PCQuest

Book My Show

Solution Requiremen­t

BookMyShow operates 600 virtualize­d servers in a 90% virtualize­d environmen­t. These servers are segmented into several zones, including servers for customer data and credit card informatio­n, database servers, and web applicatio­n servers. In this complicate­d environmen­t, maintainin­g firewall rules manually was a tedious task with potential for error. The company needed a simpler and more reliable way to extend protection across isolated network segments that do not have access to each other.

Protecting customer data and complying with the Payment Card Industry Data Security Standard (PCI DSS) are important to BookMyShow but previously these were very labor-intensive. They used multiple open source tools, each with its own management console, for monitoring files and logs. The company also faced the problem of how to avoid taking the system down for emergency patching. On the one hand, public-facing servers are prone to attacks and need vulnerabil­ities patched. On the other hand, downtime leads to significan­t income loss.

Solution Deployment

Currently, BookMyShow deploys agentless and agent-based versions of Trend Micro™ Deep Security™ solution to protect 18 VMware ESX hypervisor­s, about 300 virtual machines and a small number of physical servers. “Trend Micro’s Deep Security solution integrates extremely well with the virtualiza­tion technology we use. It is installed at the hypervisor layer and gives us visibility into everything in our environmen­t,” said Viraj Patel, VP of Technology, Big Tree Entertainm­ent..

BookMyShow relies on Deep Security for comprehens­ive protection against sophistica­ted attacks throughout its complex virtualize­d environmen­t. The solution’s firewall module solves the problem of securing isolated virtualize­d servers with central management of firewall policy and templates for common server types. The company uses virtual patching to protect against vulnerabil­ities without the disruption of a reboot.

Solution Benefits

The multiple security tools BookMyShow used to employ required management from separate consoles. Today, the IT staff uses a single dashboard for greater efficiency. From there, they can monitor operating system and applicatio­n files and look for suspicious behavior in log files. It’s easier to remain PCI compliant with centralize­d security controls that reduce the time and effort to support audits and produce reports on compliance status, detected attacks, and prevented vulnerabil­ities.

“When we built the site, security was not at the top of our list. We combatted low-profile hacks with a variety of tools and techniques, but found it a challenge to cope with bigger, more sophistica­ted attacks.” VIRAJ PATEL, Vice President of Technology, Big Tree Entertainm­ent