Vonage

How Vonage is using Dapr to secure and modernize their tech stack

Challenge

Vonage is a global provider of cloud-based communication tools for businesses. We provide APIs for network, messaging, voice, and video, contact centers, and conversational commerce solutions.

Like most companies, 100% of our current stack is existing code. That sounds obvious, but the reality is we already have a deep stack of functioning code and released products running on more than 100 core services. This makes addressing new challenges, requirements, or regulations a risky and time-consuming process. We wanted to easily add new functionality, new security features, and the ability to experiment with new tools without throwing out the code base and starting from scratch.  This means that we needed to determine a non-intrusive way to add these new features without compromising the status quo or disrupting the company’s momentum.

Solution

We decided the best solution is to utilize a sidecar pattern that can work across all of our solutions regardless of programming language, deployment pattern, or technical capabilities. This meant we needed to investigate how quickly this solution would be implemented, how it would handle different aspects of the lifecycle, and finally, how robust and extensible it would be.

Dapr proved to be a phenomenal fit for both our new systems and our existing stacks; whether its written in Java, Dotnet, Golang or Javascript and running on metal, VMs, Nomad or Kubernetes we were able to standardize tracing, AuthNZ and resilient service-to-service communication. We have brought legacy systems with unique authentication mechanisms to more modern and secure patterns using OIDC without needing to rewrite the entire stack. We are able to intercept the calls, manage the authentication and authorization, and then translate the call to the legacy requirement, all using modern, audited, and declarative mechanisms. 

We are continually adding more features to all our stacks and solutions by utilizing the power of Dapr’s implementation and architecture.

Impact

We can now quickly secure and modernize stacks and respond to regulatory and compliance requirements. We are also able to extend COTS products to our standards and requirements allowing us to use the latest and greatest tools without sacrificing any security or controls