A Conversation with Dennis Estrada

By Sherry Wei
Founder and CTO, Aviatrix
August 11, 2018

This is my third conversation with cloud architects. Click here for the previous one.

Meet Dennis Estrada, enterprise architect at JellyVision, a company with a long history in software for education, entertainment and now employee benefits.

In this wave of developer led cloud transformation, traditional IT is often viewed as friction and a dated organization. Dennis is an exception. Not only does he manage the IT department as we know it, he is in the forefront of  with the Ops team and architecting their new IT in the cloud.

I caught up with Dennis recently on the busy exhibition floor at AWS Chicago Summit.

Sherry:Which vendor’s equipment do you currently use for employee remote access and why are you changing?

Dennis: We currently use Sonic Wall for our employee remote access. But as we have moved 90% of workload to AWS, it does not make sense to require employees to first connect to on-prem and then connect to AWS resources. So, I started to research a product that enables employees to have direct remote access to AWS.

Sherry: What products have you looked at?

Dennis: I looked into Fortinet, Checkpoint and Cisco ASA. Their pricing placed them out.

Sherry: Why Aviatrix?

Dennis: Aviatrix remote access VPN is an OpenVPN® based solution that I’m very familiar with. I like the out of the box integration with LDAP and DUO. Our SRE and engineering team are already using DUO. The AWS marketplace metered AMI allows us to pay as we consume.

Sherry: Did you consider operations issues when you made the Aviatrix selection?

Dennis: Yes. I’m an architect and my focus is designing a solution. But my design must be operable by junior members in the team.The Aviatrix Controller has a user friendly interface that is simple to understand and operate.

Sherry: What is your plan to roll it out?

Dennis: We’ll start with our 25 SRE team members, then to the engineering team, finally offering the service to our 500 employees.

Sherry: You know most companies will consider employee remote access as the last thing to do in the cloud transformation process. It’s impressive to see that you are taking charge and architecting the new cloud environment.

Dennis: Yes, I’m still in the IT department, but these days I spend more time with Ops team and is the main point of contact between Ops and IT.

Sherry: How do you operate differently now that you are 90% in AWS?

Dennis: We focus more on business continuity as opposed to DR (disaster recovery) which is more reactive. Business continuity is about standing up environments in multiple regions so that in the event of an AWS region failure, our service is not disrupted.

Sherry: Any feedback regarding our product?

Dennis: I suggested a few improvements for importing the certificate, and that’s already implemented in the product. I’m very happy with the Aviatrix team, you guys are responsive and helpful. It would be great if you can integrate with Google authenticator for your 2FA.

Sherry: Thank you. Likewise, our team was impressed by your detailed research and knowledge. We’ll look into Google authenticator. Have you looked into our Egress FQDN filter?

Dennis: That’s something I’ll check out once we have user VPN deployed.

Sherry: Great, let us know how it goes, and thank you so much.


Comments are closed for this post.

Latest Posts

Understanding AWS VPC Egress Filtering Methods
By Khash Nakhostin, November 14, 2018

Implementing a Secure Transit DMZ Architecture with Next-Gen Firewalls
By Josh Hammer, October 16, 2018

Talking Innovation, Disruption and Software Defined Cloud Routing with Steve Mullaney
By Frank Cabri, September 28, 2018

Why the Economics of Adding a Network Engineer to the Cloud Engineering Team Doesn’t Add Up
By Neel Kamal, September 18, 2018

Navigating the New Networking Landscape In the Era of Public Cloud Computing
By Frank Cabri, September 7, 2018

Top Tags

Active Directory (AD)Amazon Partner Network (APN)Amazon Virtual Private Cloud (Amazon VPC)Amazon Web Services (AWS)Amazon WorkSpacesApplication VisibilityAviatrix Cloud InterconnectAviatrix ControllerAviatrix FlightPathAviatrix Hosted ServiceAWS Direct ConnectAWS Egress ControlAWS VPNAzure ExpressRouteCasachekChefCiscoCisco Live 2018Cloud Architectscloud burstingCloud ComputingCloud GatewayCloud MigrationCloud NetworkingCloudOpsCSRDevOpsEgress TrafficElon MuskEnterprise Strategy Group (ESG)GartnerGCP Next 16Google Cloud PlatformHub-and-Spoke NetworkHybrid CloudHyperFlex Multi-Cloud EcosystemInternational Data Corporation (IDC)Intrusion Detection System (IDS)Intrusion Preventions Systems (IPS)IPmotionJenkinsMalware DetectionMesh NetworkMicrosoft AzureMulticloudNetworking as a Servicenetworking infrastructureNiciraNoOpsNutanixNutanix CalmOpenVPN Access ServerPalo Alto NetworksPCI CompliancePci DssPublic CloudPublic Cloud NetworkingPuppetRemote AccessSD Cloud RouterSD-WANSoftware Defined Cloud RoutingSoftware-Defined Cloud RoutersSquidSSL VPN to AWSstorage and computeTransit DMZ Architecturetransit networkTransit VPCURL FilteringVirtual Cloud NetworkVirtual Desktop Infrastructure (VDI)Virtual RoutersVLANVMwareVPCVPC PeeringVPN