Business Challenge
Virtually servicing clients
Manta Innovations, LLC is a consulting company focused on providing solutions for complex big data and cloud-based problems. As a start-up organization, Manta needed a way to virtually service their clients. Ultimately, they had two options:
- Force employees to setup multiple server clusters in their home offices
- Utilize cloud infrastructure
Like many start-up organizations, the biggest advantage of adopting a cloud computing strategy is the reduced IT costs for both the physical hardware and the maintenance that hardware requires.
Having a cloud environment resolved the immediate need for a developer shared collaboration location, while also providing a central location for connectivity to different customers (Billabong vpn jumpbox).
APPROACH
Understanding barriers
Manta did their research and consulted with several Sis on their implementation options. After evaluating options, they chose to build using Amazon Web Services (AWS).
At the time of Manta’s inception, AWS was the most mature CSP in the market. AWS had the most options available to support whichever platform a customer could want (Linux and Microsoft, Oracle RDS, etc.).
As a result, Manta turned to D3Clarity as their cloud implementation consulting partner. D3Clarity’s customer success commitment, architecture expertise and advanced technical understanding of the Amazon Partner Network (APN) made them the standout choice for Manta’s customer cloud architecture.
The first reference environment to be used by a Manta customer was built on a simple but secure architecture which made building the solution with AWS resources very straightforward. The next customer had more complexity and required further architecture hardening which allowed Manta to grow their business by providing manage services versus only building the infrastructure. With each new cloud solution, Manta developed best practices in terms of repeatable AWS reference architecture templates. Manta now understands that the barrier to cloud entry is low but the sophistication of cloud solutions is high.
OUTCOME
DevOps Automation
Manta started with a base architecture that was revised over time. After following a programmatic approach to the cloud and focusing on utilizing data fiber, Manta was able to achieve a reference architecture that is well-engineered, highly secured and properly maintained through DevOps automation. This can be replicated to support any Fortune 500 organization.
The success of Manta’s reference architect was due in large part to D3Clarity’s vision.
“We design and build cloud-native data centers. We treat all of solutions on the cloud as mission-critical, with a defined strategy and reference architecture to support it.”
Designing a cloud datacenter is very similar to designing an on-prem datacenter. Junior cloud engineers likely do not have the skill or experience level to meet the needs of the design. Designing at a global scale is not trivial. Manta and D3Clarity have solved the equation of how to provide significant SLAs at an enterprise global level for any customer through AWS.
Amazon’s commitment to self-service and superior technology makes implementing a cloud-native architecture very easy. AWS has a variety of resources available including best practices, expert guidance, reference architecture diagrams and more. These options paired with Manta and D3Clarity offer more success than ever before.
Manta can support any customer deployment using fully automated cloud formations. The reference architecture was designed by segmenting every customer with their own AWS “root” account within the zone.
Default architect reference template includes:
Sandbox
Sandbox
A sandbox for internal demos, development, preproduction and production environments, that can be regionally deployed if needed
Shared Services Zone
Shared Services Zone
A Shared Services zone for common services leading to consistency and cost savings
Centralized Security Logging
Centralized Security Logging
Centralized Security Logging and regular scanning for threat protection and audit-ability
Dual Availability Zones
For higher availability. Use of the second availability zone is optional, but the plumbing is available by default.
VPC Peering
Connections between VPC’s in same region. Used by Shared Services and Security to connect to all other current VPC’s in the same region.
VPC Endpoints
Gateway and interface endpoints between your VPC and other AWS services.
Aviatrix Spoke Gateway
Aviatrix Spoke Gateways provide connection to on-prem networks and additional AWS Regions.
Shared Services
Common services for consistency & cost savings (i.e. centralized access mgt, key mgt, base OS images, DNS, NTP, availability, alerts)
Security Logging & Compliance Monitoring
Centralized security logging & scanning for threat protection & auditability (Inspector, CloudWatch, CloudTrail, AWS Config.)
Route 53 Resolver
DNS resolvers on your network can forward DNS queries to Resolver in a specified VPC. Also, Resolvers can forward queries that it receives from EC2 instances in your VPC’s to DNS resolvers on your network.