Network Services :
+44 (0)20 7602 6000
Success Story - DMZ Everywhere!

How CACI Network Services used NSX to deliver a vDMZ solution to a major Telecoms group

When a major telecommunications company approached us to lead the architecture, design & implementation of a network virtualisation project for them, we knew the task wouldn’t be easy given the importance of their network.

 

A hosting solution for critical Operational Support System (OSS) Workloads

The aim of the project was to deliver a vDMZ hosting solution for the company’s critical OSS workloads while complying with the strict security policies they have in place – they carry a truly huge amount of mobile traffic so, as you’d expect, security is extremely important.

We were also tasked with enforcing micro-segmentation and isolation within the environment. Lastly, they requested a solution that avoided the additional hardware & support costs that are normally associated with the switching, routing & firewall functions.

“It was pretty clear that it would take all the skills and experience of our network virtualisation consultants to get this project completed on time and on budget” explains Yordan Yanev, Lead Virtualisation Consultant at CACI Network Services. “Also the software choice for the project would be key – For me, VMWare was the obvious choice given the superior security on their NSX product.”

 

A challenging situation

As the company runs a significant RAN & transmission network with thousands of devices in place, support operations of the network were not simple.

For this project, there was the need to supply the Network Management Systems needed in an isolated environment with access to all the devices so that they can be monitored with significantly improved security compared to what they had already.

What’s more, there was a much greater need for flexibility for changes to be made which was proving difficult given the current set up.

 

"CACI’s network knowledge impressed straight away. Their experience architecting virtualised network Solutions & VMware NSX allowed the new data centre network architecture to be produced very efficiently"

Client Infrastructure Architect

Looking at the challenge with his colleagues, Yordan came to the following conclusion: “Looking at the problem, we thought that a fully collapsed vDMZ solution based on VMware NSX-T would fit best. Our proposed solution complied with all the requirements while providing the flexibility and agility to the network that the client needs.”

 

Extended virtualisation thanks to VMware

Yordan & his team set about fleshing out the details of the solution – including provisioning the hardware & software licenses needed. The solution delivered was a vDMZ based on the NSX-V Centralised Edge’s micro-segmentation and security use case, as well as the excellent firewalling capabilities of the platform.

The decision to go with VMware meant the SDDC architecture extended the virtualisation technologies across the entire physical data centre infrastructure. “NSX for vSphere is a key network virtualisation product in the SDDC architecture.” states Yordan. “It delivers the complete set of Layer 2 through Layer 7 networking and security services in the software that were essential in this project.”

 

"As well as having excellent technical knowledge, CACI were able to understand our business challenge and articulate this into a technical solution"

Client Technology Strategist

Results we’re proud of

Having delivered the solution, both the client and ourselves were very pleased with the results. “We were able to reduce the TCO for the DMZ platform by leveraging the network & security services in the NSX-T software” Yordan explains. “The client was given complete control and management of the relevant network traffic flows. They can now effectively define and control traffic flow & patterns for maximum granularity and scalability.”

The virtual network was set up so that all the traffic entering or leaving (I.E. North – South) passed through the perimeter ESG. And all traffic passing internally within the solution (I.E. East – West) is protected by the in-kernel distributed firewall. That meant that the network was effectively prevented from being attacked.

The solution allowed total visibility & control which meant that new security services could be provisioned very quickly, and new applications could be migrated instantly.

Lastly, we made sure that a Zero-Trust security model could be easily implemented by leveraging the traffic flow analytics and endpoint monitoring in NSX.

“All the CACI architects and consultants working on the project made best use of our resources and ensured that the delivered solution was produced to a very high quality.”

Client Technology Strategist

Need help? Talk to the virtualisation experts

CACI - Network Services has a wealth of experience helping companies of all sizes understand the virtualisation opportunity using VMware NSX. We help our customers plan and execute complex virtualisation projects with ease.

 

Find out more about our NSX offering

Office
Southwark

The Harlequin Building
65 Southwark Street

London SE1 0HR
United Kingdom

 

How CACI Network Services used NSX to deliver a vDMZ solution to a major Telecoms group

Success Story - DMZ Everywhere!