AWS Journey from another cloud - Workmates Core2Cloud

About the company

Client: Annapurna Finance Pvt. Ltd (AFPL)

Our Customer Annapurna Finance Pvt. Ltd (AFPL) was established in 2009, and is now one of the top ten NBFC-MFIs in the country. It has its roots as a part of not-for-profit entity, Peoples Forum, an NGO which worked for the development and welfare of unserved sections of the society. The microfinance activities started with the inception of Mission Annapurna under Peoples Forum from the year 2005. Mission Annapurna was able to reach the interior unserved areas of Odisha through its untiring effort of addressing the economic necessities of poor women at their doorstep. As the program grew, there was an utter need to transform itself into a more streamlined entity. The gradual transformation of Mission Annapurna brought forth the name Annapurna Microfinance Pvt Ltd (AMPL) in the year 2009. Thereafter, AMPL registered itself with the Reserve Bank of India (RBI) as an NBFC-MFI in the year 2013.

Annapurna was established with a purpose of serving the economically backward clients by bringing them to mainstream, providing need based financial services at their doorstep. The focus has been clear, to reach the areas where formal financial institutions find it unprofitable to settle in. Its objectives have not only limited to just reach and serve but also by providing financial and technical support to strengthen entrepreneurial skill for effective and efficient undertaking of business activities.

Annapurna, over the years, has continued to innovate in its products and delivery mechanisms, to make the whole product life cycle of micro-credit as relevant as possible for its clients. The aim is to offer multiple need based products, which can serve specifically all the customer life cycle needs of micro-credit.

The Challenge

Customer’s mission critical application was previously hosted on different cloud platform. They required a platform which is highly available, highly secured and should be scalable.

Customers existing IAAS environment was not scalable and reliable. There were few security issues like DDOS attack. Implementing SSL was also a challenge for the customer as it was not getting integrated with there application. Customer had faced few downtime.
Customer’s main website was down for few times and customer faced business loss. Annapurna is mainly having two application, one is there HR portal and the other is there micro-finance website. Both the websites are very mission critical.
Through there microfinance website different people can from different parts of India can apply for loans. These is there most business critical application and needs to up and running 24/7.
They are using MSSQL Db for there HR application and needs to monitored and maintained actively.

Main issues which workmates has to solve:

99.99 % availability.
Highly scalable infrastructure.
Secured and reliable infrastructure. SSL integration for all its application.
Backup to be implemented in such a way that we can achieve zero data loss.
Infrastructure should have DDOS protection.
Required an platform which can run IIS based application seamlessly.
Building and managing there entire IAAS Stack.

PROPOSED SOLUTION

We suggested to host their entire mission critical application on AWS using EC2 services.
All servers placed under the Load balancer and private subnet to achieve better security.
Application Load Balancer endpoint has been mapped with the R53 hosted zone to avail DDOS protection.
Multiple security groups implemented and only CIDR block of the customer white listed for accessing the application over internet.
Enabled Auto-recovery across all the servers to have minimum downtime in case of hardware/host level issue.
Implemented highly available backup for the application as well as the Database. Db backup , Native backup, transactional log backup get stored in S3 bucket.
Prod OpenVPN and cPanel web server will be in public subnet that is internet facing zone, Prod hrONE and MSSQL DB server placed in private subnet.
All the servers is getting accessed OpenVPN server and remote user will use OpenVPN client for access the server and changed the default RDP/SSH and MSSQL port of the servers for additional layer of security.
NAT gateway created for software/package and security updates in private servers.
Using IAM we restricted users and group to access specific AWS resources only as per the requirement AWS Multi-Factor Authentication for privileged accounts, including options for hardware-based authenticators.
Deep visibility into API calls through AWS Cloud Trail, including who, what, and from where calls were made.
For any Administrative task Remote user will use vpn client to connect with servers.
MSSQL port can be accessible only from the hrONE server.
All monitoring available using AWS Enterprise tool CloudWatch.
Infra backup i.e AMI & Snapshots and Native database and code backups.
Workmates provisioned website in cPanel with centOS 7 on AWS as their developer is comfortable in cPanel.
Workmates have configured their required domain in Route53.

ABOUT WORKMATES

We have the best minds in the Industry working in tandem to make a difference to the transformation journey for our customers. We are supported by a team who have had deep exposure in the cloud journey having spent between them at least 100 man years of relevant exposure. The exposure involves deep understanding of traditional and new age IT environment including Public-Private- Hybrid Cloud , IT Continuity solutions, workload migration from traditional to Public & hybrid setup across diverse customer environments spanning multiple geographies & verticals like manufacturing, Banking , Healthcare & retail to name a few.

We have an experienced team of certiﬁed engineers. Our entire team is accredited on the products and services we deliver and speciﬁcally certiﬁed on the AWS platform We are supported by veterans of the Industry and who have come together to offer the best of breed support and solutions for our customers.
To know more contact us at : info@cloudworkmates.com | +91 82497 11902

Visit Website

Categories: Cloud Consultation, ResearchMay 1, 2020

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.