Case Study: Web Application Firewall for a Leading Automotive Conglomerate
The client for this project is a leading automotive company based in Florida strategically aligned into four major business segments: vehicle distribution and processing, finance, insurance and retail vehicle sales. It has distributorship operations in the five Southeastern states — Florida, Georgia, Alabama, North Carolina and South Carolina.
The organization had more than hundred internet facing applications that were vulnerable to external threats and was a hole in the security. The Information Security team wanted to protect potential attacks to the applications and data within the network via web facing applications. It was not a straightforward process since there were challenges.
The four business units operated independently and were functioning in different fields unrelated to each other independently. They had applications on different platforms implemented at different timelines and several legacy systems that were not under support.
There were more than 50 projects that were running within the organization that impacted the applications in scope. It was critical to make sure that the deployment did not impact any of the other projects that were in progress and also had no impact on operations.
All the applications in scope were owned by different technology departments within the organization and product owners that had varying interests in different areas of the company. The Information Security department faced resistance from High Power and Low Interest stakeholders in management positions due to a previous information security project that involved agents and impacted server performance for a few applications and caused downtime.
Our assigned Program Manager immediately identified and met with all the key internal stakeholders at the organization and started to work with the Security Operations Director and Solution Architect on product selection.
The team started to analyze the business requirements, look for prospective vendors, lead the team in selecting the winning vendor, and provide the customer with insight on contract negotiations,perform cost-of-ownership analysis and avoid negotiation mistakes. The team shortlisted SIgnal Science Web Application Firewall from the shortlisted five products.
A high level schedule was prepared based on the requirements available from the Security Operations team and milestone dates of other projects while a Systems Analyst was working in parallel on gathering the application details to identify the deployment approach. The high level plan was shared with the steering committee and communicated to the other projects running across different PMO’s that could be impacted or impact the WAF Project.
Resources were gathered and the team was built based on the high level schedule, and the project schedule and estimates were revised once the detailed requirements were available. The web application firewall program was scheduled to go in releases with each release grouped into applications from the same technology platform and ensured that each release did not have more than one platinum application to handle any issues during deployment.
The key for the success of the project was to gain the support of the senior management across various departments within the organization and our project management team worked on ensuring that the support was available by educating the various teams on the importance of the project, the timelines and negotiation to sort out risks of overlaps with other projects and programs from the beginning of the project.
Performance testing was conducted for approximately 25% of the applications in scope to make sure that the stakeholders felt at ease since they had bad experience with the previous project involving agents that had caused system degradation.
System Testing was conducted for all the applications in scope and results documented clearly.
The project was delivered on time and within budget as per the client’s quality standards.
The legacy servers that did not support the WAF agents were added a NGINX server that acted as a reverse proxy and the agents were deployed on the NGINX server. The approach also ensured that the legacy applications did not have any performance issues.
Applications in the cloud were deployed with WAF agents using the chef cookbook which was a one time activity to push the changes for subsequent applications.
A solid implementation plan was created with the participation of all the different teams involved and the team was well prepared for the Go-Live deployments. The cut-over was planned to be conducted during non-business hours and completed successfully with no interruption to business operations.
The project team transitioned the required information for the customer’s support team with the required documentation and training. The transition was a process that began during the execution phase methodically to ensure that the sup[port team had all the information and knowledge to respond to WAF related issues.
The project team was available on call and were prepared to be on-site, if required, during the warranty period to make sure the client had all the support with their upgraded new secure web application firewalls.