17 July 2020
About The Client
DIZBI is a digital product and services private limited company located in Bengaluru India. Dizbi is the technology arm of PDS Multinational Group which has an annual turnover of 1.2 billion USD with its presence in 18 nations. Given Dizbi’s rich technology experience in developing enterprise frameworks, processes, and nice resources, it has enabled digital transformation journey of many enterprises with the philosophy of design thinking and applied thought.
Dizbi, hereafter referred to as “Customer”.
Customer Business Need:
Customer acquired a company known as “Collective Head’s”. Employees who were working under Collective Head’s, were also moved to work under Customer payroll.
While these new users need to work on new projects, the customer wanted to have a safe & secure environment for them so that data privacy & security rules are intact while these new users are added to the system. They also wanted minimal operational overhead in maintaining the system.
Below were the requirements from the customer:
- A separate isolated and secure remote workplace solution & avoid user connecting into their on- premises workspaces.
- When users need to work on development projects, they still need a secure access to the applications/data deployed in the customer’s own data center.
- A highly secure and reliable solution which would keep their data safe & secure from any theft or loss.
- A centralized identity management system in place to track & manage access smoothly.
- The solution should also serve as a contingency plan for their business continuity, in case their premises are not accessible due to some unavoidable reasons.
Our AWS Certified Solutions Architects conducted detailed workshop sessions with the customer to understand their existing setup, challenges, and requirements. In the discovery, we also captured the licensing and software requirements for remote users.
Following solution approach was proposed and implemented with best practices and business continuity principles, and then migrated their production workload to AWS.
- AWS Workspaces were proposed, as it is a highly reliable managed service and would have minimal operational overhead.
- A separate network with a combination of VPC / Subnets was created as per the best practices.
- All the workspaces were launched in private subnet & endpoint accessible through the internet.
- AWS & Customer Data Centre was connected using AWS site to site VPN tunnel for establishing connectivity required between AWS Workspaces & On-Prem Data/applications.
- The workspaces were integrated with a self-managed Active directory hosted on AWS EC2 for authentication with AD connector.
- Workspaces were also hardened according to the requirement by the customer.
- Office & Anti-Virus packages were provided by the customer & included in the image to launch Workspaces.
- Installation packages for other agent-based software required were also included in the image.
- All traffic from the internet has been routed through the site-to-site VPN tunnel to access the internet and applications.
- Restricted policies applied to prevent any data movement between AWS Workspaces & User machine.
- Both web-based and client-based applications were configured as part of this setup.
- AWS Cloudtrail will be configured for tracking the API Calls.
- AWS Cloudwatch was configured for monitoring of various matrices of the setup.
AWS Workspaces, Directory Service, NAT Gateway, VPN, Config, S3, CloudWatch, CloudTrail, IAM
Third Party Solution:
- AWS workspaces solved customer need to have business continuity in place for all the users.
- With this solution, we were able to provide a secure and reliable remote workplace option for the user set separate from the existing setup.
- AWS VPN connectivity between AWS & On-Prem data center helped AWS workspaces communicate with applications & data residing on-prem with low latency.
- Data copy restrictions were applied from AWS Workspaces to user’s personal machines to safeguard data from theft & loss.
- AD setup enabled the customer to have standard identity management for their users in AWS Workspaces.
- To optimize the size of the AWS infra as per the actual size, conducted an infra audit post-implementation support period.
- Data stored is maintained and automated backups are ensured by performing regular Data Backup/Restore drill.
Rapyder is an agile, innovative company that makes Cloud work for you. With a young, passionate team and expertise in Cloud Computing Solutions, Big Data, Marketing & Commerce, DevOps, and Managed Services, Rapyder is the leading provider of Strategic Cloud Consulting. Solutions provided by Rapyder are seamless, secure, and scalable.
With headquarters in Bangalore and a sales & Support office in Delhi, and Mumbai, we ensure optimal technology solutions to reduce costs, streamline business processes and gain business advantages for our customers.