AWS Migration Quick Start
Konekti AWS Migration Quick Start solution builds the complete required infrastructure for an enterprise to offer its web-based applications on Amazon Web Services (AWS). Whether you are expanding an already deployed AWS environment or starting the migration process, Konekti will provide the necessary designs and tools and help you to securely deploy and scale your applications in the public cloud.
How It Works
In the initial stage of this solution, Konekti brings your team together for a requirement gathering and discovery workshop to assess your current state and identify key application requirements, concerns, and constraints. Once Konekti has completed the assessment, Konekti works closely with your team to architect a multi-tiered virtual private clouds (VPCs) for web services that can also be replicated for development and test environments.
This solution also configures the infrastructure for identity management, access control, encryption key management, network configuration, logging, alarms, and built-in compliance auditing. Konekti will deploy the tools and architectural safeguards that enable your company to comfortably approach an audit for most common compliance standards such as GDPR, HITRUST, HIPAA, ISO, PCI and SOC.
Finally, you can use the Infrastructure as Code (IAS) template created by Konekti to automate the infrastructure deployment process in a repeatable, consistent manner.
Please note that the final deliverable could be customized based on your unique requirement.
What Konekti Will Deliver
Please note that the final deliverable could be customized based on your unique requirement
A Production virtual private cloud (VPC) configured with public and private subnets according to AWS best practices, to provide you with your own virtual network on AWS. This is where customer facing Web applications will run.
- .A Development/Test VPC configured with public and private subnets, to support the test and development of workloads.
A highly available architecture that spans two Availability Zones.
A secure mechanism for management access to AWS resources.
AWS Organizations in order to centrally manage billing; control access, compliance, and security.
Application/Network load balancer pairs to provide resilient inbound connectivity for HTTP and HTTPS traffic to Internet facing application servers.
Internal load balancers designed to balance the load between multiple back-end instances.
Private Domain Name System (DNS) with Amazon Route 53.
Redundant NAT gateways to allow outbound internet access for resources in the private subnets.
Virtual private network (VPN) services in order to provide connectivity to on-premise resources or other partners/customers.
Best-practice AWS Identity and Access Management (IAM) groups and policies based on separation of duties, designed to follow the U.S. National Institute of Standards and Technology (NIST) guidelines.
Account-level logging, audit, and storage mechanisms designed to follow NIST guidelines.
(Optional) Inline next generation firewalls that implement advanced Web application security policies as well as Threat Prevention (IDS/IPS), URL Filtering, Anti-Malware/Spyware and DNS Security.
(Optional) Deployment of best of breed Cloud Security Posture Management (CSPM) tool that provides real times customizable compliance monitoring around following compliance standards (CIS v1.2, GDPR, HITRUST v9.3, HIPAA, ISO 27001:2013, MITRE ATT&CK, NIST 800.53 R4, NIST 800-171 Rev1, NIST CSF v1.1,PCI DSS v3.2, SOC 2)
- (Optional) Terraform-based infrastructure-as-code template to provision the architecture