By : Cloudxchange.io
Use Case : AWS Cloud Infrastructure IAAS -Large Scale Windows greenfield deployment.
About the Customer :
Growth Source Financial technologies is a well-funded new-age digital Non-Banking Financial Corporation, founded by Peeyush Misra and Yashraj Erande in March 2019.
It is led by seven professionals well respected in their fields and funded by Global and Indian institutions.
Product Landscape Includes:
- Loan Against Property
- Business Loans
- Consumer Loans
Third Party Tools Used :
- Third Party Monitoring tool using Site 24 x 7.
- Incident and Change Management using Fresh Service tool.
- Trend Micro Endpoint protection.
Platforms Used :
|Windows Server 2016 Datacenter Hardened||MS SQL 2016 Standard Edition|
Red hat Enterprise Linux 8.0 (Ootpa)
MS SQL 2016 Standard Edition
MS SQL 2016 Standard Edition
|4||Windows 2016 Datacenter||
Windows SQL 2016 Express SP2
Windows virtual machines with MSSQL 2016 Standard, Red Hat Linux virtual machines, Ubuntu virtual machines.
About Growth Source :
Growth Source Financial Technologies Private Limited is a fintech startup focused towards consumer funding business. They were looking to launch their business applications with shortest period possible to shorten their go to market time.
The Challenge :
- Since growth source is a fintech startup in consumer finance segment, they have unpredictable workload and scalability requirement.
- Growth Source need their entire Infrastructure on Cloud with High Availability with no single point of failure.
- Multiple applications testing to be done before finalizing application stack for their various business units.
- Long term vision of growth source management requires next generation PAAS and AI services best suited on public cloud.
- Hardware lifecycle management.
- Working on upcoming technologies.
Proposed Solution :
Considering growth source’s requirements, we proposed AWS based solution considering following requirements.
- High availability
- Cost Optimization
Key solution design features includes following :
- Separate landscape for production and non-production environment for isolation.
- Application servers will be configured at multiple AZ with load balanced using AWS Application load balancer once the application workloads are stable and a stateless application is built.
- Servers configured with auto start /stop mode for cost optimization.
- CIS hardened Windows operating systems images.
- High Availability of production database servers using SQL log shipping.
- Production servers accessed restricted via bastion hosts for additional layer of security.
- All servers configured with host-based AV using TrendMicro Endpoint Protection.
- Configure Snapshot Lifecycle Policy for the servers in AWS,
- Create a Life Cycle Policy on the volumes of the servers.
- Define the volume tags for the volumes of the servers.
- Create a schedule for backup of the volumes.
- Encrypt the data both at rest and in transmit.
- Configure retention policies.
First phase applications deployed :
- Penant ( LOS & LMS ) : Application ( Apache + Tomcat ) + DB ( windows / MS SQL ).
- Fox analytics ( Analytics application : Application ( Tomcat ) + DB ( Windows/ MS SQL ).
- Infor Sunsystem ( ERP ) : Application ( windows IIS ) + DB ( Windows / MS SQL ).
- CRIF (.NET based Windows 2016 + MSSQL Standard).
Architecture Deployed :
Why Amazon Web Service :
Growth Source adopt backup solution on Amazon Web Services (AWS) Cloud. They were interested in determining a better solution for data backup on cloud. Growth Source is engaged with cloudxchange.io, an AWS Advanced Consulting Partner to evaluate backup solution to manage huge set of on-premises backup to AWS Cloud and leverage cloud benefits.
AWS Services Used :
Following services have been used in AWS cloud,
- Amazon Code Commit
- Amazon API Gateway
- Amazon Pinpoint Service
- Amazon EC2 & Amazon Elastic block storage
- Amazon Lambda
- Amazon CloudWatch
- AWS CloudTrail
- Amazon Simple notification service
- AWS Simple storage service
- AWS Config (Configuration management)
- AWS Guard Duty
- AWS Web Application Firewall
- Aws Inspector
- Aws Key management service
Operational Excellence :
Cloudxchange.io has own service desk web portal for managing the incidents, alerts, sending alerts to user. Cloudxchange.io will provide 24 X 7 help desk support (Phone, Email & web based) to customers. Cloudxchange.io’s help desk will support customers to address problems related to solution. The Service Desk application includes all direct interaction between a user and the service desk by phone or by Email-ID. It also includes all user activities that occur by use of the self-service Web portal.
Functionality includes :
- Incident management, users can raise tickets via email, self-service portal, phone, or in person as per ITIL standards.
- SLA Management & Self-Service Portal.
- Automation & Service Catalog.
- 24*7 Customer Hotline support through chat, Mobile hotline and email.
- Enabled Multi-level security – KMS encryption, password protection and SSL while transferring the data on AWS Cloud.
- Enabled Amazon S3 server-side encryption (AES-256) to encrypt the data.
- AWS Web Application firewall.
- Antivirus protection using Trend Micro endpoint protection.
- AWS Guard Duty.
- AWS Inspector.
- AWS Config.
- Disk Encryption.
- Basic DDOS protection.
Cost Optimization :
- Growth Source will access some servers infrequently, so proposed solution is designed in a way to optimize the cost.
- Script is configured on the server in such a way that the servers will run in only particular time as per their requirement. So, it is a better choice with respect to cost saving.
The Benefits :
- Free-up IT resources. Improve efficiency by freeing up valuable financial and staff resources.
- Reduced Capital Expenditures. no longer needs to acquire, enterprise backup software, or hardware system. This eliminates the burden of budgeting for capital equipment well in advance as well as the capital expense.
- During critical events such as on-premises data center outage, when many applications must be restored simultaneously and as soon as possible.
- Implemented AWS KMS Encryption on Instance volumes to secure the data of the server.
Monitoring Services Features :
Server Monitoring –
- A quick summary on the status and performance of your server over the last seven days through our heat map analysis.
- CPU/memory/disk utilization.
- Services and processes.
- Network statistics including bandwidth utilized by the server.
- Processor queue length and uptime.
- Availability Summary Report.
- Busy Hours Report.
- Health Trend Report.
- Performance Report.
About the Partner :
- Cloudxchange.io is an Advanced consulting partner in Amazon web service (AWS) Partner network (APN).
- Our wide range of Cloud based offerings with comprehensive services and cost-effective approach will help you meet your technology and business objectives.
- Cloudxchange.io’s Managed Services for public clouds delivers 24 x 7 monitoring and management services by experienced administrators who are experts in supporting public cloud environments. As an official technology partners with leading public cloud service providers, we provide the much-needed technical support complimenting the infrastructure and support provided by leading public cloud service providers.
- With Cloudxchange.io’s Managed Services, you can rest assured knowing that your cloud infrastructure is fully managed and optimized for your business needs. Cloudxchange.io provides expert technical support with pay-as-you go managed services and improved ROI on your cloud investments.