The Client

In 2019, Konekti worked with the leader in educational software, EdClub.  Edclub’s team of developers, designers, and content creators based in Rockville, Maryland creates cutting edge educational platforms designed to enhance students’ learning experience.

“We gave the VPC modernization project to Konekti because we knew they were great at what they did.  Konekti leveraged years of experience in networking and security to deliver a secure and compliant environment that allows us to expand our business with ease of mind”

Ramtin Kiani, Head of Engineering

The Brief

Over the years, EdClub’s AWS infrastructure had grown considerably with the rapid growth of the business. In 2019, company’s founders embarked on an initiative to assess and enhance the resiliency and security of their AWS infrastructure. Konekti suggested an overall approach consisting of three major components:

  • A comprehensive audit to uncover architectural and security related shortcomings
  • Design of a new secure and resilient Virtual Private Cloud (VPC) architecture
  • Migration planning, implementation and ongoing support of the new architecture

The Solution

As a result of the security audit and findings from the newly installed Cloud Security Posture Management (CSPM) tool, Konekti worked with EdClub’s engineers to rectify all existing high priority security issues with the AWS environment.  Next, after assessing a variety of architectural approaches, Konekti suggested–and successfully implemented a resilient VPC architecture involving the Palo Alto Networks’ VM series firewalls and containing the following major components:

  • A new Production VPC with public and private subnet, spanning three Availability Zones
  • A secure mechanism for management access
  • Application/Network load balancer pairs to provide resilient inbound connectivity for HTTP and HTTPS traffic
  • Virtual private network (VPN) connections for connectivity to co-location facilities
  • Best-practice AWS Identity and Access Management (IAM) groups and policies based on separation of duties
  • Account-level logging, audit, and storage mechanisms designed to follow NIST guidelines
  • Inline next generation Palo Alto VM series firewalls that implemented advanced Web application security policies as well as Threat Prevention (IDS/IPS), URL Filtering, Anti-Malware/Spyware and DNS Security
  • Deployment of Prisma Cloud by Palo Alto Networks as the CSPM tool for real-time and customizable compliance monitoring

The Delivery

This project not only delivered a secure and resilient environment for EdClub’s web applications, but it also provided the foundations for a smooth transition to new market segments and introduction of new products.

The biggest challenge of such projects is to migrate to the new environment with minimal disruptions to the ongoing business activities. Konekti was able to achieve a hitless migration to the new VPC through careful and extensive testing of the new VPC and a carefully crafted and executed migration plan. 

How can our migration expertise help you?