6

.

Netflix

Hard

Netflix is developed to allow everyone to watch a wide variety of award-winning TV shows, movies, documentaries, and more on thousands of internet -connected devices. With NETFLIX, you can enjoy unlimited viewing of our content without having to watch a single commercial.

Functional Requirements

Non-Functional Requirements

Usage Expectations

usage

Assumptions

Companies
Plus sign indicating more info is available
No items found.

Grading Criteria

Before looking at the solution, do your best to document the follow:

  • Diagrams explaining the system architecture, the read flow, and the write flow
  • Database tables and their field
  • API endpoints, including inputs
  • Analytics to collect
  • Data partitioning & Replication Strategy
  • Capacity Estimations
  • Caching strategy
  • Load balancing strategy
  • Security considerations

After looking at the solution, compare your answer with the solution and mark what you missed

No items found.
### **Caching** We would be using in-memory caching to reduce the number of hits to the database. In-memory caches like Redis and Memcached cache the data from the database in key-value pairs. From our application servers, before hitting the database we would be checking if data exists in cache. If it exists then we would return the value from there bypassing a database trip. ### **Database Replication** We would be using the relational database in Master-Slave configuration where writes will happen to Master and Reads from Slave. This will improve the performance of read queries as they won’t be halted due to write locks on row. Though there would be a slight replication lag (~ few milliseconds) as data would be written to Master first and then propagated to Slave later on, it would be fine for this use case. ### **Replication** We would be replicating our database servers in Master-Slave configuration. If one of these nodes does down, another would take the place and service would continue functioning as expected. Even our cache and search database would have replicated shards which will add resiliency to the overall system. ### **Load Balancing** Since we would be putting multiple servers behind a load balancer, there would be redundancy. Load Balancer will continuously be doing health checks on servers behind it. If any server dies, load balancer will stop forwarding the traffic to it and remove it from the cluster. This will make sure that requests don’t fail due to an unresponsive server. ### **Security Management** - Clearly document information security philosophy and rationale - Implement a security training and awareness program - Regularly assess risk - Ensure hardware and software is kept up-to-date - Implement an incident response plan that documents what to do in the event of an incident involving client data/materials. Incidents involving Netflix content should be immediately escalated to scs@netflix.com ### **Network** - Implement network connectivity based on least-privilege if appropriate (e.g. zero-trust or network segmentation via VLAN or physical air gap) - Implement an auditing and logging system (network activity--connections, traffic, etc.) - Use VPN for remote access to the network, ideally with MFA Endpoint (e.g. workstations, servers) - Ensure endpoint devices that handle/store content are in a secure state at all times (e.g. firewalls and disk encryption enabled; password protection) Identity (e.g. user controls) - Implement an authentication framework that appropriately validates user identity on the content-handling network - In conjunction with authentication, implement an authorization framework that grants permissions based on least-privilege - Implement strong authentication protections via MFA, SSO, etc. Implement identity lifecycle management (e.g., onboarding and offboarding processes) ### **Data Protection** - Implement end-to-end data protection measures: - Encryption in transit - Encryption at rest (file-based, database, disk-based) - Content-specific protections (DRM, watermarking) ### **Physical Security** - Implement physical access controls (e.g. cameras, card readers, alarm systems, etc.) around sensitive areas and where appropriate - Store sensitive physical assets (e.g. external hard drives, printed materials, etc.) in a secure physical location - Ensure appropriate chain of custody is in place for physical transport of assets Visitors should be accounted for in sensitive areas (e.g. logged in, escorted)
Hide SolutionShow Solution