Cloud Security and Migration Architect, Houston, TX
Anuj Varma is a certified cloud and application Architect based in Austin, TX and Houston, TX. Some aspects of Cloud Architecture that Anuj has helped customers with include:
- Security Audits – Cloud Native as well as Hybrid Tools, including Security Command Center, Health Analytics, Event Threat Detection, Incident Response
- Data Protection Specialist – including KMS, Key Management, Certificate Lifecycle Management, Certbot and Letsencrypt and other open source tools as well as cloud native tools.
- IAM and Infrastructure Security Specialist, DevSecOps, Terraform, Gitlab, Automation
- Securing GCP assets using firewalls, shared VPCs, Peered VPCs. Setting up a DMZ in GCP – using firewall rules, subnets and custom routes
- Centralized Logging strategy on AWS
- Organizations, Billing, SCPs, Orgs, Multi Account Structures, Org Level Policies
- AWS Quickstarts and Landing Zones – Control Tower
- Cloud Migration using Automated Templates, native migration services as well as 3rd party tools (AWS DMS, Azure Site Recovery, Velostrata…)
- Azure Powershell – PowerShell cmdlets for day to day tasks (managing Resource groups., moving VMs between subnets, instance management, changing SKUs on resources, blob copy, sql data copy to azure blob storage, bulk copy from multiple sql server tables to Azure SQL DW, Custom Powershell tasks in Azure Pipelines)
- Azure Subscription Models Build Out, Management Groups and Multi Subscription Governance, Azure Policy
- Core Azure Infrastructure Services Architecture – Resource Groups, ARM vs. Classic, VM Scale Sets, Availability Sets, Update/Fault Domains, Site to Site VPNs, ExpressRoute, Subnets, NSGs, Default Routes and UDRs.
- Azure Poweshell based Networking Infrastructure Build Out – VNET layout – DMZ Subnet, Gateway Subnet (containing VNG) Web / Business / Data and AD Subnets. Shared VPN Tunnel using hub spoke architecture and VNET peering. Firewall Subnet containing Azure firewall (or checkpoint or appliance of choice).
- PRODUCTION and NON-PRODUCTION environments – Dev Test Labs, with custom policies around limits and quotas per user.
- Migration from AWS and On Premises to Azure using Azure Powershell, ARM Templates, Azure Site Recovery Services – Migrated several dozen apps from on premises to Azure IaaS as well as PaaS. Azure DMS for Data Migration.
- Migration Assessment using tools such as Cloudamize, CloudPhysics and Movere – application move groups, target right-sized VMs.
- AD and Trusts using Powershell. Domain Controllers in Azure – ADDS, DNS, Redundant Topologies, Domain Joining, DNS Failover, Certificate Services
- Identity in Azure – AAD, B2C, B2B Tenants, Identity Federation, Pass Through and Password (Hash) Sync.
- Identity based Advanced Threat Detection, Roles, Federated Identities, RBAC, Azure AD, AD Connect, B2B, B2C Tenants. Configured Pass Through Authentication using AD agent and AD Connect
- Monitoring and Logging – Azure Monitor, Azure Advisor, Log Analytics, App Insights, Operations Management Suite, Azure Security Center, Network Watcher
- Azure PaaS – PaaS Solutions including Azure Web Apps, Azure Traffic Manager, Application Gateway, AAD, Scalable and Performant Apps using Azure Service Fabric (including stateless API Gateway)
- High Availability for Web Applications – CDN, Redis, Memcached; Scale Up and Scale Out Options for cloud hosted web apps.
- Azure Security (Network and App Layer) – Custom DMZs in the cloud, custom firewall appliances (Barracuda, Checkpoint), Azure Security Center, Azure WAF, Azure Firewall
- Data Security – Azure key vault, Storage service and disk encryption keys, TDE (SQL Server DBs)
- Backup and Recovery – Azure Site Recovery, Hyper-V and VMWare based workloads replicated to Azure.
- Azure Governance – Management Groups, Policies – including tagging enforcement, auditing of unaudited SQL Azure and more.
- Tools such as CloudHealth, CloudCheckr, CloudTamer. Budgeting and Migration Readiness (Cloudamize, Movere, Cloudphysics), Monitoring (Azure Monitor, New Relic (Certified New Relic Engineer))
- Azure Devops – Boards, repos, pipelines, GitHub based pipelines, teams, azure artifacts (NuGet and ARM templates), pull requests, entire docker pipeline – including multi stage docker build and push and pull of images to/from ACR.
- Built real time guest sentiment analyzer using – Azure Text Analytics API for tracking guest sentiment, LUIS engine for sentiment analysis, key phrase extraction. Azure bot to handle guest interactions
- Docker and Containerization of Windows Server Hosted Apps
- Relevant Blog Posts
Start the conversation sooner, rather than later
Setup a time to chat with Anuj Varma, Azure Powershell Architect, Houston, TX today. Architecture cannot be an afterthought (™)
Leave a Reply