Case History: Education and Research

This means that vulnerability information is always confidential and data is always under the customer's control.
For this reason Pluribus One guarantees the privacy and anonymity of its customers in all phases of work and assistance, including the description of the case history.

Business scenario
The customer is a private university. The web services managed by the university include services to: students (e.g. admittance, classes, exams), teaching and research staff, administrative personnel.
The infrastructure is distributed across three different sites: one on-premise and the other two hosted by two major cloud services providers.
Customer need
The customer interest is to ensure adequate protection for many custom and legacy applications, with a set of well-crafted protection rules; the customer needs to deeply inspect the web services’ traffic to enable coordination between the security, operation, and development teams.
Key benefits after Pluribus One's assistance
1. Possibility to create easily custom protection rules, higly tailored on the monitored services (high protection; low false positives).
2. Detailed information on the services, which enables cooperation between the security, operation, and development teams.
Product/service used to support the customer:

When
March 2017 - current
HW requirements of the WAS® installation
48 vCPU – 252GB RAM – 250GB HDD
Connected components
Data Source: Oplon® ADC
Protecting: Oplon® WAF
Monitoring: SIEM based on the ELK stack
Services to monitor
Number of services: 100
Requests/day: 10Mln hit/day
Sought retention period: 15 days
