MyCDN Infrastructure Architecture - PQC Ready

Berdasarkan Senarai Perkakasan Tender - Lampiran 1 (Jadual Anggaran Harga)

Infrastructure Overview

PQC Data Flow

PQC Roadmap

Pengguna Luar

Pembayar Cukai

644,638 users

Rangkaian Dalaman

Pegawai JKDM

17,450 users

Sistem Luaran

Agensi Kerajaan

25+ Integrasi

DMZ

External Firewall

Fortinet (x2)

PQC Ready (Vendor Roadmap)

Load Balancer

A10 (x2)

WAF (TLS Termination)

Fortinet (x2)

PQC Ready (Vendor Roadmap)

Internal Firewall

Sangfor (x2)

PQC Ready (Vendor Roadmap)

SSL VPN

Fortinet (x1)

DNS/DHCP/IPAM

EIP (x2)

DATA CENTRE (DC)17 Servers

Security Services - PKI & PQC (Software-Based, Optional)Tambahan / CadanganRoot CA Offline

Root CA

Offline / Cold Storage

PQC

PQC Issuing CA

ML-DSA-65/87

KMS

Key Management

Software KMS

Pengurusan kunci dan operasi CA dilaksanakan sepenuhnya menggunakan perisian (tanpa penggunaan HSM atau perkakasan kriptografi khusus).

DC Core Production

Application Subnet (Sangfor Compute)

iTX

iTAX Core

RHEL + EDB

Payment Gateway

RHEL + MySQL

DMS

Win + MSSQL

WEB

Web Server

Liferay

IAM

Identity

MDR

200 agents

GIT

Developer Tools

GitLab

Sangfor: App x9 | Compute Nodes (DB Workloads) x3 | Dev/Staging x3

Data Subnet

PostgreSQL EDB

iTAX

MySQL Enterprise

MS SQL

DMS

RDS

Redis Cache

SAN

Primary Storage

HPE Block

Data Lake Storage

HPE Object/File

BAK

Backup Appliance

Veeam

ARC

Backup Archive

Veeam

Storage Switch x4 | Backup Appliance x1 | Backup Archive x1

Integration Layer (IRIS)

Application Subnet

Integrasi Luaran

19 Agensi (JPN, SSM, JANM, PayNet...)

Integrasi Dalaman

9 Sistem (SMK, RMS, iPatuh...)

Protocol Support

REST, SOAP, HL7, FHIR, FTP

IRIS Analytics Platform (runs on Data Lake Storage)

IRIS

Logical Analytics Platform

Raw Data | ELT | Analytics Warehouse

Business Intelligence

Tableau

Platform IRIS berjalan di atas HPE Data Lake Storage (Object/File) | Raw Data + ELT + Analytics

DC Total - dHCI (Disaggregated Compute & Storage)

17 Servers

Sangfor Compute

HPE

Storage (Separate)

Juniper/H3C

Network

Veeam

Backup

dHCI: Compute + Storage terpisah, diurus secara bersepadu (unified control plane)

DISASTER RECOVERY (DRC)14 Servers

Security Services - PKI & PQC (DR Replica, Optional)Tambahan

Issuing CA (DR)

Standby

KMS

Key Mgmt (DR)

Replica

Pengurusan kunci dan operasi CA dilaksanakan sepenuhnya menggunakan perisian (tanpa HSM).

DR Production - Hot-Warm Standby

Application Subnet (HP Compute)

iTX

iTAX Core

RHEL + EDB

Payment GW

RHEL + MySQL

DMS

Win + MSSQL

WEB

Web Server

IAM

MDR

100 agents

AD Server

HP x4

HP: App x6 | Compute Nodes (DB Workloads) x3 | AD Server x4

Data Subnet (DR Replica)

PostgreSQL EDB

iTAX DR

MySQL Enterprise

PG DR

MS SQL

DMS DR

RDS

Redis

SAN

Primary Storage

HPE Block

Data Lake Storage

HPE Object/File

BAK

Backup Storage

HPE

ARC

Backup Archive

Veeam

Integration Layer (IRIS) - DR Replica

Application Subnet

Standby mode - auto-failover dari DC

Nota: PKI Infrastructure (Cadangan Tambahan)

PKI diperlukan untuk full PQC enablement internal. Tanpa PKI, PQC hanya boleh di perimeter (WAF). Software-based PKI dicadangkan untuk issue PQC certificates bagi internal services.

Replication DC -> DRC

RPO: 15 min | RTO: 4 jam | Async VM + DB Streaming
PQC: TLS 1.3 Hybrid (software-based)

DRC Total - dHCI (Disaggregated Compute & Storage)

14 Servers

HP Compute

HPE

Storage (Separate)

Juniper/H3C

Network

Veeam

Backup

Legend

APP

Application

Database

STO

Storage

Gateway

SEC

Security

MON

Monitoring

PQC ReadyPQC Ready Component

PQC Ready (Vendor Roadmap)Firmware upgrade path

TambahanCadangan (bukan dalam tender)

dHCI (Disaggregated Hyper-Converged Infrastructure)

DC: Compute (Sangfor) + Storage (HPE) terpisah. DRC: Compute (HP) + Storage (HPE) terpisah.

Walaupun compute dan storage diasingkan secara fizikal, pengurusan dilakukan secara bersepadu melalui pengurusan kluster dan pemantauan pusat (unified control plane).

Perkakasan DC

Compute Nodes (Application Workloads)Sangfor x9

Compute Nodes (Database Workloads)Sangfor x3

Compute (Dev/Staging)Sangfor x3

Backup ServerSangfor x2

Primary Storage (Block)HPE x1

Data Lake Storage (Object/File)HPE x1

Network SwitchesJuniper/H3C x16

Internal Firewall (PQC)Sangfor x2

External Firewall (PQC)Fortinet x2

WAF (PQC Ready)Fortinet x2

Load BalancerA10 x2

Backup ApplianceVeeam x2

Perkakasan DRC

Compute Nodes (Application Workloads)HP x6

Compute Nodes (Database Workloads)HP x3

Backup ServerHP x1

Primary Storage (Block)HPE x1

Data Lake Storage (Object/File)HPE x1

Network SwitchesJuniper/H3C x15

Internal Firewall (PQC)Sangfor x2

External Firewall (PQC)Fortinet x2

WAF (PQC Ready)Fortinet x1

Load BalancerA10 x2

AD ServerHP x4

Backup ArchiveVeeam x1

Data Flow: Internet ke Aplikasi (dengan PQC)

Aliran data dari pengguna luar hingga ke pangkalan data dengan perlindungan Post-Quantum Cryptography

Kenapa PQC?

Komputer kuantum masa depan boleh memecahkan RSA/ECDSA dalam beberapa jam. Data yang direkod hari ini boleh didekripsi kemudian ("harvest now, decrypt later"). PQC melindungi data sensitif kastam untuk jangka panjang.

USERS

Pembayar Cukai

Ejen Kastam

Pengimport/Pengeksport

644,638 Users

TLS 1.3 Hybrid PQC (X25519Kyber768)

DMZ

External FW
Fortinet
PASSTHROUGH

→

Load Balancer
A10 Thunder
PASSTHROUGH

→

WAF (PQC Gateway)
Fortinet FortiWeb
TLS TERMINATION

→

Internal FW
Sangfor NGAF
PQC READY

PQC digunakan pada perimeter (north-south traffic). Trafik dalaman kekal menggunakan TLS 1.3 konvensional.

Classical TLS 1.3 (PQC terminated)

APP

iTAX Core
RHEL + EDB

Payment GW
MySQL

DMS
MSSQL

Web Server
Liferay

IAM

MDR

Internal TLS 1.3

ESB

Integrasi Luaran
19 Agensi

Integrasi Dalaman
9 Sistem

IRIS ESB

Database TLS 1.3

DATA

PostgreSQL EDB
TLS 1.3

MySQL

MS SQL

Redis

Data Lake
HPE Object

AES-256 At Rest

IRIS Platform

→

Tableau

Analytics Warehouse

1. Pengguna Luar (Internet)

644,638 pengguna akses melalui browser moden yang menyokong TLS 1.3 hybrid. Chrome/Firefox sudah menyokong X25519Kyber768 secara lalai.

2. DMZ - PQC Termination Point

External FW & LB: Passthrough mode - tidak decrypt traffic, hanya forward.
WAF (PQC Gateway): TLS termination point. Di sini hybrid PQC di-terminate dan traffic di-inspect sebelum forward ke internal.
Kenapa WAF? Single point untuk PQC tanpa ubah COTS apps.

3. Application Layer (COTS)

iTAX adalah COTS - tidak boleh diubah untuk PQC.
Internal traffic: Classical TLS 1.3 kerana COTS ecosystem belum support PQC.
Perlindungan: Internal FW + IAM + network segmentation.

4. Integration Layer (IRIS)

19 agensi luaran + 9 sistem dalaman. IRIS ESB sebagai integration hub. Traffic ke agensi luaran melalui dedicated secure channels.

5. Data Layer

In-Transit: TLS 1.3 classical (PQC TLS adalah target).
At-Rest: AES-256 - sudah quantum-safe kerana symmetric encryption tidak terjejas oleh quantum computers.

Rumusan: PQC Gateway Pattern

PQC dilaksanakan di perimeter (WAF) supaya external clients dilindungi tanpa memerlukan perubahan pada COTS applications. Ini adalah pattern yang disyorkan oleh NIST dan industri.

Segment 1

Browser to WAF

Hybrid PQC

Segment 2

WAF to Apps

Classical TLS 1.3

Segment 3

Apps to Database

Classical TLS 1.3

Data At Rest

Storage Encryption

AES-256 (Quantum-Safe)

Strategi PQC: Perlindungan PQC di perimeter (WAF) melindungi semua data dari "harvest now, decrypt later" attacks. Internal traffic kekal classical kerana COTS ecosystem belum support PQC - ini adalah pendekatan pragmatik dan selamat yang boleh diupgrade secara berperingkat.

Komponen PQC Ready

Software

PKI Implementation

TLS 1.3

Hybrid Key Exchange

2025-2030

Migration Window

2025

2026

2027

2028

2029

2030

Fasa 1
Inventory & Prep

Cryptographic inventory, verify firmware, TLS 1.3, lab testing

Fasa 2
Hybrid Activation

X25519Kyber768, hybrid TLS, deploy hybrid certs, Sangfor PQC

Fasa 3
Internal Rollout

mTLS certs, ML-KEM VPN, PKI upgrade, gov integration

Fasa 4
Deprecation

Deprecate RSA/ECDHE, full PQC, ML-KEM-1024, compliance audit

Cadangan
PKI Infrastructure

Root CA, Issuing CA, KMS - enables full internal PQC

Preparation

Hybrid

Internal

Full PQC

Cadangan

Komponen	Status	Day 1	Target
Fortinet External FW	PQC READY	Passthrough	Passthrough
Fortinet WAF (TLS Term)	PQC READY	TLS 1.3	2026 Hybrid
Sangfor Internal FW	PQC READY	TLS 1.3	2026 Crypto
A10 Load Balancer	CLASSICAL	Classical	Passthrough
PostgreSQL EDB	TLS 1.3	Classical	Target PQC
HPE Storage	AES-256	Quantum-safe	Protected
PKI Infrastructure	CADANGAN	-	Full PQC

Governance: Selective & Reversible

Semua PQC features configurable, selectively enabled, dan reversible. PQC enablement untuk ingress sahaja. Internal kekal classical.

Cadangan: PKI Infrastructure

Tanpa PKI: PQC hanya di perimeter (WAF)
Dengan PKI: Full internal PQC - mTLS, service-to-service

PQC Ready = vendor roadmap untuk PQC support. Bukan PQC-enabled secara default pada Day 1.