Case Study

Efficient Landing Zone Automation Streamlines Setup, Reducing Manual Work by 80% for a PSU

Download the Case Study

Government and PSU


AWS IAM, Amazon S3, AWS WAF, AWS Sheild, AWS KMS, AWS GuardDuty, Amazon CloudWatch, AWS CloudTrail, Amazon EC2


Implemented security measures to ensure protection against DDoS attacks, restrict unauthorized access, and utilize IP intelligence for enhanced defense, strengthening overall security posture and system stability.

About the Client

IRCTC was established in 1999 as an extension of Indian Railways, enhances catering and hospitality services, and promotes tourism through budget hotels, tour packages, and global reservation systems. 


DDoS Prevention and System Stability

Blocking malicious IP addresses and limiting request rates

Access Control and Authorization

Restriction of access to sensitive resources

Comprehensive Threat Protection

OWASP Top 10 list and Safeguards Against Common Threats

The Challenge

The client faced scalability and security challenges with their On-Premises Infrastructure, necessitating a transition to AWS Cloud. This involved implementing an enhanced AWS WAF for improved application security and modernizing their infrastructure. 


  • Implemented AWS WAF rules to block foreign IP addresses during specific time frames, reducing the impact of bot traffic and illegitimate requests during critical booking periods. Time frames are set from 07:40 hrs. to 08:10 hrs, 09:40 hrs to 10:10 hrs, and 10:40 hrs to 11:10 Hrs. 
  • Blocked anonymous proxy IP addresses for both their website and mobile application. 
  • Blocking is always enabled without whitelist configuration, enhancing security by preventing access from potentially malicious sources. 
  • Rate limiting has been set up for their mobile app, restricting it to 7 HTTP requests per second per source. A similar rule has also been enforced to cap requests at 2100 per 5 minutes, effectively managing traffic flow and promoting fair resource utilization. 
  • Implemented managed core rule sets for OWASP Top 10 attacks, including protection against illegal URLs, host names, evasion techniques, file types, and known bad inputs. 
  • Implemented DDoS protection measures, including rate-based blocking and AWS Managed Rulesets such as Amazon IP Reputation List, Anonymous IP List, and specific Windows and Linux operating system rule sets. 

The Results

Security measures have been implemented to prevent DDoS attacks, restrict unauthorized access, and utilize IP intelligence for enhanced defense, strengthening overall security posture and ensuring system stability. 

Download the Case Study

AWS Partner - Migration Services Competency

Pioneering Migration space by being an AWS Partner - Migration Services Competency.

Learn more

An authorized partner for all major cloud providers

A cloud agnostic organization with the rare distinction of being an authorized partner for AWS, Microsoft, Google and VMware.

Learn more

A house of strong pool of certified consulting experts

150+ cloud certified experts in AWS, Azure, GCP, VMware, etc.; delivered 200+ projects for top 100 fortune 500 companies.

Learn more

Get The Most Out Of Us

Our support doesn't end here. We have monthly newsletters, study guides, practice questions, and more to assist you in upgrading your cloud career. Subscribe to get them all!