ITC Infotech acquires Blazeclan Technologies to enhance Multi-Cloud services and fast-track digital transformation

Learn More
EN-EU
Contact Us

Optimizing Jump Server Management Across AWS for a Leading Financial Services Provider 

About Client 

A leading financial services provider in India serves more than 101 million customers. Renowned for its innovation and technology-led financial products, the client offers a suite of financial solutions including savings products, consumer and commercial loans, mortgages, auto financing, security brokerage services, general and life insurance, and investments. 

Challenge 

The client was managing a fleet of approximately 140 Jump Servers (bastion hosts) across multiple AWS accounts and regions. These servers served as secure entry points into internal infrastructure, playing a critical role in enabling controlled access to production systems. However, their widespread use introduced several challenges: 

  • Operational Complexity: Managing a large number of Jump Servers across distributed environments increased administrative overhead. 
  • Security Risks: Inactive users and idle servers posed potential vulnerabilities. 
  • Cost Inefficiency: Continuously running Jump Servers led to unnecessary resource consumption and increased infrastructure costs. 
  • Compliance Burden: Lack of visibility into server utilization and user activity made it difficult to meet internal and regulatory compliance requirements. 

Solution 

Blazeclan implemented a lightweight automation framework using AWS-native services and Jenkins to streamline the management of Jump Servers. The key components of the solution included: 

  • AWS Lambda functions combined with AWS Tags were used to automatically stop all Jump Servers daily at 10 PM, and the servers were not restarted automatically in the morning. 
  • Jenkins was used as the interface for users to start servers on demand, leveraging existing user access to minimize onboarding effort. 
  • This setup helped track user behavior and server activity, enabling identification of inactive users and underutilized servers. 
  • In many scenarios, access was rerouted through AWS Systems Manager (SSM), allowing for the complete removal of certain Jump Servers or keeping them turned off until explicitly required. 

This approach ensured that only essential Jump Servers remained active, while others were powered on only when needed—balancing secure access with cost and compliance efficiency. 

Outcome 

  • Cost Savings: Inactive Jump Servers were identified and terminated, significantly reducing infrastructure expenses. 
  • Security & Compliance: Inactive user accounts were removed, helping the client meet internal security policies and regulatory compliance requirements. 
  • Operational Efficiency: Server activity was reduced to a minimal, actively-used pool. Manual interventions were replaced with scheduled automation and self-service via Jenkins. 
  • Improved Access Strategy: The client reduced dependency on always-on Jump Servers by shifting towards SSM-based or on-demand access methods. 

Tech Stack 

  • AWS Lambda 
  • AWS EC2 
  • AWS Tags 
  • Jenkins 

Share This Article