That is insanity of the highest order. I know of a lot bigger sites that do not use anything close to that and have nothing near the problems. Such a waste of money and resources for both sites, that it is shameful.
Honestly I figure they were trying to rely on syncookies to protect them when they were bleeding (spoofed?) SYN floods.
A single NGINX install can handle some serious volumes of traffic. I mean, the site is behind cloudflare now so CF is likely doing some caching, so the amount of load on backend servers is fairly minimal. I'm fairly sure the reason 'search' has been broken for so long is whomever was flooding them was pounding it with GET requests and blasting their SQL DB out.
I used to think their control panel was 100% inhouse, and while it is in that they built it for themselves, I don't think the developers are a part of CC's usual work force. If they were at all competent they would be able to engineer some improvements.
(I'm being vague in what changes that could be made to help deal with the flood they're eating.)
Francisco