Rapid response to external threats was enabled through visualization using the WAF feature of BIG-IP ASM
More flexible operation due to iRules enabling features to be added easily
Weak security would not inspire customer trust or influence customers to engage with more robust wedding planning features.
Load distribution software was incapable of responding to high volume access
Inflexible system operation prevented automating processing
Software developer PIEM Corporation needed customers to trust that its new interactive wedding planning system would protect their personal information from cybercriminals and ensure that company web servers could handle a high volume of user access and feature requests. Realizing that a web application firewall (WAF) with load-distribution would solve both issues, and after comparing several vendor solutions, PIEM chose F5.
PIEM’s ONE-W System is an online service that simplifies many wedding activities. Since its rollout in September 2015, ONE-W System has been used by about 30, 000 couples and 250 wedding halls across Japan. With this demand, and each customer interaction leading to deeper engagement and potentially new business, PIEM wanted to ensure that customers’ personal information would remain protected and that all system features would be available whenever a customer wanted to access them.
A classic example of a customer using the ONE-W System is the bride-to-be who needs to manage very time consuming wedding tasks. She typically enters home addresses for all wedding guests, as well as her own personal information. Some of that same personal data is used to create guest lists, send invitations, coordinate venue decorations, order catering, and work with vendors who also use the ONE-W System.
“The system holds a myriad of brides, bridegrooms, and guest information”, stated Mr. Koichi Kitamura, PIEM’s Manager of the System Administration Division. In the past, PIEM used various security solutions; however, the rising problem of internet theft and the alarm it caused customers made it necessary for the company to implement a more robust security solution.
In addition to advanced security, PIEM needed a more precise load distribution solution that was capable of handling access volume. “We had a software load balancer in place but the performance was not satisfactory”, Mr. Kitamura commented. “And the load tended to concentrate on certain servers. We had to look into the load balancer in order to provide stable services even under high loads.”
Introduction of BIG-IP enabled us to ensure better security than ever before, contributing to our customers’ peace of mind as well.
Embracing technology to resolve problems early on is key. In January 2015, PIEM began searching for products that had both the load balancer and WAF features. After comparing products from multiple vendors, PIEM selected BIG-IP Application Security Manager (ASM). Mr. Kitamura pointed out PIEM saw three benefits in BIG-IP: abundant installation track records, multiple security features, and high processing power.
“At first we felt BIG-IP might be hard to learn because of its rich features, but we are now very satisfied with the quick and detailed advice F5 provided”, stated Mr. Kitamura. F5 engineers provided hands-on training with the actual unit. “We actually tried attacks including SQL injection, cross site scripting (XSS) and cross site request forgery (CSRF) and confirmed they could be properly blocked,” he continued. “PIEM can now ensure visualization of security threats and respond rapidly to new ones.”
On the other hand, the efficiency of BIG-IP Local Traffic Manager (LTM) in distributing load and the implementation of iRules that supports flexible operation are highly appreciated.
From January 2016, PIEM started using the block mode that automatically responds to detected threats and ensures reliable protection against application level attacks.
F5 quickly responded to whatever the situation was and their consulting services provided in the implementation stage also gave us a peace of mind.
After introducing BIG-IP to the production environment in August 2015, PIEM operated it under the pass-through mode that only provided detection of incoming threats. It was during this period which PIEM came to clearly understand the threats they could not see before. “The log showed the overwhelming majority of the attacks were port scanning activities from outside Japan. DDoS attacks using SN floods were also occasionally seen”, recalled Mr. Kitamura.
BIG-IP LTM enhanced the efficiency of load distribution. Since the ONE-W system runs on multiple web servers, persistence that ensured forward requests from the same client to the same server was indispensable.
iRules was used to automate processes such as classifying the targets for client certificates according to user rights or types and then provide specific processes for users with high level rights. “We used to prepare scripts on the web servers but using iRules is easier and more reliable”, stated Mr. Kitamura.
“Customers feel safe when we explain to them that the security company F5 is in charge of the safety of the system. We believe the adoption of BIG-IP directly contributed to distinguishing our business from competitors”, boasted Mr. Kitamura.