Industry
Gaming
Customer
Betfair Australia
Situation
Betfair wanted to increase their
defensive posture against DDoS
attacks
Solution Domain
◊ Security Solutions
Benefits
◊ Increased defence against
DDoS attacks
◊ Improved resilience of
online services
◊ Enhanced customer confidence
◊ Promotes long term viability of
the business
◊ No need to invest in additional
security infrastructure or resources.
Betfair is the world’s largest betting
exchange and operates in several
countries. Betfair Australia is the
Australasian subsidiary, providing a
suite of online gaming products across
different channels and platforms from
one convenient web location.
Committed to providing the best value
and service to their customers, Betfair
continually invests in cutting-edge
technology and web design. Since
security is a high priority, Betfair also
has comprehensive threat protection
measures in place. However, the
company had identified Distributed
Denial of Service (DDoS) attacks as
an area where protection could be
improved. Responding to Betfair’s
request, Telstra deployed Distributed
Denial of Service Protection to
substantially enhance Betfair’s
security profile.
BETFAIR EMPLOYS TELSTRA’S MANAGED DISTRIBUTED DENIAL OF SERVICE PROTECTION TO SUBSTANTIALLY ENHANCE SECURITY FOR ITS ONLINE GAMING BUSINESS
CASE STUDY: BETFAIR AUSTRALIA
“Telstra has the brand, it has the expertise and it has the
scale. In our view, they are the best player in the market and
have the most credible and robust solution to our needs.”
Andrew Twaits, Chief Executive Officer, Betfair
Solution
In response, Telstra deployed a
managed Distributed Denial of Service
Protection. The solution was designed
with the direct involvement of Betfair
with Telstra’s engineers, which has led
to a more successful outcome says Paul
Moss, the Director of IT Service at Betfair:
“One of the main interests with Telstra
is that they’ve got dedicated local
account management and we find
that very beneficial in designing the
solution, deploying the solution and
the ongoing management of that
solution both for DDoS and for our
internet transit as well. We’ve been
very pleased with the Telstra solution
so far and having the DDoS solution
really is that insurance policy if those
resources become attacked.”
The managed Distributed Denial of
Service Protection uses advanced
monitoring and filtering technologies
across the network to provide proactive
notification and rapid reaction to
threats. This helps to ensure only
legitimate traffic is sent to Betfair’s
servers. Telstra also offers a range of
filtering options and service levels for
specific risks, as well as comprehensive
reporting. What’s more, the Distributed
Denial of Service Protection can be
offered anywhere in Australia.
A key advantage of the solution comes
from Telstra’s unique ownership of
the core network. This provides 24x7
visibility of traffic in the network cloud
from Telstra’s Security Operations
Centre. Telstra’s In-Network security
can therefore identify and stop threats
before they reach Betfair’s access
points. With the ability to provide 12
Gigabits per second of cleaning capacity
in the network, the Distributed Denial
of Service Protection offers significant
advantages over the traditional
perimeter defence. It can also cover
multiple locations without the need to
duplicate protection at each location.
Situation
Betfair’s business operates on the
‘betting exchange’ model. With
this model, Betfair’s customers
essentially bet against each other
for specific events. Betfair’s role is to
provide a well-regulated and secure
environment for the online wagers.
This means that Betfair must comply
with state gaming regulations and
provide the highest standards of
security; a task the company takes
seriously says Andrew Twaits, the
Chief Executive Officer of Betfair:
“Security, obviously, is important to us.
Whenever people are dealing with real
money in the online world, they want
to know that they are dealing with
businesses who are credible, who have
the right sort of regimes in place to
protect their data and their money.”
Betfair constantly invests in
technology to ensure its online
gaming platforms are fast, resilient
and secure. Even with advanced
platforms and security controls,
Betfair realised that the company’s
defence against DDoS attacks could
be improved. DDoS attacks use
multiple, distributed computers to
send requests to an organisation’s
servers. When servers are flooded
with traffic, their ability to respond to
legitimate requests is compromised.
No online business can afford this kind
of interruption, so Betfair turned to its
telecommunications partner, Telstra,
to assist.
“Security, obviously, is important to us. Whenever
people are dealing with real money in the online world,
they want to know that they are dealing with businesses
who are credible, who have the right sort of regimes in place
to protect their data and their money.”
Andrew Twaits, Chief Executive Officer, Betfair
“One of the main interests with Telstra is that they’ve
got dedicated local account management and we find that
very beneficial in designing the solution, deploying the solution
and the ongoing management of that solution both for DDoS and for our internet transit as well. We’ve been very pleased
with the Telstra solution so far and having the DDoS solution really is that insurance policy
if those resources become attacked.”
Paul Moss, Director of IT Service, Betfair
Although customers would get their
initial bets back, they would not receive
any potential winnings. Obviously,
customers would not be impressed.
The impact on long-term customer
confidence is important too. Betfair’s
international experience shows that
when online access problems occur,
customers stay away. The longer the
duration of the problem, the longer
it takes them to return – perhaps
several days. If problems occur
regularly, customers will simply turn
to a competitor’s online service. The
potential for lost revenue therefore
is enormous.
Equally important, Betfair does not
have to invest in infrastructure or
internal IT resources with Telstra’s
managed solution. Even if it did, the
company still could not provide the
same level of visibility and protection.
Betfair already has advanced defences
and exceptional visibility into network
activities, but that could still only
manage attacks from a few sources.
A full DDoS attack from hundreds
of sources would be beyond the
company’s capabilities. In fact, the
only alternative would be to send
traffic overseas to be cleaned, then
routed back to Australia. But that
option reduces Betfair’s speed of
response to customer requests says
Paul Moss:
“We use Telstra a great deal for internet
transit around the world and the
DDoS solution is in place within their
network. So it means traffic is cleansed
before it arrives at our door.
Benefits
The main benefit is that Betfair’s online
operations can now overcome most
DDoS attacks if they occur. This was a
primary concern for Betfair in Australia,
since their overseas operations often
experience attacks. The importance of
Telstra’s service becomes clear once
the nature of Betfair’s online presence
is understood.
Betfair’s customers wager on events
on the understanding that they can
return at any time to trade out of
the position they have adopted. If an
attack stops online access and the
ability of customers to change their
position, Betfair would have to void
the events. This would have serious
consequences when you consider
the number of transactions per day.
Andrew Twaits explains:
“On a typical Saturday, we’d be
processing over a million bets a day.
We have tens of millions of dollars
worth of bets passing through the
site. We process more transactions
every day than the Stock Exchange
in Australia, and we do it faster. So,
we’re one of the busiest websites in
the world.”
A DDoS attack would also cause severe
financial ramifications, since Betfair
takes a commission on each bet. If
a DDoS attack occurred and events
were voided, Betfair would lose its
commissions.
“On a typical Saturday, we’d be processing over a million bets
a day. We have tens of millions of dollars worth of bets passing
through the site. We process more transactions every day
than the Stock Exchange in Australia, and we do it faster.
So, we’re one of the busiest websites in the world.”
Andrew Twaits, Chief Executive Officer, Betfair
“We use Telstra a great deal for internet transit around the
world and the DDoS solution is in place within their network. So it means traffic is cleansed before it arrives at our door. If
we were to use a competing solution, it means traffic is
shipped off to the other side of the world, cleansed and
then sent to us and in doing so there’s an inherent delay in
getting that customer traffic to us. So having an in-network
solution is far preferable.”
Paul Moss, Director of IT Service, Betfair
IF YOU HAVE ANY QUESTIONSPLEASE CONTACT YOURTELSTRA ACCOUNT EXECUTIVEVISIT TELSTRA.COM/ENTERPRISECALL 1300 TELSTRA
Solution Details
◊ Distributed Denial of Service
(DDoS) Protection
- Protects your enterprise
from the threat of DDoS
attacks on your crucial
business data
- DDoS Mitigation Solutions
can protect your hardware,
applications and electronic
files from damage
- Telstra applies advanced
technology to combat
DDoS using:
- Sophisticated filtering
services allowing only
legitimate data traffic
- Scalable solutions to
cover multiple locations
and platforms
- 24-hour protection from a
fully managed service
◊ Security Operations Centre
(SOC)
- An ASIO T4 certified centre
that provides 24 hour, seven
days a week monitoring
across all Telstra’s infrastruc-
ture using state of the art
correlation tools.
Enablers
◊ Telstra Next IP™ network
◊ Telstra Next Generation
Services™
Why Telstra?
Telstra provides network services
and solutions to more than 200 of
the world’s top 500 companies. They
rely on us to do business across 240
countries and territories and to enable
greater productivity, efficiency
and growth.
Telstra solutions offer the best of
all worlds skilled people and a rich
portfolio of services delivered on
our world-class Telstra Next IP™
network and Next G® network. To
ensure reliable performance, they’re
monitored and maintained from our
dedicated centres using advanced
management and operational
systems. And they’re backed by Telstra
Enterprise-grade Customer Service™
and one of Australia’s largest and
most qualified field and technical
workforces.
If we were to use a competing solution,
it means traffic is shipped off to the
other side of the world, cleansed and
then sent to us, and in doing so there’s
an inherent delay in getting that
customer traffic to us. So having an in-
network solution is far preferable.”
Telstra’s Distributed Denial of Service
Protection has certainly proved its
worth in sustaining Betfair’s online
presence, which in turn has helped
ensure profitability and the ongoing
viability of their business. Indeed, the
effectiveness of Telstra’s solution draws
words of praise from Andrew Twaits:
“Telstra has the brand, it has the
expertise and it has the scale. In our
view, they are the best player in the
market and have the most credible
and robust solution to our needs.”
This case study sets out the experiences of this customer. Your experience may differ. ™ Trade mark of Telstra Corporation Limited. ® Registered trade mark of Telstra Corporation Limited ABN 33 051 775 556.