Ngenix Cloud Platform

The main articles are:

• Firewall
• Security Information and Event Management (SIEM)
• What is IaaS
• SaaS - History. Philosophy. Development drivers

The Ngenix cloud platform is a geographically distributed server platform located at traffic exchange points and in the networks of Russian operators. It works as a high-performance front end that protects against cyber attacks and speeds up customer web resources.

2022

Implementation of support for SSL/TLS certificates with the Russian cryptosystem GOST 34.10

The company Rostelecom"" announced on August 24, 2022 the implementation of NGENIX on its cloudy native support platform - with TLScertificates the Russian a cryptosystem of the GOST 34.10 family along with common enciphering RSA systems/ECDSA.

Owners of Russian web resources often face problems when renewing or issuing SSL/TLS certificates, there are also risks of revoking existing certificates by foreign certification centers (CAs). Import substitution of the TLS ecosystem is one of the priorities of the Russian IT. In 2022, due to the fact that many well-known browser developers have certification centers abroad, as well as the emerging difficulties with installing SSL/TLS certificates, Russian web resources are growing the risks of outflow of visitors and traffic loss, as well as the risks of hacks and MitM attacks.

An ecosystem has already begun to form in Russia that allows you to verify the authenticity of digital certificates while observing the principles of import independence. Thus, owners of web resources can receive a certificate of the GOST TLS standard on Public services for free, Russian CTs are formed, and a number of domestic browser developers (Yandex, Chromium Guest, VK Atom) already support GOST TLS.

Traditionally, GOST TLS cryptography is supported on dedicated gateways or a dedicated software module - a "crypto provider," but it requires the installation of additional hardware and/or proprietary software. To preserve the usual user experience, Internet users need support for GOST TLS in the browser and web server.

Web resources using the NGENIX platform and managing digital SSL/TLS certificates within the Hosted SSL service are now able to simultaneously apply digital certificates of the RSA and GOST TLS standards and manage them through their personal account or API. This allows an encrypted connection between the user and the server.

Support for GOST TLS on the NGENIX platform is an important step towards the development of Russian technologies for a safe web. Thus, we are expanding the set of tools necessary for the Russian Internet business to ensure quick and safe access to public web resources. There is still a lot to be done for the full application of Russian cryptography, but the readiness of a technological solution means that they have already become part of the developing ecosystem of GOST TLS, emphasized NGENIX CEO, Konstantin Chumachenko.

Availability of SolidWall WAF as a fault-tolerant cloud service on the Ngenix platform

On February 3, 2022, Web Resource NGENIX provider cloudy Acceleration and Protection Solutions and Resident Skolkovo Foundation (), The ВЭБ.РФ Group SolidSoft a developer of Web Application Protection Solutions, announced a collaboration. More. here

2021

Add image blur

On August 20, 2021, the company, Ngenix Russian provider cloudy acceleration solutions protection and web resources, announced the introduction of functionality in the Ngenix Image Optimization image optimization service. In the next version of Image Optimization, blur is now available.

This functionality is designed to improve the user experience when downloading "heavy" web pages, which is relevant for web resources such as OTT storefronts, media sites and blog platforms. Preloading blurred images allows you to maintain the location of the interface elements in the layout of web pages until the original images are fully loaded, which is especially important if the visitor to the web resource uses a slow connection. It also accelerates the loading of web pages by compressing the converted image up to 4 times.

Image conversion using the blur function takes place at the power of the Ngenix distributed cloud platform. Implementing blur cloud in eliminates the need for the customer to convert and deliver images on their infrastructure. This allows you to unload the back end and increase the responsiveness of the website.

How does it work

The user configures image conversion policies in his personal account by specifying the desired blur radius value - this provides a different compression ratio. files After applying this conversion policy, blurred images HTTP are delivered to the user from edge-servers Ngenix first when processing the -query.

"We continue to develop valuable cloud services for customers and implement demanded functionality in them. Image blur complements the functionality of the Image Optimization service, such as automatic conversion to optimized WebP format and image resizing according to the specified parameters. Users of the service can not only improve the usability of their web resources, but also reduce traffic consumption, unload their own infrastructure and free up the resources of their developers for other tasks, abandoning expensive equipment and saving time for highly paid specialists on their side, "- commented Dmitry Krikov, CTO of Ngenix.

How to: Blur Images

A user of the Ngenix platform with the Image Optimization service connected to the service configuration can use the blur functionality without any additional actions on his part - the configuration of blur parameters is already available in the Ngenix Multidesk personal account in the Image Optimization tab. Connecting the Ngenix Image Optimization functionality does not entail an increase in the cost of service.

Ngenix clients can send a request to connect the Ngenix Image Optimization service from their personal account. You can learn more about the image optimization effect and familiarize yourself with the Ngenix implementation stories on the dedicated Ngenix website.

Edge Logic Rules Query Rule Management Service Release

The company, Ngenix Russian provider comprehensive cloudy solutions for accelerating, protecting and resiliency of web resources, on April 28, 2021 announced the release of the Edge Logic Rules (ELR) request rule management service.

With Ngenix ELR, IT commands can reduce the time it takes to roll out changes related to user requests to a web resource by up to minutes. The service allows you to quickly block bot traffic, distinguish between access to content, filter and redirect web traffic depending on geolocation and other properties of the request. Before the service, solving such problems required the intervention of qualified engineers or the involvement of a resource of development teams to change the code. The company expects that the capabilities of ELR will be able primarily to evaluate the administrators and DevOps of web resources in the field of e-commerce and OTT broadcasting.

The ELR service is in demand by web resource administrators who need, among other things:

• Take prompt action to block bad bots to reduce infrastructure load
• restrict access to content to pirates;
• redirect the user to alternate pages and video streams depending on geolocation to comply with license restrictions or conduct A/B tests;
• Restrict access to a specific part of a web resource.

Ngenix Edge Logic Rules allows you to quickly configure HTTP request processing rules based on predefined features and quickly apply them on the Ngenix cloud platform. The principle of operation of Edge Logic Rules is based on simple if/then statements; when processing an incoming user request, the platform checks it for compliance with predetermined criteria (geolocation, IP address, header, etc.). In the case of a match, the platform performs a certain action: skip (allow), block (deny) or redirect (HTTP-redirect) the request or modify its header (setHeader, delHeader).

A user of the Ngenix platform can form rules using the GUI in his personal account. Creating a new rule takes no more than a few minutes, and its application on the platform takes place instantly: the changes made take effect after a few seconds on all servers of the Ngenix distributed network from Frankfurt to Vladivostok. This reduces the time to roll out critical changes to a few minutes and reduces the threshold of competencies required to customize the processing of requests on the platform, including in emergency situations.

We created Edge Logic Rules so that administrators of large web resources can gain more control over the operation of the cloud platform and have the opportunity to implement important changes as quickly as possible, without spending on this expensive and scarce resource of developers and operational engineers, "explained Dmitry Krikov, CTO Ngenix.

Edge Logic Rules is one of more than 25 services available to connect to users of the Ngenix distributed cloud platform.

2020

Resource power output of 2.75 Tbit/s

On October 28, 2020, the company, Ngenix Russian provider cloud services to ensure the protection, acceleration and resiliency of public web resources, announced that it had brought the total capacity of its cloudy infrastructure to 2.75 Tbit/s, responding to the prolonged growth in traffic volumes in 2020. Thus, the current total capacity of the Ngenix platform has increased by 38% since April.

In the spring of 2020, the coronavirus pandemic had a significant impact on the growth of web traffic: self-isolation forced Internet users to radically change consumption patterns in the online education and food retail segments. Ngenix estimated an increase in the number of requests for web resources of these segments during strict quarantine measures at 115% and 79% compared to February. Government web services and video delivery services have also become a powerful driver of web traffic growth in Runet: they are characterized by noticeable spikes in the number of requests, many times higher than the daily average. In early April, Ngenix prepared in advance for growth, increasing the platform's capacity to 2 Tbit/s.

Since the beginning of 2020, the average daily traffic consumption on the Ngenix platform has increased by a multiple. In the fall of 2020, there is a sharp increase in video consumption: the premier season contributed to an increase in video service traffic by 146% compared to February. At the same time, the traffic of the food retail segment continues to increase steadily, and a growing trend is noticeable in the segment of state web resources: in general, the number of requests at the end of October exceeds February by more than 30%. The need to further increase the platform's capacity is also dictated by popular online events: direct appeals from the President of the Russian Federation during the pandemic generated peaks on the platform that exceeded the daily average for the video service segment by 250%, and the broadcast of the expected UFC battle Khabib-Gaethje provoked a surge in Wink traffic, which amounted to 1 Tbit/s at the peak. To ensure the stable operation of web resources, Ngenix deployed additional nodes in the North Caucasus Federal District and the Central Federal District, and also again increased its capacity - from 2 Tbit/s to 2.75 Tbit/s.

{{quote "We were able to prepare in advance for an increase in the volume of transmitted traffic and increase the infrastructure so that online services in Runet and web resources could scale in response to the rapid growth of the Internet audience," commented Dmitry Krikov, CTO of Ngenix. - 2020 was a breakthrough year for online business in the Russian Federation. In less than a year, we have increased the total capacity of the platform by 62% - compared to the pace of previous years, this is a serious indicator. The increase in online audience in the Russian Federation, the impact of the global pandemic and the rapid development of web services in key segments have become the main catalysts for the company's growth. }}

Ngenix Image Optimization 2.0: image autoresization for the requirements of various platforms

On September 11, 2020, the company, Ngenix Russian provider cloudy solutions for accelerating and protecting web resources, announced a functional update to the Ngenix Image Optimization image optimization service, available on demand to users of the Ngenix distributed cloud platform. Now in version 2.0 of the service, the function of automatic resizing (resizing) of images is implemented in accordance with the requirements of various platforms.

According to Ngenix representatives, updating the service will be especially valuable for e-commerce customers whose web resources contain a large number of images; in their case, the correct display and download speed of web pages significantly affect conversion.

Users visit websites from a variety of devices - PCs, laptops, tablets, or mobile devices. Each month, with the release of the next form factor, the parameters of the images also change, which must adapt to different types of screens. When the image catalog used by web resource owners grows, image resetting becomes a resource-intensive task that requires additional resources from developers and content managers: using images of incorrect size harms the usability of the web resource, and the conversion and retention rates of visitors on the site may suffer. To implement automated recycling on your own infrastructure, you need to plan the application architecture and underlying IT infrastructure accordingly, as well as invest in expanding the number of developers and deploying additional caching and conversion servers. Ngenix has expanded the functionality of the Image Optimization service, making it available as part of a plug-in service.

The ability to recycle as part of the Image Optimization service allows you to automatically adapt the image size to the desired size provided by the CMS of the website, as well as compress and convert it to WebP to speed up loading. The following functions are now available in the Image Optimization service:

• Resizing:
  • adjusting to the specified proportions in the format 'length x width';
  • dimensioning one of the sides (length or width) while maintaining the proportions of the original image;
  • proportional change in size with the specified factor;

• Trim: trimming to a specified size by length or width
• Reduce size by compressing an image with a given factor
• Convert to optimized WebP format for WebP-enabled custom applications

The user configures several image profiles with the necessary parameters (for example, width and height values) in his personal account and changes links on his resources accordingly, using optimal profiles depending on the type of user devices. After that, all users will begin to receive images that are the optimal size for their screen. Image resizing takes place in synchronous mode.

By expanding the Image Optimization service with image recycling functionality, we responded to the needs of our customers who have already assessed the capabilities of the first version of the service. Users of the Image Optimization service, which involves the automatic conversion of heavy images to WebP in the cloud, noted a decrease in outgoing traffic towards customers by tens of percent, and many were able to speed up page loading at times. The ability to recycle images as part of Image Optimization 2.0 is an important upgrade and the next stage in creating a fully functional cloud platform to accelerate web resources, "commented Dmitry Krikov, CTO of Ngenix.

A user of the Ngenix platform can use recycling, provided that he has an image optimization service from Ngenix connected, simply by performing several actions in the Ngenix Multidesk personal account in the Image Optimization tab. The user creates an image conversion policy, describing the necessary profiles in it, and assigns it to service configurations through which images are delivered.

Ngenix clients can send a request to connect the Image Optimization service from their personal account. In order to test the capabilities of the Ngenix cloud platform and the Image Optimization service for free within two weeks, you can leave a request through the form.

Power output of resources in 2 Tbit/s

On April 16, 2020, the company announced NGENIX Russian provider cloud services a significant infrastructure strengthening to respond to growing customer challenges during the pandemic. By COVID-19 mid-April 2020, the company reached a resource capacity of 2 Tbit/s and is preparing to deploy the next node in the North Caucasus Federal District in the second quarter of 2020. NGENIX also expanded connections to the main traffic exchange points and to a number of trunk operators and installed additional equipment on the nodes.

We modeled user traffic trends based on data those coming from abroad, where the quarantine regime was deployed earlier. This helped us properly prepare for surges in web resource public sectors and OTT service traffic. Thus, we increase our power IT infrastructures in a planned mode, preventing failures and failures. NGENIX's access to the parent company's infrastructure "Rostelecom contributes to the stable operation of critical web services in all major communities, RUSSIAN FEDERATION comments Konstantin Chumachenko, CEO of NGENIX

With the announcement of the self-isolation regime in the Russian Federation, NGENIX specialists recorded a steady increase in video traffic consumption. According to Dmitry Krikov, technical director of NGENIX, during the second appeal of V.V. Putin about the situation with the pandemic (April 2, 2020), traffic spikes were recorded at the level of 1 Tbit/s. Demand for the delivery of "heavy" content has increased due to the increased popularity of streaming and educational services.

There is also a significant increase in the volume of traffic of state web services: for several weeks, citizens consulted much more actively with resources important in the context of the coronavirus pandemic. At peak times, the load on a number of government web resources tripled in two hours.

The timely modernization of the NGENIX platform ensured the uninterrupted operation of critical web resources and OTT services in the first weeks of quarantine measures. The distributed cloud platform NGENIX operates on the basis of 39 nodes located in seven federal districts of the Russian Federation, four neighboring countries and Europe.

2019

Application-level DDoS Protection System

The provider of cloud services for web resources Ngenix (part of the Rostelecom - Data Center group) on July 3, 2019 announced the update of the technology platform and the launch of the next services. Now owners of web resources can protect them from application-level DDoS attacks, speed up access for mobile users, and use tools to manage services and analytics in the client portal.

Application-level (L7) DDoS protection with or without SSL exposure works on a geographically distributed network of Edge servers. This allows you to repel attacks more efficiently and faster than with the traditional approach - using traffic cleanup centers. Client websites are protected by analyzing incoming traffic and blocking malicious requests in the Ngenix cloud.

The Ngenix platform has been used for several years to protect against DDoS attacks at the network level, protect applications from hacking (WAF) and a secure DNS (name system) service. domain

The company has upgraded the infrastructure and increased the speed content of delivery of customers' web resources through the use of modern server program configured and network equipment, as well as an update software that manages the cloudy platform. The intelligent traffic balancer now uses (machine learning machine learning) when building network routes. Ngenix's image optimization service reduces traffic for mobile users and speeds up downloading images to mobile devices without losing quality.

The customer, partner, and developer environment has been fully updated. The Ngenix Multidesk client portal has been redesigned, the interface of which was created from scratch based on the analysis of user experience. Cloud management tools have become simpler and more convenient. A system for monitoring and visual presentation of statistics has been implemented, which allows assessing the effectiveness of services in real time. In turn, the reseller portal allows Ngenix partners to manage the accounts of their customers using the Ngenix platform, as well as quickly launch pilot projects.

The updated Developer Support Center provides documentation and tools for working with the REST API to speed up the integration of customer IT systems with the Ngenix platform.

Technological solutions

As of July 2019, the following are available within the Ngenix cloud platform:

Ngenix Secure Cloud:

• Accelerate the entire site (static and dynamic content)
• Secure DNS
• Complex protection from DDoS Arbor PeakFlow in cloud
• WAF protection of applications from all types of attacks and hacks
• Fast connection under attack

Ngenix CDN:

• 38 nodes, coverage of 90% of Internet users in 1 hop
• The only CDN in the network of the largest operator Rostelecom
• Real-Time Network Route Optimization System
• Shielded client servers to reduce load
• Hybrid Usage Scheme (Native Infrastructure + Ngenix CDN)

Ngenix Cloud Storage:

• Reduce storage CAPEX
• Reliability - Data has triple replication
• High-speed data processing
• Rapidly scale to grow loads
• Easy integration with third-party services

Ngenix Cloud Platform Overview

As of July 2019, the Ngenix platform is based on 11 years of the company's development Ngenix in the field of algorithms filtering, balancing and caching web requests.

Connecting to the platform takes one day and does not require changing the architecture of applications, changing the Internet provider, hosting, CMS, implementing modules and any other improvements. You must change the DNS zone record of your web resource and send Internet user requests to the Ngenix cloud. The address and content of the web resource are not changed.

Platform Facts:

• The Ngenix cloud platform is distributed across 22 regions and has a total network connection speed of 1.5 Tbs. It serves to speed up the delivery of Internet content to the end user, "hot" storage of data and protect web resources from all types of cyber attacks, including powerful DDoS attacks.
• Accelerate content delivery and offload customer IT infrastructure with distributed caching, proxying, balancing, and network route optimization.
• The Ngenix cloud protects connected websites by using secure DNS (includes zone management tools), filtering traffic with DDoS protection complexes (Arbor PeakFlow) and various types of hacks (WAF from such Russian vendors as Positive Technologies, Onsek, SolidWall). Ngenix provides distributed filtering of L7 requests with or without disclosure of SSL traffic.
• The platform allows you to organize live video broadcasts and broadcast video on demand to any audience coverage in unlimited volumes. Tag-tapping ads, transcoding and blackout for OTT broadcasting are available, as well as a settings generator for popular video players.
• High-performance S3-compatible cloud storage delivers fast access to hot data. It is especially effective in the case of integration with content delivery services.
• Clients have access to log files, minute-per-minute statistics and advanced analytics. Seamless integration of services into a single analytics and statistics suite can radically reduce content protection and delivery costs and make website management more flexible and efficient.