Workload Migration from on-premise to AWS cloud with AWS SMS, AWS DMS & Carbonite and Web application implementation based on AWS Well-Architected framework
Pramerica Life Insurance (erstwhile DHFL Pramerica Life Insurance Company Limited (DPLI)) is one of the fastest growing life insurance companies in India with 140+ branches. DPLI wanted to migrate their existing workload to AWS cloud to equip themselves with an IT Infrastructure that is massively scalable and highly secure.
The customer’s growth is constantly being driven by the increase in number of users and expanding footprint. Hence an aggressive ramp-up of their product portfolio by migrating their existing workload from a Co-located DC to Cloud is required. The customer wanted a robust infrastructure platform to sustain the growth and continue market differentiation with the following business objectives.
- Implement integrated future-ready digital infrastructure on a hyper-scale cloud
- Reduce TCO
- Create on-demand agile IT infrastructure
- Deploy new-age technologies like RPA, Chatbots, Data Lakes, ML / AI etc
Proposed Solution & Architecture
For migration of 100+ instances, Application Discovery and Dependency Mapping (ADDM), Cloudamize Assessment tool is used. Various applications on the servers and its dependency on network devices within the customer infrastructure was mapped for planning and migrating the workloads to AWS Cloud.
- Assessment: Inventoried the physical and virtual servers/devices to secure precise TCO calculations into AWS; to identify the most efficient AWS capacity options.
- Planning: Discovered all applications and their dependencies, detailed phased migration on which & when to migrate.
- Migration: Import the plan into migration tools to confidently and efficiently move workloads to AWS.
DPLI workloads migrations are done through “rehosting” / “lift-and-shift” strategy by automating with AWS SMS, AWS DMS and Carbonite.
- AWS SMS: With the Agent less AWS Server Migration Service (SMS), migration of VMware/ HyperV on-premises workloads to AWS has been automated by scheduling and tracking incremental replications of live server volumes.
- AWS DMS: Used to migrate the rational databases from on-premises to RDS DB or a database on an Amazon EC2 instance per design.
- Carbonite Migrate: Quickly and easily migrates physical, virtual and cloud workloads over any distance with minimal risk and near-zero downtime. DPLI migration of Physical servers to AWS, is accomplished by carbonite.
- Data Migration has been done with an initial one-time copy using Snowball storage followed by delta data migration over WAN.
Proposed two-tier web application architecture with two layers of firewalls.
- With F5 WAF VE for layer 7 protection in public subnet covering OWASP top ten threats including SQL injection, cross site request forgery, broken authentication, session management and security misconfigurations monitoring the HTTP and HTTPS requests forwarded to Amazon CloudFront/ Application Load Balancer.
- For Advance Perimeter Threat Detection and Prevention, Checkpoint cloud guard has been deployed protecting form advanced malware and zero day attacks.
Enabled Encryption using AWS KMS and Gemalto HSM for key storage and Management.
Proposed Architecture is based on AWS well-architected framework ensuring operation excellence, Security, Reliability, Efficiency and Optimization by using Auto Scaling Group, Application Load Balancer, Multi AZ RDS, CloudWatch, CloudTrail, CloudFormation, GuardDuty, Config, Glacier/S3 and EFS.
- IT Transformation from maintenance service to a strategic business contributor and enabling business digitization, modernization and micro-services architecture.
- Business continuity with close monitoring of environment and automated capabilities to trigger DR in case of service disruptions.
- Pay-as-you-go model with auto-scalability, faster implementation and higher service availability.
- Pro-active monitoring of utilization and performance through CloudInfinit CMP and self-service.
- 100% cloud migration within 90 days for such complex environment.
- Network and Infra deployment time came to as low as 48 hours, compared to 14-15 weeks before migration.
- Processing time for one of the mission critical application (tax certificates) has come down from 3 days to just a few minutes.
Accomplishing massive migration in shortest possible time and lowering infrastructure costs while improving productivity, operational resiliency, and business agility.