NTIPL enables the VM-Series to automatically block potential malicious activity that complements native AWS security with real-time threat and data theft prevention.

Organization
Leading  financial research advisor

Location
Mumbai

Domain
Finance

Solutions Offered
VM Firewall

Overview:

The company is ISO certified with a team of professionals’ skills in financial content, software development and database design. They use a variety of platforms, technologies and financial domain knowledge. They have a dedicated team of financial and database analysts who maintains information related to Company data, Mutual Fund and Insurance.
Their team has 160+ experts with having total experience of more than 800 man years engaged in conceptualizing, designing, and implementing end-to-end business solutions. They take a holistic approach to developing a well-rounded team, and value not only expertise but also perspective, discipline and bias for action.
Being into Financial Research and Advisory Business, Threat protection becomes an integral part of their IT Strategy, Here they were looking to protect their cloud infra with the same security features they get in the on-premise firewall.

Challenge:

The company was having significant growth through their customer base but due to this growth, it was causing vital pressure on their on-premise environment. At this time of all this chaos, they needed a SaaS product to manage their uptime 24/7 with high redundancy. They needed a total secured environment so they could meet their customers’ expectations while avoiding significant upfront capital expenditures. In nutshell, they wanted to secure cloud infra & applications as they have migrated to cloud from on-premises for set-up but looking for the same security that they were getting in on-premise.

Solution :

Network Techlab got engaged with the company and provided a solution with their requirement for setting up a VM series Palo Alto firewall on Amazon Web Services (AWS) infrastructure. With the help of this VM-Series next-generation firewall developers and cloud security architects to secure inline threat and data loss prevention into their application development workflows. The native AWS services combined with VM – series enable faster automation with touchless deployments and save a lot of time which will help their developers to operate at the speed of the cloud. Wherein the applications and data are protected with whitelisting and segmentation policies that are dynamically updated based on AWS tags. This allows to reduce the attack surface area and also supports in achieving compliance. Additionally, these threat prevention policies will stop both known and unknown attacks.

Architecture :

The company uses its own application and utilizes a three-layered application by running the Microsoft Windows operating system. With the help of this, it provides isolation of services for both security and performance. The entire scene remains in a virtual private cloud (VPC) to improve security in addition to Security Groups, Role-based permissions and custom Identity and Access Management (IAM) rules. For networking consistency and ease of management of EC2 instances, amazon offers the Virtual Private Cloud (VPC). A VPC is apportioned from the AWS public cloud and is assigned to a CIDR block from the private network space (RFC 1918). Within a VPC, we can carve public/private subnets for your needs and deploy the applications on EC2 instances within those subnets. To enable access to the applications within the VPC, we have deployed the VM-Series firewall on an EC2 instance. The VM-Series firewall can be configured to secure traffic and from the EC2 instances within the VPC.

Network Techlab utilized the following AWS services in the production solution:
• VPC (Virtual Private Cloud)
• Security Groups, Roles & IAM (Identity & Access

Results:

The company is now able to onboard more customers significantly faster and even they could use their in-house solution with security. Also, on AWS they can quickly scale their production stacks as dynamically as well as their workloads scale with security phases. All infra, inbound and outbound traffic on AWS is inspected by VM series firewall.

Benefits Achieved:

• Optimized architecture for company enabling customers in a more efficient manner
• Reduced the costs of local running systems integrated VM–Series virtual firewalls to protect applications with simple and scalable network security
• Streamline traffic inspection and deployment models
• Inspect traffic entering, leaving and moving within the cloud to block known malware, unknown threats and data theft.

Network Techlab (I) Pvt. Ltd.
41, Sarvodaya Industrial Estate, Opp. Paper Box, Off. Mahakali Caves Road, Andheri East, Mumbai – 400093. India
P: 022-6681 4141 | info@netlabindia.com | www.netlabindia.com
Mumbai | Navi Mumbai | Ahmedabad | Vadodara | Vapi | Pune | Bangalore | Chennai | Goa | Delhi | Kolkata