An US federal agency, named Federal Agency X (FAX), employed a hybrid cloud model, leveraging both on-premises infrastructure and multiple public cloud providers. As the agency's services expanded, they encountered significant network latency and performance issues, affecting their daily operations and service delivery to the public.
Challenge
- Network congestion leading to latency and packet loss.
- Inefficient routing between on-premises and public cloud infrastructures.
- Limited visibility into network traffic patterns.
- Complex network management due to multiple public cloud providers.
Solutions
Network Assessment
Duration: 3 weeks
Resources: Sr. Network Architect, Network Architect
- Comprehensive current state architecture
- Performance analysis report
- Tooling and process evaluation
- Backlog of prioritized actionable items to implemented.
Multi-Cloud Connectivity
Duration: 6 weeks
Resources: Sr. Network Architect, Network Architect
- Express Route circuit in Active-Active Mode
- Common Nat Pool with Availability Zone ExpressRoute Virtual Gateways
- Tooling and process evaluation
- Backlog of prioritized actionable items to implemented.
SD-WAN Implementation
Duration: 4 weeks
Resources: Sr. Network Architect, Network Architect
- Direct Interconnect model with NVA-in-VWAN Hub for Azure
- Configure Cisco Cloud onramp for Multi-Cloud design, extending the existing Cisco SD-WAN Fabric
Traffic Optimization
Duration: 2weeks
Resources: Sr. Network Architect, Network Architect
- Implement use of BGP communities with AS PATH prepending.
- Assigning high weight to local traffic
- Setting up Alerts and Monitoring for abnormal patterns or network behavior
Network Monitoring and Analytics
Duration: 2 weeks
Resources: Sr. Network Architect, Network Architect
- Setup RMON and Cisco Network Assistance
- Configured log aggregation from Cisco Devices to Splunk
- Created advanced monitoring configuration leveraging Nagios and PRTG
Security Enhancements
Duration: 4 weeks
Resources: Sr. Network Architect, Network Architect
- Implemented Cisco Zero Trust framework with NIST 800-207 compliance
- Configured Cisco Talos for Threat detection.
- Ensured Network and cloud security by protecting all network resources on-premises and in cloud and ensuring secure access for all connecting users.
Outcomes
- Reduced Latency: With optimized routes and dedicated connections, FAX observed an 80% reduction in network latency.
- Enhanced Security: The introduction of advanced security measures resulted in a safer environment, reducing the risks of data breaches.
- Cost Savings: Due to optimized data flow and reduced redundancy, there was a 60% reduction in data transmission costs.
- Increased Visibility: The analytics tools offered actionable insights, allowing FAX to foresee potential issues and mitigate them proactively.
- Simplified Management: The use of SD-WAN simplified the management of a multi-cloud environment, making it easier for FAX to adopt new technologies in the future.