Robi Axiata Limited, the second-largest mobile network operator in Bangladesh, is the leading 4G service provider with over 50 million subscribers. It was the first operator to introduce GPRS, 3.5G, and 4.5G network services in the country. Robi, a mobile network operator, has provided reliable mobile financial services to underserved rural and semi-urban communities through innovative digital solutions such as Robi-Shop, sports, gaming, entertainment, health, e-commerce payment platforms, and train ticket purchasing apps.
Customer Name: Robi Axiata Limited
Industry: Telecommunication
Location: 53, Gulshan South Avenue, Dhaka-1212, Bangladesh
Challenge
A fast, reliable, and safe application environment for customers. | Enhance the security posture of digital applications and enable safe online payment transactions to promote online business. | Implementing OWASP Top 10 Protection and PCI-DSS compliance
Solutions
Advanced Web Application Firewall (WAF) | Application Delivery Controller (ADC)
Results
Improved Security Posture and Secured Apps | Enhanced Uptime for Customers | Increased Flexibility and Agility for The Development Team
“ESL meets our need as an enterprise perfectly. They have the sophistication and scale we require for our large-scale projects. Regardless it is networking or database application, ESL never fails to amaze us with their quality service, well-timed response and meticulous solution design.”
ESL Application Security
ESL’s advanced team uses machine learning, threat intelligence, and deep application capabilities to protect Robi’s websites and digital solutions using F5 Advanced WAF. The solution protects against data breaches, vulnerability scans, application-layer DoS attacks, and OWASP top 10 threats. It also creates a baseline of normal application traffic behavior, monitoring and blocking anomalous traffic patterns or malicious bots without human intervention.
Challenges
Robi’s security measures focused on network security, neglecting potential application layer attacks for web-based solutions. This led to zero visibility of potential attacks. With cyberattacks accelerating, Robi had to maintain high-volume traffic using stealthy techniques, straining internal resources regularly. These issues combined put Robi in an unfavorable position.
Robi has appointed ESL and f5 to improve its platforms’ scalability and performance for critical workloads, ensuring compliance with the Payment Card Industry Data Security Standard (PCI DSS) and comprehensive protection against OWASP top 10 threats. This will allow Robi’s development team to focus on innovative application enhancements, enhancing the user experience and ensuring a secure environment for its applications.
Solutions
ESL implemented F5 solutions, including F5 Advanced Web Application Firewall and F5 Big-IP Local Traffic Manager, for Robi’s applications traffic management and security control solution. These solutions provided efficient security protection in a consolidated IT architecture, saving Robi costs and enhancing their robust and resilient Data Center Disaster Recovery (DC-DR) infrastructure.
Improved Security Posture and Secured Apps
F5 Advanced WAF utilizes machine learning, application expertise, and behavioral DoS detection to enhance Robi’s digital solutions and applications, ensuring safe and secure customer transactions.
Enhanced Uptime for Customers
Robi offers customers 24/7 access to its digital solutions and applications, ensuring comprehensive security against disruptive and malicious web attacks.
Increased Flexibility and Agility for The Development Team
Robi’s development team can now concentrate on developing innovative application enhancements to enhance user experience and ensure they have access to necessary applications at any time, thanks to improved application delivery capabilities.
F5 Advanced WAF relieves Robi of the intensive SSL encrypting and decryption process, freeing up server resources. SSL is offloaded to a dedicated server, allowing Robi’s system to handle other applications and platforms. Additionally, potential threats can be better scanned and prevented.
Robi uses F5 Advanced WAF to monitor server health and security, enabling accurate detection and mitigation of malicious attacks before damage to the website or brand reputation, enhancing web attack visibility, safety, and service quality for customers.