Cybersecurity Provider Indusface Guarantees 99.99% Application Firewall Uptime for Business-Critical Applications on AWS

The average total cost of a data breach worldwide reached 324 million rupees ($4.24 million) in 2021, almost a 10 percent jump from the year before. As cyber criminals become more sophisticated, the burden increases on businesses to devote significant time and financial resources to protecting their operations.

 

Amazon Web Services (AWS) Partner Indusface is a cybersecurity company whose vision is to empower customers to “go digital fearlessly.” One of Indusface’s leading products is AppTrana, a fully managed software as a service (SaaS) offering real-time protection against cyberattacks. The risk-based managed protection and acceleration SaaS platform acts as a reverse proxy that inspects traffic between a company’s application and the internet.

 

“We launched AppTrana because we saw how our customers were increasingly looking for a security-as-a-service model to offload real-time security monitoring,” says Vivekanand Gopalan, head of Product Management at Indusface. AppTrana currently filters around 300 million daily online traffic requests for more than 3,000 customers, including enterprises such as Tata Consultancy Services, Marico Ltd, and Larsen & Toubro Ltd, alongside small to medium businesses like Victorinox and CXC Solutions.

Indusface built AppTrana on AWS because of the platform’s ability to scale infrastructure seamlessly and easily. It uses Amazon Elastic Compute Cloud (Amazon EC2) Auto Scaling and  Network Load Balancer to distribute and route incoming traffic across multiple AWS Availability Zones.

 

During cyberattacks, such as a distributed denial of service (DDoS) attack, AppTrana rapidly scales to block hundreds of thousands of requests that would otherwise cause a customer’s application to become unavailable. Throughout a recent major attack attempt for one of its customers, AppTrana managed to block about 300,000 requests per minute, successfully repelling the DDoS attack.

 

“Leveraging the in-built capabilities that AWS offers for autoscaling has been a huge advantage for us. This ensures that our architecture can scale horizontally by adding more Amazon EC2 instances, or vertically by resizing capacity of existing instances, depending on our needs,” Gopalan says. Indusface also uses Amazon Relational Database Service (Amazon RDS) to manage and scale its databases.

 

 

Since beginning operations in 2014, Indusface has expanded to serve customers in more than 80 countries. In addition to India, it uses AWS Regions in the United States, Ireland, and Australia. “On AWS, launching a new region is possible within a few minutes because we’re able to automate everything. We have a strong market presence thanks to the global footprint of AWS,” adds Gopalan.

 

Having data centers close to its global customers minimizes latency when data passes through AppTrana before calling a customer’s application. Indusface ensures AppTrana doesn’t add more than 20 milliseconds to data delivery on its customers’ infrastructure. By building its platform on AWS, Indusface also meets local and international data security guidelines. The business is Payment Card Industry Data Security Standard (PCI DSS) and General Data Protection Regulation (GDPR) compliant.

In addition to a low-latency security proxy, AppTrana customers benefit from a 99.99 percent availability guarantee. Indusface can thus ensure business continuity for its customers, protect their brand reputation, and significantly lower security barriers for sales by guaranteeing robust web and mobile applications.

 

To support high availability, Indusface built a redundant technology stack on AWS. Constant application monitoring is key, using Amazon CloudWatch and custom parameters for each customer’s application(s). When predetermined thresholds are reached, Amazon CloudWatch automatically takes corrective actions, such as launching new instances to prevent customer application time out.

 

“We’re able to provide a 99.99 percent uptime guarantee of our services to our customers because of the various SLAs [service level agreements] that AWS provides for the services we use. To guarantee high availability, we can’t rely on manual interventions. We’ve architected our application on AWS to be fully self-healing,” explains Gopalan.

A unique aspect of AppTrana is the way it examines each customer application for patterns and vulnerabilities to create a behavioral baseline. This baseline then assesses the legitimacy of incoming traffic in real time. Behavioral analytics are therefore an essential element in the AppTrana application stack. Indusface uses Amazon OpenSearch Service with Apache Kafka to analyze incoming web traffic and detect deviations from established patterns that could flag malicious activity. Upon detecting suspicious patterns, AppTrana triggers several actions, such as blocking the request and sending email notifications to users.

 

Indusface continues to enhance its big data processing modules to incorporate more analytics data feeds and cater to various customer applications. In 2021, the company released a feature for behavioral-based DDoS protection, which is rare in the security-as-a-service market. “This feature was possible because of the real-time data pipeline we’ve built and the synergy of all the services in our technology stack,” says Gopalan.

 

Indusface has also grown its business together with AWS as part of the AWS Partner Network. Whenever the business faces a challenge or seeks to add new features, engineers consult AWS Solutions Architects. “Our relationship with AWS has flourished and matured over the years and we’re confident we can keep growing our business with the support of AWS,” Gopalan concludes.