“Ural Center for Security Systems” (UCSB) implemented PT Application Firewallto ensure the secure operation of web applications. The main goal of the project — protect web applications from unauthorized access, as well as, as part of import substitution, replace foreign web application-level firewalls.
In search of a suitable solution, based on the results of the analysis of the functionality and quality of solutions, the experts of the UCSB settled on PT Application Firewall, since this is a Russian solution in the register of domestic software that has been certified by the FSTEC. In addition, the virtual interfaces (WANs) of this security system, compared to virtual IP addresses (VIPs), greatly simplify system administration, since system administrators do not need to allocate a pool of external IP addresses for web applications. The product also allows you to customize dashboards, thus increasing the efficiency of analytics tasks.
Due to the native installation architecture on a single virtual server, it took only three days to implement the main functionality of the product and protect the main applications, such as web mail, corporate portal, file storage, student learning portal and web stands for external users. UCSB plans to continue adding applications and fine-tuning policies in normal operation as necessary.
As a result, PT Application Firewall performs all the necessary functions, providing continuous proactive protection of web applications from most attacks, including OWASP Top 10 and zero-day attacks, and also successfully solves the task of ensuring the secure operation of web applications. The manufacturer’s technical support promptly helps in solving various issues within a couple of hours (optimizing the speed of opening web pages, adjusting the redirect of web applications from http to https, configuring virtual server network interfaces on non-standard hypervisors, additional detailed documentation and manuals).
Positive Technologies provides licensing without the need to purchase additional subscriptions and flexible pricing, which ensures the optimal total cost of ownership of the system.
In addition, the choice of PT Application Firewall was also influenced by the experience of the UCSB engineers in implementing the solution for their customers, which made it possible to significantly reduce the company’s costs.
Sergey Zaikov, head of the operation department of the UTSSB:
“Like any IT company, we come under the scrutiny of cybercriminals: there are constant attempts to hack our web services and gain access to users’ personal data. The existing foreign solution did not live up to expectations. Active participation of Positive Technologies in combination with the quality and functionality of PT Application Firewall made it possible to solve the problem and prevent the lack of application protection. Now, thanks to PT Application Firewall, we can monitor and block attacks in real time while maintaining a high level of security for our employees, partners and customers.”
“One of the most vulnerable components of the company perimeter is web resources. According to our data, in 2022 the number of successful attacks aimed at the web resources of organizations increased by 56%. The risks associated with the storage and processing of web resource data imply increased requirements for web resource protection tools. Thanks to the PT Application Firewall web application layer firewall, UCSB can control the security of its web applications, quickly responding to current threats, ”- comments Tatyana Ovsyannikova, Head of Technical Development Department of Positive Technologies Partners.