Enhancing Security and Monitoring of Innovative, Cloud‑Based App
Mobile commerce is on the rise, with more and more shopping experiences being made available anytime and anywhere from a mobile device. P97 knows how important mobile shopping is to businesses and consumers, and particularly how innovative it can be in the retail fuel industry. The team at P97 set out to move beyond the pay‑at‑the‑pump technology that was developed almost 20 years ago, and to offer a modern, easy, and secure way for people buy gas and shop at convenience stores.
P97 has developed an app you can use to reserve a pump and pay for your gas from your mobile device. Its PetroZone® mobile app is hosted in Microsoft Azure and securely communicates with convenience stores, enabling users to easily purchase gas and any convenience store items they’d like through their mobile wallet.
Security is a priority for P97, both within the app itself to ensure requests are processed securely between users and convenience stores, and to comply with Payment Card Industry (PCI) standards, a strict set of rules for handling transactions, storing relevant information, and keeping up to date with security patches.
“We needed a load balancer that had enhanced security capabilities. The IT architecture and engineering teams looked into options and determined that NGINX Plus would be able to meet our security needs efficiently,” notes Scott Foxworth, IT Manager at P97.
After a thorough QA and testing process, P97 was up and running smoothly with NGINX Plus on Microsoft Azure.
NGINX Plus is a complete application delivery platform for the modern web, designed for the unique demands of customers like P97. As a software load balancer, NGINX Plus is easy to configure and can be instantly deployed on the Microsoft Azure, AWS, or Google cloud platforms.
P97 uses NGINX Plus as the sole entry point to its cloud backend. NGINX Plus handles incoming HTTPS traffic and load balances it across the reservation and payment services that make up the PetroZone application. SSL/TLS certificates are managed through NGINX Plus, providing a single “source of truth” in the system. Foxworth also uses the NGINX Plus monitoring tools to make sure that systems are functioning properly, and that software is up to date on all hosts.
Enhanced Security for Cloud Deployments
Managing security is a never‑ending task, and requires constantly monitoring and adapting your infrastructure. In fact, P97 adopted a cloud‑based solution precisely because of its adaptability. Hardware solutions such as RFID were ruled out because they can be stolen or hacked, threatening the entire solution, whereas software can evolve as threats change.
By using NGINX Plus to offload SSL/TLS processing for traffic in both directions, P97 is able to speed up performance on the backend, and ensure that communications between the backend, gas pumps, and mobile app are all encrypted using technology that’s up to the latest standard.
“NGINX Plus offers the security features we need to ensure encrypted communications between the client and our cloud deployment of our mobile application,” adds Foxworth.
In addition, NGINX Amplify, the purpose‑built monitoring and management system for NGINX and NGINX Plus, helps P97 stay secure. It flags security alerts associated with the installed version of NGINX Plus.
“NGINX Amplify will quickly let me know, on my load balancer, whether I’m up to date with all my security packages, which is great for our PCI compliance”, remarks Foxworth.
NGINX Amplify also does automated analysis of the NGINX Plus configuration, looking for missing or misused directives that might be hurting security and performance, and suggesting how to fix them.
Critical Metrics for Monitoring Performance
In addition to addressing security requirements, P97’s IT team is also dealing with the challenges of supporting a rapidly growing platform. For the P97 team, knowing how their production resources are responding to increasing customer demand is important, and that requires extensive monitoring. With NGINX Plus’ live activity moitoring dashboard, P97 can monitor events in real time and ensure that their backend servers are keeping up with traffic.
“NGINX Plus allows us to determine if our servers are up and running, and traffic is passing through them as we’d like,” says Foxworth. “We’re able to look at not just whether the server is down, but even whether it has dropped any connections, giving us critical performance insights.”
Technical Support You Can Rely On
NGINX Plus comes with access to award‑winning support so that customers can work with experts who specialize in application delivery to solve technical issues.
Foxworth explains, “I’ve called NGINX support several times when I thought there were issues with load balancing, but it has always turned out to be an issue with our code. By working with the NGINX support staff, they’ve been able to help me quickly deduce where the problem was and get a quick resolution.”
Putting NGINX Plus in front of its backend cloud‑based servers has been paying off for P97 in a number of ways. The company gets the enhanced security features it needs to ensure encrypted communications. On top of that, it can monitor all incoming and outgoing traffic, giving it visibility into whether or not servers are working as needed as well as the data to determine how to effectively allocate resources. NGINX Plus gives P97 access to experts to solve technical issues if they arise. And while adoption of the P97 mobile commerce platform grows, the IT team can rest assured that NGINX Plus is capable of handling any traffic they throw at it.
“We’re delighted that NGINX Plus meets all of our needs. It’s a stable load balancer that has never died on us. And it meets our security requirements. We’re looking forward to incorporating even more of NGINX Plus’ capabilities into our IT operations,” says Foxworth.