- More than 99% System Availability
Overview of the Client
Our client is a global biopharmaceutical company that develops medicines for people with limited options for a better life. The client actively engages in the research, development, and commercializing of pharmaceutical products.
Business Objectives
- The client required a cost-effective hosting solution, with a secure connection between On-Premise and AWS Cloud.
- The client wanted a SOC2 and vulnerability compliant landscape.
- The client also wanted a system with HA & DR solution along with proactive monitoring.
The Solution
- TekLink Team sized the VMs optimally and migrated to new cost-effective VMs, released by AWS for the current and future sizing requirements.
- We deployed a 4-system landscape (Dev, Quality, Pre-prod, and Prod) for the SAP BPC on HANA and SAP SSO applications.
- We created an AWS Cloud formation template to deploy servers with:
- Hardware specs,
- Disk/Storage distribution,
- Network Interfaces,
- Operating System,
- Restricted inbound/outbound Ports
- We also implemented AWS Direct Connect (VPN) between the client network and AWS Cloud, coordinating with respective stakeholders.
- The team built a Virtual Private Cloud (VPC) for the server landscape with different subnets to limit access to the network.
- TekLink deployed EC2 instances in multiple AWS availability zones to secure the servers.
- We implemented public IP-based access controls to restrict external hacks.
- We built an EC2 instance with SUSE Linux along with HANA 2.0 script to prepare servers with SAP recommended partitioning.
- OS Security and SOC2 compliant policies were implemented based on the client and audit requirements.
- All the unused and unsecured ports were blocked, enabling only the ones required by the application on the EC2 instances.
- AWS Identity and Access Management (AWS IAM) and Key-based authentication were enabled to provide access to the servers.
- The backup of applications was built on S3 Storage using scripts and schedules for weekly full, daily incremental, hourly log backup, and also monthly server AMI backups.
- TekLink enabled and implemented AWS CloudWatch and custom scripts to monitor EC2 instances using event-based alerts, and logs.
- We also optimized the resources and provided operational health of the landscape.
- We enabled and implemented provision to run vulnerability scans twice a month and implement the recommendations based on the criticality.
Key Benefits
- The team has implemented effective landscape and managed services to provide SLA greater than 99% system availability.
- Cost savings with the implementation of AWS reserved instance.
- Reduction of security risks from hacks or other external threats.
- Improved Operating System efficiency with the help of regular patching.
- A secured SAP system from internal and external communications.