Nasstar utilises AWS PrivateLink to enable secure & private integration
Center Parcs is one of the most well-known holiday companies offering short breaks in the UK and Ireland. It has six ‘holiday villages’, each set in around 400 acres of natural landscapes including forests, woodland and beaches.
The company has been operating for over 30 years and currently has an online booking system for guests at all locations. With a range of both indoor and outdoor activities available for all kinds of families, Center Parcs has something for everyone.
Amazon Web Services
AWS Network Load Balancer
AWS Application Load Balancer
Nasstar has been supporting Center Parcs with their AWS-deployed Enterprise Services Layer (ESL) solution for a number of years.
ESL supports online web sales, administration, and accommodation bookings, while also enabling Center Parcs to seamlessly connect to third parties.
Thus far, one of these third parties – Adobe – has been using over-the-internet connections from resources within their own AWS environments to communicate with Center Parcs’ ESL.
Center Parcs approached Nasstar and requested that these connections are established over a private network so that they no longer traverse the internet, thus improving security and simplifying network connectivity.
With an approach that was designed and implemented to ensure a smooth transition to the newly provisioned AWS PrivateLink service, Nasstar worked closely with Center Parcs and Adobe to ensure all required resources were provisioned and that connectivity was seamlessly established.
Following the successful integration, Center Parcs has realised several business benefits directly attributable to the new AWS PrivateLink connectivity:
AWS PrivateLink enables a secure and private network connection between specific resources deployed across the Center Parcs ESL and Adobe AWS accounts. The network traffic traverses AWS’s own private network infrastructure rather than the public internet, reducing their exposure to threats such as distributed denial-of-service (DDoS) attacks.
Using AWS PrivateLink for connectivity, instead of the internet, means that the private, highly scalable AWS managed connection between Adobe and Center Parcs’ ESL is more performant and reliable.
The AWS PrivateLink solution has enabled Adobe connectivity into Center Parcs’ ESL without the need for managing complex network connectivity infrastructure, such as route tables and firewall rules.
CloudWatch, an AWS native tool for monitoring and observing customer solutions, provided metrics against each of the deployed resources. This enabled a high degree of end-to-end infrastructure observability, real-time alerting and feedback.
To meet the client’s requirements, Nasstar assessed several options that would support private network connectivity between Adobe and Center Parcs.
Nasstar designed and configured an AWS PrivateLink solution, which is a way of securely connecting AWS resources in two organisations’ AWS environments. Any activity between the two accounts doesn’t leave the Amazon network and therefore is inherently more secure and reliable.
The Nasstar solution enabled Adobe services to only talk to the relevant part of the ESL application, which not only meets the strictest security requirements but is cost-effective, and highly available.
Nasstar used version-controlled Infrastructure as Code (IaC) and AWS CloudFormation to provision the required cloud-native AWS services, supporting the new solution to ensure accuracy and repeatability during deployments.
Once the connections were validated in each of the test environments, the solution was promoted into production and used as part of the live service to meet the customer’s aims of improving security and simplifying connectivity.
Prior to the implementation of AWS PrivateLink between our services layer and the web front end, application traffic traversed the internet via IPsec tunnels. Nasstar were able to introduce a more robust, secure, and simpler solution that has had a direct positive impact for Center Parcs. All architectures implemented are to best practice, all documentation provided was to a good standard, and Nasstar engineers proved professional and knowledgeable at every point.