A Conversation with Dennis Estrada

By Sherry Wei
Founder and CTO, Aviatrix
August 11, 2018

This is my third conversation with cloud architects. Click here for the previous one.

Meet Dennis Estrada, enterprise architect at JellyVision, a company with a long history in software for education, entertainment and now employee benefits.

In this wave of developer led cloud transformation, traditional IT is often viewed as friction and a dated organization. Dennis is an exception. Not only does he manage the IT department as we know it, he is in the forefront of  with the Ops team and architecting their new IT in the cloud.

I caught up with Dennis recently on the busy exhibition floor at AWS Chicago Summit.

Sherry:Which vendor’s equipment do you currently use for employee remote access and why are you changing?

Dennis: We currently use Sonic Wall for our employee remote access. But as we have moved 90% of workload to AWS, it does not make sense to require employees to first connect to on-prem and then connect to AWS resources. So, I started to research a product that enables employees to have direct remote access to AWS.

Sherry: What products have you looked at?

Dennis: I looked into Fortinet, Checkpoint and Cisco ASA. Their pricing placed them out.

Sherry: Why Aviatrix?

Dennis: Aviatrix remote access VPN is an OpenVPN® based solution that I’m very familiar with. I like the out of the box integration with LDAP and DUO. Our SRE and engineering team are already using DUO. The AWS marketplace metered AMI allows us to pay as we consume.

Sherry: Did you consider operations issues when you made the Aviatrix selection?

Dennis: Yes. I’m an architect and my focus is designing a solution. But my design must be operable by junior members in the team.The Aviatrix Controller has a user friendly interface that is simple to understand and operate.

Sherry: What is your plan to roll it out?

Dennis: We’ll start with our 25 SRE team members, then to the engineering team, finally offering the service to our 500 employees.

Sherry: You know most companies will consider employee remote access as the last thing to do in the cloud transformation process. It’s impressive to see that you are taking charge and architecting the new cloud environment.

Dennis: Yes, I’m still in the IT department, but these days I spend more time with Ops team and is the main point of contact between Ops and IT.

Sherry: How do you operate differently now that you are 90% in AWS?

Dennis: We focus more on business continuity as opposed to DR (disaster recovery) which is more reactive. Business continuity is about standing up environments in multiple regions so that in the event of an AWS region failure, our service is not disrupted.

Sherry: Any feedback regarding our product?

Dennis: I suggested a few improvements for importing the certificate, and that’s already implemented in the product. I’m very happy with the Aviatrix team, you guys are responsive and helpful. It would be great if you can integrate with Google authenticator for your 2FA.

Sherry: Thank you. Likewise, our team was impressed by your detailed research and knowledge. We’ll look into Google authenticator. Have you looked into our Egress FQDN filter?

Dennis: That’s something I’ll check out once we have user VPN deployed.

Sherry: Great, let us know how it goes, and thank you so much.


Comments are closed for this post.

Latest Posts

Aviatrix Now Provides FIPS 140-2 Validated Encryption
By Sam Ghardashem, June 14, 2019

How Aviatrix’s intelligent orchestration and control eliminates unwanted tradeoffs encountered when deploying Palo Alto Networks VM-Series Firewalls with AWS Transit Gateway
By Sam Ghardashem, June 7, 2019

How to Use Aviatrix SD Cloud Routing to Build Azure Networks
By Karthik Balachandran, March 20, 2019

The Cloud in 2019 and Beyond: More of the Same, Only Better
By Steven Mih, December 6, 2018

Understanding AWS VPC Egress Filtering Methods
By Khash Nakhostin, November 14, 2018

Top Tags

Active Directory (AD)Amazon Partner Network (APN)Amazon Virtual Private Cloud (Amazon VPC)Amazon Web Services (AWS)Amazon WorkSpacesApplication VisibilityAviatrix Cloud InterconnectAviatrix ControllerAviatrix FireNetAviatrix Firewall Network ServiceAviatrix FlightPathAviatrix Hosted ServiceAWS Direct ConnectAWS Egress ControlAWS Transit Gateway (TGW)AWS VPNAzure ExpressRouteCasachekChefCiscoCisco Live 2018Cloud Architectscloud burstingCloud ComputingCloud Gatewaycloud governanceCloud MigrationCloud NetworkingCloudOpsCSRDevOpsEgress TrafficElon MuskEnterprise Strategy Group (ESG)FIPS 140-2GartnerGCP Next 16Google Cloud PlatformHub-and-Spoke NetworkHybrid CloudHyperFlex Multi-Cloud EcosystemInternational Data Corporation (IDC)Intrusion Detection System (IDS)Intrusion Preventions Systems (IPS)IPmotionJenkinsMalware DetectionMesh NetworkMicrosoft AzureMulticloudNetworking as a Servicenetworking infrastructureNext Generation Firewalls (NGFW)NiciraNoOpsNutanixNutanix CalmOpenVPN Access ServerPalo Alto NetworksPCI CompliancePci DssPublic CloudPublic Cloud NetworkingPuppetRemote AccessSafeLogicSD Cloud RouterSD-WANSoftware Defined Cloud RoutingSoftware-Defined Cloud RoutersSquidSSL VPN to AWSstorage and computeTransit DMZ Architecturetransit networkTransit VPCURL FilteringUse Casesvalidated encryptionVirtual Cloud NetworkVirtual Desktop Infrastructure (VDI)Virtual RoutersVMwareVNet ConnectivityVPCVPC PeeringVPN