Nwobodo, Jahankhani & Edoh (2014) stated that for remote administration in Amazon Web Service (AWS), Remote Desktop Protocol (RDP) is required for accessing Windows-based instances in a secured way. For this to happen, Remote Desktop Gateway (RD Gateway) is deployed on the AWS cloud. RD Gateway utilizes RDP or Remote Desktop Protocol over to provide an encrypted and secure connection between the Internet and the remote users on the web to run Windows based Amazon EC2 applications without the need to configure a VPN or Virtual Private Connection (Remote Desktop Gateway Reference Architecture, 2016). AWS provides templates for AWS CloudFormation so that the Child Protection Board can utilize for the deployment or directly launch into the organizational AWS account. Organizations requiring secure remote administrative access to Windows-based Amazon Elastic Compute Cloud (EC2) applications on the web. For them AWS provide a documentation guideline; which the IT infrastructure personnel can use to better understand the design and RD Gateway infrastructure and deploy in on AWS (Remote Desktop Gateway on the AWS Cloud: Quick Start Reference Deployment - RD Gateway on AWS, 2016).
As opined Wadia (2016), Asset Management is required for an organization to strategically track and manage its AWS assets for deployment. The strategy would define if the organization is planning to integrate its internal management system with AWS and if asset management capabilities provided by AWS were utilized. To identify, track and control the AWS resources, AWS provides built-in metadata for all of its services. The Child Protection Board can track Amazon EC2 instances with the given metadata by attached storage, snapshot, volume id, 64-bit or 32-bit computer architecture, operating system or AMI (storage by server image). To easily pull resource and service metadata into existing asset management processes and system, AWS resources can be manually or programmatically carried. AWS also enables the customers to implement their personalized tags. Resources can be aged by lifecycle status, environment type, cost center, application version, support team among other categories so that the organization can manage the AWS resource assets efficiently (AWS Operational Checklists, 2016).
SLA or Service-level management is the monitoring and management of Quality of Service, which indicates the performance of an entity. SLA enables the firm to be assured of a certain level of performance, reliability, and stability for the given IT infrastructure. It can be part of policy-based service-level management. The requirement for an SLA to mitigate the risk of downtime by creating alerts, after potential problems, has been identified. AWS provides the SLA offerings "As Is," and that AWS or their licensors or affiliates do not make any guarantees that the customer’s content, third-party content or the service offered by AWS and its partners will be free from errors, damage, or getting lost. AWS also states that the warranties which are not covered by law are disclaimed from making any implied warranty of non-infringement, satisfactory quality, merchantability while being utilized in a trade (AWS Customer Agreement, 2016).
Morad and Dalbhanjan’s Operational Checklist for Cloud-based Services
As per data requirements, the type of security and storage has to be selected to be specified by the Child Protection Board.
The identity management would provide the specific credentials for deploying cloud-based services for data file exchange and payroll solutions.
Application data must be separately kept from the volume of operating system at Child Protection Board (AWS Operational Checklists, 2016).
As stated by Ryan (2015), each application has its characteristics and high level requirements. For the Child Protection Board to meet the costs effectively, AWS delivers few infrastructure building blocks. An effective strategy for a high level would include recovery, monitoring, auto-scaling, load balancing, and redundancy in a region use of various availability zones within a region. Based on the application’s risk profile and availability requirement, the critical applications must ensure that all single points of failure are identified. Following are some Amazon Web Services that the organization can utilize for high availability –
Multi-AZ Amazon RDS for databases that are managed by multiple Availability Zone.
Point-in-Time snapshots of Amazon EBS volumes by Amazon EBS Snapshots.
iii. Amazon CloudWatch Alarms and Metrics.
Scaling and automated instance recovery by Auto Scaling
Load balancing across different Availability Zones by Elastic Load Balancing.
Running multiple instances of Amazon EC2 in different availability zones (van Vliet, Paganelli, & Geurtsen, 2013).
Backup and Disaster Recovery
Disaster Recovery (DR) requirements are unique to each application which are bound to recovery time objectives and recovery point, and geographical requirements that restrict physical boundary between disaster and primary recovery sites. A DR strategy is only effective when it includes not only how a single application like service or component will recover, but also to ensure that recovery of the application meets the standards. Region-to-region recovery, monitoring, load balancing, global traffic management, regional redundancy are all part of the effective DR strategy at a high level (Nadgowda, Jayachandran & Verma, 2013). In the context of a DR plan, the organization can consider few Amazon Web Services and techniques. They are:
Archiving data by utilizing Amazon Glacier
Using Amazon Machine Image (AMI) Copy and EBS Snapshot Copy across regions
iii. For DNS-based regional fail-over, Amazon Route 53 can be used
Running new instances, or storing Amazon Machine Images and data in different AWS regions
Leveraging Amazon S3’s versioning to give protection for the user’s stored data.
Archiving data to Amazon Glacier by leveraging S3 object lifecycle policies (Sengupta & Annervaz, 2014).
SLA of AWS as outlined by Erl’s SLA guidelines
SLAs of AWS as per guidelines mentioned by Thomas Erl are:
According to Amazon EC2 SLA (2016), Amazon states in its SLA that it will provide reasonable efforts to Amazon EBS and Amazon EC2 available commercially with the monthly uptime percentage being at least 99.95%, during billing cycle of every month. The SLA also states definition for unavailability and availability for Amazon EBS and Amazon EC2 and mentions Service Credit is a dollar credit. Service Credit can only be received if the user submits a claim by opening a ticket in the AWS Support Center (Garg, Versteeg, & Buyya, 2013).
The user or the organization will receive Service Credit if it does not meet the Service Commitment of Amazon EBS or Amazon EC2. Service Credit percentage is 10% if the monthly uptime percentage is equal to or greater than 99.0% and less than 99.0% and 30% service credit percentage if the monthly uptime percentage is less than 99.0%. Failure to provide the request or other necessary information will disqualify the user from receiving a Service Credit.
The SLA mentions that the Service Commitment is not applicable to termination, suspension or unavailability of Amazon EBS or Amazon EC2 account or its related performance issues (Amazon EC2 SLA, 2016).
Amazon EC2 SLA. (2016). Amazon Web Services, Inc.. Retrieved 6 October 2016, from
AWS Customer Agreement. (2016). Amazon Web Services, Inc.. Retrieved 6 October 2016, from
AWS Operational Checklists. (2016). media.amazonwebservices.com. Retrieved 6 October 2016, from
Garg, S. K., Versteeg, S., & Buyya, R. (2013). A framework for ranking of cloud computing services. Future Generation Computer Systems, 29(4), 1012-1023.
Nadgowda, S., Jayachandran, P., & Verma, A. (2013, December). 12MAP: Cloud Disaster Recovery Based on Image-Instance Mapping. InACM/IFIP/USENIX International Conference on Distributed Systems Platforms and Open Distributed Processing (pp. 204-225). Springer Berlin Heidelberg.
Nwobodo, I., Jahankhani, H., & Edoh, A. (2014). Security challenges in the distributed cloud computing. International Journal of Electronic Security and Digital Forensics 9, 6(1), 38-51.
Remote Desktop Gateway on the AWS Cloud: Quick Start Reference Deployment - RD Gateway on AWS. (2016). Docs.aws.amazon.com. Retrieved 6 October 2016, from
Remote Desktop Gateway Reference Architecture. (2016). Amazon Web Services, Inc.. Retrieved 6 October 2016, from
Ryan, M. (2015). AWS System Administration: Best Practices for Sysadmins in the Amazon Cloud. O'Reilly Media, Inc.
Sengupta, S., & Annervaz, K. M. (2014). Multi-site data distribution for disaster recovery—A planning framework. Future Generation Computer Systems, 41, 53-64.
van Vliet, J., Paganelli, F., & Geurtsen, J. (2013). Resilience and Reliability on AWS. " O'Reilly Media, Inc.".
Wadia, Y. (2016). AWS Administration–The Definitive Guide. Packt Publishing Ltd.