Building Secure, Scalable and Highly Available Magento Stores, Powered by Rackspace Solutions

Building Secure, Scalable and Highly Available Magento Stores, Powered by Rackspace Solutions A Closer Look at Ecommerce Reference Architectures Mahesh Gandhe, Sr. Solutions Manager for Ecommerce and SaaS/ISV R.J. Rowntree, Commerce Channel Manager John Engates, Chief Technology Officer Building Secure, Scalable and Highly Available Magento Stores, Powered by Rackspace Solutions Cover

Table of Contents Abstract 2 1. Introduction 3 2. Use Cases 4 3. Factors Influencing Solution Design 5 4. Overview of Reference Architectures 7 5. Flowchart for Choosing a Reference Architecture 11 6. Why We Are a Leader in Magento Hosting 12 7. Overview of Rackspace Solutions for Online Retail 12 8. Summary 13 Building Secure, Scalable and Highly Available Magento Stores, Powered by Rackspace Solutions Page 1

Abstract Magento offers flexible, scalable ecommerce solutions designed to help businesses grow and succeed online. The Magento platform is trusted by more than 150,000 businesses, including some of the world s leading brands. Magento Enterprise delivers its best performance on an infrastructure optimized to its exacting requirements. Simply running Magento on generic servers risks performance issues that translate into abandoned shopping carts, slow loading pages and lost revenue. With over 1,000 Magento deployments globally ranging from SMB to Fortune 500 customers, Rackspace has developed core competencies and expertise in Magento infrastructures. Rackspace now hosts a greater percentage of the world s Magento deployments than any other hosting provider. [1] Rackspace ecommerce hosting solutions for Magento delivers an infrastructure honed to meet Magento s requirements. It uses proven, optimized and scalable infrastructure components to deliver unsurpassed performance and reliability. It s all backed by a team made up of infrastructure experts capable of supporting configurations tailored to your specific needs. The end result is a fast, rock-solid and problemfree Magento site that performs exceptionally and, in turn, delivers that fast user experience that your shoppers expect. Based on deep expertise of Magento deployments, this white paper provides guidance and reference architecture for building word-class ecommerce websites on the Magento platform. Rackspace is very familiar with the specifics of Magento, how it works and what type of performance needs it has. Brandon Elliott Managing Director of Technology, Amplifi Commerce Building Secure, Scalable and Highly Available Magento Stores, Powered by Rackspace Solutions Page 2

1. Introduction Whether you are launching your first online store on Magento s ecommerce platform or you are re-architecting it with Magento Enterprise, you need a cloud or hybrid partner that is seasoned in hosting Magento platforms to build secure, scalable and highly available online stores. With Rackspace, you are in the hands of a proven Magento Hosting Partner that has helped more than 1,000 customers globally, ranging from SMBs to Fortune 500 companies. According to a study from ecommerce publishing authority Internet Retailer, Rackspace is currently ranked the number one hosting provider for the Internet Retailer Top 1,000 websites. Rackspace now hosts a greater percentage of the world s Magento deployments than any other hosting provider. In order to support you as a team, Rackspace has entered into the Magento Hosting Partner program as a Platinum level partner. Rackspace ecommerce hosting solutions for Magento, here after referred as the solution, is a Magento ecommerce platform optimized by Rackspace Hosting. This solution is a combination of multiple product offerings from Rackspace including dedicated hosting, cloud hosting, hybrid hosting and additional services meant to augment performance. Within three months of launching the new site built on the Magento platform, Gant s online orders went up 340 percent. We also saw a 290 percent increase in conversion rates and 35 percent reduction in page load time. Thanks to the infinite scalability of the Rackspace open cloud, Gant can scale servers up and down to meet customer needs whilst only paying for what we actually use. This has lead to a 50 percent reduction in hosting costs. Anna Carlqvist Global Ecommerce Manager, Gant Clothing Building Secure, Scalable and Highly Available Magento Stores, Powered by Rackspace Solutions Page 3

2. Use Cases Ecommerce commonly refers to the buying and selling process of various products and services through the online environment. Ecommerce websites are in most cases well designed websites with high amounts of traffic, while ecommerce hosting enables ecommerce websites to be hosted on shared or dedicated server hardware. Rackspace ecommerce hosting for Magento supports the following most common ecommerce hosting use cases: 1) 100% Uptime When your website is your cash register, it has to be open for business always. Thus, ecommerce websites are required to be highly available. The solution can guarantee 100% production uptime, provided a recommended topology is deployed. 2) Page Load Times Less Than Two Seconds Loading ecommerce web pages within two seconds, even during peak load time, is an industry norm. The solution supports faster page loads. 3) Security of Sensitive Data Ecommerce sites requires very secure infrastructure for managing sensitive data on the server collected from the users of the website, including credit card information. The solution helps customers in PCI compliance using PCI compliant dedicated infrastructure and third party payment gateways for cloud infrastructure. 4) Scalability The ability to handle sudden and/or seasonal spikes in demand for holiday seasons is the most important use case for ecommerce websites. The solution supports this use case using cloud infrastructure to make your infrastructure feel virtually unlimited. In summary, we help merchants architect and deploy secure, scalable and highly available Magento ecommerce stores on Rackspace Infrastructure. Building Secure, Scalable and Highly Available Magento Stores, Powered by Rackspace Solutions Page 4

3. Factors Influencing Solution Design Various factors influence your choice of hardware for your online ecommerce store. Some of the most important factors to consider include: 3.1 Which Magento Edition Is Right For You? You can choose between Magento Community and Magento Enterprise to develop your solution. To decide which edition is right for you, simply click here to get a side-by-side comparison of the Magento Community, Enterprise and Go editions. 3.2 Where to Store Credit Card Data and How do You Transmit it? A few other important factors to consider are where you want to store credit card data and how do you transmit it. 3.2.1 Options available for storage You can store credit card data in a Rackspace data center or use a third-party payment gateway to store credit card information using APIs. The third-party payment gateway is most common since it offloads much of your PCI burden to that provider. That being said, should you require credit card info and other sensitive data to be housed within your environment, we can architect solutions to help you meet PCI compliance. 3.2.2 How do you decide which option is right for you? One way to determine which option is right for your business is to compare the cost of using a third-party payment gateway with the cost of storing credit card information in a data center. If you process a smaller number of credit card transactions, you might find that using a third-party payment gateway is more economical and the best option, provided it fits within your company policies. If credit card transaction volume is very high, you may find it more cost-efficient to store credit card information in a Rackspace data center and undergo PCI compliance audits. Your company policies and credit card transaction volume, along with other factors not discussed here, can help determine where to store credit card data. When you choose the option of transmitting credit card information from server side using APIs, your server infrastructure becomes part of PCI compliance. On the other hand, using APIs from client browsers, excludes your server infrastructure from the scope of PCI compliance. Building Secure, Scalable and Highly Available Magento Stores, Powered by Rackspace Solutions Page 5

3.3 Maximum Number of Concurrent Users This is the number of customers that can log into your online store simultaneously and place orders without encountering issues related to resource allocation. This is an important consideration when choosing the reference architecture for your company. We recommend designing your system for 1.5 times the peak load that you anticipate in your day-to-day transactions. In addition to the factors discussed above, the following business parameters will also influence your reference architecture design choices: Size of catalog Average browsing time per user, (ie. five minutes, 20 minutes, 30 minutes) Average and peak visitors per day Average orders per day Peak orders per hour and per day Peak orders per hour and per day during the holiday season Number of concurrent users on admin panel Amount of SKUs/product records in catalog Amount of categories Administrative users: Over six admin users will require separation of this function to its own environment) Payment Bridge: This offering from Magento can help with PCI/DSS and requires additional infrastructure As a rule of thumb, please remember that number of concurrent users and transactions help to size web servers. The number of SKUs for sale on the website helps to size the database server. Building Secure, Scalable and Highly Available Magento Stores, Powered by Rackspace Solutions Page 6

4. Overview of Reference Architectures Based on our expertise of serving thousands of Magento customers in the past, we have developed following four reference architectures as starting points: 4.1 Magento Community Edition Basic Reference Architecture This configuration is ideal for the retailer that is looking to get started on a smaller budget, deploying Magento Community edition or an entry level Magento Enterprise Edition. Cost of entry to this solution is very low with a tremendous upside for rapid growth. This is a pure cloud configuration in which web server and database both reside in the cloud. In this architecture, we propose cloud network segmentation between web and database servers for security reasons. In this topology, you can add web and database servers for scalability. It is recommended to store customer credit card information outside the Rackspace network using third-party payment gateways when deploying to the public cloud. Configuration Details: 1 Cloud Load Balancer (public) SSL Fewer than 100 concurrent connections 50GB bandwidth 2 Cloud Servers for web: 16GB, 6 vcpus, 620GB storage HTTPS Cloud Monitoring checks Varnish for caching 2 Cloud Servers for database (master/slave) Memcached 8GB, 4 vcpus, 320GB storage Cloud Backup TCP Port Cloud Monitoring check Cloud Block Storage SSD 100GB Isolated Cloud Network with connectivity only to web servers Cloud Files and the Akamai CDN 50GB capacity 50GB bandwidth Service Recommendations: Choose a Managed Cloud Account and save time by letting us manage your infrastructure and deploy your servers. Building Secure, Scalable and Highly Available Magento Stores, Powered by Rackspace Solutions Page 7

4.2 Magento Enterprise Edition Intermediate Reference Architecture This is an ideal solution for emerging Enterprise Edition retailers. It combines low cost of entry with more resources allocated to the individual servers and can be scaled to meet growing demands. This configuration is built using dedicated servers for both web and database servers. Single web and database server are segmented behind physical firewall. In this topology, customer credit card information is stored using the third-party payment gateway. Configuration Details: 1 ASA 5510 Security Plus firewall 1 site-to-site VPN, 5 client VPNs RackConnect for Cloud Files 1 Enhanced Two Silver web server (DMZ segment) Red Hat Enterprise Linux 6 Dual Quad Core CPU, 24GB RAM 2x 146GB RAID 1 (OS), 4x 146GB RAID 10 (data) Sophos A/V Base Backup Agent 1 Enhanced Two Silver database server (Inside segment) Red Hat Enterprise Linux 6 MySQL Memcached Dual Quad Core CPU, 24GB RAM 2x 146GB RAID 1 (OS), 4x 146GB RAID 10 (data) Base Backup and MySQL Agent Cloud Files and the Akamai CDN 50GB capacity 50GB bandwidth Mailgun Express Base package Building Secure, Scalable and Highly Available Magento Stores, Powered by Rackspace Solutions Page 8

4. 3 Magento Enterprise Edition Advanced Reference Architecture This configuration is for an established retailer with higher traffic that warrants a load balanced solution for unpredictable traffic patterns. This solution also offers retailers the ability to burst into the cloud for traffic spikes. Retailers running promotions frequently through fire sales, marketing pushes, and social media blitzes can benefit from this solution. This configuration is a Hybrid configuration built using RackConnect. It uses dedicated servers for database and web servers. Holiday spikes or sudden increase in load can be burst into cloud servers, with Magento Peak Demand Licenses. Dual web and database servers are segmented behind physical firewall. Customer credit card information is stored in the third-party payment gateway. Configuration Details: 1 ASA 5510 Security Plus firewall 1 site-to-site VPN, 5 client VPNs F5 1600 Local Traffic Manager RackConnect for Cloud Files bursting with Magento Peak Demand Licenses 2 Enhanced Two Silver web servers (DMZ segment) Red Hat Enterprise Linux 6 Dual Quad Core CPU, 24GB RAM 2x 146GB RAID 1 (OS), 4x 146GB RAID 10 (data) Sophos A/V Base Backup Agent 2 Enhanced Two Silver database servers (Inside segment) Red Hat Enterprise Linux 6 MySQL Memcached Dual Quad Core CPU, 24GB RAM 2x 146GB RAID 1 (OS), 4x 146GB RAID 10 (data) Base Backup and MySQL Agent 4 Cloud Servers for web (landing page & catalog logic) 4GB, 2 vcpus, 160GB storage HTTPS Cloud Monitoring checks Service Recommendations: Choose a Managed Cloud Account and save time by letting us manage your infrastructure. Work with our Advisory Services team to plan your seamless journey to the cloud. Cloud Files and the Akamai CDN 50GB capacity 50GB bandwidth Mailgun Express Base package Building Secure, Scalable and Highly Available Magento Stores, Powered by Rackspace Solutions Page 9

4.5 Magento Enterprise Edition Premier Reference Architecture This configuration is designed for retailers for supporting the highest number of online transactions compared to other configurations. Rackspace can deliver a resilient, highly available infrastructure with failover capabilities at every layer of the solution. Rackspace can also provide guidance on PCI compliance for storing credit card information securely. This also is a hybrid configuration built using RackConnect as it uses dedicated servers for database and hosting web servers. Holiday spikes or sudden increase in load can be burst into Rackspace Cloud Servers, with Magento Peak Demand Licenses. It uses HA configurations for dedicated firewalls and F5 load balancers. This topology allows storing customer credit card information within the Rackspace network on dedicated servers. It achieves PCI compliance with help from the third party products of Symantec and Alert Logic. Service Recommendations: Choose a Managed Cloud Account and save time by letting us manage your infrastructure. Select Critical Application Services for a super-aggressive SLA with a 100% production platform uptime guarantee and a 2x service level credit. Work with our Advisory Services team to plan your seamless journey to the cloud. Configuration Details: 2 ASA 5520 Security Plus high-availability firewalls 1 site-to-site VPN 10 client VPNs 2 F5 1600 high-availability Local Traffic Managers RackConnect for Cloud Files bursting with Magento Peak Demand License Alert Logic Threat Manager IDS + Alert Logic Log Manager SSL, 51 100MB throughput 10 log sources Imperva high-availability Web Application Firewall Gold SLA RSA SecurID 130 10 tokens VeriSign SSL certificate 1 domain 2 Enhanced Two Silver shopping cart servers (DMZ segment) Red Hat Enterprise Linux 6 Dual Quad Core CPU, 24GB RAM 2x 146GB RAID 1 (OS), 4x 146GB RAID 10 (data) Sophos A/V Base Backup Agent 2 Performance One Silver database servers (active/ passive multi-master) Red Hat Enterprise Linux 6 MySQL Memcached Dual Hex Core CPU, 64GB RAM 2x 300GB RAID 1 (OS), 4x 300GB RAID 10 (data) Base Backup and MySQL Agent 4 Cloud Servers for web (landing page & catalog logic) 4GB, 2 vcpus, 160GB storage HTTPS Cloud Monitoring checks Cloud Files and the Akamai CDN 100GB capacity 100GB bandwidth Mailgun Express Base package Building Secure, Scalable and Highly Available Magento Stores, Powered by Rackspace Solutions Page 10

5. Flowchart for Choosing a Reference Architecture The following flowchart* provides guidance for deciding which reference architecture is right for your business needs. Alternatively, the Rackspace support team can help you in deciding the right topology for your needs. START Enterprise Edition Where do you want to store your credit card information? You are OK about storing this data at a third-party payment gateway In Rackspace data center under your control Which edition of Magento are you planning to use? Community Edition (Please check the URL** shown below for deciding between community and Enterprise editions) It s cost-effective for you to store credit card data in payment gateway Volume of credit card transactions It s cost-effective for you to store credit card data in Rackspace data center How you want to transfer credit card data to payment gateway Using API from server side From end user s browser Number of concurrent users Between 100 and 200 Between 200 and 400 More than 400 Basic Reference Architecture Intermediate Reference Architecture Advanced Reference Architecture Premier Reference Architecture * Please note: the recommendation provided above for choosing the right reference architecture based on the number of concurrent users stems from our experience of helping 1000+ customers in deployment. ** http://www.magentocommerce.com/product/overview-compare?utm_source=magentocommerce&utm_medium=topnav Building Secure, Scalable and Highly Available Magento Stores, Powered by Rackspace Solutions Page 11

6. Why We Are a Leader in Magento Hosting Our customers trust us with their Magento hosting needs for the following reasons: Broad Product Portfolio We offer dedicated hosting, public, private and hybrid cloud, linked by our unique RackConnect hybrid technology so that you can buy the base, rent the spike. Our Magento Knowledge With Rackspace, you are in the hands of a proven Magento hosting partner that can guide you through architecting your Magento solution and tuning it for optimal performance. Relationships with top Magento SIs Our key alliances with top Magento Solution Partners allow us to provide end-to-end support for a complete experience. PCI Compliance Providing you with infrastructure and solutions requirements that can help reduce the scope and complexity of your compliance efforts. IT Expertise An on-staff team of security, database, networking, application and infrastructure specialists available every day, all day. Fanatical Support From strategic development assistance offered by our Advisory Services team to custom architectural design from our Solutions Architects, we provide full end-to-end ecommerce solutions, all backed 24x7x365 by our legendary Fanatical Support. 7. Overview of Rackspace Solutions for Online Retail In addition to providing solutions for ecommerce hosting, Rackspace can help retailers in their journey to the next generation retail experience by providing the following solutions: Mobile Commerce In addition to powering your ecommerce website, Rackspace also supports hosting of mobile commerce websites. Building Custom Applications As an industry-leading SaaS hosting provider, Rackspace offers deep hosting expertise and a variety of products and services for building custom applications. Campaign Pages Rackspace provides hosting infrastructure for building microsites to supporting your marketing initiatives. Corporate Website Hosting Your corporate site is often the first and primary interaction that your customers and the world have with your product, service and brand. Rackspace can help you with hosting your corporate website. Test & Dev Isolated compute environments used to develop, QA and test a new application/site or changes to an existing application/site are available. Big Data Analytics Through our partnership with Hortonworks, the premiere opensourced Apache Hadoop, enterprise distribution, we offer three different deployment models to solve your Big Data needs based on the size and complexity of your workloads on dedicated and cloud servers. Hosted Email Rackspace Email Hosting gives you the power to securely manage email from any web browser or the device of your choice no licenses to keep track of or software to download. Hosted SharePoint We offer dedicated and multi-tenant SharePoint hosting services for collaborating within your organization. Building Secure, Scalable and Highly Available Magento Stores, Powered by Rackspace Solutions Page 12

Enabling your journey to the next generation of retail We can host your common workloads Ecommerce Store Campaign Pages Big Data Analysis Mobile Commerce Corporate Sites Hosted Email Custom Apps (SoLoMoMe) Test & Development Hosted SharePoint Advisory Services Critical Application Services Managed Services Rackspace Public Cloud Rackspace Private Cloud Rackspace Dedicated Servers Customer Data Center 8. Summary Magento Enterprise offers an innovative open source technology and is one of the fastest growing ecommerce platforms. Because of its level of sophistication, it can require advanced expertise when it comes to an enterprise s hosting environment. Based on its long-standing relationship and over 1,000 Magento implementations, Rackspace Hosting has excellent experience with Magento environments. That history has given Rackspace deep technical experience with Magento Enterprise. Add to that Fanatical Support and a hybrid infrastructure, Rackspace is a highly qualified provider of dedicated hosting for enterprise ecommerce sites using Magento Enterprise. Building Secure, Scalable and Highly Available Magento Stores, Powered by Rackspace Solutions Page 13

ABOUT MAGENTO Magento offers flexible, scalable ecommerce solutions designed to help businesses grow and succeed online. The Magento platform is trusted by more than 150,000 businesses, including some of the world s leading brands. Customers choose Magento because our cost-effective solutions built on open source technology enable businesses of all sizes to control and customize the look and feel, content, and functionality of their online stores. We offer a range of resources, support, and consulting services to help our customers get the most from their Magento deployments, including education, training, and developer certification programs. Our global community of partners and developers gives customers access to robust third-party extensions and certified professional integration help. Magento is owned by ebay Inc., a global leader in commerce technology. Our relationship enables us to offer our customers, partners, and community members a wealth of experience and resources in commerce-related technologies, as well as access to world-class, branded capabilities from ebay Marketplaces, PayPal, GSI Commerce, and others. If you re new to working with Magento, welcome. We look forward to helping you grow your business. References: [1] Magento Usage Statistics - http://trends.builtwith.com/shop/magento [2] http://www.magentocommerce.com/, as of 03/29/2013 [3] http://www.magentocommerce.com/product/enterprise-edition as of 03/29/2013 Building Secure, Scalable and Highly Available Magento Stores, Powered by Rackspace Solutions Page 14

About Rackspace Rackspace Hosting (NYSE: RAX) is the open cloud company, delivering open technologies and powering hundreds of thousands of customers worldwide. Rackspace provides its renowned Fanatical Support across a broad portfolio of IT products, including Public Cloud, Private Cloud, Hybrid Hosting and Dedicated Hosting. The company offers choice, flexibility and freedom from vendor lock in. GLOBAL OFFICES Headquarters Rackspace, Inc. 5000 Walzem Road San Antonio, Texas 78218 1-800-961-2888 Intl: +1 210 312 4700 www.rackspace.com UK Office Rackspace Ltd. 5 Millington Road Hyde Park Hayes Middlesex, UB3 4AZ Phone: 0800-988-0100 Intl: +44 (0)20 8734 2600 www.rackspace.co.uk Benelux Office Rackspace Benelux B.V. Teleportboulevard 110 1043 EJ Amsterdam Phone: 00800 8899 00 33 Intl: +31 (0)20 753 32 01 www.rackspace.nl Hong Kong Office 9/F, Cambridge House, Taikoo Place 979 King s Road, Quarry Bay, Hong Kong Sales: +852 3752 6465 Support +852 3752 6464 www.rackspace.com.hk Australia Office Level 4, 210 George Street, Sydney, NSW 2000 Phone: 1-800-722577 www.rackspace.com.au 2013 Rackspace US, Inc. All rights reserved. This whitepaper is for informational purposes only. The information contained in this document represents the current view on the issues discussed as of the date of publication and is provided AS IS. RACKSPACE MAKES NO REPRESENTATIONS OR WARRANTIES OF ANY KIND, EXPRESS OR IMPLIED, AS TO THE ACCURACY OR COMPLETENESS OF THE CONTENTS OF THIS DOCUMENT AND RESERVES THE RIGHT TO MAKE CHANGES TO SPECIFICATIONS AND PRODUCT/SERVICES DESCRIPTION AT ANY TIME WITHOUT NOTICE. USERS MUST TAKE FULL RESPONSIBILITY FOR APPLICATION OF ANY SERVICES AND/OR PROCESSES MENTIONED HEREIN. EXCEPT AS SET FORTH IN RACKSPACE GENERAL TERMS AND CONDITIONS, CLOUD TERMS OF SERVICE AND/OR OTHER AGREEMENT YOU SIGN WITH RACKSPACE, RACKSPACE ASSUMES NO LIABILITY WHATSOEVER, AND DISCLAIMS ANY EXPRESS OR IMPLIED WARRANTY, RELATING TO ITS SERVICES INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND NONINFRINGEMENT. Except as expressly provided in any written license agreement from Rackspace, the furnishing of this document does not give you any license to patents, trademarks, copyrights, or other intellectual property. Rackspace, Fanatical Support, and/or other Rackspace marks mentioned in this document are either registered service marks or service marks of Rackspace US, Inc. in the United States and/or other countries. OpenStack is either a registered trademark or trademark of OpenStack, LLC in the United States and/or other countries. Third-party trademarks and tradenames appearing in this document are the property of their respective owners. Such third-party trademarks have been printed in caps or initial caps and are used for referential purposes only. We do not intend our use or display of other companies tradenames, trademarks, or service marks to imply a relationship with, or endorsement or sponsorship of us by, these other companies. Building Secure, Scalable and Highly Available Magento Stores, Powered by Rackspace Solutions Page 15