Overview

Organizations are taking a hard look at their data centers, often determining that it is more cost efficient to push their web applications to the cloud. For this digital media and online gaming company, a move to the cloud made a lot of sense, in anticipation of a major product launch. The company was expecting to sell a million units of its new gaming console, and hosting their e-commerce and authentication applications in Amazon Web Services (AWS) had a lot of appeal.

They could lean on the bandwidth, scalability, and ease-of-use of AWS, rather than invest time and money into upgrading their own physical data centers. The company however, had serious concerns about the security of their applications in a public cloud environment, especially with their upcoming high-profile product release.

“Without protection for our AWS apps, we would not have been able to launch in time for the holiday season. We deployed Imperva SecureSphere WAF for AWS in three days, and were protected against SQL injection attacks that very weekend,” said the Senior Director of IT Security.

Bringing Security to the Cloud

Customers have high expectations for this leading gaming company—its online service must be reliable, highly-available, and secure. Delivering services in the cloud exposed the organization to web attacks, data theft, and fraud and without question, this required ironclad defenses. “We had full confidence in the Imperva technology, because we were using it to protect our on-premise applications.

So, we knew they were the right vendor to take us to the cloud,” said the lead Security Engineer. SecureSphere for AWS is specifically designed to leverage native AWS infrastructure capabilities, such as AWS CloudFormation and Auto Scaling, so it not only delivers the Imperva industry-leading WAF capabilities, but it uniquely scales with AWS applications to handle increases in traffic.

Benefits and Cost Savings—Unmatched Web App Protection

SecureSphere WAF for AWS used multiple defenses to pinpoint and block attacks, during the first two days of the product launch, while still letting legitimate traffic in to maintain a seamless gaming experience. The Imperva Dynamic Profiling technology immediately started learning the application structure and elements, building a “white list” of acceptable user behavior. Then, any violations were correlated with other suspicious activity, to protect against advanced SQL injection.

The company was also targeted early on, by automated attacks from bots and scanners. Using ThreatRadar Reputation Services, an add-on service to SecureSphere WAF, the company received IP reputation data about known attack sources—like anonymous proxies and TOR networks—which allowed the organization to block malicious users, before an attack could even be attempted.

Built to Scale

Because SecureSphere WAF supports CloudFormation templates, the company was able to quickly and easily scale up to 120 gateways during the peak of the holiday season and then, scale back down after the peak. “Knowing that the solution could auto-scale with bursts in our application traffic, was a very important part of our decision to implement SecureSphere for AWS,” noted the director of IT Security. “We see Imperva as the leader in their space, being the first vendor to offer an enterprise-class WAF for Amazon.”

Designed Exclusively for AWS

SecureSphere integrates with key AWS technologies, which has enabled the company to take advantage of all the benefits of cloud infrastructure. For example, in addition to CloudFormation and Auto Scaling, it leverages Amazon CloudWatch to track the status of SecureSphere instances. When CloudWatch detects problems, like a sudden spike in throughput, or high CPU utilization, new SecureSphere server instances can be launched, as needed.

The team also uses simple JSON-based templates to define settings for AWS such as, Elastic Load Balancing (ELB), Elastic IP (EIP), Amazon Virtual Private Cloud (VPC), Amazon S3, as well as Import/Export across Availability Zones and regions.

Using Amazon Web Services, the company can rest assured that failover server instances can be rerouted to new physical sites. Because the Imperva WAF is native to the AWS, SecureSphere can reroute traffic to different Availability Zones, to support disaster recovery plans.

Saves Time and Money

By running SecureSphere for AWS, the company was able to replace up-front capital expense, with low variable cost. It scaled the SecureSphere Web Application Firewall across the globe with high availability, without purchasing additional hardware, or setting up additional data centers to support the major release of its gaming console—or to account for increased holiday traffic.

The company has increased operational efficiency, by introducing AWS network, server, and storage abstractions, which reduce the complexity of their environment. With accelerated deployment capabilities, the team manages the SecureSphere for AWS environment with just two full-time employees, allowing it to cut costs and focus on other high-priority projects. Where upgrading the company’s physical data centers to handle a product launch of this scale could take months, SecureSphere for AWS offers industry leading WAF protection for applications, in a matter of minutes.

The Future

The company had Web Application Firewall technology, from more than one vendor, deployed across the organization, which is not uncommon for a globally dispersed organization. With a very successful roll out of Imperva SecureSphere WAF for AWS, the organization decided to replace its existing WAF solutions and standardize on SecureSphere. Going forward, the company plans to deploy additional applications in the Amazon cloud, and leverage the Imperva industry-leading Web Application Firewall on AWS, as well as in its own data centers.