DragonSoft, founded in 2003, is a company focused on developing internationally competitive Security software. It possesses a skilled professional project team and Security experts. Its products have obtained certification through the Common Vulnerabilities and Exposures (CVE®) Compatibility Program, ahead of its competitors. It has more than a 70% market share in Taiwan; its customers include government agencies, financial institutions, schools, companies, and Security service providers, altogether more than 200 entities. Its agents and distributors are located in more than a dozen countries across Europe, the Americas, and Southeast Asia. DragonSoft's core business includes the software development and service aspects of Security. DragonSoft internationally promotes Taiwanese Security products and services with its professional brand image and dynamic deployment.

What are the challenges?
  • Early after its establishment, DragonSoft chose AWS's cloud services. Their choice was made in consideration primarily of reliability and security, which are difficult to implement through a traditional server room. When obstacles are encountered during the expansion of business, a new host and services will need to be established, meaning more communication with engineers on complicated settings to build new websites or expand functionality. As the company's scale grows, its older operational models and outdated equipment pose higher risks to the company and are generally more time and cost consuming, meaning that cost optimization is more difficult to achieve.
  • And in addition, one more issue that has faced the company is porting existing cyber threat intelligence systems onto the cloud environment in a short period of time, building a collective Security defense while smart-monitoring for abnormalities to raise the efficacy of threat detection.
  • Enhancing the visibility of Security has become one of the most important challenges in the introduction of cloud solutions in hybrid cloud environments with complex system architectures, especially as opposed to traditional physical environments. Effectively identifying and controlling the sources and number of attacks and shortening the long time spent on system integration and operational abnormalities, shortening launch time for new services, quickly increasing revenue and customer satisfaction, and effectively monitoring and logging potential threats.
  • And after the customer went on the cloud, it was rather difficult to check the level of security associated with each function; it was also difficult to use automated deployment to continuously monitor the cloud environment and ensure that its security status complied with the security and practice standards of the industry.
Chunghwa Telecom's solution:
  • We introduced an application load balancer and AWS Certificate Manager (ACM) certification management integration solution to realize the centralized management of TLS security encryption and the load balancing of traffic.
  • Provided technical support and personnel specifically for introducing AWS security.
  • Integrated several services, including AWS Lambda, AWS Key Management Service (KMS), AWS Identity and Access Management (IAM), AWS Security Token Service (AWS STS), AWS WAF, for automated deployment of Chunghwa Telecom's cyber threat intelligence to the customer's AWS cloud environment.
How were the obstacles overcome?
  • Assist the customer in implementing AWS WAF protection mechanisms and providing custom AWS WAF rules and adjustments through Security consulting services.
  • Assist the client in implementing Amazon Athena analysis inquiry to analyze AWS WAF and Application Load Balancer (ALB) logs saved on the Amazon Simple Storage Service (Amazon S3) and thus increase the visualization of security on the cloud.
  • Establish Amazon GuardDuty smart monitoring for abnormal events through Amazon Route 53, AWS CloudTrail, and VPC Flow Logs; and use AWS Lambda to automatically update the Threat IP Set to increase the efficacy of detection using machine learning.
  • Introduce the AWS Security Hub to continuously monitor the cloud environment and ensure that its security status complies with the security and best practice standards of the industry. Then set custom actions to integrate the Amazon CloudWatch Events monitoring mechanisms and Amazon SNS to automatically issue problem list alerts.
Results of cooperation:
  • Huge cost-cuts for information security maintenance personnel.Huge cost-cuts for Security maintenance personnel.
  • Simplified the Security management process and lowered the work load for operations.
  • Costs are flexible, and can be adjusted according to what the actual situation requires.
  • Provide application API for highly effective web protection.
  • Analyze security logs to increase the visualization of security on the cloud.
  • Continuously monitor the cloud environment and ensure that its security status complies with the security and best practice standards of the industry.
  • Integrates security monitoring mechanisms on the cloud and issues problem list alerts/notifications.
Products and services used for the cooperation:

AWS Identity and Access Management (IAM) 、 AWS GuardDuty、 AWS Inspector、AWS Config、AWS Config Rules、AWS CloudTrail、 AWS CloudWatch、AWS CloudWatch Events、AWS Lambda、AWS KMS、AWS WAF、AWS Certificate Manager。