Polygon Education arises from a need for educational innovation, to accompany both teachers and students in the search for new didactic experiences. Its purpose is to assist in the formation of critically thinking and highly motivated individuals who are able to cooperate with others with greater artistic sensitivity or scientific skills.
In short, thanks to their work in multidisciplinary teams -which include professionals in didactics, graphic design, programming and illustration, among others-, Polygon Education is working to give didactics a breath of fresh air.
Polygon Education’s infrastructure required a high level of security and availability, so the company wanted to have a consulting partner who could offer technical and personal support in case of doubts and possible new developments at AWS.
In addition, they were interested in the Solution Provider facility, which would allow them to unload the administrative burden of billing control.
From apser, you were offered an initial assessment that allowed us to analyze the current status of your AWS account and, subsequently, our Sherpa support service to implement the potential improvements detected during the assessment.
The initial assessment of apser, based on the best practices recommended by AWS for the different services involved in the customer’s AWS account, is very useful for identifying points of improvement in different services such as: AWS IAM, Amazon VPC, Amazon EC2, Amazon RDS, Amazon S3, Amazon Route53, as well as offering options for cost optimization and new functionalities that may be of interest to customers. Customer such as the use of AWS CloudTrail, AWS GuardDuty, AWS Elastic BeanStalk, Amazon Cloudfront or AWS WAF.
The solution proposed by apser revolved around two aspects:
On the one hand, absorb the Polygon Education AWS account into our AWS Organization to benefit from the legacy security layer (apser Atalaya): Control Tower, AWS Config, AWS SSO, SCPs, CloudTrail, GuardDuty.
On the other hand, carry out all the improvements analysed and detected in the initial assessment with the aim of increasing the security of the infrastructure and optimizing its costs. The following are some of the optimizations performed by service:
- AWS IAM. Nominal IAM users were created and passwords strengthened to increase the security of access to the account.
- Activation of AWS CloudTrail and AWS GuardDuty.
- Amazon VPC. Until now, the account had a default VPC. Following the best practices of AWS, a network was created with 3 public networks and 3 private networks and all resources were migrated to the new VPC, in order to have a correct dimensioning of the networking.
- Amazon EC2. An important work was done to secure and, through Amazon CloudWatch, some elements that were not currently being monitored were started to be monitored in order to have a better view of the use and consumption of the computing service. A new backups policy was also set up and an upgrade of t2 instances to state-of-the-art t3 instances was carried out with the aim of improving both performance and costs.
- Amazon RDS. Consumption was optimized by avoiding the traffic costs associated with the transfer of regional data between availability zones, and some improvements were implemented both in terms of security and configuration, such as the extension of the backup retention period to 30 days.
- Amazon Route 53: DNS management was carried out internally with Amazon Route 53. In this way, we manage to reduce DNS propagation times in case of modifications.
- Amazon S3 + Amazon Cloudfront: We moved public static content from Amazon EBS on Amazon EC2 to a bucket on Amazon S3 and started serving it through Amazon Cloudfront. In this way, we are able to improve costs and have secure access to data.
Regarding cost optimization, some proposals were presented to reduce costs based on the contracting of Saving Plans or reserved instances
The main benefits obtained by the client with the assessment of the infrastructure and the absorption in the Organization of apser were:
- Improving the performance and security of your infrastructure
- Improved infrastructure availability by configuring backups on Amazon EC2 and Amazon RDS instances
- Greater control of your infrastructure through resource monitoring and alarm configuration
- Increased visibility in potential bottlenecks (e.g. in the database)
- Quality technical support to be covered in case of possible incidents
- Cost optimization of your infrastructure, e.g. by using Amazon CloudFront and Amazon S3 to serve static content or by using state-of-the-art t3 burstable instances
- Increase of the Polygon Education team’s internal knowledge of its AWS platform and of the possibilities available in terms of security improvement, resource monitoring or cost optimization, among others
- Continuous advice of apser as Advanced partner of AWS before technical or cost optimization questions
Some of the following steps proposed to the client are:
- Implementation of AWS WAF to add a layer of security to your infrastructure and improve your protection against the most common web attacks
- Deploy Amazon BeanStalk for your web applications, decoupling persistent storage
- Use of reserved instances or saving plans, with a commitment of one or three years, to significantly reduce infrastructure costs
- Using Amazon RDS MultiAZ as a way to improve platform availability
- Using Amazon SES to send emails from your apps
apser is the AWS Advanced Consulting Partner specializing in companies, public administrations, startups and non-profit.
The apser team provides a customized, easy-to-understand and agile approach with the goal of contributing to the widespread adoption of the cloud paradigm.
Our team operates through two business units: Cloud Solutions (acting as a managed services provider) and Cloud Professional Services (acting as a consulting firm).
In 2018 we had our first experience with AWS. Since then, we have not stopped incorporating knowledge and experience that, day by day, help us improve the effectiveness of our clients’ platforms. You can consult here our AWS Validated Qualifications.
We would love to know your goals and collaborate with you to achieve them. Rellena el siguiente formulario y en breve contactaremos contigode encabezado personalizado
Telephone 902 02 62 13
Monday to Friday from 09h to 18h.
Coso Street, 46 1st Floor
Marketing & Sales
Prat de la Riba, 31 2º
C/María Díaz de Haro, 43