The client is a subsidiary of a global conglomerate, headquartered in the United States, with approx  70,000 employees and more than $35 billion+ revenue in total.

Due to the Global Covid Outbreak, many organization has shifted to Cloud for being more future proof and our client has the same story. They wanted to make their technology stake future-proof, reliable, disaster-proof, and low maintenance.

A third-party virus scan application Hosted on-premise at the Corporate Data center to perform file-based scanning for malware and file sanitization along with performing content processing of HTTPS traffic and scanning for advance threats.
The application was installed in Windows Server 2016 on Microsoft Hyper-V environment along with Postgres Database to share data such as processing histories, live/on-going scan result query, audit, and statistics data and was hosted on top of ubuntu 16.04 LTS.

To migrate the complete workload to the AWS cloud and reallocate licenses from the on-premises infrastructure to AWS resources.

Different AWS services were used to achieve the objective which is listed below with particular service needs and utilization purposes.

Scan-server-lb-01 is an Application Load Balancer that receives HTTPS traffic and routes it to scan-server-01 in an Auto Scaling Group. The application in this instance is responsible to perform basic file-based scanning for malware detection and file sanitization.

After a Successful scan, the application in Scan-server-01 routes the traffic to Scan-server-lb-02 (Application Load Balancer) which is connected to an ASG having scan-server-02 instances.

The application in this scan-server-02 instance is responsible for a deep scan and content processing of HTTPS traffic to identify advanced threats. Both scan-server-01 and 02 interact with RDS for PostgreSQL to store file processing logs, live/ongoing scan result queries, and audit statistics data.

The AMIs for scan-server-01 and -02 are generated as artifacts by AWS Server Migration Service. Both the AMIs are associated with the customer-managed licenses in AWS License Manager to keep track of available licenses.

1) Set up AWS environment including account, VPC, subnets, Internet Gateways, etc. based on business requirement of the application.

2) Based on OLA assessment in the on-premise environment, create a customer-managed license to track the available windows server licenses.

3) PostgreSQL database has an On-prem workload, so we can use AWS RDS for PostgreSQL as it comes with low maintenance overheads, and using DMS we can migrate the data.

Reference link – Click here for in-depth information

4) PostgreSQL database has an On-prem workload, so we can use AWS RDS for PostgreSQL as it comes with low maintenance overheads, and using DMS we can migrate the data.

5) Once the connector for AWS Server Migration Service is Installed on Hyper-V and configured permissions to provide WimRM connectivity we can import the server catalog into AWS SMS and create the replication job for the server that we need to migrate and use AWS Migration Hub to track the progress.

6) Custom AMIs are generated as artifacts and once the replication job is completed, associate the custom AMIs with the new license configuration created in AWS license manager so that it tracks when a new instance with this AMI is created.

7) Dedicated hosts are required to use existing windows server licenses, we’ll create a Host Resource Group in AWS License Manager and create the custom managed license for virus scan applications and associate with AMIs.

8) And we are ready to launch the EC2 instances with custom AMI and Dedicated Hosts as tenancy using the Host resource group which we created.

Apart from Migrating applications successfully utilizing existing Licenses, we also made sure non-functional requirements are also delivered for better maintenance and performance.

The migration of workload from the on-premise corporate data center to the AWS cloud helped the business to achieve reliable server uptime and high availability. A proper disaster recovery strategy was accomplished, without getting involved in all aspects of infrastructure provisioning.

Low Maintenance Data Replication of data source (Postgres DB) was more challenging on on-prem when compared to Postgres on RDS. It’s low-cost compared to the on-prem environment as it requires more operational and construction costs and thus cloud avoids a single point of failure in the application.

Migration to AWS cloud resulted in increased scalability of infrastructure based on the incoming traffic. Peak capacity planning for workload was more challenging in the on-prem environment as it required an upfront capital investment.