A large-scale security organization offering advanced integrated and technology-based security solutions was looking to move its entire legacy setup to AWS cloud.
LTI-Powerup steered the client through a smooth migration process along with providing them round-the-clock managed services for all their applications and services on the cloud. LTI-Powerup also ensured the client could derive maximum benefits from automated deployments and enhanced DevOps capabilities.
The client is a leading innovative Singapore-based operations-technology organization that provides commercial supplementary-armed security forces to government as well as private organizations. They build and manage customized security solutions for complex and crucial operations offering unique integrated security systems that comprise of modern technology, facilities management, security management, customer service and human resources.
The goal being to constantly develop and deliver collaborative and integrated security services that drive operational efficiency and fruitful business outcomes.
The client intended to deploy all their internal web, application, and databases onto the cloud. They were looking for an experienced consulting firm that would help them –
- Migrate to AWS,
- Manage the applications 24/7 and
- Build DevOps capabilities along with it.
LTI-Powerup, premier and trusted consulting partner of AWS, facilitated the migration of the client’s entire on-premise setup to AWS cloud followed by instrumentation of DevOps practices, managed services, and cloud best practices.
LTI-Powerup’s cloud experts engaged with the client to understand and implement migration strategies for their current on-premise setup that was to be moved to AWS.
A high available architecture was designed to host the primary site on availability zone – A whereas disaster recovery of workloads were recommended to be hosted on availability zone – B in the AWS Singapore region. The purpose of positioning multiple independent availability zones was to ensure business continuity in case of unforeseen setbacks and to strengthen AWS resiliency strategy.
The applications and database workloads were hosted on AWS EC2 services for better compute security and capacity.
Elastic Load Balancing (ELB) would automatically help distribute the incoming application or network traffic and route requests to registered EC2 instances, containers, or IP addresses in multiple Availability Zones depending upon the load capacity and reachability it could support.
ELB is capable of scaling the load balancer according to the variation in the incoming traffic over a length of time.
Ever since, developers were able to design and deploy scalable, tolerant, versioned and more consistent architecture on cloud.
AWS systems patch manager provisioned centralized patching of all the servers while AWS NTP service was used for time synchronization of all instances running on VPC across all AWS public regions. Servers were accessed through openVPN access server, which supports all major operating systems including desktop and mobile platforms.
AWS CloudFormation allowed provisioning a collection of related AWS infrastructure using a simple text file, which acts as a template that can be used to design and build one-click deployments. Alternatively known as Infrastructure as code, it simplified and accelerated provisioning and management on AWS. These deployed solutions became more reliable and adhered to all AWS recommended best practices.
AWS Identity and Access Management (IAM) assisted in creating and managing user access to AWS services and resources via secure encryption keys. AWS users and groups were formed with pre-defined access permissions using IAM.
Amazon S3 (Amazon Simple Storage Service) capacitated data storage at one place that could be accessed with easy-to-use application interfaces. Amazon S3 easily managed data and access controls for the client as it is designed for 99.9999% of data durability. It helped protect data from failures and threats, consequently enhancing scalability, availability and application performance.
With S3 object Lambda, customized codes could be run to process or modify the data as it is returned to an application. AWS Lambda functions enabled codes to run virtually on any infrasructure fully managed by AWS without having to provision or manage for servers. With Lambda, backup automation could be stimulated along with triggering alerts to monitor backup statuses.
This brought down costs dramatically as the client ended up paying only for the consumed compute time. It also warranted code scalability with high availability.
AWS CloudWatch is a metrics repository that helped monitor client’s resources and applications on cloud. Operational data logs, metrics and events could be viewed and tracked via consolidated automated dashboards.
Opensource solutions like Grafana and Sensu were configured for detailed monitoring of AWS EC2 resources.
AWS CloudTrail was implemented to capture event history of the client’s Amazon web services account activity. CloudTrail facilitated cloud governance, adhering to compliance as well as operational and risk auditing of the entire client AWS accounts.
AWS Key Management Service (KMS) was used to encrypt data volumes. It helped control data usage across AWS services and AWS KMS could also be integrated with AWS CloudTrail to provide logs of all key usage in order to meet regulatory and compliance needs.
AWS Config helped assess, track and evaluate the configurations, inventory and changes related to AWS resources whereas Amazon GuardDuty aided in continuous monitoring and intelligent detection of unauthorized threats or malicious activity to protect the client’s AWS accounts, workloads, and data stored in Amazon S3.
- With the migration to AWS, the client was able to seamlessly integrate the migrated applications with its on-premise legacy systems generating technical agility across the organization.
- The AWS well-architected framework facilitated greater scalability, high availability and operational flexibility of applications helping them boost their customer support, service and retention.
- The client was able to continuously and proactively monitor systems, detect as well as resolve issues in real time on automated basis, invariably enhancing security, reliability and application performance.
- The backup and disaster recovery solutions were more efficient and trouble-free with the move to AWS.
- The client was able to create standard templates for infrastructure deployment ensuring speed, consistency and minimal or zero component-level failures.