Turkish ecommerce giant, N11, migrates to Elastic Security in just two weeks

N11 is one of Turkey's top three ecommerce platforms, offering a huge choice of apparel, electronics, and homeware products to more than 10 million people monthly. Protecting this large and loyal customer base from cyber threats and maintaining customer trust is paramount, making IT security a top priority for the business.

N11 adopted Elastic Security when it came to the end of its contract with its previous Security management platform. Serdar Cetin, Engineering Manager, N11, says, "We were looking for a solution that provided better value for money and offered an advanced roadmap that included AI tools to improve detection and accelerate incident response."

Secure Computing, N11's long-term technology partner, recommended Elastic Security. Baran Erdogan, CTO & Founder, Secure Computing says, "Elastic offers a more robust and feature-rich solution. We also saw the opportunity to unify N11's environment and support broader observability initiatives."

This was no small operation. N11 has an extensive environment that supports approximately 2,000 virtual machines (VMs). The data center is correspondingly large and complex, incorporating a variety of security tools such as firewalls, load balancers, web application firewalls, and DNS servers.

To ensure a smooth transition, N11 and Secure Computing worked closely on several proof-of-concepts. This enabled N11 to thoroughly evaluate Elastic's capabilities against their existing use cases while the Secure Computing team focused on the specific requirements of N11's complex data environment.

Careful preparation meant that the migration itself took just two weeks. "Completing the entire migration in such a short time was a remarkable achievement," says Erdogan.

Today, N11 uses Elastic to centralize logs from various critical infrastructure components. These include access logs, application firewalls, load balancers, traditional firewalls, SSL VPNs, and application performance monitoring (APM) data — a total of 300 gigabytes of logs daily.

While the majority of N11's infrastructure resides on-premise, the company is in the process of migrating to the cloud and already uses Google Cloud for some workloads. To maintain a comprehensive security posture, N11 has integrated Google Cloud's audit and access logs into its Elastic environment.

"Elastic integrates perfectly with Google Cloud," says Cetin. His team now enjoys insights into VM creation, Google Cloud Security Command Center usage, and anomalous behaviors. "This enhanced visibility enables us to proactively detect and respond to potential threats," he says.

By bolstering N11's security posture, Elastic has become an indispensable ally in safeguarding customer trust. This not only protects N11's reputation but also enhances the overall customer experience, fostering loyalty and driving business growth.

Omer Faruk Çırakoğlu, Infrastructure Director of N11, says that Elastic Security shows a massive improvement in value and performance. "Comparing Elastic with Splunk is like comparing a modern sports car with a horse-drawn carriage," he says.

The numbers speak for themselves. Efficiency gains include a 90% reduction in infrastructure size to run N11’s VMs including storage, disk management, and calculation environments.

Long-term storage is another area where Elastic Security excels. In the past, N11 had to extract data into a separate environment for analysis whenever it needed to access information older than six months —a time-consuming and resource-intensive process. With data tiering, teams can retain data longer for a fraction of the cost without impacting availability and performance.

Elastic's searchable frozen data layer offers a substantial advantage to automatically restore data from archives upon searching. By compressing data by 50-80% without sacrificing searchability, N11 has significantly reduced storage costs, covering the same business needs with only 100 TB of storage in Elastic compared to 120 TB per year in Splunk's non-searchable frozen solution. while accelerating search results from 15 minutes to an instant. This cost-effective approach has allowed N11 to efficiently approach its data management while still increasing performance, compared to their Splunk solution.

Elastic's intuitive interface and search functionality are more accessible to a wider audience compared to solutions that require specialized query language and data structure knowledge. Cetin says, "Searching using Elastic is just like using an everyday search engine. It means users can explore data without extensive training and no steep learning curve."

Cetin also praises Kibana dashboards that alert the business to potential threats and help maintain customer integrity. A good example is the dashboard that displays geolocation and VPN activity. "By monitoring customer origination and SSL VPN connections, we can detect unusual traffic flows from outside Turkey, which could be indicative of attacks or unauthorized access attempts," says Cetin.

N11's 24/7 monitoring team uses a combination of tools including Slack, Teams, email, and Uptrends to maintain non-stop network integrity. Elastic integrates seamlessly with these platforms to enable real-time anomaly alerts. This ensures that the N11 team is promptly notified of any potential issues, allowing for immediate response and mitigation efforts.

With the successful deployment of the security solution, N11 has also adopted Elastic Observability to keep track of security alerts and other events. "This really underlines the versatility of Elastic in every crucial facet of our business from security and search to observability and beyond," says Cetin.

The pay-off for N11 is massive. Improved efficiency, reduced costs, and faster insights enable N11 to allocate resources more effectively, focusing on enhancing product offerings, customer service, and marketing initiatives. "Ultimately, Elastic Security is more than a technical solution," says Cetin. "It's a strategic asset that empowers N11 to thrive in a highly competitive market through exceptional customer satisfaction and trust."