Surchin.io, a cloud service provider like most business in the internet, needed to manage its business platforms in the cloud. The general requirements were to:

• Find the lowest annual costs
• Find the lowest procurement costs
• Provide Military grade security
• Support research & development processes
• Support Scalability for growth
• Host multiple virtual servers
• Host multiple web site applications and API services
• Owned the equipment outright
• Support a large user base
• Support large data throughput
• Support large data volumes

Since there is no real reason to use big tech, a secure private cloud was the simple answer, which is for most companies. As a cloud services company, a secure private cloud was essential for the security and integrity of services and data security requirements.

Smart cards or USB tokens were chosen to provide the required Mil spec network authentication with a PKI consisting of an offline Certification Authority and Microsoft Active Directory domain services for strong authentication.

A few Cisco Firewall platforms were chosen keep costs down and to provide the necessary scalability, network access security, redundancies and throughput to handle the required volume of traffic and users.

Dell servers were chosen for their low cost, manageability, reliability and large hard drive data storage arrays.

Microsoft Server 2022 was selected to provide AD services for reliability and security.

For this project a secure private cloud using Microsoft Hypervisor, AD, group policies, an offline and subordinate certificate authority with smart cards and hardware tokens was built.

The Cisco 5585 SSP60 Firewall interconnect over 10g fiber network to the Dell R630 1U - 10 bay Servers running Microsoft Hyper-V with a Windows Server 2022 Domain Controller, a Windows Server 2019 Root Certificate Authority, a Windows Server 2019 Subordinate Certificate Authority.

For domain and network access management a Windows 11 Certificate Enrollment Workstation and a Windows 11 Administrative Workstation.