Industry

Gaming

Customer

Betfair Australia

Situation

Betfair wanted to increase their

defensive posture against DDoS

attacks

Solution Domain

◊ Security Solutions

Benefits

◊ Increased defence against

DDoS attacks

◊ Improved resilience of

online services

◊ Enhanced customer confidence

◊ Promotes long term viability of

the business

◊ No need to invest in additional

security infrastructure or resources.

Betfair is the world’s largest betting

exchange and operates in several

countries. Betfair Australia is the

Australasian subsidiary, providing a

suite of online gaming products across

different channels and platforms from

one convenient web location.

Committed to providing the best value

and service to their customers, Betfair

continually invests in cutting-edge

technology and web design. Since

security is a high priority, Betfair also

has comprehensive threat protection

measures in place. However, the

company had identified Distributed

Denial of Service (DDoS) attacks as

an area where protection could be

improved. Responding to Betfair’s

request, Telstra deployed Distributed

Denial of Service Protection to

substantially enhance Betfair’s

security profile.

BETFAIR EMPLOYS TELSTRA’S MANAGED DISTRIBUTED DENIAL OF SERVICE PROTECTION TO SUBSTANTIALLY ENHANCE SECURITY FOR ITS ONLINE GAMING BUSINESS

CASE STUDY: BETFAIR AUSTRALIA

“Telstra has the brand, it has the expertise and it has the

scale. In our view, they are the best player in the market and

have the most credible and robust solution to our needs.”

Andrew Twaits, Chief Executive Officer, Betfair

Solution

In response, Telstra deployed a

managed Distributed Denial of Service

Protection. The solution was designed

with the direct involvement of Betfair

with Telstra’s engineers, which has led

to a more successful outcome says Paul

Moss, the Director of IT Service at Betfair:

“One of the main interests with Telstra

is that they’ve got dedicated local

account management and we find

that very beneficial in designing the

solution, deploying the solution and

the ongoing management of that

solution both for DDoS and for our

internet transit as well. We’ve been

very pleased with the Telstra solution

so far and having the DDoS solution

really is that insurance policy if those

resources become attacked.”

The managed Distributed Denial of

Service Protection uses advanced

monitoring and filtering technologies

across the network to provide proactive

notification and rapid reaction to

threats. This helps to ensure only

legitimate traffic is sent to Betfair’s

servers. Telstra also offers a range of

filtering options and service levels for

specific risks, as well as comprehensive

reporting. What’s more, the Distributed

Denial of Service Protection can be

offered anywhere in Australia.

A key advantage of the solution comes

from Telstra’s unique ownership of

the core network. This provides 24x7

visibility of traffic in the network cloud

from Telstra’s Security Operations

Centre. Telstra’s In-Network security

can therefore identify and stop threats

before they reach Betfair’s access

points. With the ability to provide 12

Gigabits per second of cleaning capacity

in the network, the Distributed Denial

of Service Protection offers significant

advantages over the traditional

perimeter defence. It can also cover

multiple locations without the need to

duplicate protection at each location.

Situation

Betfair’s business operates on the

‘betting exchange’ model. With

this model, Betfair’s customers

essentially bet against each other

for specific events. Betfair’s role is to

provide a well-regulated and secure

environment for the online wagers.

This means that Betfair must comply

with state gaming regulations and

provide the highest standards of

security; a task the company takes

seriously says Andrew Twaits, the

Chief Executive Officer of Betfair:

“Security, obviously, is important to us.

Whenever people are dealing with real

money in the online world, they want

to know that they are dealing with

businesses who are credible, who have

the right sort of regimes in place to

protect their data and their money.”

Betfair constantly invests in

technology to ensure its online

gaming platforms are fast, resilient

and secure. Even with advanced

platforms and security controls,

Betfair realised that the company’s

defence against DDoS attacks could

be improved. DDoS attacks use

multiple, distributed computers to

send requests to an organisation’s

servers. When servers are flooded

with traffic, their ability to respond to

legitimate requests is compromised.

No online business can afford this kind

of interruption, so Betfair turned to its

telecommunications partner, Telstra,

to assist.

“Security, obviously, is important to us. Whenever

people are dealing with real money in the online world,

they want to know that they are dealing with businesses

who are credible, who have the right sort of regimes in place

to protect their data and their money.”

Andrew Twaits, Chief Executive Officer, Betfair

“One of the main interests with Telstra is that they’ve

got dedicated local account management and we find that

very beneficial in designing the solution, deploying the solution

and the ongoing management of that solution both for DDoS and for our internet transit as well. We’ve been very pleased

with the Telstra solution so far and having the DDoS solution really is that insurance policy

if those resources become attacked.”

Paul Moss, Director of IT Service, Betfair

Although customers would get their

initial bets back, they would not receive

any potential winnings. Obviously,

customers would not be impressed.

The impact on long-term customer

confidence is important too. Betfair’s

international experience shows that

when online access problems occur,

customers stay away. The longer the

duration of the problem, the longer

it takes them to return – perhaps

several days. If problems occur

regularly, customers will simply turn

to a competitor’s online service. The

potential for lost revenue therefore

is enormous.

Equally important, Betfair does not

have to invest in infrastructure or

internal IT resources with Telstra’s

managed solution. Even if it did, the

company still could not provide the

same level of visibility and protection.

Betfair already has advanced defences

and exceptional visibility into network

activities, but that could still only

manage attacks from a few sources.

A full DDoS attack from hundreds

of sources would be beyond the

company’s capabilities. In fact, the

only alternative would be to send

traffic overseas to be cleaned, then

routed back to Australia. But that

option reduces Betfair’s speed of

response to customer requests says

Paul Moss:

“We use Telstra a great deal for internet

transit around the world and the

DDoS solution is in place within their

network. So it means traffic is cleansed

before it arrives at our door.

Benefits

The main benefit is that Betfair’s online

operations can now overcome most

DDoS attacks if they occur. This was a

primary concern for Betfair in Australia,

since their overseas operations often

experience attacks. The importance of

Telstra’s service becomes clear once

the nature of Betfair’s online presence

is understood.

Betfair’s customers wager on events

on the understanding that they can

return at any time to trade out of

the position they have adopted. If an

attack stops online access and the

ability of customers to change their

position, Betfair would have to void

the events. This would have serious

consequences when you consider

the number of transactions per day.

Andrew Twaits explains:

“On a typical Saturday, we’d be

processing over a million bets a day.

We have tens of millions of dollars

worth of bets passing through the

site. We process more transactions

every day than the Stock Exchange

in Australia, and we do it faster. So,

we’re one of the busiest websites in

the world.”

A DDoS attack would also cause severe

financial ramifications, since Betfair

takes a commission on each bet. If

a DDoS attack occurred and events

were voided, Betfair would lose its

commissions.

“On a typical Saturday, we’d be processing over a million bets

a day. We have tens of millions of dollars worth of bets passing

through the site. We process more transactions every day

than the Stock Exchange in Australia, and we do it faster.

So, we’re one of the busiest websites in the world.”

Andrew Twaits, Chief Executive Officer, Betfair

“We use Telstra a great deal for internet transit around the

world and the DDoS solution is in place within their network. So it means traffic is cleansed before it arrives at our door. If

we were to use a competing solution, it means traffic is

shipped off to the other side of the world, cleansed and

then sent to us and in doing so there’s an inherent delay in

getting that customer traffic to us. So having an in-network

solution is far preferable.”

Paul Moss, Director of IT Service, Betfair

IF YOU HAVE ANY QUESTIONSPLEASE CONTACT YOURTELSTRA ACCOUNT EXECUTIVEVISIT TELSTRA.COM/ENTERPRISECALL 1300 TELSTRA

Solution Details

◊ Distributed Denial of Service

(DDoS) Protection

- Protects your enterprise

from the threat of DDoS

attacks on your crucial

business data

- DDoS Mitigation Solutions

can protect your hardware,

applications and electronic

files from damage

- Telstra applies advanced

technology to combat

DDoS using:

- Sophisticated filtering

services allowing only

legitimate data traffic

- Scalable solutions to

cover multiple locations

and platforms

- 24-hour protection from a

fully managed service

◊ Security Operations Centre

(SOC)

- An ASIO T4 certified centre

that provides 24 hour, seven

days a week monitoring

across all Telstra’s infrastruc-

ture using state of the art

correlation tools.

Enablers

◊ Telstra Next IP™ network

◊ Telstra Next Generation

Services™

Why Telstra?

Telstra provides network services

and solutions to more than 200 of

the world’s top 500 companies. They

rely on us to do business across 240

countries and territories and to enable

greater productivity, efficiency

and growth.

Telstra solutions offer the best of

all worlds skilled people and a rich

portfolio of services delivered on

our world-class Telstra Next IP™

network and Next G® network. To

ensure reliable performance, they’re

monitored and maintained from our

dedicated centres using advanced

management and operational

systems. And they’re backed by Telstra

Enterprise-grade Customer Service™

and one of Australia’s largest and

most qualified field and technical

workforces.

If we were to use a competing solution,

it means traffic is shipped off to the

other side of the world, cleansed and

then sent to us, and in doing so there’s

an inherent delay in getting that

customer traffic to us. So having an in-

network solution is far preferable.”

Telstra’s Distributed Denial of Service

Protection has certainly proved its

worth in sustaining Betfair’s online

presence, which in turn has helped

ensure profitability and the ongoing

viability of their business. Indeed, the

effectiveness of Telstra’s solution draws

words of praise from Andrew Twaits:

“Telstra has the brand, it has the

expertise and it has the scale. In our

view, they are the best player in the

market and have the most credible

and robust solution to our needs.”

This case study sets out the experiences of this customer. Your experience may differ. ™ Trade mark of Telstra Corporation Limited. ® Registered trade mark of Telstra Corporation Limited ABN 33 051 775 556.