Challenge
FAM is one of the most innovative higher education institutions in Brazil. With strong investments in technology, the institution set out to build a zero-trust security model to protect its applications and users against:
- data theft, such as access credentials and registration information;
- intellectual property violations and espionage;
- service outages caused by volumetric attacks such as DDoS.
In this context, FAM’s cybersecurity specialists required capabilities that could bring intelligence to their security practices and enable automatic, real-time identification and blocking of threats spanning from the network layer to the application layer.
Solution
At the end of 2020, FAM adopted the security capabilities of the Azion Platform to strengthen protection against application-layer attacks such as SQL injection and cross-site scripting (XSS).
Among the capabilities implemented is the Firewall resource available on the Azion Platform, which includes features such as Web Application Firewall (WAF), Network Shield, and DDoS Protection. These capabilities allow FAM’s security team to:
- monitor threats in real time using Real-Time Events on the Azion Platform or through APIs;
- automatically block critical application-layer attacks through a scoring-based detection system;
- simplify secure software development by creating advanced security rules that accelerate validation and deployment.
Protection also extends to the network layer through Network Shield, which functions as a programmable security perimeter covering content, applications, and origin infrastructure. With this capability, FAM can:
- block or penalize abusive or intrusive users;
- prevent access originating from Tor networks;
- program responses to events such as rate limiting and status codes;
- create Network Lists to block access based on IP/CIDR addresses, ASN, or geographic location.
To prevent DDoS attacks from affecting service performance and availability, the platform also provides DDoS Protection. Through algorithms that identify threats using scoring mechanisms, attacks are mitigated quickly in Azion’s mitigation centers, ensuring that origin infrastructure remains isolated from malicious traffic.
Results and impact
Three months after implementing the security capabilities of the Azion Platform, FAM monitored more than 1 million requests, among which tens of thousands of cyber threats were automatically identified and blocked by Azion WAF.
Because the first user interaction occurs on Azion’s distributed network, every request is inspected in real time by DDoS Protection mechanisms and the platform’s multi-layer security architecture, ensuring 100% service availability for FAM’s academic platform.
Migrating its domains to Azion also delivered performance improvements. Before reaching the backend, requests are evaluated by the platform and 90% are processed on the distributed infrastructure, resulting in improved performance, reduced CPU and memory usage on origin servers, and lower network transfer costs.
In addition, FAM benefits from 24/7 support from Azion engineers, who assist in mitigating complex and volumetric cyber threats. Whenever necessary, the FAM team can contact Azion specialists via ticket or phone to handle security events, implement custom configurations, and more.
About FAM
Faculdade das Américas (FAM) is an educational institution founded in the city of São Paulo that has stood out among the most innovative in Brazil. The institution has international standard laboratories specialized in all areas of knowledge, such as Coworking spaces, teleconferences, digital libraries and databases with scientific production from universities around the world.