PacketX Technology

PacketX Technology, a company of young entrepreneurs founded in 2014, operates in network forensics, traffic analysis, and mobile communications. Chunghwa Telecom offered its assistance by driving network technological innovation by use of software engines, using its proprietary deep packet inspection (DPI) technology to monitor networks, and helped develop a network visualization platform and edge computing ecosystem. Precisely introducing operation traffic into each packet analysis devices, especially Security equipment. Ensure compatibility of emerging IT technologies and existing packet analysis tasks.

What are the challenges?
  • Early after its establishment, PacketX Technology chose AWS's cloud services. Their choice was made in consideration primarily of reliability and security. When obstacles are encountered during the expansion of business, a new host and services will need to be established, meaning more communication with engineers on complicated settings to build new websites or expand functionality. And as the company's scale grows, its older operational models and outdated equipment pose higher risks to the company and are generally more time and cost consuming, meaning that cost optimization is more difficult to achieve.
  • Furthermore, there are several problems that need to be addressed: setting up of a process for automatically assessing system vulnerabilities to reduce IT maintenance costs when establishing a system on the cloud; if the customer needs to establish application services on their website, its security must be taken into account along with improving its high availability and expandability; and protections for web applications must be improved.
  • Enhancing the visibility of Security has become one of the most important challenges in the introduction of cloud solutions in hybrid cloud environments with complex system architectures, especially as opposed to traditional physical environments. Effectively identifying and controlling the sources and number of attacks and reducing the time spent on system integration and operational abnormalities, shortening launch time for new services, quickly increasing revenue and customer satisfaction, and effectively monitoring and logging potential threats.
  • And after the customer went on the cloud, it was rather difficult to check the level of security associated with each function; it was also difficult to use automated deployment to continuously monitor the cloud and ensure that its security status complied with security standards of the industry.
Chunghwa Telecom's solution:
  • We introduced an application load balancer and AWS Certificate Manager (ACM) certification management integration solution to establish a HTTPS traffic load mechanism; this allowed the web applications to be expandable and secure.
  • Provided technical support and personnel specifically for introducing AWS security.
  • Integrated several services, including AWS Lambda, AWS Key Management Service (KMS), AWS Identity and Access Management (IAM), AWS Security Token Service (AWS STS), AWS WAF, for automated deployment of Chunghwa Telecom's cyber threat intelligence to the customer's AWS cloud environment.
How were the obstacles overcome?
  • Assist the customer in implementing AWS WAF protection mechanisms and providing custom AWS WAF rules and adjustments through Security consulting services.
  • Introducing Amazon Inspector for automated security evaluation services, which determines whether and the extent to which there is exposure, holes, or deviances from best practices.
  • Assist the client in implementing Amazon Athena analysis inquiry to analyze AWS WAF and Application Load Balancer (ALB) logs saved on the Amazon Simple Storage Service (Amazon S3) and thus increase the visualization of security on the cloud.
  • Establish Amazon GuardDuty smart monitoring for abnormal events through Amazon Route 53, AWS CloudTrail, and VPC Flow Logs; and use AWS Lambda to automatically update the Threat IP Set to increase the efficacy of detection using machine learning.
  • Introduce the AWS Security Hub to continuously monitor the cloud environment and ensure that its security status complies with the security and best practice standards of the industry. Then set custom actions to integrate the Amazon CloudWatch Events monitoring mechanisms and Amazon SNS to automatically issue problem list alerts.
Results of cooperation:
  • Established an application service load balancer that helped raise the high availability and high expandability, while also covering security.
  • Automated system vulnerability evaluation and patch management processes helped to lower the maintenance burden on IT.
  • Provided web applications for highly efficient web security.
  • Analyze security logs to increase the visualization of security on the cloud.
  • Integrates security monitoring mechanisms on the cloud and issues problem list alerts/notifications.
  • Continuously monitor the cloud environment and ensure that its security status complies with the security and best practice standards of the industry.
Products and services used for the cooperation:

AWS Identity and Access Management (IAM) 、AWS GuardDuty、Amazon Macie、AWS Inspector、Amazon Config、 Amazon Config Rules、Amazon CloudTrail、Amazon CloudWatch Events、AWS Lambda、AWS KMS、AWS WAF、AWS Secrets Manager、AWS Certificate Manager、AWS Security Hub。