MS SQL Server is used as primary Database for ExpressTruckTax and associated applications. There are around 5 cloud machine hosted in Oracle Cloud where we hosted the SQL Server 2019 as stand alone instance. There are 40 (8 Dev + 32 Prod) CPU Cores included in these 5 machines.

⁠

SQL Server 2019 pricing⁠

⁠

Service → SQL Server Standard

Cost/Period → USD 1,418/year

Bestpass will cover licensing once the machine is re-created in our AWS account. We will more than likely use SQL through AWS and their will be no license required as its included with the instance.

Transfer Complete

⁠

2. CloudFlare (WAF Solution)

Email From Craig: Ok we can use AWS Cloud Front for this.

Note:The above message is for only CDN, for WAF and Load Balancer there is no confirmation from criag yet

ExpressTruckTax uses CloudFlare (Business Plan) WAF. We are unable to transfer the account to Bestpass, so we suggest Bestpass to create a new CloudFlare account.

⁠

CloudFlare Business Plan⁠

Service → Business Plan

Cost/Period → $200/month

Please follow the below steps to complete the CloudFlare account setup

Step 1: Create a business plan account using the above link. You will be super admin of the account.

Step 2: Go to 'Manage Accounts', and invite 'Members' with 'administrator' credentials. Send an invitation to 'devops@spantechnologyservices.com' (DevOps)

Step 3: On receiving the invitation, we will set up the security configuration for ExpressTruckTax and update you.

Bestpass will not be using Cloudflare. We instead will use the WAF with AWS and Cloudfront CDN

⁠

3. Netlify - **Mandatory**

Netlify is a Jamstack cloud hosting provider for static HTML sites associated with ExpressTruckTax. We have around 100+ sites hosted in Netlify.

Action - Create an account with Netlify and send us the credentials. We will transfer the sites to the new account.

Service →

Netlify Pro version⁠

Cost/Period → $19/month

We will determine what needs to be done here once Marketing figures out which domains we are going to keep. Most likely handled during the migration period. We may use another product we already have to host the sites.

Bestpass created a new Netlify account and the sites have been transferred

⁠

4. Oracle Cloud - Replace with AWS - **Mandatory**

Email from Craig: I guess it might make more sense to talk about what your plans are for separating these environments out and how the work today. We are looking to rebuild pretty much everything ourselves in AWS. Most machines would be domain joined on our NYTRUCKS domain however you can’t do that without being on our network. It would probably be beneficial to understand what compartments need to be built and maybe just build them in our environment.

Oracle Cloud is the primary Cloud Infrastructure for ExpressTruckTax. All our Compute instances are hosted in Oracle cloud. We use several different compute shapes as per product requirement. Shape details can be found from Cloud inventory.

⁠

Will go into AWS once environment is created.

Moved to Bestpass AWS

⁠

5. AWS - S3, SES, SNS and Glacier

We use AWS offerings for some of our product requirements. S3 is used for storing files in cloud. SES is used for sending Emails from ETT applications.

SNS is notification service, which will notify our API if any email bounces or spam marked.

S3 Glacier is an archive storage unit, where we store archived user and IRS efile data. Active (5 years) data will be in S3, and data earlier than 5 years will be moved to S3 Glacier periodically.

SPAN will get Limited AWS access once the environment is ready.

Moved to Bestpass AWS

⁠

6.Fortigate Firewall and SSL VPN

FORTIGATE NEXT GENERATION FIREWALL

FortiGate Firewall Catalog -

https://www.firewalls.com/brands/fortinet/fortigate/enterprise.html⁠

⁠

Call toll-free at 866-745-0102 or email at

sales@firewalls.com⁠

You can download the free VPN client from

Forclient.com⁠

⁠

We use Forticlient EMS Cloud Antivirus for virus protection installed on the Application and DB Servers.

⁠

https://www.fortinet.com/support/product-downloads⁠

⁠

SSL VPN - Fortigate 100F Firewall

Service → Model 100F (3Years Plan)

Cost/Period → Pricing quote from sales@firewalls.com

Fortigate Antivirus

Service → Forticlient EMS Cloud

Cost/Period →

Contact Sales Person⁠

⁠

Email from Craig:I would say right now our focus is getting the monitoring working as well as the infrastructure setup for AWS. We would need to create a Cloudflare account for the web application firewall unless we use something else. We have our own AV that we will be using going forward. This product is Carbon Black. We also have an email security platform we can use to route email through. We use Proofpoint for this.

Bestpass uses Carbon black for AV, We will install on the newly build machines. If SPAN would like carbon black installed on current ETT machines this would require admin accounts and remote access.

Bestpass use their own Antivirus

7. Burp suite - Pen testing Tool

We use Burp Suite, which is a proxy based tool used to evaluate the security of web applications.

Action - You can buy Burp suite Professional Edition using below link.

Follow this for Pricing

https://portswigger.net/burp/how-to-buy/pricing⁠

Service → Professional

Cost/Period → $449/year

You can learn how to use burpsuite using this tutorial .

⁠

https://portswigger.net/burp/documentation/desktop/tutorials⁠

⁠

Bestpass has its own pen testing tools. We will not be using.

8. EasyDMARC

We use EasyDmarc secuirty tool to monitor, analyse, and maintain the SPF, DKIM, and DMARC records for your domain

Purchase EasyDmarc Tool for Email Security.

⁠

https://easydmarc.com/pricing⁠

⁠

Service → PLUS Cost/Period → $17.99/month

Please Follow the steps to add Following records to Cloudflare. (DNS Control Panel)

DMARC

SPF

DKIM

⁠

EasyDMARC.pdf

881.9 kB

⁠

Bestpass will not be using. We have another security vendor which we use.

9. DevOps Tools - Handed over to Phoenix team

Below are the DevOps Open Source Software Tools used and they are not subscribed. No Licensing required

Jenkins - Jenkins is an open source automation server. It helps automate the parts of software development related to building, testing, and deploying, facilitating continuous integration and continuous delivery.

Ansible - Ansible is a suite of software tools that enables infrastructure as code. It is open-source and the suite includes software provisioning, configuration management, and application deployment functionality.

Nexus OSS - Nexus OSS is a free artifact repository with universal format support. It provides a single source of truth for all your components, binaries, and build artifacts, as well as efficiently distributing parts and containers to developers. We use Nexus open source.

Prometheus & Grafana (Optional) - Grafana is a multi-platform open source analytics and interactive visualization web application. It provides charts, graphs, and alerts for the web when connected to supported data sources. Note: Craig has confirmed that Bestpass will use New Relic for monitoring purposes.

Access given to Phoenix

Want to print your doc?
This is not the way.

Try clicking the ⋯ next to your doc name or using a keyboard shortcut (

CtrlP

) instead.