Swisslos Increases Uptime, Improves Customer Experience and Security
Founded in 1937, Swisslos Interkantonale Landeslotterie (Swisslos) is a cooperative organization with 20 member states. Swisslos manages multiple national and transnational lotteries (Swiss Lotto, Euro Millions), sports betting, bingo and many other lottery ticket offerings. Swisslos needed to replace end-of-life technology and wanted a sustainable, scalable analysis solution that could provide meaningful, real-time insights into its data. Since deploying Splunk Enterprise, Swisslos has seen benefits including:
- Improved customer experience
- Identification and blocking of complex fraud attacks
- Improved compliance processes
SPLUNK SOLUTION AREAS
- Replace end of life IBM console
- Deliver users a more dynamic platform
- Get meaningful, real-time insights into data
- Immediate insight into site stability and performance
- Faster response to security threats
- Integrated view of IT operations across the infrastructure
- Improved user experience across multiple gaming platforms
- Significant cost savings over obsolete solutions and legacy database
- Significant time savings for IT team
- Application logs: JREE2 application servers, webserver logs, Nagios, chat-server, CMS, back office systems, databases
- Network traffic data: firewall logs, router/switch logs, Cisco NAM logs and alerts
- Gaming data: online sales activity
- Security data: firewall logs, VPNgateways, web application firewall logs, Unix/Linux Shell Audit Logs, AAA Systems
Swisslos annually pays out more than 600 million Swiss Francs to lottery winners as well as 354 million Swiss Francs to the cantonal lottery and various sports funds. Its net profits support more than 12,000 projects each year; since its foundation, Swisslos has donated more than five billion Swiss Francs to charitable and nonprofit projects.
Swisslos is tasked with integrating new games into its platform on an ongoing basis, so a high degree of scalability is required for systems and network management to be effective. Swisslos previously used an IBM Tivoli console for system and network management, but needed an alternative as it came to end of life. The company also wanted to host its online gaming platform (http://www.swisslos.ch) within its own datacenter and needed to make it more dynamic for its 500,000 users. Swisslos needed to gain real-time insights from its data and to evaluate the performance and stability of the website.
Swisslos selected Splunk Enterprise for its flexibility, extensibility and ability to easily integrate into Swisslos' existing, heterogeneous IT. LC Systems, a Swiss Splunk partner, introduced best practices and advised on the type and volume of daily data to be indexed. After the successful deployment of the Splunk platform, the replacement of the IBM Tivoli console was completed in just six days.
“Splunk closes the gap between people and data. Big data analysis with Splunk is an easy task and we benefit from meaningful information within a few seconds and clicks and also extensive visualization features which we would no longer want to miss.”
Joris Vuffray, Network and Systems Management Team Leader, Swisslos
Making Swisslos more compliant and secure
Because Swisslos is certified by the World Lottery Association, it must react very quickly to any kind of system abuse or security threat. Swisslos’ department of system management now uses Splunk software to monitor the games systems and to measure, among other things, network stability and security. Unusual occurrences, such as a wrong user login or a violation of compliance policies are also registered.
Swisslos' network security team relies on Splunk for the second- and third-level support and can also detect and prevent security issues and attacks. Moreover, complex fraudulent attacks are also identified and blocked.
Turning ‘cryptic’ data into improved customer experience
Swisslos benefits greatly from its broad adoption of Splunk Enterprise. One of the biggest advantages is that Splunk correlates data and provides visualizations on the network level for a comprehensive view. Information from multiple systems is collected and evaluated in Splunk, giving Swisslos a complete, integrated view of all IT operations. The performance graphs are especially useful; created in just three mouse clicks, they turn cryptic logs into meaningful insights.
Splunk software's fast response and real-time analysis capabilities have given Swisslos a significant advantage and improved the overall experience of the online platform’s numerous users. An application failure in the online gaming portal would leave users unable to play, which could result in a loss of revenue. Splunk monitoring and alerting now help quickly resolve—or even proactively prevent—this worst-case scenario, by notifying the relevant teams of any anomalies or when threshold levels are reached.
"The satisfaction of our users is key to our business success, so we are extremely pleased to have improved the availability of our gaming platform so significantly, thus also optimizing the user experience on the website," says Joris Vuffray, network and systems management team leader at Swisslos.
Greater efficiency across the enterprise
To further augment its use of the Splunk solution, Swisslos deploys several apps from the Splunk ecosystem. Google Maps for Splunk locates and visualizes attacks on the Swisslos game portal. Splunk Add-On for OSSEC checks the security state of the current operating systems, while AfterGlow Visualization graphically represents unusual internal IP activity. The Splunk on Splunk (S.o.S) app analyzes and monitors the utilization of Splunk Enterprise.
The Splunk platform has improved the customer experience, made compliance easier and reduced costs for Swisslos. It has also brought greater efficiency to the Swisslos IT team, which has significantly reduced training time and man hours needed to gather insights. Cost savings have extended across the organization, as Swisslos no longer has high licensing and major maintenance costs from running a large database.