Secure DevOps Workflow at Dell with Enterprise Application Access (EAA)

© AKAMAI - EDGE 2017
Secure DevOps Workflow at Dell with Enterprise Application
Access (EAA)

How does Dell use
Akamai EAA?
SPOILER ALERT: to make testing Dell.com easier

Motivation
• Securely expose private builds and assets of dell.com to internal users
as part of the DevOps process
• Validate complex delivery configs on properties (ex: Caching, FEO etc)
• Enable multi-Device global testing using the non-prod environment
• Utilize Edge Redirector cloudlet to enhance URL rewrites (this one’s big
for us!)

Situation: Thousands of redirect rules
Complication:
Pain for IT
• Hard to maintain
• Hard to test all the
(thousands of rules)
• Causing outages

Migrate from Origin Reverse Proxy to Akamai
● Offload URL redirects to the Edge
● Reduce page load times for users globally
● Increase site uptime
● Optimize redirect rule management

But how do we test our migration as we’re doing it?
• We need to be able to:
• Validate redirect rules in a test environment before they are deployed to production
•Test all the rules, not just the new one
•Identify what rule was triggered to cause destination url
• Access test environment with Akamai redirect rules
•from mobile and desktop devices
•from both inside and outside Dell intranet
• Test without a VPN

Approaches Explored
Jump in, think
outside the box

Approaches Explored (continued)
• Device testing solutions
• Don't allow testing property manager policies
• Only partially solves the problem
• Doesn’t allow LDAP authentication
• Write our own redirect manager?
• Takes too long
• Doesn’t solve all problems
• What about a DMZ?
• Can reach Akamai
• Can test any device both inside and outside the network

Network guys frowned on that
● Pain to set up, maintain
● Security issues, authentication
● Bureaucracy, dependencies

Akamai Enterprise Application Access (EAA)
• DMZ-as-a-Service
• Doesn’t require a VPN
• Operates over standard ports (443,80) which are not blocked
• Drop-in VM network appliance

Simpler Way to Connect Test Environments to Akamai
QA Env
Dell Firewall
Developer
or tester
Dev Env
Enterprise
Connector
Staging
> No hole in the firewall
> No complex configuration
> No client software
> No lateral movement
Access
Point
Developer
or tester
Akamai Platform

EAA Appliance Setup
● Akamai sent us the Hyper-V connector images we installed in our
environment
● Used the Akamai portal for configuration
● Reverse proxy (ARR) to point to the test environs
● Added authorized users/groups using AD connector
• Users can login using their network username/password

Automated testing

Questions?

Benefits
• Access test environment from mobile and desktop, from both inside and
outside Dell intranet.
• Real devices
• Securely
• Easily (network creds)
• Test Akamai redirect and caching rules in our testing environment
before they are deployed to production
• See the redirect rule key in response header after redirect so we can
see what rule was invoked
• Helps a lot with troubleshooting and testing
• Automated deployments between environments using the Akamai
Cloudlet API

Future
• Complete the migration of rewrite rules from ARR to Akamai
• Automated testing of caching rules
• Train the business operations team with utilizing and testing SEO
redirect rules
• Usability and A/B testing

Current Model

Future Model

LDAP Configuration

DNS setup (external)

Proxy Configuration

Software Architect,
Dell.com
Prashanth Srinivasan
Sr. Principal
Software Engineer,
Dell.com
Robert Corvus
Director of Engineering,
Dell.com
Chris Pippen
Enterprise
Specialist former
SQA Architect
Ken Eaton
Sr. Engagement
Manager, Akamai
Speakers
Bhushan Rajadhyax

Secure DevOps Workflow at Dell with Enterprise Application Access (EAA)

More Related Content

What's hot

Viewers also liked

Similar to Secure DevOps Workflow at Dell with Enterprise Application Access (EAA)

More from Akamai Developers & Admins

Recently uploaded

Secure DevOps Workflow at Dell with Enterprise Application Access (EAA)