AWS SaaS Provider Quick Start

The Konekti AWS SaaS Quick Start solution builds the required infrastructure for a SaaS provider to offer its web-based applications on the Amazon Web Services (AWS) Cloud. This solution is aimed at companies that already have some level of AWS experience and are now ready to fully deploy their web applications on AWS. It provides in detail all the necessary architectures and tools required to allow SaaS providers to deploy and scale their applications on AWS.

How It Works

In the initial stage of this solution, Konekti brings your team together for a requirement gathering and discovery workshop to assess your current state and identify key application requirements, concerns, and constraints. Once Konekti has completed the assessment, Konekti works closely with your team to architect a multi-tiered virtual private clouds (VPCs) for web services that can also be replicated for development and test environments.

This solution also configures the infrastructure for identity management, access control, encryption key management, network configuration, logging, alarms, and built-in compliance auditing. Konekti will deploy the tools and architectural safeguards that enable your company to comfortably approach an audit for most common compliance standards such as GDPR, HITRUST, HIPAA, ISO, PCI and SOC.  

Finally, you can use the Infrastructure as Code (IAS) template created by Konekti to automate the infrastructure deployment process in a repeatable, consistent manner. 

Please note that the final deliverable could be customized based on your unique requirement.

What Konekti Will Deliver

Please note that the final deliverable could be customized based on your unique requirement.

  • A Production virtual private cloud (VPC) configured with public and private subnets according to AWS best practices, to provide you with your own virtual network on AWS. This is where customer facing Web applications will run.

  • A Development/Test VPC configured with public and private subnets, to support the test and development of workloads.

  • A highly available architecture that spans two Availability Zones.

  • A secure mechanism for management access to AWS resources.

  • AWS Organizations in order to centrally manage billing; control access, compliance, and security.

  • Application/Network load balancer pairs to provide resilient inbound connectivity for HTTP and HTTPS traffic to Internet facing application servers. 

  • Internal load balancers designed to balance the load between multiple back-end instances.

  • Private Domain Name System (DNS) with Amazon Route 53.

  • Redundant NAT gateways to allow outbound internet access for resources in the private subnets.

  • Virtual private network (VPN) services in order to provide connectivity to on-premise resources or other partners/customers.

  • Best-practice AWS Identity and Access Management (IAM) groups and policies based on separation of duties, designed to follow the U.S. National Institute of Standards and Technology (NIST) guidelines.

  • Account-level logging, audit, and storage mechanisms designed to follow NIST guidelines.

  • (Optional) Inline next generation firewalls that implement advanced Web application security policies as well as Threat Prevention (IDS/IPS), URL Filtering, Anti-Malware/Spyware and DNS Security.

  • (Optional) Deployment of  best of breed Cloud Security Posture Management (CSPM) tool that provides real times customizable compliance monitoring around following compliance standards (CIS v1.2, GDPR, HITRUST v9.3, HIPAA, ISO 27001:2013, MITRE ATT&CK, NIST 800.53 R4, NIST 800-171 Rev1, NIST CSF v1.1,PCI DSS v3.2, SOC 2)

  • (Optional) Terraform based infrastructure as code template to provision and manage the architecture above.

Need more details? Contact us

We are here to assist. Contact us by phone, email or via our Social Media channels.

© 2020 by Konekti

  • LinkedIn
  • Twitter