TP-Link Restructures Security Foundation with AWS, Enabling 24/7 Near-Zero Data Write Loss

As Secure Products and solutions are increasingly cloud-based and intelligent worldwide, enterprise demands for data security, real-time analysis and multi-language support have been growing. As a pacesetter in consumer networking devices, TP-Link entered overseas markets very early, and began to collaborate with AWS in 2012, to provide consumers with online services, including the interconnection and management of IoT products like security cameras, as well as cloud storage, data analytics, intelligent decision-making and other value-added services.

Unlike consumer-level security scenarios that highlight product convenience and flexibility, enterprise-level security scenarios require higher levels of data integrity, system stability and compliance. When promoting enterprise secure services, TP-Link also sees new challenges in system design:

• Data security and compliance challenge: Enterprise-level security demands top-level data confidentiality, a guarantee of zero surveillance video loss, and compliance with major data sovereignty laws and regulations including the EU’s GDPR;    
• High-concurrency transmission challenge: Ensuring 24-hour continuous and stable uploads of cross-border video streams to the cloud is particularly challenging. Network fluctuations can disrupt the process, compromising the reliability of cloud storage services.

To address the needs, TP-Link restructured cloud security services targeting enterprise customers. It further partnered with AWS, completing system upgrades in terms of cloud storage, data integrity, data compliance, and network stability to empower overseas expansion. 

“Enterprise-level security imposes the highest standards on data transmission, requiring absolute security, stability, integrity, and privacy. AWS helped TP-Link enable full-chain encryption and transmission optimization, providing the technical foundation for our entry into professional markets.”

 —— Chok Lam, Technical Head of TP-Link 

 

Professional security is marked by uncompromising requirements on data security, integrity and availability, as any loss of data may affect key decisions. Empowered by AWS’ security system, TP-Link built a full-chain encryption system, ensuring video streams to be fully protected from cameras to cloud and from storage to replay. To help tackle the end-to-end compatibility challenge, AWS Solutions Architect team deeply engaged in the encryption algorithm selection and protocol tuning process, guaranteeing seamless synergy across heterogeneous devices worldwide.

TP-Link leveraged Amazon KMS, a key escrow service, to create and manage encryption keys, and adopted Amazon Inspector and Amazon Security Hub, among other security components, to continuously scan images and workloads for potential vulnerabilities and unintended network exposures. Moreover, TP-Link introduced the next-generation firewall from Palo Alto via AWS Marketplace, to detect cross-border traffic and resist malicious attacks, thereby forming a closed loop of security and compliance. 

In addition, AWS Solutions Architect team also helped TP-Link enhance fault tolerance for both local transmission and public network transmission of data, and optimize both the uplink (device-to-gateway) and downlink (gateway-to-cloud), to ensure no video clip loss in poor network conditions. For high-concurrency scenarios, TP-Link utilized Amazon CloudFront’s global edge nodes and the QUIC protocol (a new-type UDP-based transmission protocol) to refine data transmission, avoiding single network failures through multi-path redundant transmission. After rounds of deep tuning, this security architecture has ultimately passed stringent enterprise-grade validation.

When video streams reach the cloud via optimized links and are stored in Amazon S3, reliable storage of massive data becomes a core concern for TP-Link. In face of the customer’s tough requirements for 24/7 continuous writing of data without loss, AWS Solutions Architect team offered a storage optimization solution tailored to TP-Link’s needs, ensuring fine cost management without compromising performance.

With Amazon S3’s multi-region deployment capability, TP-Link enables localized storage and cloud backup of data that aligns with user needs in different countries and regions. With Amazon S3’s enhanced throughput and elastic scaling capacity, TP-Link ensures zero data loss under high-concurrency write scenarios. Amazon S3 buckets are organized by country and region, to meet data localization requirements and ensure that only authorized users can access video data. Furthermore, the batch deletion and tiered storage features of Amazon S3 also empower TP-Link to further reduce cloud storage costs.

 

With the digital foundation built by AWS, TP-Link’s enterprise-level cloud management system experienced leaps in security resilience, operating efficiency, and intelligent services. The transformation not only meets the tough demands of worldwide enterprise customers, including supermarkets, warehouses, and industrial parks, for zero data loss, but also opens up a new growth path for value-added cloud storage services.

• A breakthrough in security compliance -- TP-Link successfully built an end-to-cloud, full-chain protection system that comprehensively meets stringent data security regulations across different countries and regions, thereby ensuring the security of data during both transmission and storage.
• Enhanced business resilience -- TP-Link’s products and services are used in more than 170 countries and regions. With the help of AWS, TP-Link achieved a cloud storage scale of up to 100-PB level. The high-speed cloud transmission channels effectively address the challenge of cross-border high-concurrency write operations, satisfying enterprise customers’ demands for 24/7 uninterrupted recording.
• Upgraded customer experience -- With Amazon S3’s enhanced throughput and elastic scaling capacity, TP-Link ensures no loss of data in high-throughput write scenarios, thus enhancing customer satisfaction.

“We built a future-oriented enterprise-level security architecture on AWS, guaranteeing the confidentiality and integrity of customer data while freeing our team to focus more on innovation.”

—— Chok Lam, Technical Head of TP-Link  

After introducing AWS services, TP-Link completed the upgrades of its enterprise-level system in terms of stability, data consistency, and write capability, among other critical links through reshaping its consumer-level architecture. Substantial improvements were achieved particularly in weak-network write operations and high-concurrency transmission. Besides daily monitoring, its cameras can now automatically identify abnormal events, send video clips back to the cloud, and achieve dual-copy storage in local SD cards and the cloud, laying a more resilient digital foundation for professional scenarios. During the process, AWS offered round-the-clock response through AWS Solutions Architect team’s support and Enterprise Support, helping TP-Link plan and build solutions based on best practices, and providing a solid technical underpinning for TP-Link’s business development.

Going forward, TP-Link will further deepen collaboration with AWS, to explore a richer variety of services in cloud subscriptions, and provide global customers with even better network and security solutions.