How Corporate Holdings Enhances the protection of its business critical web application

WAF

YSH WAF Case Study 

 

Challenges and threats 

 

The customer’s websites are facing attacks and the websites are lack of defense that mean most of the websites are standalone running on ec2 instances and light sails instances. Last 6 months, customer’s websites are enormously attacked with the result of servers down or the end users can access the websites properly. The business and management teams of the customer are really considering the case as the priority which can cause a bad impact on the business functioning. Some of the services they are offering like ticket selling, information announcement and even employee portals solely depend on the functionality of the websites. 

 

The security layer implementation is asked by YSH team so that NEX4 cloud team would support it with AWS cloud native technologies. 

 

Solution 

 

Security enhancement should be implemented in the application layer to protect the sites and the customer would like to use WAF as the first layer of defense in front of the websites that could cover SQL injection, owasp top 10 web app vulnerabilities and even ddos attacks. 

 

After the deployment, the targeted attacks could be blocked and captured. Moreover, the customer could get CloudWatch alarms and logs monitoring if the attacks exceed the alarming state. Before this, the customer’s websites are standalone, now the sites could be routed through elastic load balancing(ALB). This service could also be used in future if the business grows and needs more servers. This use-case would benefit the customer web application firewall and load balancing for their sites. 

 

In this solution, we use AWS services for entire solution, AWS web application firewall (WAF), elastic load balancing (ELB), CloudWatch, AWS Certificate Manager (ACM) and other services. 

 

The general overall architecture diagram can be seen here. 

 

 

Solution outcomes and benefits 

 

Cost Efficiency 

  • Simplified and efficient architecture 
  • Pay as you go 
  • On-demand usage which won’t make to cost money under undemand situations. 
  • Can be integrated with other services only if required. 

 

Service Facility 

  • Web applications protection with AWS WAF for cloud servers. 
  • ELB is used to loadbalance traffic. 
  • Customized and managed policies are used across cloud servers. 
  • CloudWatch logs insights is ensured. 
  • Global accelerator is used for ALB so it could be used for IP whitelisting or A record type domains in third party DNS providers. 

 

Business Benefit 

  • Reduces the attack rate significantly. 
  • Single space for centralized log analysis and monitoring. 
  • SSL auto renewal is ensured with AWS ACM and ELB. 
  • More cloud servers can be added to current WAF Infra elastically. 

 

Don’t forget to share this post!