Shield Q&A: How DHL Uses Shield to Secure Mission Critical Logistics Data in Elasticsearch

At Elastic, one of our greatest pleasures is learning and sharing how our customers are utilizing our software to achieve various organizational and personal goals. 

Earlier this year we released Shield to make it super easy for anyone to add security to their Elasticsearch deployment (try it for yourself with these five simple steps). 

Today, we are excited to share how DHL Supply Chain, a global leader in the logistics industry, has experienced success with Shield. DHL Supply Chain offers a variety of supply chain services in over 220 countries, including assembly and packaging, warehousing, and transportation.

In order to provide customers visibility across their supply chain, DHL integrates its Warehouse Management and Transportation Management System with its customers’ ERP systems. The messages that pass through DHL LINK, DHL's integration layer, are indexed in Elasticsearch, allowing DHL’s customers to search through multiple terabytes of data to find the latest status of a specific EDI order message using a PO number or other reference to see that it has been sent successfully to the customer (e.g. the status of the EDI message is “sent”).

As a large organisation managing sensitive data, security is a must-have for DHL. They initially planned to install, configure, and manage a reverse proxy to protect their Elasticsearch cluster, but quickly observed the operational overhead and were afraid of a false sense of security – how do you verify it works? 

They decided it made more sense to use a tool that is fully-documented and tightly integrated with Elasticsearch. As a result, they deployed Shield to protect their data and prevent unauthorized access by configuring user authentication and encryption for all Elasticsearch network traffic.

What is your title and what are you responsible for at DHL Supply Chain?

My name is Oliver Cruickshank and I’m Head of Integration Architecture for DHL Supply Chain. Efficient B2B communication with our customers is critical to the success of DHL Supply Chain and visibility of data is key to this. The integration platform processes 1 billion messages annually so all components need to scale well.

My name is Filip Mihalovic am Associate Consultant for DHL  Information Services, responsible for providing IT solutions  suited for our partners within DHL group.

How did you find and first start using Elasticsearch?

OC: Our previous visibility solution was slow to return data to users and frequently timed out. We needed a solution that could easily parse the hundreds of EDI data formats and index the results. Elastic fitted the requirements well and was very easy to run a PoC for.

FM: Elasticsearch has been proposed as a tool that can fulfill requirements for visibility into the integration layer. After installing and trying Elasticsearch, we knew this is the way to go.

How did you find and first start using Shield?

OC: Within DHL the security of our customer’s data is very important to us as such it was critical for us to secure all access to the data. Shield met our requirements for access control and encryption.

FM: During the initial analysis of how to use and secure Elasticsearch, we were told that Shield is coming. After using Elasticsearch for a couple of months, Shield was released. We did not hesitate and tried it straight away.

What has been the most fun or surprising moment in your Elastic journey so far? Or, if you had one, can you describe your Elastic aha! moment?

OC: After struggling with horizontal scalability in our traditional RDBMS for a long time, adding additional nodes to the existing Elastic cluster was incredibly easy – the data automatically balanced itself across the available nodes and CPU load was spread evenly.

FM: Installation and starting of the usage is very easy and intuitive. Another thing I would point out is the level of configuration for Elasticsearch service. Every tiny bit of functionality can be adjusted. On the other hand, fine tuning might take some time to meet needs of particular application.

If you are a Shield user and have a story that you'd like to share, give us a shout at – we'd love to hear from you!