The customer is the world's leading electronic measurement company, transforming today's measurement experience through innovations in wireless, modular, and software solutions. The customer wanted to develop secure application with high availability and seamless user experience for their supply chain management process through their collaboration platform and with all the Security Best practices and controls in place as necessitated in order to filter and protect against common application threats.
About the Customer
The customer is the world's leading electronic measurement company, transforming today's measurement experience through innovations in wireless, modular, and software solutions. With its roots based in Hewlett-Packard and Agilent, the customer delivers solutions in wireless communications, aerospace and defense and semiconductor markets with world-class platforms, software and consistent measurement science.
The customer needed a Collaboration Platform for its member and suppliers. The customer was using two different SaaS solution providers for separate business units or departments. They wanted a single solution that would cater to all their requirements and was not billed by the number of users accessing the platform. The customer had a usage pattern that had a broad range of volume.
In the Client architecture, the Web Application is serverless and is accessible only via the AWS CloudFront CDN. The request is received from outside and CDN either replies with the cached content or requests the content from the application if not cached. Thus, the access to the web application was required to be firewalled and protected from any type of common attacks and thus hardening the security posture.
Being an existing user of the platform, the customer was confident in the capabilities of Amazon Web Services. AWS provided the services to deploy the application in line with the vision laid out by the customer. A serverless approach was chosen to deploy the application.
To facilitate the continuous build and deployment environment in AWS, the customer chose to work with AspireNXT, an IT services provider that is part of the AWS Partner Network (APN).
Aspire NXT suggested to use an AWS WAF wherein the access to the application was only through AWS WAF. After an initial assessment, Aspire NXT helped the Client to:
• Setup a secured environment using WAF for protection against common web attacks.
• We attached AWS WAF to CloudFront CDN wherein a request comes from the outside, it is filtered by WAF before allowing access to the CDN
• We enabled Logging for WAF to periodically review the logs and identify any possible optimizations and custom rules which can be suggested to the Client.
• A web application firewall is optimized to protect their web application and it is deployed analyze bi-directional web-based (HTTP/HTTPS) traffic - detecting and blocking anything malicious.
• It works as a shield or proxy between the internet and their web application thus protecting the server from exposure.
• During periodic reviews we realized that an average request going through WAF are 150K/day.
• AWS WAF service is integrated with API Gateway service for better control over access.
WAF is configured to protect the serverless application against the following type of attacks:
• SQL Injection
• Cross Site Scripting (XSS)
• HTTP Flooding
• Scanners and Probes (Reconnaissance)
• IP Reputation Lists
• Bots and Scrapers
• Rate-based DDoS protection
• Other Custom Rules
Results and Benefits
Some of the benefits and results that the client achieved using AWS WAF are as under:
• Optimized filtration of the web applications.
• Inspects the web traffic, and prevents common attacks stemming from variety of reasons like misconfigurations, vulnerabilities, etc.
• Helps protect the web applications/APIs against common web exploits that may affect availability, compromise security, or consume excessive resources.
• Gives control over how traffic reaches the applications by enabling us to create security rules that block common attack patterns.
• Some other benefits like agility to protect against attacks, ease of use, improved visibility over web traffic, etc.
• DDoS Resiliency by following all 7 best practices documented by AWS.