Lasray Resource LTD: AWS Windows Service Delivery

Executive Summary

Lasray Resource LTD is the pioneer of organized recruitment services in UK, based in Scotland. They have acted as preferred talent acquisition partners to many companies in UK as the leading talent solutions provider. Lasray chose Amazon Web Services as their preferred OEM while planning their migration to Cloud for a scalable and reliable infrastructure. Clarusto Team helped them with right planning on Migra-tion and Seamless Deployment, ensuring zero downtime as well as right business continuity in place. The customer has reduced his operational cost by % and has improved Application performance with better security policies.

About the Customer

Lasray Resource is an onsite managed service recruitment business, providing large scale volume temporary recruitment solutions within the warehouse, distribution, E-comm and food manufacturing industries. Operating from mainly from Scotland within the locations across the UK.

The Lasray Resource model is taken from a top-down proactive approach, with all of our senior directors being actively engaged and visible with the customers, ensuring they have a clear understanding of their evolving business requirements and an on-point plan to deliver these from a recruitment and workforce performance perspective.

Customer Challenge

Customer had found it difficult to maintain their workload on-premises with SAP environment that required a 2-tier architecture. Client required the access to application set through a VPN solution for securing and restricting the application access to authorized individuals. Apart from this infrastructure scalability was a primary concern which their on-premises environment couldn’t deliver in time consid-ering the pace of business expansion they have in mind.

Why AWS

By leveraging services in AWS like subnet in VPC, RDS, EC2, S3 etc we were able to come up with a solution that matches their requirement. Additional services were explored such as lambda to comeup with a solution to keep the cost to minimal as possible.

Why the Customer Chose the Partner

Clarusto’s major portfolio showcases expertise in the following service pillars

EnterpriseCloud Migration

Cloud Managed Services

Cost Optimization Services

Security Governance and Compliance

Partner Solution

The architecture consists of 3 EC2 instances and RDS deployed in Custom VPC. Custom VPC consists of subnets having public and private subnet [NAT gateway for Private instance]. Application is deployed in Windows 2019 server. OpenVPN is public facing with access limited to the Client’s Office IPs. The RDP access is controlled by an AD server. The SAP workload has IIS with .net 4.5 having database in RDS. Instances deployed in private subnet can be accessed only after establishing an OpenVPN con-nection. In private subnet, there are two instances. one for SAP workload and another for managing AD users for the application server. All the instances are attached with encrypted SSD EBS volumes using the AWS Key Management Service (KMS).

Architecture Diagram

Application Database is managed by AWS RDS MSSQL instance which is deployed in the private subnet. Security Group set on the RDS restricts connectivity other than the SAP Server. RDS instance is also encrypted with the AWS Key Management Service (KMS).For cost optimizations, we have enabled lambda function to stop and start the instance based on the business hours at the client side as per the requirement [working hours].We have used AWS Backup service to take the backup of the instances there by ensuring 30 days snapshots of EBS volumes as per the requirement. To ensure backup integrity, we have configured the AWS backup to get a failed backup notification using the help of Amazon Simple Notification Service. CloudTrail for all the regions which perform auditing, compliance monitoring, and governance tool. All the CloudTrail logs are stored in AWS S3 bucket with versioning and MFA delete set. CloudWatch alarm is created for getting the notification if the threshold value is cross beyond a limit for the resources. CloudWatch dashboard is created to get a quick glance at all the metrics of the instanc-es running on the AWS environment.AWS System Manager ensures patch management and session management.

Results & Benefits

Cost reduction
Increased metrics collection
A better backup solution
Meeting the compliance for 3rd party audits and compliance