현재페이지

 
  • IT
  • Hospital
  • Others

Product Download

Internet Service Provider

Category Details
Client Overview http://www.tecseed.co.jp
  • Founded in 1979 and headquartered in Nagoya, Japan, Japan TecSeed Co., Ltd. focuses on research and development (R&D) outsourcing and information technology (IT). In 2011, TecSeed was acquired by Central Compass, Inc., a retailer and developer of computer hardware and software.
Client Needs
  • Several of TecSeed’s customers (operating on TecSeed’s systems) experienced system shutdowns due to severe web-based attacks, including SQL injection.
  • In order to continue providing quality IT services to its clients, TecSeed realized that their web application security systems needed to be upgraded.
  • TecSeed decided that a web application firewall (WAF) would provide the best protection against web attacks; however, they wished to deploy a rule-based WAF instead of a WAF based on a pattern-matching method.
Solution
  • TecSeed installed both a WAPPLES-2000 and a WAPPLES-1000 in an active-backup configuration, ensuring high availability.
Results
  • TecSeed provides web application firewall service to their clients using WAPPLES as a data center.
  • TecSeed Compass uses WAPPLES to provide WAF cloud security service to their customers using a SaaS cloud computing
  • With WAPPLES, system shutdowns due to web-based attacks no longer affect TecSeed clients, who can now effectively protect their web applications from application layer attacks, such as SQL injection and website defacement.
  • TecSeed customers benefit from the high stability, easy deployment, and easy-to-update qualities of WAPPLES
  • WAPPLES has contributed substantially to the strong feeling of trust that clients have for TecSeed
  • The 24/7 technical support available to TecSeed from Penta Security Systems, Inc. enables them to ensure that their clients receive top-of-the-line WAF service around the clock.

TOP

Hospital

Category Details
Client Overview
  • The client is the general hospital of a top South Korean university.
  • As a 1200-bed hospital, it maintains vast amounts of confidential patient medical data, and heavily uses a variety of web applications to access patient data.
  • The hospital offers a variety of online services, including the following:
    • Medical examination and treatment reservations
    • Online consultation service
    • Online payment/funding system
Client
Needs
  • The hospital needed to be able to guarantee the security of its various online services (see above).
  • The hospital desired to improve its overall online system and its security.
  • They wished to unify security management of the hospital’s many web servers and their varying applications
Solution
  • The hospital chose to install one WAPPLES-1000 to protect its web servers.
  • Implemented customized security policies for each web server
Results
  • About 80% of the attacks WAPPLES has blocked since installation have been SQL Injection attacks
  • Personal identification and medical information are now protected against theft/leakage.
  • The hospital now has a system for real-time monitoring of its web applications, in addition to real-time detection and blockage of any attacks directed against patient and hospital records.

TOP

LOTTERY

Category Details
Client Overview
    This client offers a betting service, allowing their clients to place monetary bets on professional soccer matches.
Client Needs
  • Continuous web attacks targeting the client’s website were paralyzing their site and preventing their ability to provide their service.
  • Client information, including personal information, winnings information, online trading history, and account payment information were vulnerable to web attacks.
Solution
  • Two WAPPLES units were installed in a High Availability (active/standby) configuration to eliminate downtime.
  • WAPPLES protects 12 web servers and 15 websites with an average throughput of 140mbps.
Results
  • System performance and up-time have been maximized, increasing client transactions.
  • Client information is securely protected against theft/leakage.

Transportation

Category Details
Client Overview http://www.asianaidt.com
  • Asiana IDT was founded in 1991, and is a wholly owned subsidiary of the Kumho Asiana Group. Headquartered in Seoul, South Korea, Asiana IDT is one of the largest IT service providers in the country. Asiana IDT constructs and manages complete information integration systems for all of the Asiana Group companies, including Asiana Airlines.
Client Needs
  • After experiencing an incident in which leakage of private information occurred, Asiana IDT realized that their web application protection systems were not sufficient to protect against rapidly evolving web-based attacks. In order to protect their IT systems and the systems of the Kumho Asiana Group, their web application security system and needed to be upgraded.
  • Asiana IDT examined a variety of products to enhance the protection of their system, and determined that a web application firewall (WAF) with an integrated monitoring system was needed to protect Asiana IDT and all of the subsidiaries of the Kumho Asiana Group.
  • After evaluating the available WAF products on the market, Asiana IDT chose WAPPLES, a product of Penta Security Systems, citing ease of installation on the Asiana IDT managed systems, and the integrated monitoring function of WAPPLES MS.
Solution
    Asiana IDT opted to install 2 WAPPLES-1000 units and 1 WAPPLES MS unit.
Results
  • Asiana IDT installed two WAPPLES-1000 units and one WAPPLES MS unit to protect its web systems, and the systems of all the Kumho Asiana Group subsidiaries, including those such as Asiana Airlines, and Korea Express Co., Ltd.
  • The WAPPLES units were installed through Reverse Proxy Mode, and were configured to prevent private data leakage via the Privacy Input Filtering, Privacy Output Filtering, and Privacy File Filtering rules.
  • Efficient operation of the web applications through WAPPLES MS provides Asiana IDT with integration monitoring capabilities.
Category Details
Client Overview http://www.airport.kr/eng/
    The Incheon International Airport (ICN), which opened in March 2001, is located just outside Seoul, South Korea, and is now the largest and busiest airport in the country. The Incheon International Airport is managed by the state-owned Incheon International Airport Corporation of South Korea. The airport serves as a hub for Asiana Airlines, Korean Air, and Polar Air Cargo, although over seventy different air carriers currently fly in and out of ICN. It is one of the busiest airports in the world, often serving approximately 90,000 people per day.
Client Needs
  • Incheon International Airport web security staff found that their original methods of dealing with web security were difficult and inefficient.
  • The original web security system required constant maintenance and administration. Nonetheless, despite constant attention from web security staff, web security remained far from 100% effective.
  • Since a large number of foreigners access the website of the Incheon International Airport on a daily basis, the website serves as a representative of the Republic of Korea. As such, it must be impeccable. Website defacement or service interruptions created by hackers could easily create a negative image of the Republic of Korea.
  • As the Incheon International Airport provides flight schedule information to both passengers and airlines utilizing ICN, improperly altered data on their web applications could lead to problems, delays, or even serious disasters, all of which the airport wished to avoid at all costs.
  • Website defacement and fears of XSS attacks were serious concerns
  • Due to a lack of IT and web application security experts on staff, the management of the Incheon International Airport felt that it was necessary to acquire a web application security solution that would be simple to use.
Solution
  • Incheon International Airport installed 2 WAPPLES 1000 units
Results
  • Attacks against the website and web applications of the Incheon International Airport are now reliably prevented, guaranteeing that the ICN website remains an impeccable representative of South Korea, and ensuring that the 90,000 travelers who pass through ICN on a daily basis have access to secure, reliable information.
  • Airlines serving the Incheon International Airport can be assured that any web-based information received from ICN is accurate.
  • The Incheon International Airport network experts – who are not web application security experts – are able to easily configure and utilize WAPPLES.
  • The Incheon International Airport staff who work with WAPPLES have stated that the fact that continuous signature updates are not required makes the service convenient for all involved in its use.
  • The swift countermeasure response of WAPPLES allows the Incheon International Airport to immediately detect and defend against attacks with little to no involvement by administrative staff.
  •  Fears of website defacement and XSS attacks are no longer serious concerns for the Incheon International Airport.

TOP