AWS Government Practice
AWS plays a core role in our Government Practice. It complies with security standards thus making it a very viable option when proposing cloud solutions to the public sector. It is clear that the public sector requires a high standard of security to ensure its systems are never jeopardized. Xtremax personnel hone their AWS know-how through proper training and accreditation which allows them to become specialized consultants when addressing requests from the public sector. With technical knowledge in AWS combined with top notch professional services, we are able to provide for our clients from beginning to end.
Notable governments around the world have been adopting or moving towards a cloud-first policy. One such entity is the Singapore government which is through the Government Technology Agency of Singapore also known as GovTech. Singapore plans to become a Smart Nation, a nation who utilizes digital technology to meet the needs of a better future and to improve lives.
By transforming the very fundamental aspects of IT, it would empower the government to better fulfil the needs of the ever changing society of Singapore This transformation will accelerate the pace at which public services are able to engage on-demand network access conveniently. Another key feature of the cloud is the scalability of resources to deal with varying workloads which derives cost optimization of the government resources.
Security is vital in the government. The Instruction Manual 8 policy has been used as a guideline to ensure standardization of security across all agencies. With the guidelines of IM8, the aim is to enhance the overall effectiveness of ICT in the public sector and establish standards worthy of a governmentAWS allows customization to comply with three (3) mandatory points in security as dictated in the IM8 policy. These are:
- Password Policy
- Audit trail
- Inactivity Lockout
How Xtremax Leverages AWS Technology Portfolio
At Xtremax, we harness the capabilities of Amazon Web Services (AWS) as our Cloud Service Provider. With AWS we are able to help reduce costs, drive up efficiencies and innovate services to cater to public needs. Data location is of no issue as data only resides in Singapore and are not communicated to servers outside of Singapore. We utilize the following AWS services to help achieve the goals and requirements of the government:
For log management and governance solution in AWS, we leveraged on Amazon Kinesis Data Stream, CloudFormation, AWS Auto Scaling, and Lambda.
Database functionalities are being leveraged by
- Amazon RDS, to manage the Relational Database Service.
- Amazon DynamoDB. To manage NoSQL Database.
- Amazon ElastiCache. In-memory Caching System.
AWS CloudFormation for executing the Automation and Orchestration of full functionalities where required.
To execute the Compute functionalities, we leverage the power of
- Amazon EC2. Act as the virtual servers in the Cloud.
- Amazon ECR. To store and retrieve Docker Images, while Amazon ECS in running and managing Docker Containers.
- Amazon EKS. To run managed Kubernetes on AWS.
For our customer/user, we leverage Amazon Simple Email Service (SES) for sending and receiving an email to each other.
While Network & Content Delivery functionalities will be leveraged by:
- Amazon CloudFront. Act as Global CDN.
- Amazon Route 53. Scalable Domain Name System.
- API Gateway. To Build, Deploy, and Manage APIs.
To execute the Analytics function, Xtremax leverage the following services:
- Amazon Elasticsearch Service. To run and scale the Elasticsearch Clusters.
- AWS Data Pipeline. To orchestrate the periodic and data-driven workflows.
For log storage services, we utilise Amazon S3 and Amazon Glacier.
- Amazon S3 is object storage, which is suitable for a quick recovery process since it offers highly-scalable, reliable, and low-latency data storage infrastructure.
- Amazon Glacier is a secure, durable, and extremely low-cost cloud storage service for data archiving and long-term backup.
- Amazon EFS. Fully managed file system for EC2.
CloudWatch to monitor and manage an application service. Before using it, we must have a threshold for it.
- A surge in website traffic is handled by Elastic Load Balancing with little to no downtime.
AWS Multi-layered Security
These are the tools performing multi-layer securities for cloud computing.
- AWS Shield Advanced and AWS WAF caters to DDoS protection.
- Virtual Private Cloud (VPC) to help isolate cloud resources;
- End Point Protection against viruses and malware;
- Network Intrusion Protection System (NIPS) to examine network traffic flows and prevent exploits;
- Patch Management for monitoring and administering routine software patches,
- AWS WAF (Web Application Firewall) to filter malicious web traffic and
- AWS Certificate Manager for providing, managing and deploying SSL/ TSL certificates.
AWS has been proven to empower businesses, especially by their solid success in performance in the following characteristics:
Virtualization software to speed up the IT operations.
Well-designed cloud computing that suitable for business continuity and disaster recovery.
The increased amount of deliverables because multiple users can work simultaneously on the same data
Service capacity can be changed at any time as the user desires, especially in scaling up or scaling down.
Allowing user to access their data anywhere using any internet-connected devices.
AWS Solutions and Competency Use Cases
Being the largest client of AWS in South East Asia, we collaborate with AWS in providing cloud hosting infrastructures for Singapore Government agencies. The following are our 2 projects with GovTech.
CWP (Content Website Platform)
The CWP is a secured common environment based on a resilient, robust and controlled platform which provides a suite of standardised software for hosting content-based websites. It enables unclassified government websites to be centrally managed and operated on a public cloud to bring the benefits of faster deployment speed and cost savings through economies of scale.
Websites are often the first point of contact between citizens and government. They deliver information and provide a convenient platform for transactions. With the CWP, the agencies only have to manage their own websites and they can focus on delivering the best possible user experience.
CWP was built and developed by Xtremax to improve the government’s digital shopfront experience and help organisations build websites within significantly reduced timeframes. It reduces from months to weeks or even days. This is due to the drastic reduction in time taken for developing and deploying websites. CWP accomplishes that by leveraging from the public cloud technology and putting together a suite of services, not limited to just hosting, but also security and operations management.
Currently, the respective platform hosts more than 500 government websites.
GCC (Government Commercial Cloud)
The GovTech plan is to not only implement the respective cloud computing for government institution but also provide the same services for the private ones.
Government Commercial Cloud (GCC), as cloud hosting services for Government and Private sector and not only for websites’ type but other forms of applications. This GCC is relatively bigger and more significant than its older brother CWP.