Visualization of inbound website access and faster countermeasure implementation
Lower deployment and operational costs
Improved cost/performance ratio due to reduced implementation time
Need for stronger security for launch of new line of business
Need for affordable and sustainable operational costs
Fullcast, a leader in human resource staffing and payroll services, needed a stronger, faster way to defend its network against cyber attacks. By implementing BIG-IP Application Security Manager (ASM), Fullcast can visualize all inbound access to its websites and respond quickly to any impending internet threats.
Fullcast operates a Cast Portal website matching more than 10,000 people to jobs daily. Job seekers input their personal information into the system along with their desired job, work location, and the dates and times they are available to work. Since Fullcast also provides payroll services, employees can access the system to view their pay statements and other HR documents. In response to its tremendous job placement activities, Fullcast launched another HR business called My Number Collection and Management.
“Once cyber criminals found out that Fullcast managed My Numbers, we expected the risk of fraudulent accesses and other attacks to increase,” stated Mr. Wataru Higano, Manager, Information Systems Department of Fullcast Holdings Co., Ltd.
Although Fullcast had not experienced serious issues with their network configuration, Mr. Higano and his management team concluded that stronger security would be required for the launch of their new HR business.
We found some accesses that tried to set up XSS but we could fend them off by tuning the signature in BIG-IP ASM. Our response was faster this way compared to trying to do the same on the Web application side.
Fullcast had continued to enhance system security so that other websites could be operated more securely,” explained Mr. Wataru. In order to respond to the huge number of accesses, Fullcast introduced a redundant configuration of F5 BIG-IP 2000s in September 2014 and distributed the load to multiple web servers using F5 BIG-IP Local Traffic Manager (LTM). BIG-IP 2000s and BIG-IP LTM were also introduced in April 2015 to support Fullcast’s internal virtual desktop environment.
Mr. Higano anticipated a more rapid response would be required to thwart new attacks at the application layer. “A WAF,” he commented, “would make defense against various new threats easier, with more detailed tuning and update of signatures, in addition to protecting from cross site scripting (XSS) attacks and complicated DDoS attacks to the layer 7.”
Yet the cost of this solution and the very implementation of it brought along another set of concerns. “The cost of SSL certificates was more than half of that of the entire cloud WAF solution, stated Mr. Higano. “We also anticipated that the cost would become even higher as more sites were added and traffic volumes expanded.”
Fullcast evaluated BIG-IP Application Security Manager (BIG-IP ASM). The F5 solution was compared to other vendor offerings. Even with the premise that monitoring would be outsourced to Dell Secure Works, F5 proved to be the most cost efficient option.
Taking advantage of F5’s expertise, Fullcast was able to implement the solution smoothly. “F5 gave us detailed explanation of the meaning of each alert from ASM and was very friendly in responding to our inquiries and requests for consultation, commented Mr. Higano. “They also prepared and provided a simplified configuration manual once the implementation was complete. This manual has been very helpful to us because the configuration changes are done internally even though the monitoring and report services are outsourced to Dell SecureWorks.”
Fullcast is now considering SSL inspection so that SSL can be widely used. “We want to centralize as many security measures as possible into BIG-IP. I look forward to F5 supporting even wider types of features,” says Mr. Higano.
More rapid response to threats such as XSS has become possible by using the signature tuning on BIG-IP ASM rather than setting up some guard system on the Web application side.
The web application firewall with BIG-IP ASM enabled both visualization of inbound accesses to the website and acceleration in implementing countermeasures to threats including XSS.
By adding a license to its existing BIG-IP system, Fullcast experienced lower costs compared to other cloud services.
“F5 provided the skill and knowledge that only the original developer of the solution could,” stated Mr. Higano. “Their expertise reduced implementation time and this improved our cost/performance ratio.”