Seeking to Ease IT Management and Improve Compliance and Scalability
PayU has been running its application environment on Amazon Web Services (AWS) since 2015, taking advantage of the scalability and agility of the AWS Cloud to fuel business growth. While the company continued to move workloads to AWS, it relied on a third-party on-premises firewall solution—which separated the main console and gateway—to secure its network. This caused challenges for PayU’s platform and infrastructure engineering team, as connecting its physical data center to AWS, and managing both environments proved to be tedious.
Relying on an on-premises data center also made compliance time-consuming. PayU must ensure Payment Card Industry Data Security Standard (PCI DSS) compliance to protect cardholders’ personal information. PayU’s network security manager says, “We had to manage compliance ourselves—especially for solutions deployed on premises—and use different vendors for auditing. The vendors would have to physically come to the data center and test our workloads, completing a very detailed audit before we received clearance.”
PayU also had challenges scaling the on-premises firewall solution during busy holiday seasons, when customer traffic spikes. During these periods, PayU witnessed thousands of additional transactions per day. Its firewall solution couldn’t support the load, resulting in performance issues and customers having to wait longer for transactions to go through.
Streamlining Management and Simplifying Deployment with AWS
After several discussions with AWS architects, PayU decided on a solution that could offer better performance and native integration with its AWS application environment. It worked closely with AWS to implement
AWS Network Firewall, a managed service that simplifies deployment of network protections for
Amazon Virtual Private Cloud (Amazon VPC). AWS Network Firewall features a flexible rules engine that lets users define managed and open-source firewall rules, allowing fine-grained control over network traffic to prevent the spread of malicious activity.
PayU deployed
AWS Global Accelerator, a networking service designed to improve the performance of user traffic flowing through
AWS Global Infrastructure. It optimizes application latency when the network is congested and improves availability by providing two global static public IPs.
PayU also ensured its payment gateway and application traffic moves directly through AWS, via AWS Network Firewall and AWS Global Accelerator. The company is also leveraging
AWS Enterprise Support, allowing them to resolve issues faster with a single point of contact, compared to previously having to liaise with multiple vendors.
Implementing AWS Network Firewall and AWS Global Accelerator has improved performance for PayU’s PayUbiz and Citrus UPI applications. Following the migration to AWS, PayU saw its application response time halve from 800 to 400 milliseconds.
With this 50 percent reduction, PayU’s customers experience improved transaction and application performance. This is important for the business because today’s customers expect seamless interactions and fast payments.
Simplifying Firewall Management and Boosting Scalability
The PayU platform and infrastructure engineering team has also streamlined firewall management on AWS. According to the head of network security at PayU, “AWS Network Firewall and AWS Global Accelerator have reduced management complexity, because there’s no more manual effort involved. We have more flexibility to control access to hybrid environments and better manage traffic layers.” PayU has also decreased IT expenditure via a single integrated solution versus paying licensing and management costs to several vendors.
The AWS solution scales automatically with network traffic, so PayU no longer needs to spend time deploying and managing infrastructure when application traffic spikes during the busy holiday season.
Increasing Intrusion Protection and Reducing Audit Time from Days to Minutes
Additionally, PayU has strengthened overall security. Protection from potential intrusions is now enhanced, giving the company more confidence than before.
With AWS Network Firewall and AWS Global Accelerator being PCI-compliant, PayU has decreased the time to complete compliance audits. Now, PayU receives PCI reports on demand, which the company can present to auditors whenever necessary. As a result, PayU is reducing compliance audits from days to minutes.
Learn More
About PayU
PayU is one of India’s leading online payment providers. The company offers payment gateway solutions to online businesses worldwide and serves more than 4.5 million merchants across India with over 100 payment methods. PayU is the preferred payment partner for major ecommerce companies and airlines in India.
Benefits of AWS
- Simplifies firewall management
- Improves application performance by 50%
- Scales on demand during peak traffic times
- Increases protection from intrusions
- Reduces audit time from days to minutes
AWS Services Used
AWS Network Firewall
AWS Network Firewall is a managed service that makes it easy to deploy essential network protections for all of your Amazon Virtual Private Clouds (VPCs).
Learn more »
Amazon Virtual Private Cloud
Amazon Virtual Private Cloud (Amazon VPC) gives you full control over your virtual networking environment, including resource placement, connectivity, and security. Get started by setting up your VPC in the AWS service console.
Learn more »
AWS Global Accelerator
AWS Global Accelerator is a networking service that improves the performance of your users’ traffic by up to 60% using Amazon Web Services’ global network infrastructure.
Learn more »