5 Web Application Firewall Case Studies

Web Application Firewalls strengthen the security performance of websites. Data breaches are expensive and can do irreversible damage to businesses. WAFs improve a company’s security posture by ensuring that no fraudulent traffic passes through their checkpoint without identification.

See below for five case studies on how organizations across different industries are employing web application firewalls solutions to help solve their network security challenges.

For more information, also see: Why Firewalls are Important for Network Security

NTT TechnoCross

Since its genesis in July 1985, NTT TechnoCross has provided innovative IT solutions and advanced technology to its customers. A subsidiary of the leading telecom company Nippon Telegraph and Telephone (NTT), NTT TechnoCross leverages its network, security, and cloud technology in the development and operations of client businesses. Today, the company employs around 2,000 professionals.

TechnoCross was facing an increasing demand to transition to cloud computing. Their in-house security department was understaffed and couldn’t fight at two fronts: keep the site up to date while also thwarting cyber attacks. The investigation chain, right from analysis, to testing, responding, and reporting results, became too much for two officials to undertake. The team knew they needed automation, but they just didn’t know how. 

Ryo Sakamoto, Section Manager in charge of sales at NTT TechnoCross, says, “Reliably defending the website against global-scale threats that evolve on a daily basis, such as DDoS attacks, became essentially impossible under in-house operation. Of even greater concern was the risk of overlooking a threat itself because of insufficient response.”

Given these challenges, the organization needed a solution that could help reduce its operating load, attain stable operation, and increase the ease of implementation. TechnoCross needed a solution that could be used as a service, not an asset.

Imperva’s cloud WAF solution helped NTT TechnoCross strengthen its website operation and bring down the operational load by completely managing the response to cyber threats. With Imperva, TechnoCross kept using their custom policies, streamlined across the NTT companies, while ensuring IPv6 compatibility throughout, in a minimal time period. 

Industry: Technology

Web application firewall provider: Imperva

Outcomes: 

  • Reduced operational workload
  • Cut down on expenses, from several million to just thousands Yen  
  • Continued addition of new features as a part of its service
  • Prompt response to threats and queries
  • Helping NTT move across domains by freeing up vital resources. 

SHOPYY 

Launched in 2018, SHOPYY started with an ambitious goal of becoming the largest e-commerce platform for independent brands in China. The team offers technical support to small businesses and wholesalers so they can move their shops online without much hassle. 

With a growing customer base, SHOPYY’S self-build platform found it hard to manage the traffic influx. What was even difficult was repurposing SSL certificates with frequent system crashes when faced with excessive requests. Any further development of the platform not only meant an increase in management costs but would also come at the expense of the website’s reliability. 

Cloudflare’s WAF solution enabled SHOPYY’s homegrown e-commerce platform to address some of these security challenges that came with hyper growth. Cloudflare automated the management of SSL certificates, allowing SHOPYY to focus on other operational tasks without having to oversee the certificate handling. Cloudflare’s WAF solution blocked 4.09 million malicious attacks within the first 30 days of its implementation, strengthening the platform’s reliability and security. 

“Our web application firewall has created a dedicated security defense system for us, significantly making SHOPYY more secure and giving peace of mind to all our users,” says Yuanming Chen, Founder and CTO.

Industry: Ecommerce 

Web application firewall provider: Cloudflare

Outcomes:

  • Reduced operational and maintenance costs by 60%
  • Blocked 4.09 million cyber attacks in the first 30 days
  • Reduced the average times of page load by 72% in the United States.

For more information, also see: What is Firewall as a Service? 

Steelcase

Steelcase is a renowned manufacturer of office furniture. Founded in 1912, Steelcase puts a lot of emphasis on user-based research to create spaces for the world’s leading organizations. With over 10,000 employees, the company has established a global network of distribution that includes company-owned and independent dealers, as well as direct end-users. 

Steelcase is currently developing a cloud-based e-commerce platform, requiring the team to ramp up their security control system. The organization wanted to fill critical gaps in Microsoft products, including absence of analytics, logging for outbound traffic, or primitive firewalling available for incoming data. 

Frank Stevens, a cloud security architect at Steelcase, says, “The security controls and visibility provided with the cloud platforms are basic and not to the level of sophistication that our policies require.” 

The company deployed Fortinet FortiGate next-generation firewalls to provide additional security for its e-commerce platform. The firewalls help target and suppress undesirable traffic, allowing the company to have a clearer picture of customer behavior. 

“It makes sense to use a common firewall for both the Microsoft and Amazon cloud service platforms: Doing so gives us the protection we require and economies of scale as we don’t have to learn and maintain two different systems,” says Stuart Berman, global security architect at Steelcase.

Industry: Retail

Web application firewall provider: Fortinet

Outcomes:

  • Unified protection across domains — on-site and in multiple cloud-based platforms 
  • Supplemented visibility and security gaps within other services
  • Simplified management

Canterbury School

Founded in 1915, Canterbury is a co-ed boarding and day school for students from grades 9-12. Canterbury School staff about 200 professionals attending students in various capacities.

Canterbury needed a more advanced security system that could optimize its network security performance while also protecting the school’s data. SonicWall’s firewall solution met the organization’s security requirements by ensuring seamless data protection and increasing the school’s visibility. The WAF solution’s single-pane-of-glass management and reporting called Capture Security Center and an integrated VPN made it possible to have security measures across remote sites.

“I program it and it works. If I need to make changes, they are easy and the new CSC is getting better every day,” says Matthew Glaser, IT Director, Canterbury School. “We use HA, CFS and other security services, as well as VPN for both users and a remote site to complement the firewall efforts.” 

Industry: Education

Web application firewall provider: SonicWall

Outcomes:

  • Increased business efficiency 
  • Decreased IT infrastructure costs 
  • Better overall system uptime, and faster performance 
  • Increased data and information protection

For more information, also see: Artificial Intelligence in Cybersecurity

Aevitae

Aevitae is a leading Netherlands-based insurance company dealing in corporate and direct insurance plans. With a small team of 200 employees, Aevitae has served thousands of customers, processing over 800,000 paper, and 6 million digital claims. 

Aevitae’s aging on-premises infrastructure meant that the company had to leverage cloud-based services to cater to its customers. But the hybrid solution lacked end-to-end data visibility as well as a satisfactory firewall solution. 

The insurance firm deployed Barracuda CloudGen Firewall and Barracuda CloudGen WAF on the Microsoft Azure cloud platform and on-premises to address the security concerns within the existing model. Barracuda proposed using Premier Partner Data Unit and the three companies formed a single partnership to implement a security solution suited to Aevitae’s requirements. This enabled Aevitae to have access to firewall’s expertise on cloud-based services and getting Data Unit’s experience with infrastructure whenever the need arose.

“Using a web application firewall provided the solution that enabled us to react to our fast-changing business and IT environments – the speed and flexibility of reaction, the simplicity of implementation, meant we could maintain and enhance this solution going forward very easily,” says Pascal Wenders, ICT Team Leader of Aevitae. 

Industry: Insurance

Web application firewall provider: Barracuda

Outcomes:

  • End-to-end visibility and security within a hybrid model
  • The simplicity of management and operability
  • A flexible and scalable platform that caters to Aevitae dynamic business.

For more information, also see: Data Security Trend

Bottom Line: Web Application Firewalls Case Studies

As the case studies in this article demonstrate, Web Application Firewalls boost the security performance of online businesses. Breeches and and other security challenges are extremely harmful to businesses in any number of ways. To protect against them, WAFs harden the enterprise perimeter by blocking non-authorized traffic. 

The five case studies this article provides shows that WAFs can help solve network security challenges across many industries. 

For more information, also see: How to Secure a Network: 9 Steps

Similar articles

Get the Free Newsletter!
Subscribe to Data Insider for top news, trends & analysis
This email address is invalid.
Get the Free Newsletter!
Subscribe to Data Insider for top news, trends & analysis
This email address is invalid.

Latest Articles