Elevating Security and Efficiency: A Case Study on Intuitive Cloud's Transformation of customer API Infrastructure to AWS

Mar 16,2024

Problem Statement

The customer faced the imperative to migrate its on-premises API workloads to AWS due to a surge in traffic from the customer base of its new parent company. This migration necessitated enhanced security measures, efficient traffic controls, and seamless integration with existing systems. Key challenges included ensuring robust protection against potential threats, efficient handling of inbound and outbound traffic, and seamless transition from AKAMAI to the AWS API Gateway while maintaining continuous operations.

Proposed Solution & Architecture

To address the challenges, Intuitive Cloud proposed a comprehensive solution focused on security, efficiency, and scalability. The solution involved:

Implementation of a Layer 7 API Gateway with AWS WAF for enhanced security, including IP filtration and strict controls on inbound and outbound traffic.
Transformation of XML to JSON and meticulous DNS management for a smooth transition from AKAMAI to the API Gateway.
Integration of PaloAlto for outbound traffic inspection and TLS encryption for data security.
Consolidation of logs from various components into a centralized CloudWatch Log Group for streamlined analysis and monitoring.
Utilization of serverless technology, Load Balancers, and scalable backend API servers with EFS for future scalability and cost efficiency.

Outcomes of Project & Success Metrics

Enhanced security with Layer 7 API Gateway and AWS WAF, reducing unauthorized access attempts.
Seamless transition from AKAMAI to the API Gateway with efficient XML to JSON transformation and DNS management.
Robust outbound traffic inspection and TLS encryption implemented, ensuring data security.
Streamlined analysis and monitoring achieved through consolidation of logs into CloudWatch Log Group.
Future scalability and cost efficiency realized with serverless technology, Load Balancers, and scalable backend API servers with EFS.

TCO Analysis Performed

The customer was bracing for a significant surge, projecting a fivefold increase in traffic directed towards their Layer 7 application endpoint. Recognizing the impending strain on their infrastructure, Intuitive embarked on a comprehensive Total Cost of Ownership (TCO) analysis aimed at optimizing scalability, availability, and cost efficiency. With the anticipated surge, it became evident that relying solely on traditional instances and load balancers would pose limitations. Not only were these solutions non-autoscalable, but they also lacked the ability to dynamically adjust to fluctuating traffic demands, resulting in potential performance bottlenecks and escalating costs. For instance, scaling up to accommodate the projected traffic increase would require doubling the number of instances and implementing advanced load balancer capabilities, which could potentially increase infrastructure costs by at least 50%. To address these challenges, Intuitive devised a forward-thinking strategy: implementing an API Gateway of type REST, augmented with custom authorizers as middleware. This approach not only provided enhanced high availability, fault tolerance, and security but also offered inherent scalability capabilities to seamlessly accommodate surges in traffic without incurring exorbitant costs. Additionally, Intuitive orchestrated a strategic migration from traditional instances to Lambda Functions where applicable, ensuring optimal resource utilization and cost efficiency. By transitioning to serverless architecture, the customer could realize cost savings of up to 30% while maintaining or even improving performance during peak traffic periods, resulting in substantial long-term savings in infrastructure expenditures.

Lessons Learned

Integration of multiple security layers ensures robust defense against threats.
Meticulous planning minimizes disruptions during data migration.
Centralized log management enhances monitoring and analysis capabilities.
Adopting serverless technology facilitates future scalability and cost efficiency.
Flexibility and effective communication are essential for adapting to evolving needs and ensuring project success.