Skip to content
Gallery
ETT - Bestpass
ETT-BestPass
Information required from Bestpass
Infrastructure Requirements
Software License Details
Domain Transfer
SPAN Responsibilities
AWS-ETT Infrastructure - DevOps Team
ETT SQL Details
Mobile App Transfer
Transition Services Agreement (TSA)
Tax Year Changes
Transfer a Domain with NO Downtime
ETT Deployment
ETT Domains
ETT Build Deployments
ETT Payments - Flex Microform
Knowledge Transfer - Technical
Domain KT
Share
Explore
AWS-ETT Infrastructure - DevOps Team

icon picker
1. Infrastructure Overview

Lakshan Sambath
Last edited 286 days ago by Sivakumar V
commit message best practices,1.1 Server overview
Server List
Development Environment
DevOps Environment
1.2 How things communicate
Connections required for things to work (X server to Y Database Server)
Network Topology
1.3 Shared systems
What components need to be migrated onto new servers
Information regarding these applications / processe
s
1.4 Server Access
How do we gain access to these systems
Who has access to them currently

1.1 Server overview

All our servers are hosted in Amazon Web Service (AWS). We use the logical grouping - Instance to Organise the setup.

Server List


Bastion Servers (Windows)
Environments
Name
Public IPv4 address
Elastic IP
Private IP address
Security group name
Key name
Launch time
VPC ID
Subnet IDs
Instance type
Availability Zone
1
Dev Environment
ETT-DEV-Bastion
3.216.243.146
3.216.243.146
172.30.61.201
SPAN RDP ETT-Dev-Bastion-RDP
ETTWindows
1/13/2023, 4:40 AM
vpc-0e3433ba49b45f7cf
subnet-03a4ce8f2a0973fdd
t3.xlarge
us-east-1a
2
Sanbox
ETT-SBX-Bastion01
54.205.19.111
54.205.19.111
172.30.52.126
SPAN RDP ETT-SBX-Bastion Internal RDP
ETTWindows
2/8/2023, 11:06 PM
vpc-0e3433ba49b45f7cf
subnet-0d76f1fa505f4cd5a
t2.xlarge
us-east-1c
3
Production
ETT-Prod-Bastion01
52.73.86.178
52.73.86.178
172.30.81.31
SPAN RDP ETT Prod Bastion RDP
ETTWindows
2/28/2023, 10:36 PM
vpc-0e3433ba49b45f7cf
subnet-0dee670f20c301cc6
t3a.xlarge
us-east-1a
There are no rows in this table


Development Instance's (Windows)
Dev Environments
Server Name
Server
Public IP
Private IP
Instance-Type
OS Platform
Core
Memory (GB)
Drive C:
Drive D:
Drive E
Drive F
Region
Availability Zone
1
Sprint
ETT-SPT-VM-01
Application Server
3.234.93.174
172.30.61.27
t3.xlarge
Microsoft Windows Server 2019 Core
4
16
200
100
100
150
us-east-1 (N. Virginia)
AZ-1
2
Staging
ETT-STG-VM-01
Application Server
3.80.0.181
172.30.61.47
t3.xlarge
Microsoft Windows Server 2019 Core
4
16
200
100
100
150
us-east-1 (N. Virginia)
AZ-1
3
UAT
ETT-UAT-VM-01
Application Server
34.197.65.42
172.30.61.115
t3.xlarge
Microsoft Windows Server 2019 Core
4
16
200
100
100
150
us-east-1 (N. Virginia)
AZ-1
4
Sprint, Stagin & UAT
ETT-DB-DEV-VM-01
DB Server
172.30.11.86
t3.xlarge
Microsoft Windows Server 2019 Core
4
16
200
100
100
100
us-east-1 (N. Virginia)
AZ-1
There are no rows in this table
(Note: This is only for development purposes, and the sandbox and production environments will not be the same.)
Drive Information on the Application Server (Sprint, Staging, and UAT)
Drive D - Website build files Drive E - Maintain Backups for build files Drive F - Maintain all log files of websites and IIS.
Drive Information on the Database Server (Sprint, Staging, and UAT)
(Note: This is only for development purposes, and the sandbox and production environments will not be the same.)
Drive D - Sprint Database (includes DB and backups)
Drive E - Staging Database (includes DB and backups)
Drive F - UAT DB (includes DB and backups)

Traffic allowed in Dev Servers:
Security Group's
Applications Required
1
Sprint, Staging & UAT Environment
Version
Reference
2
Access Database Engine
2010
https://www.microsoft.com/en-in/download/details.aspx?id=13255
3
Dot Net Framework
4
4
SQL Server Standard
2019
5
URL redirection
2.1
https://download.microsoft.com/download/1/2/8/128E2E22-C1B9-44A4-BE2A-5859ED1D4592/rewrite_amd64_en-US.msi
6
To enable Windows Roles and Features
After server setup, we will enable the necessary tools for IIS Web server
There are no rows in this table
Application Required for Bastion
Bastion Server
Version
Details
1
SQL Server Management Studio (SSMS)
18.12
SQL Server Client tool
2
Redgate Data and DB Compare
12
Comparing Database between environments
There are no rows in this table

DevOps Instances (Ubuntu)
DevOps Environment
Server Name
Server
Public IP
Private IP
Shape
OS Platform
Core
Memory (GB)
Drive: /
Drive
Region
Availability Zone
1
Jenkins
ETT-DOPS-VM-01
DevOps Application
-
172.30.12.7
t3.xlarge
Ubuntu 20.04
4
32
250 GB
LVM - Not required right now
us-east-1 (N. Virginia)
AZ-1
2
Nexus Repo
ETT-DOPS-NEXUS-VM-01
DevOps Application
-
172.30.12.246
t3.xlarge
Ubuntu 20.04
4
32
250 GB
LVM - Not required right now
us-east-1 (N. Virginia)
AZ-1
3
Ansible
ETT-DOPS-ANSIBLE-VM-01
DevOps Application
-
172.30.12.41
t3.xlarge
Ubuntu 20.04
4
16
200 GB
LVM - Not required right now
us-east-1 (N. Virginia)
AZ-1
4
Windows Build Server
ETT-DOPS-WS-Build-VM-01
Development Application
-
172.30.12.176
t3.xlarge
Windows 2019
4
32
100 GB
Drive D: 250 GB
us-east-1 (N. Virginia)
AZ-1
There are no rows in this table

SandBox Instance (Windows)
Sandbox Instance
Server Name
Server
Public IP
Private IP
Shape
OS Platform
Core
Memory (GB)
Drive C
Drive D
Drive E
Drive F
Region
Availability Zone
1
ETT 01 - Secure Site 01
ETT-SBX-VM-01
Application Server
44.197.90.224
172.30.51.127
t3.xlarge
Microsoft Windows Server 2019 Core
4
16
200 GB
100 GB
100 GB
150 GB
us-east-1 (N. Virginia)
AZ-2
2
ETT 02 - Secure Site 02, ETT Homesite, TSNA Secure, API, Mobile API, Payments
ETT-SBX-VM-02
Application Server
54.147.252.112
172.30.53.103
t3.xlarge
Microsoft Windows Server 2019 Core
4
16
200 GB
100 GB
100 GB
150 GB
us-east-1 (Ohio)
AZ-1
3
ETT 03 - Efile Site, Services, Control Sites, TSNA Control
ETT-SBX-VM-03
Application Server
3.234.1.60
172.30.51.223
t3.xlarge
Microsoft Windows Server 2019 Core
4
16
200 GB
100 GB
100 GB
150 GB
us-east-1 (N. Virginia)
AZ-2
4
ETT DB 01 -- ETT DB
ETT-SBX-DB-VM-01
DB Server
172.30.13.45
t3.xlarge
Microsoft Windows Server 2019 Core
4
16
200 GB
100 GB
100 GB
-
us-east-1 (N. Virginia)
AZ-2
5
There are no rows in this table

Production Instance (Windows)
Production Instance
Server Name
Server
Public IP
Private IP
Shape
OS Platform
Core
Memory (GB)
Drive C
Drive D
Drive E
Drive F
Region
Availability Zone
1
ETT 01 - Secure Site 01
ETT-PROD-VM-01
Application Server
35.169.181.121
172.30.81.21
t2.2xlarge
Microsoft Windows Server 2019 Core
8
32
200 GB
100 GB
100 GB
100 GB
us-east-1 (N. Virginia)
AZ-3
2
ETT 02 - Secure Site 02 -- US Phoenix
ETT-PROD-VM-02
Application Server
54.166.125.239
172.30.82.19
t2.2xlarge
Microsoft Windows Server 2019 Core
8
32
200 GB
100 GB
100 GB
100 GB
us-east-1 (Ohio)
AD-1
3
ETT 03 - API, Mobile API, Payments
ETT-PROD-VM-03
Application Server
35.170.120.126
172.30.81.210
t3.xlarge
Microsoft Windows Server 2019 Core
4
32
200 GB
100 GB
100 GB
100 GB
us-east-1 (N. Virginia)
AZ-3
4
ETT 04 - ETT Homesite, TSNA Secure and Support sites
ETT-PROD-VM-04
Application Server
18.205.200.155
172.30.81.244
t3.xlarge
Microsoft Windows Server 2019 Core
4
32
200 GB
100 GB
100 GB
100 GB
us-east-1 (N. Virginia)
AZ-3
5
ETT 05 - Efile Site, Services
ETT-PROD-VM-05
Application Server
18.205.51.73
172.30.81.81
t2.2xlarge
Microsoft Windows Server 2019 Core
8
32
200 GB
100 GB
100 GB
100 GB
us-east-1 (N. Virginia)
AZ-3
6
ETT 06 - ETT Control sites and TSNA Control
ETT-PROD-VM-06
Application Server
3.224.16.31
172.30.81.121
t3.xlarge
Microsoft Windows Server 2019 Core
4
32
200 GB
100 GB
100 GB
100 GB
us-east-1 (N. Virginia)
AZ-3
7
ETT DB 01 -- ETT DB
ETT-PROD-DB-VM-01
DB Server
172.30.70.26
tr6in.4xlarge
Microsoft Windows Server 2019 Core
16
128
200 GB
DB Backup: 2 TB
Databases: 1 TB
-
us-east-1 (N. Virginia)
AZ-3
8
ETT DB 02 -- Other DBs (TSNA, ADMIN)
ETT-PROD-DB-VM-02
DB Server
172.30.70.22
r6in.2xlarge
Microsoft Windows Server 2019 Core
8
64
200 GB
100 GB
100 GB
200 GB
us-east-1 (N. Virginia)
AZ-3
9
ETT DB 03 -- Mirroring
ETT-PROD-DB-VM-03
DB Server
172.30.70.243
r6in.2xlarge
Microsoft Windows Server 2019 Core
8
64
200 GB
1 TB
1 TB
-
us-east-1 (N. Virginia)
AZ-3
10
ETT DB 04 -- Log shipping
ETT-PROD-DB-VM-04
DB Server
172.30.70.7
r6in.2xlarge
Microsoft Windows Server 2019 Core
8
64
200 GB
1 TB
1 TB
-
us-east-1 (N. Virginia)
AZ-3
There are no rows in this table

ETT Affiliate Server
Server
Public IP
Private IP
Instance-Type
OS Platform
Core
Memory (GB)
Drive C:
Drive D:
Region
Availability Zone
1
Affliates Sites
t3.xlarge
Microsoft Windows Server 2022
4
16
200
100
us-east-1 (N. Virginia)
AZ-1
2
There are no rows in this table


Security Group's
1
Category
Instances
Environment
Server Name
Ingress Ports
Egress Ports
Ingress Ports
Egress Ports
2
Application Servers
Development
Sprint
ETT-SPT-VM-01
80, 443, 3389, 9182, 9100, 5985,5986,8081, 1433
All
Source CIDR (Subnet)
All
3
Application Servers
Development
Stage
ETT-STG-VM-01
80, 443, 3389, 9182, 9100, 5985,5986,8081
All
Source CIDR (Subnet)
All
4
Application Servers
Development
UAT
ETT-UAT-VM-01
80, 443, 3389, 9182, 9100, 5985,5986,8081
All
Source CIDR (Subnet)
All
5
Application Servers
Sandbox
SandBox
ETT-SBX-VM-01
80, 443, 3389, 9182, 9100, 5985,5986,8081
All
Source CIDR (Subnet)
All
6
Application Servers
Production
Production
ETT-PROD-VM-01
80, 443, 3389, 9182, 9100, 5985,5986,8081
All
Source CIDR (Subnet)
All
7
Database Servers
Dev Data Base
Dev DB
ETT-DB-DEV-VM-01
1433
All
Source CIDR (Subnet)
All
8
Database Servers
Sand Box Data Base
SB DB
ETT-DB-SBX-VM-01
1433
All
Source CIDR (Subnet)
All
9
Database Servers
Production Data Base
Prod DB
ETT-DB-PROD-VM-01
1433
All
Source CIDR (Subnet)
All
10
DevOps Servers
Devops
Jenkins/Ansible
ETT-DOPS-Jenkins-VM-01
80, 443, 22, 8080,50000 5985,5986
All
Source CIDR (Subnet)
All
11
DevOps Servers
Devops
Nexus OSS
ETT-DOPS-Nexus-VM-01
80, 443, 22, 8081, 5985,5986
All
Source CIDR (Subnet)
All
12
DevOps Servers
Devops
Ansible
ETT-DOPS-Ansible-VM-01
80, 443, 22, 8081, 5985,5986, 50000
All
Source CIDR (Subnet)
All
13
Affiliates Server
Production
Production
ETT-AFF-VM-01
80, 443, 22, 8080,8081,50000 5985,5986
All
Source CIDR (Subnet)
All
There are no rows in this table

DevOps Instance (Sandbox & Prod Env)
DevOps Instance (Sandbox & Production Env)
Server
Server Name (Source IP)
Destination Server (Security Group)
IP Protocol
Source Port Range
Destination Port Range
1
Bastion Server
Bastion server
ALL
TCP
All
3389,22
2
ETT-DOPS-WSVR01
DevOps Windows Server
ETT-DOPS-WSVR01
ETT-DOPS-VM-01
ETT-DOPS-NEXUS-VM-01
ETT-AFF-VM-01
8080 8081
3
ETT-DOPS-VM-01
Jenkins
ETT-DOPS-VM-01
ETT-SBX-VM-01
ETT-SBX-VM-02
ETT-SBX-VM-03
ETT-PROD-VM-01
ETT-PROD-VM-02
ETT-PROD-VM-03
ETT-PROD-VM-04
ETT-PROD-VM-05
ETT-PROD-VM-06
ETT-AFF-VM-01
TCP
All
8080
4
ETT-DOPS-NEXUS-VM-01
Nexus
ETT-DOPS-NEXUS-VM-01
ETT-SBX-VM-01
ETT-SBX-VM-02
ETT-SBX-VM-03
ETT-PROD-VM-01
ETT-PROD-VM-02
ETT-PROD-VM-03
ETT-PROD-VM-04
ETT-PROD-VM-05
ETT-PROD-VM-06
ETT-AFF-VM-01
TCP
All
8081
5
ETT-DOPS-NEXUS-VM-01
Nexus
ETT-SBX-VM-01
ETT-SBX-VM-02
ETT-SBX-VM-03
ETT-PROD-VM-01
ETT-PROD-VM-02
ETT-PROD-VM-03
ETT-PROD-VM-04
ETT-PROD-VM-05
ETT-PROD-VM-06
ETT-AFF-VM-01
ETT-DOPS-NEXUS-VM-01
TCP
All
8081
6
ETT-DOPS-ANSIBLE-VM-01
Ansible
ETT-DOPS-ANSIBLE-VM-01
ETT-SBX-VM-01
ETT-SBX-VM-02
ETT-SBX-VM-03
ETT-PROD-VM-01
ETT-PROD-VM-02
ETT-PROD-VM-03
ETT-PROD-VM-04
ETT-PROD-VM-05
ETT-PROD-VM-06
ETT-AFF-VM-01
TCP
All
5985, 5986,50000
There are no rows in this table

Sandbox Security List


ETT-SBX-VM-01
1
Server Name
Server
Shape
OS Platform
Source IP
IP Protocol
Source Port Range
Destination Port Range
2
ETT-SBX-VM-01
Application Server
t3.xlarge
Microsoft Windows Server 2019 Core
0.0.0.0/0
TCP
All
80, 443
There are no rows in this table

ETT-SBX-VM-02
1
Server Name
Server
Shape
OS Platform
Source IP
IP Protocol
Source Port Range
Destination Port Range
2
ETT-SBX-VM-02
Application Server
t3.xlarge
Microsoft Windows Server 2019 Core
0.0.0.0/0
TCP
All
80, 443
There are no rows in this table
ETT-SBX-VM-03
1
Server Name
Server
Shape
OS Platform
Source IP
IP Protocol
Source Port Range
Destination Port Range
2
ETT-SBX-VM-03
Application Server
t3.xlarge
Microsoft Windows Server 2019 Core
0.0.0.0/0
TCP
All
80, 443
There are no rows in this table
ETT-SBX-DB-VM-01
Sandbox Instance
Server Name
Server
Shape
OS Platform
Source IP
IP Protocol
Source Port Range
Destination Port Range
Allows
1
ETT 01 - Secure Site 01
ETT-SBX-VM-01
Application Server
t3.xlarge
Microsoft Windows Server 2019 Core
TCP
All
1433
TCP traffic for ports: 1433
2
ETT 02 - Secure Site 02, ETT Homesite, TSNA Secure, API, Mobile API, Payments
ETT-SBX-VM-02
Application Server
t3.xlarge
Microsoft Windows Server 2019 Core
TCP
All
1433
TCP traffic for ports: 1433
3
ETT 03 - Efile Site, Services, Control Sites, TSNA Control
ETT-SBX-VM-03
Application Server
t3.xlarge
Microsoft Windows Server 2019 Core
TCP
All
1433
TCP traffic for ports: 1433
There are no rows in this table

Production Security List


ETT-PROD-VM-01
1
Server Name
Server
Shape
OS Platform
Source IP
IP Protocol
Source Port Range
Destination Port Range
2
ETT-PROD-VM-01
Application Server
t2.2xlarge
Microsoft Windows Server 2019 Core
0.0.0.0
TCP
All
80, 443
There are no rows in this table
ETT-PROD-VM-02
1
Server Name
Server
Shape
OS Platform
Source IP
IP Protocol
Source Port Range
Destination Port Range
2
ETT-PROD-VM-02
Application Server
t2.2xlarge
Microsoft Windows Server 2019 Core
0.0.0.0
TCP
All
80, 443
There are no rows in this table

ETT-PROD-VM-03
1
Server Name
Server
Shape
OS Platform
Source IP
IP Protocol
Source Port Range
Destination Port Range
2
ETT-PROD-VM-03
Application Server
t3.xlarge
Microsoft Windows Server 2019 Core
0.0.0.0
TCP
All
80, 443
There are no rows in this table
ETT-PROD-VM-04
1
Server Name
Server
Shape
OS Platform
Source IP
IP Protocol
Source Port Range
Destination Port Range
2
ETT-PROD-VM-04
Application Server
t3.xlarge
Microsoft Windows Server 2019 Core
0.0.0.0
TCP
All
80, 443
There are no rows in this table
ETT-PROD-VM-05
1
Server Name
Server
Shape
OS Platform
Source IP
IP Protocol
Source Port Range
Destination Port Range
2
ETT-PROD-VM-05
Application Server
t3.xlarge
Microsoft Windows Server 2019 Core
Span Workspace IP's
TCP
All
80, 443
There are no rows in this table
ETT-PROD-VM-06
1
Server Name
Server
Shape
OS Platform
Source IP
IP Protocol
Source Port Range
Destination Port Range
2
ETT-PROD-VM-06
Application Server
t3.xlarge
Microsoft Windows Server 2019 Core
Span Workspace IP's
TCP
All
80, 443
There are no rows in this table
Production Bastion Server
1
Production Instance
Server
Server Name (Source IP)
Destination Server (Security Group)
IP Protocol
Source Port Range
Destination Port Range
2
Bastion server
Bastion server
ETT-PROD-VM-01-06 ETT-PROD-DB-VM-01-04
TCP
All
3389
There are no rows in this table

ETT-PROD-DB-VM-01 (SL)
Production Instance
Server Name
Server
Shape
OS Platform
Source IP
IP Protocol
Source Port Range
Destination Port Range
Allows
1
ETT 01 - Secure Site 01
ETT-PROD-VM-01
Application Server
t2.2xlarge
Microsoft Windows Server 2019 Core
TCP
All
1433
TCP traffic for ports: 1433
2
ETT 02 - Secure Site 02 -- US Phoenix
ETT-PROD-VM-02
Application Server
t2.2xlarge
Microsoft Windows Server 2019 Core
TCP
All
1433
TCP traffic for ports: 1433
3
ETT 03 - API, Mobile API, Payments
ETT-PROD-VM-03
Application Server
t3.xlarge
Microsoft Windows Server 2019 Core
TCP
All
1433
TCP traffic for ports: 1433
4
ETT 04 - ETT Homesite, TSNA Secure and Support sites
ETT-PROD-VM-04
Application Server
t3.xlarge
Microsoft Windows Server 2019 Core
TCP
All
1433
TCP traffic for ports: 1433
5
ETT 05 - Efile Site, Services
ETT-PROD-VM-05
Application Server
t2.2xlarge
Microsoft Windows Server 2019 Core
TCP
All
1433
TCP traffic for ports: 1433
6
ETT 06 - ETT Control sites and TSNA Control
ETT-PROD-VM-06
Application Server
t3.xlarge
Microsoft Windows Server 2019 Core
TCP
All
1433
TCP traffic for ports: 1433
7
ETT DB 03 -- Mirroring
ETT-PROD-DB-VM-03
DB Server
tr6in.4xlarge
Microsoft Windows Server 2019 Core
TCP
All
1433, 5022, 5023,135,445
TCP traffic for ports: 5022, 5023,135,445
There are no rows in this table

ETT-PROD-DB-VM-02 (SL)
Production Instance
Server Name
Server
Shape
OS Platform
Source IP
IP Protocol
Source Port Range
Destination Port Range
Allows
1
ETT 01 - Secure Site 01
ETT-PROD-VM-01
Application Server
t2.2xlarge
Microsoft Windows Server 2019 Core
TCP
All
1433
TCP traffic for ports: 1433
2
ETT 02 - Secure Site 02 -- US Phoenix
ETT-PROD-VM-02
Application Server
t2.2xlarge
Microsoft Windows Server 2019 Core
TCP
All
1433
TCP traffic for ports: 1433
3
ETT 03 - API, Mobile API, Payments
ETT-PROD-VM-03
Application Server
t3.xlarge
Microsoft Windows Server 2019 Core
TCP
All
1433
TCP traffic for ports: 1433
4
ETT 04 - ETT Homesite, TSNA Secure and Support sites
ETT-PROD-VM-04
Application Server
t3.xlarge
Microsoft Windows Server 2019 Core
TCP
All
1433
TCP traffic for ports: 1433
5
ETT 05 - Efile Site, Services
ETT-PROD-VM-05
Application Server
t2.2xlarge
Microsoft Windows Server 2019 Core
TCP
All
1433
TCP traffic for ports: 1433
6
ETT 06 - ETT Control sites and TSNA Control
ETT-PROD-VM-06
Application Server
t3.xlarge
Microsoft Windows Server 2019 Core
TCP
All
1433
TCP traffic for ports: 1433
7
ETT DB 03 -- Mirroring
ETT-PROD-DB-VM-03
DB Server
tr6in.4xlarge
Microsoft Windows Server 2019 Core
TCP
All
1433, 5022, 5023,135,445
TCP traffic for ports: 5022, 5023,135,445
There are no rows in this table

ETT-PROD-DB-VM-03
Production Instance
Server Name
Server
Shape
OS Platform
Source IP
IP Protocol
Source Port Range
Destination Port Range
Allows
1
Bastion server
Bastion server
Bastion server
Bastion server
Bastion server
TCP
All
3389
2
ETT DB 01 -- ETT DB
ETT-PROD-DB-VM-01
DB Server
tr6in.4xlarge
Microsoft Windows Server 2019 Core
TCP
All
1433, 5022, 5023,135,445
TCP traffic for ports: 5022, 5023,135,445
3
ETT DB 02 -- Other DBs (TSNA, ADMIN)
ETT-PROD-DB-VM-02
DB Server
r6in.2xlarge
Microsoft Windows Server 2019 Core
TCP
All
1433, 5022, 5023,135,445
TCP traffic for ports: 5022, 5023,135,445
4
ETT 01 - Secure Site 01
ETT-PROD-VM-01
Application Server
t2.2xlarge
Microsoft Windows Server 2019 Core
TCP
All
1433
TCP traffic for ports: 1433
5
ETT 02 - Secure Site 02 -- US Phoenix
ETT-PROD-VM-02
Application Server
t2.2xlarge
Microsoft Windows Server 2019 Core
TCP
All
1433
TCP traffic for ports: 1433
6
ETT 03 - API, Mobile API, Payments
ETT-PROD-VM-03
Application Server
t3.xlarge
Microsoft Windows Server 2019 Core
TCP
All
1433
TCP traffic for ports: 1433
7
ETT 04 - ETT Homesite, TSNA Secure and Support sites
ETT-PROD-VM-04
Application Server
t3.xlarge
Microsoft Windows Server 2019 Core
TCP
All
1433
TCP traffic for ports: 1433
8
ETT 05 - Efile Site, Services
ETT-PROD-VM-05
Application Server
t2.2xlarge
Microsoft Windows Server 2019 Core
TCP
All
1433
TCP traffic for ports: 1433
9
ETT 06 - ETT Control sites and TSNA Control
ETT-PROD-VM-06
Application Server
t3.xlarge
Microsoft Windows Server 2019 Core
TCP
All
1433
TCP traffic for ports: 1433
There are no rows in this table
ETT-PROD-DB-VM-04
Production Instance
Server Name
Server
Shape
OS Platform
Source IP
IP Protocol
Source Port Range
Destination Port Range
Allows
1
ETT DB 01 -- ETT DB
ETT-PROD-DB-VM-01
DB Server
tr6in.4xlarge
Microsoft Windows Server 2019 Core
TCP
All
5022, 5023,135,445
TCP traffic for ports: 5022, 5023,135,445
2
ETT DB 02 -- Other DBs (TSNA, ADMIN)
ETT-PROD-DB-VM-02
DB Server
r6in.2xlarge
Microsoft Windows Server 2019 Core
TCP
All
5022, 5023,135,445
TCP traffic for ports: 5022, 5023,135,445
3
ETT 01 - Secure Site 01
ETT-PROD-VM-01
Application Server
t2.2xlarge
Microsoft Windows Server 2019 Core
TCP
All
1433
TCP traffic for ports: 1433
4
ETT 02 - Secure Site 02 -- US Phoenix
ETT-PROD-VM-02
Application Server
t2.2xlarge
Microsoft Windows Server 2019 Core
TCP
All
1433
TCP traffic for ports: 1433
5
ETT 03 - API, Mobile API, Payments
ETT-PROD-VM-03
Application Server
t3.xlarge
Microsoft Windows Server 2019 Core
TCP
All
1433
TCP traffic for ports: 1433
6
ETT 04 - ETT Homesite, TSNA Secure and Support sites
ETT-PROD-VM-04
Application Server
t3.xlarge
Microsoft Windows Server 2019 Core
TCP
All
1433
TCP traffic for ports: 1433
7
ETT 05 - Efile Site, Services
ETT-PROD-VM-05
Application Server
t2.2xlarge
Microsoft Windows Server 2019 Core
TCP
All
1433
TCP traffic for ports: 1433
8
ETT 06 - ETT Control sites and TSNA Control
ETT-PROD-VM-06
Application Server
t3.xlarge
Microsoft Windows Server 2019 Core
TCP
All
1433
TCP traffic for ports: 1433
There are no rows in this table

1.2 How things communicate

In AWS, we have public and private subnets. Using these subnets communication are established in a secure manner.
The public subnets are used for accessing our application servers through the internet.
VPN is used to prevent the access to Development and DevOps Instances
The private subnets are used for accessing our database servers from our application servers using the internal private IP’s.
The Internal Communications by default are done by Routing Tables.

Network Topology

Development Instance

AWS- ETT Development.drawio.png

Sandbox Instance

AWS- ETT-Sandbox.drawio.png

Production Instance
AWS- ETT-Production.drawio.png


DevOps Instance

AWS- ETT-Devops-Architecture.png


VPN Access:
We use the Forticlient SSL VPN to reach the application server (Firewall - Fortigate).
Antivirus:
We use Forticlient Antivirus for virus protection installed on the Servers for Application & DB.
SPAN Network-ETT.png

1.3 Shared systems


SPAN Shared Server - Live Efile Server Details
What components need to be migrated onto new servers
SPAN Shared-Efile Server - Details
SPAN Shared-Tax 01 Server Details

1.4 Server Access

How do we gain access to these systems
Access to these systems is provided using the ETT/Forticlient VPN.
User Access will be provided for the secure login purpose.

Who has access to them currently
DevOps-Environments
Environment
User Name
Git
Jenkins
Ansbile
Nexus
Prometheus
Grafana
Sites 24*7
Development
2
Manager/ Lead/ Sr Developer
FA
FA
FA
FA
FA
FA
FA
Jr Developer
FA
R/W
-
RA
RA
RA
RA
DevOps
3
Manager/ Lead/ Sr DevOps
FA
FA
FA
FA
FA
FA
FA
DevOps
-
R/W
FA
FA
FA
FA
FA
Jr DevOps
-
R/W
-
-
FA
FA
FA
Development-Environments
Environment
User Name
Sprint
Sprint DB
Staging
Staging DB
UAT
UAT DB
SB
SB DB
Prod
Prod DB
Development
2
Manager/ Lead/ Sr Developer
FA
FA
FA
FA
FA
FA
FA
FA
FA
FA
Jr Developer
FA
FA
FA
FA
R/W
R/W
R/W
R/W
R/W
R/W
DevOps
3
Manager/ Lead/ Sr DevOps
FA
RA
FA
RA
FA
RA
FA
RA
FA
RA
DevOps
FA
RA
FA
RA
FA
-
FA
-
FA
-
Jr DevOps
FA
RA
FA
-
FA
-
-
-
-
-
FA : Full Access R/W: Read & Write RA: Read Only WA: Write Only - No Permissions

2. Deeper Dive


Want to print your doc?
This is not the way.
Try clicking the ⋯ next to your doc name or using a keyboard shortcut (
CtrlP
) instead.