Cloud WAF Service offers 24-hour monitoring and protection to ensure the consistency of local and cloud security policies
A website is the online presence of a business organization, providing information and various services for employees, customers, partners and visitors. However, it is the most common target to be attacked and hacked. Chief Telecom teams up with F5 to launch a cloud-based web application firewall service (Cloud WAF Service). With only one step setting, it is able to monitor websites 24 hours a day, so that hackers and malicious behaviors are nowhere to hide.
Tom Lin, Product Manager of Chief Telecom, said that the Cloud WAF Service is deployed in Chief IDC. The IDC has obtained international security certification. Cloud WAF Service is equipped with F5’s core technology to provide customers with the monthly subscription service. Whether the website is located in a public or private cloud, what you need to do is to add the domain name to Cloud WAF, so as to strengthen protection and monitoring immediately. Moreover, Chie will look to extend the scope of protection in the future, such as web applications, APIs, DNS, etc.
Utilize cloud security and AI to defend against top 10 security threats and vulnerabilities
The most common issue of security is that there are many concerns involved in security deployment, like software and hardware procurement, network bandwidth, IDC location, security system maintenance and operation. Insufficient budget and long lead time of deployment are also concerns. Even if we have finished 80% security deployment, the unfinished 20% can easily become security breaches. When the enterprises are moving to the cloud and the network structure is getting open, this issue will become more and more serious. HK Chang, Taiwan General Manager of F5, pointed out that cloudification and AI are the two major trends in global cybersecurity. The reason is that more and more companies’ applications are moving to a cloud-based platform, but they are facing with the challenges of inconsistent security policies between the ground and the cloud. As long as there is a cloud data breach, the information security protection will be considerably weakened.
With over 20 years of experience in local information security, F5 has a high market share and reputation. However, during the migrating process, F5 considers it’s necessary to cooperate with telecom operators like Chief Telecom, to achieve greater synergy. For instance, F5 has a similar partnership with global telecom network operators. The top three telecom operators in China also cooperate with F5. Cloud WAF Service ensures website security through the domain forwarding and WAF protection policy.
Today, the most common website security attacks are to directly invade through the web pages or websites. As a result, enterprises cannot immediately detect the potential risks of breaches even though they have already had security deployment. When applying Cloud WAF Service, Chief will be responsible for all technical issues, ranging from load balancing, malicious robot identification, web crawler defense, Layer 7 DDoS attack defense, API anomaly detection to other defense services, all of which effectively protect customers against OWASP Top 10. What they need to focus on is to formulate their own security policies and whitelists.
Comprehensively defense against internal and external websites for potential threats
Cloud WAF Service is effective to any web services. One of our retail customers built and maintained its own business website. However, there were problems such as full load and repeated access to data occurred frequently. The customer thought that it was likely caused due to peak hours or pressing buttons by accident. But, by using Cloud WAF Service, it is found that the IP from Central Europe kept intruding the website and implanted a Trojan horse malware to attack other hosts. After solving this problem, the website traffic has been greatly reduced by 2/3 and also eliminates unwanted sources of network traffic, which not only reduces the host load, but also improves the web service quality and user experience.
In addition to external websites, Cloud WAF Service can also benefit those websites built on private clouds. For instance, a manufacturing customer is headquartered in Taiwan, and has the manufacturing factories overseas. It applied an international private line from Chief Telecom. Since the IT team wanted to prevent employees from accidently clicking phishing emails or using poisoned USB devices, so they decided to use Cloud WAF Service to solve this problem.
The malicious programs often attack corporate intranets or websites when the employees accidentally click on phishing emails or use the poisoned devices. Cloud WAF Service not only can protect website hosts from being attacked, but also find out the targeted computer so as to take countermeasures against the attacks. This manufacturing customer found that a certain computer was trying to crack the back-end account password by brute force attack. They, therefore, timely blocked the latent intrusion.
Another manufacturing customer provides services in the public cloud and uses Chief Cloud eXchange (CCX) to directly connect to the intranet. Since the company would like to solve the problem of inconsistent security policies between the local and the cloud, besides the F5’s security solution at the local end, it further adopted Cloud WAF Service to manage the information security policies of the local and the cloud on a single platform.
Leveraging SaaS security services in response to the trend towards cloudification
Corporate websites are often faced with security threats such as hacker attacks and Trojan horse malware, resulting in data theft, website disruption, and bot attacks. In addition to the risk of customer data leakage or extortion, it may also affect corporate image and reputation. The cooperation between Chief Telecom and F5 is to provide customers with visibility of information security to clearly monitor the traffic, an event’s status and more detailed information.
“Chief is very proactive about the cloud business, such as the CCX service. F5 is very pleased to cooperate with Chief Telecom to fulfill security cloudification. Next, F5 will go deep into AI for cybersecurity and provide complete SaaS security services together with Chief Telecom.” said HK Chang.
Tom Lin mentioned that F5 is the world’s leading information security company, and its rich experience in cloud security has earned Chief Telecom and its customers’ trust. In addition to Cloud WAF Service, Chief Telecom also offers comprehensive solutions in network security and physical security. Chief Telecom will continue to provide one-stop security service solutions for enterprises.
Cloud WAF Service currently offers a 30-day free monitoring trial to help enterprises conduct health checks on website and webpage security in order to find out the roots of problems, and implement corresponding protective actions and defense policies. As more and more enterprises migrate their core business to the cloud and provide application services through private cloud or hybrid cloud, cloud security will become even more crucial.