RP Tech
RP Tech India is a leading B2B Technology Solution provider with their e-commerce website hosted on AWS they are reaping the benefits of Performance, Reliability and Security with WAF
About the Customer
Growing at a consistent 25 per cent CAGR for the last 20 years, RP tech India (a division of Rashi Peripherals Pvt Ltd) is the fastest-growing B2B technology solutions provider in India. Co-founded in 1989 by visionary Mr. K.K Choudhary and Mr. S.M. Pansari, the company is recognised as the most preferred partner of leading technology brands. RP tech India is an ISO 9001: 2015 compliant company. The company is certified as ‘Great Place to Work’ in India.
With our fundamentally strong and robust business model spread across four business verticals: Component, Peripherals, Networking & Personal Computing and market verticals: Retail, Online & Enterprise; we are proudly serving to over 30 renowned global brands including AMD, AOC, APC, ASUS, ATEN, Belkin, Cambium Networks, Cornelis Networks Google Chromecast, Colorful, Crucial by Micron, DDN, DELL, EATON, ECS, Fitbit, HP, Infortrend, Intel, JBL, Lenovo, LG, Logitech, Mercusys, NVIDIA, Optoma, Samsung, SanDisk, Supermicro, Toshiba, TP-Link, Ubiquity and Western Digital.
Executive Summary
RP tech India (a division of Rashi Peripherals Pvt Ltd) is one of the fastest-growing B2B technology solutions provider in India. Growing at a consistent 20+ percent CAGR YoY, RP tech India is recognized as the most preferred B2B partner of 30+ renowned global technology brands. RP tech India has a strong network of 50 Branches and 50 Service centers that cater to 9000+ immensely satisfied B2B customers and millions of end-users in 750+ locations across India. They provide Enterprise solutions to various industrial sectors like Education & Research, Data Center, Telecom, Oil & Gas, Pharma, BFSI, Healthcare & Manufacturing, etc. RP tech India is an ISO 9001: 2015 compliant company.
Current Challenges by the Customer
RP Tech was having their in-house developed Inventory asset management ERP application being used for internal purposes hosted in an on-premises environment at their office location for which they were exploring a cloud-native solution to be there in-place that would reduce the operational costs of maintaining various Servers and security for the infrastructure while addressing the modern challenges of scalability, reliability, security & high-availability for the application as the load on it was increasing due to increase in the organization users.
Due to lack of any kind of firewall/security not being deployed in-place for the ERP app, it started to witness a surge in the number of malicious requests from various IP sources and bots that threatened to bring down their business thus increasing the vulnerability of being compromised heavily on the infrastructure part.
Since their in-house IT Team & management didn’t have the expertise & the required knowledge skills in-place for implementing the necessary security for elimination of the threats that the app received, they approached us for proposing a solution for having the same which would help them save their time in having the efforts to be taken for a “third-party” service instead.
The Solution Offered
As part of the proposed solution, we had a few Application servers deployed in an Autoscaling group across 2 different public subnets within an Availability zone each inside a VPC & having the Security group rules configured for allowing inbound HTTP/HTTPS traffic onto the Server alongside an Internet Gateway after which the Route table/subnet associations were updated to reflect the same. Later, RDS Server instance having MySQL was configured in the private subnet to have a connection made towards the Autoscaling group. This was done by whitelisting its private IP within the Security Group of the App Server EC2 instance in the public subnet. Listener rules were configured on the ELB to route the incoming traffic to the Autoscaling group (that was set as the Target group) in-place for scaling up/down the instances once the threshold value was reached based on CPU & Memory utilization metrics configured already. WAF was deployed in place by creating Web ACLs. Using AWS Managed Rule groups feature by taking the most common type of rules that were applicable for filtering out malicious/bot-based traffic, we configured the same. Also, Geolocation-based restriction rule of filtering out the traffic on the application hosted on AWS EC2 was configured using AWS WAF to allow it to come only from India & US region accordingly. AMI backup for both APP/Amazon RDS DB Server was configured as well based on backup frequency decided by the client.
Using Amazon CloudWatch & Amazon S3, performance level monitoring metrics were configured to be pushed onto the Amazon S3 directory on frequent basis. Lastly Amazon CloudTrail was set-up in place for capturing the logs of all the API calls being made to the AWS services in their account as part of audit purpose.
Amazon Web Services Infrastructural Services Used
Amazon Relational Database Service (Amazon RDS for MySQL)
Amazon Elastic Compute Cloud (AWS EC2)
Amazon Auto-Scaling group
Amazon Elastic Block Store (AWS EBS)
Amazon Elastic File Storage (AWS EFS)
Amazon Virtual Private Cloud (AWS VPC)
Amazon Elastic Load Balancer (AWS ELB)
Amazon Web Application Firewall (AWS WAF)
Amazon Simple Storage Service (AWS S3)
Amazon Backup (AWS Backup)
Amazon ElasticSearch (AWS ElasticSearch)
Amazon CloudWatch
Amazon CloudTrail
RedisCache
Project Start Date: 6th Aug 2021
Project End Date: 27th Aug 2021
The Benefits
By deploying the application using the Auto-scaling feature of the AWS EC2 instance provided natively by AWS & testing the same throughout UAT / Dev environments , they were able to significantly scale up/down their Servers hosting the ERP on the go in Production as well within just a matter of a few minutes based on triggering conditions & threshold values configured in-place , thus eliminating the need to manually scale as per the surge or decrease demand on the incoming traffic.
Using AWS WAF Managed Rule groups, the security for the application was taken care of accordingly by eliminating the most common type of attacks like SQL-injection, Cross-site scripting, malicious IP requests, Bot-based attacks occurring at the ‘Layer 7’ of the OSI network model were eliminated which led to lowering the security risks associated with the application. So now they didn’t have to worry about managing / updating the ACL ruleset over the time since the AI/ML of the service intelligently kept on updating itself to secure the infra to any new kind of threats that would possess a complete downtime & loss of business.
It became easier to implement any additional features like “Bot-control security” & “Custom landing page” in the WAF within a few clicks as & when they needed enhancements based on requirements. This proved beneficial in knowledge training of the client’s IT team as explanation was made much easier for them to get familiar with the overall process.
Using geolocation-based filtering within the AWS WAF helped in significantly allowing requests onto the application only from specific regions (i.e., India & US) , while intelligently restricting users / malicious IP’s from locations apart from these both.
WAF helped in lowering the latency response time of the application to 20 milliseconds which significantly boosted the overall sales & in-turn helped in attracting new users/consumers while retaining the old ones.
About Pentagon System and Services Pvt Ltd
Pentagon System and Services Pvt Ltd is a leading Infrastructure service provider and System Integrator with a presence across India and Singapore.
Established more than two decades ago, we cater to over 1200+ Enterprises and SMEs with highly experienced teams for sales, consultants and a vast pool of skilled engineers supporting their mission-critical environments, which covers multi-vendor, multi-platform infrastructure.
We are an advanced tier Consulting Partners with Amazon Web Services and are also a certified Solution Provider. We serve more than 100 plus customers across segments and verticals with our expertise on the cloud platform.