Government Service Insurance System (GSIS), a social insurance institution that provides a defined benefit scheme under the law for public sector employees in the Philippines (except uniformed personnel and contractual employees without employee-employer relationship with their agencies), had plans to introduce online services to its members. It turned to F5 for a one-stop solution to effectively deliver and protect applications and website. In the process, it also wielded control and visibility into their web traffic.
GSIS provides an array of social security benefits, such as life insurance benefits, separation or retirement benefits, and disability benefits to its members and pensioners.
In 2014, aligned with the Government’s drive for digital transformation and e-government initiatives, GSIS planned to introduce e-services to better engage and serve its two million plus members and pensioners. The first application, named the eGSISMO, allows GSIS members to view their GSIS records in the convenience of their home or office without the need to go to a GSIS office.
This was the first time that GSIS would share secure member information through an application. This posed a challenge for GSIS Vice President and Chief Information Security Officer, Jonathan Pineda, and his team.
Mr. Pineda needed to ensure that the application could be delivered securely and the organization’s website was well protected. He also wanted his team to be prepared for the two million members that may use the application. How this app performed would set the standard for applications that GSIS was planning to roll out.
The GSIS team discovered F5 Networks in its search for an effective DDoS protection solution and a web application firewall (WAF).
The team also evaluated other proposals, and one of them could achieve results similar to the F5 solution. The only problem was that the competing proposal required 12 servers to run while the F5 solution only needed three pieces of hardware.
Mr. Pineda explained: “The setup infrastructure is important. I can run F5 with much less hardware compared to other solutions. I don’t want to worry about replacing hardware, say, in 5 years. For a solution that requires 12 servers to run, I would need to replace all 12.”
“Also, F5 required less datacenter space and it has a smaller environmental footprint too as it requires less cooling,” he added.
GSIS deployed F5 and also used it to replace its existing web proxy setup. Jonathan felt that F5’s solution could do more with less management required from his team.
The F5 solution allowed GSIS to not only secure its online application, but also provided it with a comprehensive view of web traffic, complete with analytics, historical data, and other useful insights.
GSIS now offers its members five service-oriented applications, all protected by F5. About 20,000 members actively access the applications each day.
Mr. Pineda and his team get an overview of everything they are protecting using F5's Web Application Firewall (WAF).
He elaborates: “With F5, I get all the information I need on a single dashboard including inbound traffic, unique IPs, number of sessions, and the attacks blocked. Also, F5 data gives me very interesting analytics. I can see how many users are accessing our applications now, last night, yesterday, or even last year. I can also make projections based on this information.”
With the F5 solution in place, GSIS is protected against the full spectrum of DDoS attacks. The solution offers a multi-layered defense with sub-second attack detection and instant mitigation in inline mode.
One of the recently introduced applications allows GSIS to send its billing statements for premiums and loan amortizations to government agencies electronically and accepts payments online.
Before, GSIS would send printed bills to the government agency-authorized officers, however, payments were often inaccurate, requiring a lot of work on both sides to reconcile. With the current application, remitting employees in government agencies may download billing statements which can serve as reference when uploading electronic remittance files. This can be done right in their offices, enabling them to save time and resources. The online application ensures the seamless and efficient posting of payments, resulting in accurate computation of members’ claims, loans, and other benefits at shorter processing periods.