Solution Overview

A security services provider was deploying an application but was facing some challenges on provisioning highly equipped physical servers on-premises, The IT team was enabling the management, development, and security teams to work together to triage, track, validate and manage software security activities. The key problem was that even after provisioning servers, the specifications for the application were not satisfactorily met.

‍

Quadra at Work

Quadra’s AWS consultants had a discussion initially with the client’s team to understand the workflow of the application. Subsequently, we drafted a solution and explained the architectural and application workflow as it would be on the cloud to the client. To begin with, we created a proof-of-concept deployment of the same application to prove it is a workable model, The solution was deployed and tested by the customer for a month. The Proof of concept also incorporated the active directory and the required policies for restricting the users based on roles and responsibilities.

‍

Technical Architecture

‍

Business Benefits Realized

The PoC increased the confidence of the customer on proceeding with the transition to the AWS Cloud. Ultimately, the application was deployed on AWS using a Virtual Private Cloud, Route Table, Internet Gateway, and NAT gateway. Servers of the required specifications were launched as Elastic Compute Cloud instances, integrating Windows, and SQL Licenses from AWS under a License Included (LI) concept inside a private subnet for restricting public access to the server. For storage to the servers, the Elastic Block Storage was used with the latest SSD-backed volumes. Users who want to access this server will access them from the Amazon Workspaces which are managed with required group policies and restrictions using the Microsoft managed active directory which was also provisioned from AWS.

We created a site-to-site VPN for the developers to connect to their application in order to deliver high availability by using two tunnels across multiple availability zones with the AWS global network. Now, their developers can stream traffic through the first tunnel and use the second tunnel for redundancy – even if one tunnel goes down, the traffic will continue to flow.

We have included Cloud Watch, CloudTrail, VPC Flow Logs, and AWS Backup for monitoring and backup services, improving the company's data security and reliability.

‍

Quantifiable Outcomes

Quadra’s successful deployment on AWS has resulted in the following benefits for our customer:

• Infrastructure management time has decreased by 80%
• Turnaround time of Vertical and Horizontal scaling up of application servers became weeks to minutes.
• Application team’s productivity has increased by 50%
• We have enabled anywhere anytime access for the Analyst which has increased productivity by 90% by providing flexible working hours.
• Security posture has increased with the native AWS Managed security services.
• We utilized the Amazon workspace to access the AWS infrastructure which has ensured 100% data security by isolating endpoint devices communication from production infrastructure.
• We configured Multi-Factor Authentication for improving security.
• Since AD policies based on users have been applied the risk permission breach has been reduced.

‍