Customer Stories

CASE STUDY

Securing APIs to Aid Compliance Initiatives -

How Telstra Achieved API Security With Minimal Hassle

HIGHLIGHTS

  • API and microservices security achieved easily using WSO2 API Manager
  • Greater control of API consumption with WSO2 providing a straightforward mechanism to integrate with the user store
  • New system - launched 2 weeks after initial trial - is stable with few support queries to date

The Security Operations Centers are a part of Telstra, a leading telecommunications provider in Australia with an international presence in over 20 countries. Established in Melbourne and Sydney in 2017, the centers deliver open-source security solutions to government institutions. Their operations are underpinned by four key principles: analytics-driven insights, transparency, cost-effectiveness, and collaboration.

Goals

  • Securely expose data as APIs with government institutions
  • Control API consumption and manage their usage

Requirement

  • An API management solution that is extensible, flexible, and comes with no hidden costs

Industry: Telecommunication
Location: Australia

ABOUT Telstra

Telstra is Australia’s leading telecommunications and technology company, offering a full range of communications services and competing in all telecommunications markets.

In Australia Telstra provide 18.3 million retail mobile services, 3.7 million retail fixed bundles and standalone data services and 1.4 million retail fixed standalone voice services.

After careful evaluation of all the available open-source products and their technical capabilities,WSO2 stood out with its rich features of security, access control, analytics, and functionality to integrate with any other WSO2 product and to complement WSO2 API Manager. Apart from the above, the most important thing is that there was no steep learning curve which enabled the team to kick start using WSO2 from day one with no major issues to date.”

Andres Rojas

LI domain expert

Telstra

Deployment and Approach

The team at Telstra was no stranger to WSO2 products and was well aware of their capabilities. This project started with Telstra engaging with WSO2’s Quick Start Package (QSP), where WSO2 product experts worked with the team at Security Operations Centers on-site to deploy the solution. Given the success of the initial deployment, which met both deadlines and budget allocations, Telstra proceeded with a soft launch.

WSO2 API Manager provides capabilities for full API lifecycle management, integration, and development. Given its deployment flexibility, the solution can be deployed on-premises, on the cloud (or both), and on an in-container deployment such as Docker. API security is a key capability of WSO2 API Manager, enabling enterprises to authenticate and authorize API requests from external partners. Telstra’s emphasis on open-source technology meant that WSO2 API Manager had an added advantage since it requires no vendor-lock in, being an open-source API management solution.

The new solution has proven to be stable and reliable. Following this success, the team at Security Operations Centers anticipates more traffic, and more exposure of APIs, as the project grows in the future. Telstra now plans to use WSO2 API Manager in a distributed deployment in the long term.

Telstra Overview Diagram

RESULT

  • API and microservices security achieved easily using WSO2 API Manager
  • Greater control of API consumption with WSO2 providing a straightforward mechanism to integrate with the user store
  • New system - launched 2 weeks after initial trial - is stable with few support queries to date

Our Products

The #1 open source hybrid API Management platform

An API-centric, cloud-native, and distributed integration platform

Open Source Identity & Access Management for Agile Businesses