下载PDF

Fastly > 实例探究 > 增强云优先微服务基础设施的安全性和可见性：OFX 案例研究

OFX Enhances Application Security with Fastly Next-Gen WAF

技术

应用基础设施与中间件 - 事件驱动型应用
网络安全和隐私 - 应用安全

适用行业

电网
国家安全与国防

适用功能

质量保证

用例

供应链可见性(SCV)
篡改检测

服务

云规划/设计/实施服务
测试与认证

挑战

OFX 是一个国际金融转账平台，希望在其云优先微服务基础设施中提高可见性并防范 OWASP 攻击和身份验证滥用。

关于客户

OFX 是一家位于澳大利亚悉尼的国际金融转账平台，每年通过其网络应用程序处理超过 220 亿美元的资金。他们最近完成了向云的全面迁移，并希望确保其微服务的安全性。

解决方案

OFX 在其中层环境中部署了 Fastly Next-Gen WAF，并在其 Web 服务器上设置了代理，以获得深入的应用程序可见性并有效阻止恶意流量。他们使用电源规则来建立正常身份验证流量的基线，并创建自定义阈值来检测和阻止可疑活动。

运营影响

The deployment of Fastly Next-Gen WAF has provided OFX with a significant increase in visibility and protection against OWASP attacks and authentication abuse. The solution was easy to install and use, and it effectively blocked malicious traffic automatically without causing production incidents. The quality assurance team uses the Fastly Next-Gen WAF monitoring via easy-to-consume dashboards as a part of their release protocols to catch any issues quickly. The Fastly Next-Gen WAF Power Rules have also allowed OFX to gain visibility into the origin IP and behavior of user logins to detect suspicious actors and patterns. This has resulted in a more secure and efficient operation.

数量效益

OFX processes over $22 billion annually through its web application.
The Fastly Next-Gen WAF was installed in minutes, allowing the security team to uncover application errors and address root causes more efficiently and effectively.
OFX established a baseline for their normal authentication traffic and created custom thresholds to alert and block malicious authentication traffic aggressively whenever it deviates from normal behavior.

相关案例.

Hydro One Leads the Way In Smart Meter Development

In 2010, Ontario’s energy board mandated that time-of-use (TOU) pricing for consumers be available for all consumers on a regulated price plan. To meet this requirement, Hydro One needed to quickly deploy a smart meter and intelligent communications network solution to meet the provincial government’s requirement at a low cost. The network needed to cover Hydro One’s expansive service territory, which has a land mass twice the size of Texas, and its customers live in a mix of urban, rural, and remote areas, some places only accessible by air, rail, boat or snowmobile. Most importantly, the network needed to enable future enterprise-wide business efficiencies, modernization of distribution infrastructure and enhanced customer service. To meet these needs, Hydro One conceptualized an end-to-end solution leveraging open standards and Internet Protocols (IP) at all communication levels. The utility drew upon industry leaders like Trilliant to realize this vision.

Selling more with Whirlpool

Whirlpool wanted to add connectivity to appliances and transform the company's relationship with customers. Traditionally, Whirlpool interaction with customers was limited to purchases made once every ten years. Connected washer and dryers provide exciting new features like remote management of start times and inter-machine communication.

SAS® Analytics for IoT: Smart Grid

Companies face falling revenues, rising infrastructure costs, and increasing risk of outages caused by inconsistent energy production from renewable sources. Less money is coming in as more people and organizations take steps to curb their energy use. Utilities are paying more to maintain and build infrastructure due to increasing complexity, resulting from the rising number of intermittent and variable renewable energy sources connected in the distribution grid.

Enel Secures Italian Power Generation Network

Electric energy operators around the world are working to increase the reliability and cyber resiliency of their systems. This includes Enel, a global power company that manages and monitors the Italian power grid. This grid:• Serves 31 million customers• Has a net installed energy capacity exceeding 31 gigawatts• Includes more than 500 power generation plants,including hydroelectric, thermoelectric, and wind• Is managed and monitored by Enel 24/7/365• Is operated by Terna, the Italian Transmission System Operator (TSO)Enel is responsible for the availability of the grid’s underlying ICS and industrial network. It also manages Regional Control Centers and Interconnection Centers which connect with the TSO. The TSO manages the flow of energy to the grid plus controls and remotely regulates the power generation of power plants, increasing and decreasing power production as required. The complex system of interaction and cooperation between Enel and the TSO has strong security implications as well as operational and business challenges.

IoT based Energy Quality Availability Monitoring Solution

There were several challenges faced:Since this data would be in the public domain, accuracy and authenticity of this data were of paramount importance. It should be able to withstand scrutiny.It is challenging to build an appliance that can withstand a wide range of voltage fluctuations from as low at 90v to as high as 320v. Since the device would be installed in remote locations, its resilience was of paramount importance.The device would have to deal with poor network coverage and have the ability to store and re-transmit data if networks were not available, which is often the case in rural India. The device could store up to 30 days of data.The platform that deals with the data should be readily available and highly reliable and never lose a packet of data.

Data Capture for Afghanistan Forces

Electronic equipments on the field of Afghanistan provided information on the status of the vehicle and to identify potential threats surrounding it to the British Force. The monitoring and interpretation of this data requires robust and sophisticated digitization for data capture and communication.

© 2015-2024 IoT ONE Limited | 隐私条款

联系我们

欢迎与我们交流!

Thank you for your message!
We will contact you soon.