How mittwald Transformed Their Web Hosting Business with ElastiFlow

A Journey Through DDoS Attacks, Custom Solutions, and Performance Enhancements

mittwald, a leading web hosting provider specializing in CMS hosting for agencies and freelancers, has established itself as a cornerstone of reliable and high-performance web services. Since its inception, the company has been dedicated to delivering comprehensive web hosting solutions, adapting and evolving to meet the dynamic needs of its clients.

mittwald’s Evolution and Challenges

In 2023, mittwald’s journey took a pivotal turn when they became a customer of ElastiFlow. As part of the datacenter networking department, Fabian Kretschmer focused on optimizing their infrastructure engineering to enhance performance and security. However, despite their robust solutions, mittwald faced significant challenges, particularly with severe Distributed Denial of Service (DDoS) attacks. These attacks, some reaching up to a staggering 150 Gbps, tested the limits of their existing systems and underscored the need for a more resilient network monitoring and DDoS mitigation strategy.

The Quest for an Optimal Solution

Initially, mittwald employed basic SNMP-based traffic monitoring. While this provided a foundational view of link utilization, it failed to address their growing needs. Recognizing the limitations of this kind of network observation, mittwald explored various commercial solutions, including a hardware appliance from a leading firewall vendor. Unfortunately, these options proved costly and insufficient for their requirements.

Determined to find a more effective solution, mittwald built a custom system using open-source tools. They started by mapping network traffic and funneling this data into Elasticsearch. During this process, they discovered ElastiFlow, a platform that aligns well with their needs. At that time, ElastiFlow was utilizing Logstash as a backend, which fit mittwald’s requirements well.

The Transformation with ElastiFlow

mittwald’s decision to implement ElastiFlow marked a significant upgrade in their network monitoring capabilities. Over time, they transitioned to the latest version of ElastiFlow, which directly interfaces with Elasticsearch, and the performance improvements were notable. This upgrade enhanced their ability to manage and analyze network traffic and addressed the shortcomings of their previous setup.

Fabian Kretschmer praised ElastiFlow for its comprehensive package, which included robust performance, thorough documentation, and the flexibility to change storage backends. The platform's compatibility with IPFIX flows further validated mittwald’s decision, aligning perfectly with their use case.

Embracing New Features and Upgrades

Despite the benefits, mittwald initially relied on the open-source version of ElastiFlow for an extended period. The lack of updates became a concern, leading Fabian to strategically upgrade to the paid version. This move was crucial in mitigating potential issues associated with running outdated software.

The latest version of ElastiFlow brought several enhancements, including improved Kubernetes support and the ability to bootstrap Elasticsearch clusters during deployment. While Fabian appreciated these features, he desired more customization options, particularly concerning the rollover policy. The time series data stream feature has been particularly beneficial, helping mittwald reduce storage needs and optimize performance.

Looking Ahead

mittwald’s experience with ElastiFlow underscores the importance of adapting to technological advancements and continuously seeking solutions that enhance performance and security. The journey from essential monitoring tools to a sophisticated, custom-built system highlights the company’s commitment to maintaining a high standard of service amidst evolving challenges.