Welcome » Case Studies » VRT – Advanced Security
AWS CASE STUDY
Executive Summary
The Vlaamse Radio- en Televisieomroeporganisatie (VRT) implemented AWS Shield Advanced to protect their 24×7 platform. Key considerations included SRT support, L7 protection and cost-effective security measures.
AWS WAF was also implemented. The implementation happened after a successful PoC.
CUSTOMER:
VRT
PROJECT:
FIRST LAUNCH:
February, 2024
Customer Profile
VRT is the public broadcaster of the Flemish Community in Belgium. It is a media organization oriented towards all Flemish citizens, with a special focus on the diversity and uniqueness of the Flemish audience.
VRT mainly presents high-quality and distinctive content in the areas of information, culture, education, entertainment, and sports. With its three television channels, five radio stations and various digital channels, VRT reaches 90% of all Flemish people, every single week.
Consequently, VRT can be seen as a relevant player that has a major societal impact and can contribute to a pluralistic debate, thus strengthening democracy.
In addition, VRT stimulates people to experience culture and language, while propagating the Flemish identity throughout its functioning.
VRT is also a very future-oriented organization and focuses heavily on innovation and digitization. The broadcaster plays an important role in the Flemish media ecosystem and cooperates with numerous national
and international partners from various fields.
The Challenge
Given the VRT’s operational sectors, maintaining 24×7 availability for their platforms is crucial. Any downtime is simply unacceptable. In the last few years there has been a surge in geopolitical DDoS attacks,
prompting VRT to seek an advanced solution to bolster the security of its Cloud infrastructure. The following features of AWS Shield Advanced were key considerations for the customer:
- SRT Support: Ensuring robust protection against threats.
- Layer 7 (Application Layer) Protections: Safeguarding against targeted attacks.
- Coverage of Standard AWS WAF Fees: Cost-effective security measures.
With AWS Shield Advanced, VRT can effectively shield all their AWS endpoints, preventing malicious access without triggering false positives.
After completing an initial successful PoC together, the solution was fully implemented across multiple accounts.
Partner Solution
- Distributed Denial of Service (DDoS) Mitigation: Implemented using AWS Shield Advanced.
- Web Application and API Protection (WAAP) Management: Implemented using AWS WAF. Having a WAF (WebAcl) is required when enabling Layer 7 protection, as Shield needs to have the capability to automatically implement mitigations. VRT has a playbook which describes best practices for configuring WAF rules.
Results and Benefits
Since the implementation of AWS Shield Advanced, 47 events have been blocked, with a request rate up to almost 1Mrps.
Technology used:
- AWS Shield Advanced
- AWS WAF
- Amazon CloudFront
- Amazon Route53