Platinum Cyber was founded in 2016 in response to the market’s need for highly specialized Cybersecurity services and products. Platinum Cyber is the result of 20 years of experience in Cybersecurity, Information Security/Technology by its three founding partners. Their products cover all security needs in the digital era.
Provide knowledge and experience across various industries and domains through our established multidisciplinary team and they offer technical and management consulting services.
Why did the customer choose this partner?
Platinum Ciber aims to develop a modular cyber risks and security solution named R-Box that caters to individual clients. The term ‘modular’ implies the ability to create dedicated consoles for each client. The initial solution was designed for on-premises use, and now there’s a need to transition to a cloud-based architecture that aligns with industry standards, analysis, risk management, and business continuity.
The reason being that clients might come from anywhere in the world, Platinum Ciber is based in Argentina and has clients all over the world, so working on-premises will no doubt generate latency, low performance due to high demand, difficulty in scaling amongst other things.
Now, upon successful migration to the cloud, the next challenge involves onboarding both new and existing clients in a subsequent phase. Platinum Ciber seeks to deploy this solution to multiple clients through their own console. Therefore, a pivotal requirement is to create a solution that can be replicated from scratch to deliver a fully functional platform seamlessly tailored to each client’s unique needs.
Of importance is that the final product should incorporate the visual style and aesthetics preferred by each client. Platinum Ciber already possesses Docker images containing the logic of their services in AWS ECR.
Their vision is to have a product that exposes the endpoints from the ECR images to clients. Depending on the client, the service will interact with a dedicated database unique to that client. Additionally, they intend to offer an authentication web page customized for each individual client that consumes an endpoint from that image and authenticates to the unique database from the client.
AWS was used as part of the solution
Amazon CloudFront serves as the main entry point, primarily used to handle the elastic load of different clients in each different console. This accelerates the distribution of static files, minimizing requests to the servers by utilizing the caching provided by CloudFront, remember, the solution is deployed to different regions close to the client.
The S3 storage system is used to stores static content of the portal and distributes these files through CloudFront, the static content is unique to each client.
Route 53 is used as the domain manager within the solution, both for public and private domains. Two zones were created, one for public and one for private. The public zone manages the domain of the service, while the private zone is used to reference the storage within the private VPC.
Security was a major concern for the client, so that is a reason for using AWS WAF to secure the exposed points, configuring it in CloudFront and load balancers at the discretion of Platinum Ciber decision (they might choose not to implement because of client’s reasons).
To meet the user’s requirement for workload support, we implemented Load Balancers, Auto Scaling Groups, and ECS. This allows for the scalable growth of server capacity on-demand.
EFS is used to store configuration files that run when the ECS instances start, the first phase edition to these files was done manually, now the files are completely dynamic. To support those requests or configurations, it was necessary to have a robust database. For this purpose, we used RDS MySQL.
CloudFormation templates will be given to Platinum Ciber as we do not own the console, it will be them who implement and manage the solution.
Results and benefits
On-premises, workloads where mixed, different database but same cluster of servers, by having the solution deployed to a region near the client, Cloudfront leverages Edge Locations and failovers, workloads are no longer mixed and each client has their own infrastructure, reducing latency, response time, and reliability from an original 5+ seconds for clients on other continents to a consistent less than 1 second regardless of the geographic location.
Provisioning for a client on-premises (Platinum Ciber original time) was 3 days to 6 days work from different teams, this includes creating static content, configuring the database, deploying to new domains; now provisioning a new client does only considers creation of static content because configurations and deployment is automatic reducing time to 1 to 2 days for design purposes.
Metrics and cost are now localized to each individual clients because they each have their own consoles, so if for some reason they need more memory usage, client can be aware of the reason of why they will be charged, before, there was no way for Platinum to know how to charge other than the same to everyone.