Gulf Air recently revealed a cybersecurity step-change as part of an ongoing campaign to safeguard its operations and deliver industry-leading customer service. The national carrier of the Kingdom of Bahrain has reinforced its network perimeter to pre-empt and combat Distributed Denial-of-Service (DDoS) attacks, improve data centre and application-level security and further enhance data and access protection measures.
A key component of Gulf Air's DDoS strategy is the deployment of the F5 DDoS Hybrid Defender. Gulf Air was keen to select a solution with an industry-leading, multi-layered defense mechanism against both blended network attacks and sophisticated application attacks.
The DDoS Hybrid Defender's features include full SSL decryption, anti-bot capabilities, and advanced detection methods. This ensures high line rate capabilities without impacting legitimate traffic. Crucially, the solution is compatible with Gulf Air's current perimeter security controls to minimize maintenance efforts.
"Combating DDoS attacks requires a purpose-built system-level architecture that detects and mitigates increasingly sophisticated, complex and deceptive attacks," said Dr. Jassim Haji, Director of Information Technology, Gulf Air.
"The solution delivers instantaneous controls and security measures against complex threats, exploits, saturation attacks, with an in-depth security mechanism that inspects application-layer events. It offers protection at all layers, protecting protocols – including those employing SSL and TLS encryption – as well as stopping DDoS bursts, randomized HTTP floods, cache bypass, and other attacks that can disrupt Gulf Air's critical applications."
Gulf Air's new DDoS capabilities fit into a wider digital transformation vision that was recently underscored by becoming the world's first airline to achieve seven IT ISO certifications. In 2012, it became the first business in Bahrain to introduce private cloud computing.
Technology is at the forefront of Gulf Air's recent resurgence which has been driven by a number of major cost saving initiatives. The airline is thriving by deploying state of the art technological solutions according to the latest trends that swipe the aviation industry, and has been awarded in several international and regional forums.
Other Application Delivery Controller (ADC) solutions in use include F5 BIG-IP Local Traffic Manager (to simplify, automate, and customize application delivery) and F5 BIG-IP Access Policy Manager (a flexible, high-performance access and security solution that provides unified global access to applications and the network). In addition, F5 BIG-IP Link Controller manages and reroutes connections based on link type and quality, ensuring a better user experience and reducing downtime.
As well as improving overall operational efficiency and slashing total cost of ownership (TCO), F5's solutions will scale to handle Gulf Air's future growth trajectory, enabling the airline to tap into the benefits of emerging technologies such as Software-Defined Networking (SDN) and Software-Defined Storage (SDS).
Gulf Air currently runs over 200 applications online supported by F5 technology, including email services, reservation systems and enterprise resource planning (ERP) and Electronic Flight Bag, eEnablement setup for newly introduced aircrafts.
"We made a strategic decision to partner with F5 because they are consistently ranked as one of the top leaders in enterprise security," said Dr. Haji. "F5 has also successfully provisioned crucial services to our users and customers in an efficient and secure manner for the past eight years. We are now proud to announce that we can protect the Gulf Air network from possible threats that are initiated from legitimate secure traffic based on behavior, rather than relying on traditional security measures."