Showcases
.svg){kind=logo}
In this article, we will introduce how Sysage/MetaAge AWS Technology and MSP groups help HOORAY INTEGRATION INC. (hereafter referred to as Hooray) to host and monitor their infrastructure on AWS.
Sysage/MetaAge Technology officially became an AWS Managed Service Provider (MSP) this year (2022), providing professional AWS cloud consulting services and cloud hosting monitoring services, which can bring more value-added to the majority of enterprises or new customers professional value service.
In addition to assisting customers to deploy Infrastructure as a service (IaaS), Platform as a service (PaaS) or Software as a service (SaaS), Cloud Managed Service, Application Software Development (Infrastructure-as-code), API Integration, Cloud Migration, Cloud Integration and other value-added services. Several customers have entrusted Sysage/MetaAge Technology's cloud hosting services to assist AWS services in hosting customer architecture monitoring services. One example is Hooray AWS service monitoring.
Hooray Integration (hereinafter referred to as Hooray) upholds a solid and pragmatic foundation and advantages, providing value-added network and system software and hardware equipment solutions from internationally renowned brands, such as Dell EMC, VMware, Veeam...etc. Provide customers with pre-sales consulting services, software and hardware system planning and construction, to perfect after-sales maintenance and operation services.
Sysage/MetaAge MSP monitoring system provides complete architecture performance monitoring, including detailed indicators such as CPU, RAM, Disk Usage, and customizable thresholds for customers, which can help Hooray reduce the burden of monitoring, so they decided to use Sysage/MetaAge MSP services to host resources on AWS.
For Hooray’s resources, Sysage/MetaAge MSP team uses AWS CloudWatch and Sysage/MetaAge monitoring system for anomaly detection, helping customers build anomaly detection models, and continuously optimize the models to find the best balance between alarms and alarm fatigue.
Sysage/MetaAge assisted Hooray to build a machine learning Business intelligence (BI) platform on AWS. The Database uses Amazon EC2 because the Database has been in high usage for a long time, we use AWS CloudWatch to detect its memory usage. It will notify MSP teams of surges or slumps and track events to ensure Amazon EC2 availability.
In addition, Sysage/MetaAge MSP monitoring system will compare other comprehensive indicators of Hooray, such as Amazon EC2’s CPU and Data Transfer, to determine whether the surge in traffic will lead to the weakening of Amazon EC2 performance.
Results and Advantages:
• Help MSP team understand system status and solve problems quickly through Sysage/MetaAge MSP monitoring integration platform
◦ Compared with the fixed threshold, the possibility of reducing the service efficiency of the detection can be sent out in advance, which increases the response time by more than 20%.
• Increase internal maintenance and operation efficiency through Sysage/MetaAge MSP monitoring and integration platform
◦ After Sysage/MetaAge MSP assists in hosting, it saves the cost and training costs for the maintenance and operation platform in the future.
In addition, Sysage/MetaAge MSP team not only regularly scans the MFA binding status of IAM User and Root Account in the AWS environment, but also sets different repair actions for policies such as Root Account and IAM User, and records the relevant status and results.
The Sysage/MetaAge MSP team also uses the Corporate Identity System (CIS)-enhanced Instance as a springboard for customer connection, and conducts vulnerability scans on a regular basis, and has a complete program maintenance for the customer's related logs to ensure the integrity of their logs.
Key schemes used:
• Use AWS Config service:
Sysage/MetaAge MSP uses AWS Config for the root account MFA enable rule. If MFA is found to be removed, it will send an alert notification through AWS Systems Manager Remediation AWS-PublishSNSNotification.
• Using Lambda service:
Sysage/MetaAge MSP uses AWS EventBridge and the written Lambda function in Hooray’s AWS account, scans the customer's IAM User every month, and generates a report whether there is any binding MFA.
• Use Amazon Inspector Service & Enterprise Identification System (CIS) Instance:
For the EC2 used by Hooray, SSH connection is required for maintenance, so we planned the springboard for Hooray and used the Corporate Identity System (CIS) Amazon Linux 2 Benchmark AMI, To maximize user security, we conduct assessments every 7 days through Amazon Inspector Corporate Identity System(CIS) Operating System Security Configuration Benchmarks-1.0, and generate Corporate Identity System (CIS) inventory reports for customers regularly.
• Use VPC Flow Logs:
For all the resources of Hooray that use the Network on AWS, these Traffic Logs are collected to the Amazon S3 bucket of the AWS account in a unified manner to ensure that the customer-related logs can be properly managed, and the logs can be quickly called if there is an audit requirement.
Results and advantages:
1. For the removal of Root Account MFA, compared to the regular manual inspection by maintenance personnel every week, the abnormal discovery time can be reduced by up to 86%.
2. The use of Corporate Identity System(CIS) to strengthen instance periodic vulnerability scanning on the resource level of AWS services improves the information security of Amazon EC2 compared with the use of ordinary instances. Compared with the company's half-yearly execution of the audit problem list, the frequency is increased by 24 times. Save the relevant manpower to do vulnerability analysis.
Conclusion
The services deployed by Hooray on AWS are monitored and maintained by the MSP maintenance and operation team of Sysage Technology/ MetaAge Technology, which makes Hooray’s AWS architecture more in line with AWS Best Practice, and there is no need to spend effort to find full-time AWS maintenance personnel.
And through the professional MSP maintenance team of Sysage Technology/ MetaAge Technology, it has achieved better monitoring efficiency and more complete information security management than the previous end, and can ensure the integrity of the relevant Log, which is convenient for subsequent auditing and inspection.
Sysage Technology / MetaAge Technology is an agent of AWS cloud services, providing 7 x 24 fully managed services. Sysage/MetaAge has rich experience in server, network, database management, and has a deep technical architect team and maintenance team. It is the best consultant and service team for enterprise cloud services.
Whether customers want to deploy AWS services, further managed maintenance (Cloud Managed Service), application software development (Infrastructure-as-code), API integration, cloud integration and other value-added services, Sysage Technology / MetaAge Technology has complete professional capabilities, all One-stop solution to meet multi-faceted needs.
The AWS MSP team of Sysage Technology / MetaAge Technology introduced the next-generation monitoring system to provide customers with fully managed and fully monitored MSP integration services.
Contact Method:
Phone Number: 080-000-8669 |Email: aws@sysage.com.tw |Line@:@metaage_msp
