Introduction
FreeTV is a Multi-channel TV Operator that offers more than 50 linear channels with a huge VOD library. The platform allows access to channels, catchups, movies, and series anytime, anywhere.
FreeTV is a new initiative in the Israeli media market aimed to reach audiences through emerging media platforms with ground-breaking content.
FreeTV involves dozens of different technologies and applications required to be securely connected to the AWS Cloud. Automat-it’s role, as the DevOps partner with a focus on security, was to apply security best practices for the multi-account AWS environment. This includes everything from centralized authentication and authorization to DDoS protection, and more.
Automat-it aligned all applications’ security best practices. Implementation included AWS Control Tower, guardrails, centralized networking, Palo Alto (for traffic filtering and VPN access), and more. The infrastructure is built using Automat-it’s own Terraform Framework, which ensures scalable, secure, and reproducible environments.
The microservice images are built using CI pipelines and stored in the Amazon Elastic Container Registry (Amazon ECR) with automated vulnerability scanning enabled.
The solution utilizes Amazon Aurora MySQL-Compatible Edition as the centralized, scalable database engine, Amazon ElastiCache for Redis for the caching needs.
It relies on Amazon CloudFront to ensure smooth content delivery for FreeTV users across AWS presence locations. Amazon Elastic File System (Amazon EFS) is used to share the data to be processed by multiple Amazon Elastic Compute Cloud (Amazon EC2) and Amazon Elastic Container Service (Amazon ECS) workloads. Application Load Balancing ensures the availability and performance of the workloads.
Automat-it’s Cloud FinOps Team is constantly providing the customer team with recommendations on cost planning as savings using both homegrown Albatross FinOps Suite and industry-standard tools like Anodot. Automat-it’s team evaluates the risks and provides the mitigation strategy using Automat-it’s Risk Management framework.
Automat-it’s 24/7 NOC team provides incident management services. The security, NOC, and DevOps teams continuously monitor the infrastructure, applications, and compliance with 5 security standards via the AWS Security Hub in combined with Amazon GuardDuty, AWS CloudWatch, and Crowdstrike Cloud Security Posture Management.
- CIS AWS Foundations Benchmark v1.2.0
- AWS Foundational Security Best Practices v1.0.0
- CIS AWS Foundations Benchmark v1.4.0
- PCI DSS v3.2.1
- NIST Special Publication 800-53 Revision 5
Benefits and outcomes
- A scalable, highly available, secured, stable, and monitored multi-account environment
- Five security standards are continuously monitored by more than 400 security checks
- 24/7 monitoring of alarms and a secured centralized log archive
