USTGlobal ®

Successful migration of client’s �agship emailsecurity product toAWS Cloud

Client is an American multinational technology conglomerate

that develops, manufactures, and sells networking hardware,

telecommunications equipment and other high-technology

services and products. 

Client, in collaboration with UST Global, moved Client Email

Security (CES) product suite from HPS Data Center to a public

cloud. CES is a security suite which scans all the inbound and

outbound e-mails and any vulnerability found will be moved to

junk folder.

Client

The major business concern was to move the CES from hosted

HPS Data Center to public cloud as they were incurring a huge

infrastructure cost on Data Centers at various locations. They

wanted to move to a public cloud with a cost-effective solution

without compromising availability, reliability, and performance.

Business Problem

UST Global, through our extensive expertise in cloud platform,

chose AWS public cloud. Client wanted High Availability (HA),

disaster proof and automated failover solution. The solution was

designed to ensure spread of Data Centers across different

regions with active synchronization for application suites deployed

in both Data Centers. The VPN connectivity was based on a Hub

and Spoke model with advanced encryption. HA was achieved

by Client CSR with IP Security (IPSec) tunnel over WAN. Once

migrated to Cloud, 200+ servers were identified for setup, AWS

security groups tightened, and benchmark testing carried out.

There are two modules for CES which constitutes 2 VMs:  

• ESA (Email Security Appliance)

• SMA (Security Management Appliance)

Key Solution

UST Global was onboarded as the first customer for this tool.

Initially, 33% of email traffic was routed through CES in AWS

and later it was scaled to 100%. Initially, 35 customers were

on-boarded, which was scaled up to 250 in 3 months with

15,000 mailboxes.

Success of the Process

Our journey envisaged the successful migration of Client

flagship email security product to AWS Cloud. The cutting-edge

deployment architecture conforms to the highest standards of

security and uses technology to drive extreme automation and

rigorous optimization based on performance characteristics

and resource utilization.

Overall Outcome

30% CostReduction

Reduced Storageand Capacity

SolutionHighlights

Data Centers established in two different regions, instead of

zones so as to comply with Disaster Recovery requirements

ESA and SMA stacks deployed region-wise in multiple zones with

client specified application compliance in AWS

30,000+ Intellectual Property (IP) created for this engagement

Microsoft Threat Modeling tool simulated network traffic flow,

response to attack and other scenarios to comply with Client

security requirements

Performance mapping of VMware with AWS was carried out in

detail as the existing Data Center was in VMware which is

known to have a unique performance attribute

Code-level changes at application level executed to enable

compatibility with the multi-threaded architecture in AWS

Active collaboration with AWS networking team for public IP

requirements

Complete synchronization of database and application

established between data centers in multiple regions

Disaster Recovery scenarios recorded and Playbooks created

for each scenario

Cloud Email Security powered by Nagios based monitoring

solution and JIRA ticketing tool

Vulnerabilities identified using Qualys scanner and scan logs

monitored using Zeus

Data from multiple zones and regions correlated using Icinga, an

open source monitoring solution and Nagios Fusion, to obtain a

single dashboard view for entire topology and GTM

Akamai Intelligent Platform deployed as a geographical load

balancer to achieve high levels of performance and availability

Cost effective and secured solution

180+ parameters being monitored

It is a security product which was built on top of a public cloud which is unique in its segment

Extreme levels of fault tolerance in region as well as zones

Onboarded around 260 customers and around 1600 instances in 1 year

Automating the customer onboarding process – whenever a new customer comes in, automatically instances are spun up and customer is onboarded

Similarly, when a customer offboards the instance will be removed

Initially we built the entire setup in cloud infrastructure for the US region which took almost 40 days to complete. UST automated the entire process where we can setup the entire infrastructure in any region within 2-3 hours

Key Milestones and Achievements

Main challenge was that it was not a customer migration, it was a tool migration

We need to ensure 100 % uptime for this entire application

RTO and RPO had to be zero

Fault tolerance in zone to zone and region to region

AWS Region to Region Connectivity: During earlier days AWS was not having connectivity between two regions. UST suggested IPsec VPN using Client CSR, which was Client’s own product.

Nagios High-Availability: There was need of shared filesystem between zone 1 and zone 2. AWS was not able to provide a shared filesystem at all regions. So, the solution was to use EFS & Shared File System (OCFS & DRBD).

AWS Multicast Capability: AWS was not able to provide multicast between two regions. Here the solution was to use N2N Service - Multicast Support across Zones which was a utility.

Client CSR Router Product Issues: It was not providing the proper performance as men-tioned. The new release from Client was used for bug fixes

Challenges

USTGlobal ®

UST Global® is a fast-growing digital technology company that provides advanced computing and digital services to large private

and public enterprises around the world. Driven by a larger purpose of Transforming Lives and the philosophy of “fewer Clients,

more Attention”, we bring in the entrepreneurial spirit that seeks the fastest path to value in today’s digital economy. Our

innovative technology services and pioneering social programs make us stand apart.

UST Global is headquartered in Aliso Viejo, California and operates in 25 countries. Our clients include Fortune 500 companies in

Banking and Financial Services, Healthcare, Insurance, Retail, High Technology, Manufacturing, Shipping, and Telecom. UST

Global believes in building long-lasting, strategic business relationships through agile and client-centric global engagement

models that combine local experts and resources with cost, scale, and quality advantages of global operations.

For further information, contact: info@ust-global.com

Corporate Office: UST Global®, 5 Polaris Way, Aliso Viejo, CA 92656 www.ust-global.com

Phone: (949) 716-8757 Fax: (949) 716-8396

UST Global® Copyright © 2019. All Rights Reserved.

COUNTRIES YEARSEXPERIENCE

20,000+19+25+PEOPLE

/USTGlobal /USTGlobal /ustglobalweb /company/ust-global