Seamless Migration of End-of-Life Perimeter Security devices for an American Multinational Conglomerate

Seamless Migration of End-of-Life Perimeter Security devices for an American Multinational Conglomerate

 

Overview

Our esteemed customer is a renowned American multinational conglomerate known for pioneering innovative solutions in essential sectors such as energy, healthcare, and transportation infrastructure. Seeking an upgrade to their end-of-life perimeter security hardware to bolster security measures, the Microland Design & Build team delivered a seamless migration solution. This ensured not only data protection and advanced threat defense but also smooth integration with the existing infrastructure.

Challenges

Here are some of the challenges that required immediate attention and needed to be addressed in order to enhance the security posture.

  1. End-of-Life Hardware: The existing firewalls had reached their end-of-life, posing challenges in obtaining technical support, updates, and patches
  2. Security: The customer necessitated a solution capable of safeguarding data in transit and offering advanced threat protection to preemptively combat evolving cyber threats.
  3. Smooth Migration: Seamless migration was imperative to minimize disruptions to ongoing business operations and customer services. Following industry best practices, such as assessing configurations, creating backups for quick recovery, setting up a test environment to address compatibility issues, devising clear plans, scheduling upgrades during downtime, monitoring, testing, and verifying post-upgrade, providing training, and conducting post-mortem analysis for continuous improvement, were considered for seamless integration.
  4. Integration with Existing Infrastructure: The new solution had to seamlessly integrate with the existing network infrastructure, management tools, and other security appliances.

Solution

The client's product team recommended migrating to an upgraded version of Next-Generation Firewall technology provided by the same OEM vendor. This solution presented a user interface similar to the current device platform, encompassing all features of the existing model while maintaining compatibility with the current centralized management solution. Microland's design and build team   flawlessly executed the migration, guaranteeing minimal downtime for a seamless transition.

  • Assessment and Planning: In the initial phase, a comprehensive assessment of the existing network architecture, traffic patterns, Firewall policy/NAT, and other configurations was conducted. The team meticulously identified critical applications, services, and business unit groups to ensure a smooth transition. Subsequently, a detailed migration plan was created, outlining the necessary steps, timeline, and potential challenges.
  • Implementation: Moving on to the implementation stage, the team provisioned the first pair of Next-gen firewall appliances in high-availability mode for redundancy. Logical instances and virtual firewalls were created to replicate the current device configuration, including interfaces, security policies, and NAT configurations. The migration process began by transitioning one of the low-utilized virtual Firewall contexts into production. To streamline the migration, a Standard Operating Procedure (SOP) was crafted, providing clear guidelines for security engineers to follow.
  • Testing and Validation: In the testing and validation phase, the new solution underwent rigorous testing in a controlled environment. The team validated the functionality of security policies, VPN connections, and network connectivity. Furthermore, management tools and the centralized management server for policy management were thoroughly assessed. Various software versions were tested, and compatibility with the current configuration was validated, with recommendations shared. Collaboration with IT teams ensured a seamless user experience during the transition.
  • Migration & Cutover: For the final migration and cutover phase, a planned maintenance window was scheduled to minimize disruption. Network traffic was systematically migrated from individual virtual firewalls on the current end-of-life (EOL) firewall to the new appliances, following a phased approach. Post-migration, the team verified the proper functioning of security policies, traffic routing, and VPN connectivity to ensure a successful and smooth transition.

Value Delivered

The successful migration from end-of-life products to the latest technology platform notably bolstered the client’s network security capabilities. The understanding of the network third-party DMZ and collaboration with various business owners for testing and validation proved crucial in the seamless execution of the migration process. Microland provided the solution with the following benefits to enhance the overall experience.

  • Enhanced Security: The new platform offers advanced threat protection strengthening the company's cybersecurity posture.  Here are some Quantifiable benefits:
    • Decreased mean time to detect (MTTD) and mean time to respond (MTTR) to security incidents.
    • Reduction in the number of successful cyberattacks or breaches, which can be measured by comparing historical attack rates before and after implementation.
  • Performance Improvement: With enhanced throughput capabilities, the new appliances deliver  improved performance, adeptly managing escalating network traffic and security demands. Here are some Quantifiable benefits that include:
    • Increase in throughput or data transfer rates, which can be measured in Mbps or Gbps.
    • Reduction in latency or response times for network traffic, resulting in improved user experience and productivity.
    • Ability to support a larger number of concurrent connections or users, which can be measured by comparing the maximum connection limits before and after implementation.
  • Seamless Transition: The migration was seamlessly carried out without disrupting ongoing business operations, thereby ensuring minimal impact on both customers and internal users.
  • Compliance: The implementation of the new solution facilitated the customer’s adherence to industry compliance requirements and security standards.
  • Simplified Management: The centralized management interface enables streamlined policy configuration and monitoring, simplifying overall management tasks.
  • Cost Savings: While the initial investment in the new hardware appliances may be higher than maintaining older & obsolete devices, the long-term cost savings can be significant. Quantifiable benefits include:
    • Reduction in total cost of ownership (TCO) over time, considering factors such as maintenance, licensing, and energy consumption.
    • Avoidance of potential financial losses due to security breaches or downtime, which can far outweigh the investment in modernizing security infrastructure.
    • Improved return on investment (ROI) through enhanced security posture and operational efficiencies.

Client Testimonial

The event was exceptionally successful and the support and contributions from Microland were not only recognized but also highly appreciated by the customer leadership team.

“I wanted to send a note of appreciation to all of you for your Outstanding Work on the Alpharetta, GA 3rd Party Rail (3PR) technology refresh program. Each of you played a vital part in the success of the program, from the initial planning to the design and hardware procurement, to the stand-up of the new environment, and finally to the cutover and testing on the new environment. Each of the cutovers of the firewall VRF contexts were seamless with no disruption of services to our 2K+ customers. Your teamwork and expertise were impressive. On behalf of the SMO team, we would like to extend our appreciation for your involvement and contributions to this important program. Great Job everyone! Thanks"

Chris Spriegel, Director – Program Management

Let us help you address your challenges.

More Customer Stories