TN Marketing Scales Performance, Elasticity and Security through AWS CloudFront, ELB and WAF expertise
TN Marketing is an online media, marketing, and technology firm that connects people with their passions by producing and delivering online instructional video content, and other media through life passion based communities. The firm has become an expert in delivering technology that monetizes video content online on behalf of affinity brands it services, and through these niche media websites that generate millions of dollars in yearly transactions. TN Marketing has selected and built industry-leading components to craft the ideal online experience for visitors and consumers. Utilizing enterprise hosting partners, TN marketing strives to deliver an end-to-end optimized and secure platform that services each of their brand communities.
For TN Marketing to stay competitive, they needed to build and manage an optimized technology infrastructure that delivered maximum performance for its business and its brand-based eCommerce implementations. Specifically, TN Marketing’s video monetization platform known as Vidstore, needed to flawlessly support the performance demands of its clients’ high definition video streaming and support the security demands of an eCommerce site, while providing the company’s development team with the tools to effectively and efficiently manage the new infrastructure — all while reducing AWS costs.
TN Marketing has a vested interest in ensuring the performance and uptime of the sites it builds — many of which receive significant traffic. Indeed, downtime means lost revenue and lost customer trust. As a result, the firm has a 99% uptime SLA with its customers — an SLA it has a track record of meeting and exceeding.
The firm turned to the AWS experts at Flux7 to help build an infrastructure that could over-deliver on the uptime, performance, and security agreements with its customers. After an assessment of the company’s existing AWS implementation and architecture, Flux7 consultants recommended the use of AWS CloudFront in conjunction with AWS WAF and ELB for greater content speeds, and security at less cost to the organization.
The first thing the Flux7 team did was to implement monitoring and logging tools that gave TN Marketing even better situational awareness. With a firm understanding of the issues, Flux7 determined that it would be best to build for this client a solid foundation using automation so that changes could be incrementally weaved in over a period of time. Following this, one of the first changes Flux7’s DevOps consultants made was a lift and shift to AWS CloudFormation, a tool that helps developers and sysadmins create, manage and provision resources through templates. In conjunction with Jenkins, CloudFormation provided a basic foundation for automation, and a route to continuous improvement. With this automation in place, the Flux7 team replaced the organization’s HAProxy load balancer with AWS Elastic Load Balancer (ELB). Unlike HAProxy, ELB is inherently fault tolerant; designed for scalability, elasticity and high availability; and, as a managed service, is able to automatically increase or decrease its capacity to meet traffic demands.
Next, the teams worked together to create a workflow for adding a new website. They used Jenkins jobs to populate SSL certificates on AWS and setup AWS CloudFront distributions, making sure to have separate CloudFront distributions for each website. Using CloudFront for this organization’s client websites was important as the AWS service speeds up content delivery by offering content to Web surfers from edge locations nearest them. Users are simply routed to the location with the lowest latency, resulting in the highest performance possible. High performance is especially important for TN Marketing’s customers who are using VidStore to sell video content and want their product delivered without hiccups or errors. The use of AWS CloudFront’s content delivery network and caching in front of web servers decreased the server load and in turn greatly improved performance.
Last, Flux7 implemented the use of AWS Web Application Firewall (WAF). The AWS firewall helps ensure website security through the use of rules, such as whitelists, blacklists, cross-site scripting attack detection, and SQL Injection Detection, which were all implemented for TN Marketing. Specifically, Flux7 consultants used CloudFront custom headers alongside an NGINX configuration to enforce the rule that all requests come from CloudFront and pass through WAF. An additional tier of rules was added that reactively blacklisted bots that made too many requests or too many requests on a bad URL as well as a rule that blocks traffic from a TOR node.
By removing HAProxy as a non-scalable single point of failure, and replacing it with the auto- scaling AWS ELB, Flux7 was able to decrease costs and grow scalability and elasticity for this firm. Moreover, the use of CloudFront reduced the load on the company’s web servers, and simultaneously made content delivery faster and more reliable. CloudFront was able to deliver this level of performance despite a large increase in traffic and business during the holiday season.
In the end, TN Marketing was able to increase performance, meet SLAs, and standardize on a platform its development team could easily manage through the use of automation — all with a reduction in AWS costs.
- Maximize website performance
- Ease infrastructure management
- Increase developer productivity
- Grow security
- AWS CloudFront
- AWS WAF
- AWS ELB