Global-e provides a full end-to-end cross border eCommerce solution based on a proprietary platform that is augmented by best-of-breed third party providers. By enabling efficient and simplified global eCommerce, Global-e overcomes the barriers of borders. It enhances international shopping experiences by adjusting to a country’s native language and currency, and offers local payment methods, international anti-fraud protection and competitively priced delivery options with all taxes and duties calculated at checkout.
Due to sensitive customer data and the fact that part of the system would be exposed to the public net in the public cloud, Global-e needed to deploy a highly available and secure environment. Global-e had to comply with the different PCI requirements in a timely manner, taking delivery time and cost constraints into account.
As mentioned above, Global-e’s compliant environment’s network was segmented from those with less sensitive data. The separation was made because Global-e understood that the compliant private network could not be accessed directly from the net, changes needed to be controlled, and that monitoring solutions for inbound and outbound traffic needed to be carefully selected.
Global-e is responsible for dealing with multiple transactions on behalf of its merchant partners, and understands that necessary precautions need to be taken in order to ensure that downtime is non-existent. Additionally, due to the nature of the sensitive data that is shared with Global-e, consistent backup is crucial.
As Global-e’s system deals with customers across the globe, it must be available around the clock with a top of the line infrastructure operations desk that can cope with issues that arise in accordance with compliance and regulations.
With AllCloud’s architecture recommendations, Global-e set up its full production environment in Amazon Web Services (AWS). Global-e’s team divided their stack into two major sections, understanding that their PCI compliant environment is a small fraction of the full spectrum of operations that are run. Most of Global-e’s services, such as its API and web functionality, are located in a public environment, which is completely separate from the PCI private environment. The PCI environment can only be accessed by specific individuals and its network is not directly exposed to the public net. This separation was intentional in order to minimize the efforts and investments that would have been needed to support PCI compliance requirements on the whole environment.
Following AWS best practices, all services are now segmented into separate networks that use AWS VPC to protect both the public component as well as the PCI private environment. Inbound and outbound traffic is monitored and controlled by a Sophos UTM, along with Languard, an IPS/IDS monitoring system that constantly scans the network for vulnerabilities. File integrity protection is also a PCI compliance requirement that is fulfilled with Dome9 network security solutions. Dome9 provides notifications whenever any Windows OS or application sensitive files have been modified. This measure helps detect intruders and keeps them from gaining access to the server, or changing critical data and configurations. Additionally, Dome9 sends Global-e notifications regarding AWS security group policy changes.
Global-e has a default configuration that is comprised of several compute nodes per environment, for both the private and the public environments. Every node uses AWS autoscaling for exponential scaling capabilities. Global-e utilizes an ‘always on’ cluster configuration to maintain high availability and every environment holds a single replica to ensure efficient redundancy and high availability. This also includes multiple MSSQL database nodes that run at all times, with the potential to grow down the road. The main node replica in active mode is read only, meaning it can still be queried for reporting and various other services. However, if something happens to the main node, it automatically fails over to the read only node, which then becomes a read/write node. Part of MSSQL ‘always-on’ cluster has been deployed in a different AWS region that serves as Disaster Recovery site. This approach facilitates minimal data loss in an unlikely case of a physical infrastructure disaster in the main AWS region.
With Global-e’s management environment powered by Allcloud’s dynamic monitoring, any server that is added to its pool is automatically integrated with its Nagios server, monitored with alert mechanisms in place, and logged via Graylog. In addition to capturing and saving the logs, Graylog provides transparency into logs in order to understand what’s happening in the environment. Global-e’s operations team is therefore able to log into Graylog and filter data, such as application logs for debugging purposes.
AllCloud’s NOC-as-a-Service is solely exposed to the merchants that work with Global-e, and includes a white labeled hotline for tier 1 support that is specifically dedicated to Global-e customers. If an event occurs, merchants can be get in touch with AllCloud for around the clock support. AllCloud also provides tier 2 and 3 tech support when Global-e’s underlying infrastructure (i.e., AWS) is involved. As a means of aiding AllCloud in its support efforts, Global-e has created a playbook that is constantly updated and outlines potential issues that can occur.