Securing Your Business Applications:
PT Toyota Astra Motor
PT-Toyota-Astra-Motor, the largest diversified conglomerate in Indonesia, has adopted Amazon Web Service (AWS) for disaster recovery solutions and were looking to further enhance their application security hosted on AWS cloud by implementing next generation firewall and advanced web application firewall. The partners involved in the implementation of this project are AWS, GAP, Palo Alto and F5. The implementation of both Next Generation Firewall by Palo Alto and Advance Web Application Firewall by F5 went smoothly together with the support and management of G-AsiaPacific and AWS Professional Services Team as TAM’s cloud consultant.
Introduction
PT Toyota-Astra Motor (commonly known as TAM) was established in 1971 in Jakarta, Indonesia. It is a joint venture company between Toyota Motor Corporation and PT Astra International with a distribution of shares of 50% and 50% respectively. The products offered by TAM covers a variety of segments, such as city car, low-cost green car, hatchback, multi-purpose vehicle, sport utility vehicle, sedan, sports car, hybrid, and some commercial trucks. The company is currently the best- selling car brand in Indonesia. The vision is to be one of the best managed corporations in the Asia-Pacific region, be a socially responsible corporation and to be environmentally friendly.
The Challenge
As TAM has a diverse infrastructure of applications hosted on various AWS accounts each account would require AWS WAF to be activated individually which will increase the monthly cost incurred by TAM. Furthermore, this would increase the complexity of managing the WAF on each individual account level. Therefore TAM engaged AWS Professional Services together with the GAP team to discuss and come up with a solution which will provide a centralized firewall management system and improve on the cost savings.
Solutions from G-AsiaPacific
The proposed and implemented solution is to have all TAM’s applications which are hosted on AWS cloud to be protected behind Palo Alto Next-Generation Firewall and F5 Advance Web Application Firewall. By implementing these firewalls it will help to further protect TAM’s applications against malicious attacks such as brute force attacks, L7 Application Attack, Malicious Bots, Application Layer Encryption, API Protection, Application DDoS Attack.
Why Palo Alto and F5
Palo Alto Networks provides advanced protection for consistent security across all major clouds such as – Amazon®Web Services, Microsoft® Azure® and Google® Cloud Platform. Their automation features minimize the friction of app development and security.F5 Networks AWAF protects against the most prevalent attacks on the application, without having to update the apps themselves. Additionally both Palo Alto Networks and F5 are one of the world’s global cybersecurity leader.
The Outcome
The outcome was as expected, according to the security testing the implemented firewalls are able to protect against brute force attacks, L7 Application Attack, Malicious Bots, Application Layer Encryption, API Protection, Application DDoS Attack.
Post Deployment Service/Support
G-AsiaPacific works closely with TAM by providing cost optimization and infrastructure support with close collaboration with the firewall vendors to support TAM incase of any firewall issues they are facing