and zone as our application.”
This also preserves data privacy, since traffic is not processed on external infrastructure.
Reblaze is a fully managed solution, maintained remotely by Reblaze personnel. Customers can manage their own deployments if they want, but many choose not to do so. Mr. Vandermeer said, “I actually don’t use Reblaze that much. We just set up the rules, and now, whenever we need a change, we don’t necessarily login to Reblaze ourselves. We just send in a support ticket, and the Reblaze team changes it for us.
“The support response times are good, generally within one business day. There are vendors where they’re supposed to have a one-day turnaround, but then things slip through the cracks and it takes several days instead. But Reblaze has always been on top of that.”The Reblaze SOC also monitors Formative’s traffic for them. “And whenever they notice something suspicious, they reach out to us and tell us ‘we blocked these IP addresses’ or whatever. That’s nice to have.”
“Reblaze has a highly advanced product. They have good support. And it’s been trouble- free and smooth sailing.”