Challenge
FAM is one of the most innovative higher education institutions in Brazil. With a strong investment in technology, FAM had the mission of building a zero-trust security model to protect the application and its users against:
- theft of data, such as access credentials and registration information;
- intellectual property infringement and espionage; and
- service unavailability due to volumetric attacks, such as DDoS.
In this context, FAM cybersecurity experts needed resources that add intelligence to its security practices and enable the identification and blocking of threats that cover the network layers to the application (3 to 7) automatically and in real time.
Solution
At the end of 2020, FAM adopted Azion’s edge-native solutions in order to implement a zero-trust security model through Edge Firewall, building advanced rules in the Web Application Firewall (WAF) to:
- monitor threats in real time, using Real-Time Events on Azion’s own platform or via API;
- automatically protect the application layer from critical attacks, such as SQL injections and Cross-Site Scripting, using a scoring-based system; and
- simplify the development of secure software by creating advanced security rules, enabling faster time to market and application innovation.
Edge Firewall access protection also extends to the network layer with Network Layer Protection. The tool acts as a security perimeter covering FAM’s content, application and origin infrastructure, allowing its security team to:
- block / penalize abusive or intrusive users;
- prevent access from Tor networks;
- program responses to events, such as rate limits and status codes; and
- create Network Lists for blocking access based on IP / CIDR address, ASN and geographical location.
To prevent attacks from impacting service performance and availability, Azion’s full security stack makes DDoS Protection available to FAM. Through an algorithm that identifies threats based on scoring, attacks are quickly dealt with in Azion’s mitigation centers, ensuring that the source infrastructure is isolated from attacks.
Results and impact
Three months after implementing the zero-trust security model on its domains, FAM has monitored more than 1 million requests, among which tens of thousands of cyber threats were automatically blocked by Azion WAF.
When a request arrives at an edge location, it is inspected in real time using anomaly detection algorithms and traffic signatures to detect and automatically mitigate DDoS attacks, resulting in 100% availability of FAM’s services without impacting latency.
The migration of domains to Azion also brought performance gains for FAM. Before reaching the back end, FAM’s requests are evaluated by Azion and, in 90% of cases, delivered from the edge, enabling better performance, lower memory and CPU usage in origin servers, and lower network transport costs.
In addition, FAM has Azion engineers available 24/7 to support the mitigation of complex and volumetric cyber threats. Whenever necessary, the FAM team can call our specialists via ticket or phone to solve security events, create customized configurations and much more.
About FAM
Faculdade das Américas (FAM) is an educational institution founded in the city of São Paulo that has stood out among the most innovative in Brazil. The institution has international standard laboratories specialized in all areas of knowledge, such as Coworking spaces, teleconferences, digital libraries and databases with scientific production from universities around the world.