Posted: August 1, 2019
Amazon Web Services (AWS) enables organizations to quickly deploy large-scale applications like business analytics and security monitoring, which need to ingest and analyze terabytes of data daily
The California Department of Technology (CDT) wanted to leverage Splunk for business analytics and monitoring, while maintaining a highly secure and scalable environment. CDT chose Infiniti to be their technology partner in this endeavor and we developed an AWS infrastructure solution to meet their needs.
CDT anticipated ingesting several terabytes of data per day, so the cloud infrastructure would need to be architected to handle the load while maintaining uptime and performance. Infiniti also architected an AWS multi account strategy with multiple environments to meet security best practices. Using immutable AWS infrastructure with AWS CloudFormation, Infiniti developed a fault-tolerant Splunk cluster to ensure uptime and lower the administrative overhead. Infiniti also assisted in implementing an enterprise AWS Identity and Access Management (IAM) solution for single sign-on/multifactor authentication (SSO/MFA) into critical applications. This allows for the Security Operations Center (SOC) to seamlessly and securely access Splunk.
By utilizing the AWS cloud, CDT now has a highly scalable and highly available Splunk implementation for data collection, analysis, and security monitoring of critical infrastructure. As CDT expands and extends Splunk to monitor even more devices and environments, the AWS infrastructure will be able to scale and extend accordingly.
AWS Services Utilized:
• AWS GovCloud
• AWS Organizations
• AWS CloudFormation
• AWS Application Load Balancers
• AWS Virtual Private Cloud
• AWS EC2
• AWS Elastic Container Service
• AWS Transit Gateway
• AWS Identity and Access Management
• AWS S3
Third Party Applications or Solutions Used:
• Splunk Enterprise
• Palo Alto Networks
• Hashicorp Consul