A Retail Group Builds State of the Art IT Infrastructure for its Data Center and Store
Business Scenario
The Group was faced with the challenge of setting up a new Data Center for hosting their database as well as applications and to build a network infrastructure in a secure manner. The end users across the offices and stores will connect to the data center to access the applications for their requirements. The performance, availability and security of the service were of key importance for user satisfaction, productivity and data-security. Also factors taken into consideration were seamless connectivity with ease of managing the setup and scalability, keeping in mind the dynamic future expansion plans of the Group. To meet their strategic goal for improving service quality and efficiency, the Group engaged with Intertec Systems to design, install & support the Datacenter, Network and Security infrastructure.Challenges
- Hosting a highly resource intensive Data Center infrastructure and thereby ensuring availability and security for the same across the locations.
- Address growth in devices and users seeking network and application access
- Ease of manageability.
Tools and Technologies
- Cisco Networks – Datacenter
- Cisco Networks – Wired and Wireless for offices and stores
- Cisco Firewall – Datacenter
- Fortinet UTM – Datacenter and Offices/stores
- F5 ADC- Datacenter
Solution
We followed a consultative approach, after multiple discussions wherein the technical specialists studied their IT requirements and suggested the best possible solution.
Intertec proposed to host their core IT infrastructure at a renowned Tier-3 Datacenter that catered to all the standards for a secure, and highly reliable environment. The core infrastructure in this datacenter comprised of:
- HP compute (servers and storage) to host all the applications
- Cisco Nexus switches and ASA Firewalls
- Fortinet UTM
- F5 Application Delivery Controllers
The FortiGate firewall was proposed to be placed between the Internet router and Interconnect switch and will provide a first layer of security to the WAN users and the server farm. The policies that will be created on the FortiGate will control the traffic that can be routed from the Internet to DMZ and Server Farms and vice-versa. FortiGate will also provide advanced capable Intrusion Prevention System (IPS), Anti – virus, Anti-Malware, Application Control and other advanced security features. Since, the FortiGate devices are in HA mode, they provide the required redundancy to ensure uninterrupted connectivity & security. There will be FortiGate device placed at the Head Office and branch offices to provide security at the perimeter. The FortiGate devices will also provide IPSEC VPN based inter-connectivity to the offices, Network Operations Center (in Intertec office) and Datacenter. A DMZ will be created on the Firewall which will host the F5 Application Delivery Controller and the servers in the same zone. The F5 appliance will also act as reverse proxy to ensure that the applications (Office 365) published to the Internet are secured. The F5 appliance will also act as the component providing ADFS which will allow integration of the on premise active directory to the cloud based Office365. All remote location branch office and remote office locations will be connected to the central datacenter IPsec VPN via internet. VPN tunnel will be configured to all location which will provide higher security for the data transfer.
Further to the implementation of the infrastructure Intertec signed a 3 Year contract to manage the infrastructure based on the predefined SLAs, with proactive monitoring and support of the infrastructure from our in-house Network Operations Center (NOC).
Result
- Global Business continuity & ensured application Availability & Security
- Highly Available, Reliable, Scalable, Secure Platform for their IT needs
- SLA based Network & Security management
- Periodic review and reporting on SLA adherence