Skynats Logo

Case Studies

Enhancing Security and Scalability for AWS Infrastructure for an Insurance Company

Client: NDA Signed & Protected

Location: India (IN)

Platform

Cloud

Industry

Insurance

Standards

OSWAP

Provider

AWS

Customer Requirement​​

Implement more secure cloud infrastructure to guard against increasing cybersecurity threats. The main goals consisted of eliminating direct internet access to servers and establishing centralized access. High availability and fault tolerance were also essential to maintain uninterrupted service. Additionally, AWS best practices must be adhered to.

Challenges​

The previous AWS environment had numerous security issues. There was direct access to the servers via the internet, which increased the chances of cyberattacks and critical vulnerabilities. Along with that, there was no centralized management that made it difficult to monitor and efficiently secure access. Scaling of servers without compromising security was also a challenge since the existing setup does not have failover capabilities with which comes the risk of service disruption.

Skynat's Proposal and Solutions​

  • Analysis:  Detailed analysis of the customer’s existing AWS environment for identifying key vulnerabilities, such as the public exposure of application servers and the lack of centralized traffic control.

  • Designing the Architecture: We created an enhanced AWS architecture with a greater emphasis on security, availability, and scalability considering the findings. Our design consisted of moving all servers into private subnets, thereby eliminating the risk of public exposure, along with an Application Load Balancer placed in front acting as the single-entry point for traffic. We deployed two servers for each portal behind the ALB for load balancing and to equip them with failover. Security groups were structurally configured to implement strict access.

  • Implementation: We reconfigured the customer’s AWS VPC to create public and private subnet zones and deployed the ALB to manage incoming traffic. The servers were migrated into the new VPC with private subnets and registered with the ALB target group, enabling load balancing. Security policies were applied to restrict network traffic.

  • Troubleshooting: We performed continuous monitoring and troubleshooting to address any operational issues. Load balancer health checks were fine-tuned so any configuration issues related to security groups or subnet routing were promptly resolved.

Implementation Method and Components Used​
  1. Redesigned AWS VPC to include public and private subnets
  2. Configured the Application Load balancer as the single-entry point for all traffic, balancing the load between two portal servers.
  3. Two application servers migrated to private subnets, supporting active-active traffic with failover capability.
  4. Security Groups implemented to restrict traffic flow
  5. We deployed NAT gateways in the public subnet to enable instances in the private subnet to securely access the internet without being exposed to inbound traffic.
  6. Amazon EFS was mounted on application servers to enable shared and scalable storage for application data and file uploads
  7. We deployed backend EC2 servers across multiple availability zones within private subnets to ensure high availability and fault tolerance.
Implementation Timeline​

The project was completed in 3 months with deployments, testing, auditing, and final delivery.

Results and Conclusion​

Through a strategic re-architecture, we successfully addressed the customer’s goals around security, compliance, scalability, and availability, thus ultimately delivering a secure and resilient AWS environment.

Have Similar Requirements ?

Schedule A Meeting
Contact Us

Company

Server Management

Cloud Management

Infrastructure

Quick Contact

© Copyright 2025 Skynats.com

Let us know your requirement.

Thank You

We have received your query and will get back to you soon.