Amplify end users browsing Experience with Managed Web Application Security Service

ABSTRACT :

One of the leading E-commerce business specialized in selling premium quality products through Web and mobile Application. The Application content is designed using high quality videos and images for product marketing. Once the user logs in, they can perform multiple activities for instance view catalogs, videos, images, compare, buy products etc. Presently, they are providing a frictionless shopping experience using Apptrana CDN while protecting their digital assets through Apptrana Next-Gen WAF solution. Optimizes the UX for more than 5,000 customers on daily bases across the globe.

KEY CHALLENGES :

At the primary stage of the business, the Application distributed assets directly through their web servers and performance was marked as per the expectation but with rapid growth and global reach out a more streamlined approach for faster, more reliable content delivery came as a necessity. As the number of users started to increase the web Application became slow in response and requested resources (image, video, text file, web page, etc.) started taking too long to load the content. Users started to bounce and get the requisites content and
service from the competitor’s Web Application.

Experiencing impressive business growth, the company realized the need for Content Delivery Network (CDN) to provide the best user experience for its global customer base. Also, as the business heightened, customer experienced and got victim to sophisticated Advance DDOS Attacks in past. And hence, an additional “must-have” was top grade security against DDoS attacks.

Customer’s technology team knew the importance of engaging with cutting edge solutions to stay ahead of the competitive e-commerce curve and core values is to remain relevant and adaptive at all the times. Therefore, an innovative partner was required for CDN service. Also, other key considerations were robust security features provided by Next-Gen Web Application firewall-a must to have for the best e-commerce brands.

STRATEGY & RECOMMENDED SOLUTION :

With Zero downtime, in less than 5 minutes we on-boarded the Application with smart simple clicks and activated WAF protection from day 1 with our managed Advance Rule sets. These rules are made surgically accurate to eliminate instances of any false positives. Instances of volumetric attacks such as DDOS, BOT attacks were observed and WAF in immediate action to block such malicious traffic.

With just a click, we activated the CDN service and configuration is auto changed to ensure traffic first hits CDN and only when request is for un-cached data would traffic reach the backend server in which case it would go
through AppTrana WAF. This way, we ensure that traffic that can be served by CDN is served quickly from the nearest CDN POP to the user and when traffic has to be directed to the server, it goes through AppTrana WAF and it is protected against malicious traffic/attacks.

Primarily, we started caching the static objects of the Application which do not change significantly. E.g.: Images, JavaScript, CSS files, PDF files, Media files and set the CDN to cache following file extensions [Jpeg, jpg, png, gif, ttf, woff, woff2, swf, doc, mp3, mp4, mov, wav, flv, js, css]. Also, the cache TTL was set to 24hrs considering the description of the Application

Followed by that, we monitored and learnt Application analytics to analyze and classify the frequently accessed content and activated the advance CDN policies to further cache wider range of content that was earlier deemed uncacheable and unserviceable. Further to improve overall efficiency, we also have configured CDN policies to cache the dynamic content aligned with the necessity of the Application workflow. Additionally, to boost the performance we have totally offloaded the MP4 video files to the CDN storage for faster delivery of the video content.

With above configuration, the caching ratio was monitored around 90% and the web Application performance was enhanced by more than 50%.

RESULTS:

With Active CDN operating on whole site acceleration platform and with wider coverage of 400+ POPS across 5 continent, Application performance was significantly enhanced; smooth and elevated browsing experience recorded an exponential growth in business. With caching, the bandwidth costs were considerably reduced for businesses as copies of the content were stored at multiple locations and serviced from those proxy servers instead of the origin server. Even when there is a traffic spike, bandwidth gets rented from the CDN provider instead of investing in extra bandwidth.

Indusface
Indusface

Indusface is a leading application security SaaS company that secures critical Web, Mobile, and API applications of 5000+ global customers using its award-winning fully managed platform that integrates web application scanner, web application firewall, DDoS & BOT Mitigation, CDN, and threat intelligence engine.