Being a fast-growing organization, HFS wanted to move on premises workload to Microsoft Azure with their customers with minimal downtime. Being customer-centric organization intended for maximum business availability and scalability to provide uninterrupted services to end-users, along with business availability. Considering security for entire solution.
HFS is Organization with multiple vendors and business groups which has coordination with multiple partners and vendors. This bring complexity in requirement as every different client has own requirement and own industry standard.
After analysis of current infrastructure, IFI Tech proposed architecture with network segmentation with app – DB as separate subnets which helps to segregate workload. Separate Vnet for Prod and Non prod servers/workload along with Azure landing Zone Hub-Spoke best practices.
Deployed WAF to protect incoming traffic to Web server, implement DDOS protection and WAF rules to secure traffic.
Leveraging Azure PaaS service “Web App Services” deployed for front end and backend by Linux based Mongo and MySQL db. Azure APP insights to get performance monitor and analysis in case of issues.
Azure backup with recovery vault has been setup for protecting data loss, maintaining client’s retention policy.
Rebuild of linux VM helped to reduce downtime and application migration with minimum efforts from application vendor.