.

ACI

Software-defined networking solution that provides centralized management and automation for data centers. It simplifies network provisioning, improves security, and enhances application performance.

NX-OS

Network operating system designed for Cisco's Nexus series switches, providing high-performance and reliable networking capabilities for data centers and enterprise networks.

ISE

Network security solution that provides secure access control and policy enforcement for devices connecting to a network.

SASE

Networking solution that combines network security and wide area networking (WAN) capabilities into a single cloud-based service.

Multicloud Defense

Protects organizations' data and applications across multiple cloud environments and offers advanced threat detection, real-time visibility, and policy enforcement to ensure secure and compliant operations in the multicloud landscape.

IoT OD

Powerful and user-friendly platform that allows businesses to easily monitor, manage, and analyze their Internet of Things (IoT) devices and data.

Cisco Cyber Vision

Cybersecurity solution that provides real-time visibility and threat detection for industrial control systems (ICS).

Industrial Asset Vision

Simplifies LoraWAN asset monitoring and preventative maintenance in industrial outdoor and indoor environments.

Cisco Ultra Reliable Wireless Backbone

Highly dependable and resilient network infrastructure that provides ultra-reliable, low-latency wireless backhaul for OT and IT mobility and fixed applications.

FortiAuthenticator

Secure and user-friendly authentication solution that provides strong protection for access to networks and applications.

FortiNAC

Network access control solution that provides real-time visibility and control over all devices accessing the network, ensuring secure and compliant access.

FortiManager

Centralized management platform that simplifies the administration and configuration of Fortinet security devices, allowing organizations to efficiently manage their network security infrastructure.

FortiAnalyzer

Network security logging, analysis, and reporting tool that provides real-time visibility into network activity, threat intelligence, and compliance reporting.

FortiWeb

Web application firewall (WAF) designed to protect websites and applications from cyber threats by filtering and monitoring HTTP and HTTPS traffic.

FortiSandbox

Threat analysis and detection solution that uses advanced sandboxing technology to identify and analyze suspicious files and URLs in a secure environment, providing real-time threat intelligence and protection against sophisticated cyber attacks.

FortiSIEM

Security information and event management (SIEM) solution that provides real-time monitoring, analysis, and response to security events across an organization's entire IT infrastructure.

FortiDDoS

DDoS protection solution provides real-time threat intelligence and mitigation techniques to defend against volumetric, application, and SSL-based DDoS attacks.

FortiClient EMS

Centralized management system for Fortinet's endpoint security solutions, providing visibility and control over all connected devices, ensuring maximum security and compliance.

FortiEDR

Endpoint detection and response solution that provides real-time threat detection, automated response, and advanced analytics to protect against advanced cyber threats.

FortiMail

E-mail security solution that provides protection against email-based threats, including spam, malware, phishing, and data loss.

FortiWLC

Wireless LAN controller that provides centralized management and control for wireless networks.

FortiSOAR

Security orchestration, automation, and response platform that streamlines and automates security operations to effectively detect, respond to, and remediate cyber threats in real-time.
1

ExtremeCloud IQ

Unified Network Management (UEM) for SD-WAN, routers and access points delivers the end-to-end efficiency and visibility needed for today's distributed and dynamic network

Network Fabric

Extreme Fabric Ties Together One Network Across Data Center, Campus and Branch.

Stellar

Stellar agents installed on fabric devices ensure corporate defense with multi-method security techniques including behavior analysis, machine learning models and unexpected device changes.

EdgeFire

Next-generation industrial firewall specifically designed for OT environments.

EdgeIPS and EdgeIPS Pro

Ensures the security of individual assets and small production zones through hassle-free transparent deployment, providing OT visibility and OT protocol filtering.

Stellar

Stellar uses Cyber-Physical System Detection and Response (CPSDR) to prevent all unexpected system changes before they impact the operation.

EdgeOne

The new generation of OT-native management consoles for TXOne Networks security products.

EdgeIPS

Ensures the security of individual assets and small production zones through hassle-free transparent deployment, providing OT visibility and OT protocol filtering with the option of inline or offline functionality.

EdgeFire

Next-generation industrial firewall specifically designed for OT environments. It streamlines cyber defense in OT to safeguard the daily operations efficiently.

What we do

Through our global presence and partner ecosystem, we provide strategic IT consulting services to align IT services with customers' business goals.

Cisco ACI Deployment for a Financial Institution in Russia

Active-Standby to Active-Active Firewalls: Due to scale and cost considerations, the customer wanted to transition from an Active-Standby firewall setup to multiple Active-Active firewalls. This change would provide redundancy and improve network performance.

Kubernetes Clusters: The customer had Kubernetes clusters present in their data center and required seamless integration and connectivity with their network infrastructure.

Challenges

The financial institution faced several challenges that needed to be addressed in their Data Center infrastructure:

OSPF Stability: The customer had been experiencing issues with OSPF stability on their firewalls. They needed a more reliable routing scheme to ensure uninterrupted network connectivity.

Active-Standby to Active-Active Firewalls:. Due to scale and cost considerations, the customer wanted to transition from an Active-Standby firewall setup to multiple Active-Active firewalls. This change would provide redundancy and improve network performance.

Kubernetes Clusters: The customer had Kubernetes clusters present in their datacenter and required seamless integration and connectivity with their network infrastructure.

Automation for Data Center Operations: To speed up the deployment of new services and improve operational efficiency, the customer wanted to introduce automation for their datacenter operations.

Solutions

To address the challenges faced by the financial institution, a Cisco ACI Multi-Pod design was deployed. The solution included the following features:

Symmetric PBR for Active-Active Firewalls: To ensure reliable inspection of East-West traffic, a symmetric Policy-Based Routing (PBR) solution was implemented. This approach allowed for multiple Active-Active firewalls and simplified network management with a single static default route on the firewalls.

Endpoint Security Groups (ESG): To simplify the application of security policies, Endpoint Security Groups (ESG) were implemented. This feature allowed for easier management and enforcement of security policies within the network.

Kubernetes Connectivity: The connectivity of the Kubernetes clusters was tested using both ACI Container Networking Interface (CNI) and Calico CNI. After thorough evaluation, Calico CNI was selected as the production solution for seamless integration and connectivity between the Kubernetes clusters and the network infrastructure.

Infrastructure as Code (IaC) Approach: To automate the creation of new Bridge Domains, ESG, EPG, and other policies, an Infrastructure as Code (IaC) approach using Terraform was implemented. This approach allowed for faster and more efficient deployment of new services, reducing manual errors and improving overall operational efficiency.

Results

The implementation of Cisco ACI with the aforementioned features provided significant benefits to the financial institution. The results of the deployment were as follows:

Improved Network Stability: The implementation of a more reliable routing scheme through symmetric PBR resolved the OSPF stability issues on the firewalls. This ensured uninterrupted network connectivity and improved overall network stability.

Enhanced Security: The introduction of Endpoint Security Groups (ESG) simplified the application of security policies, allowing for better control and enforcement of security measures within the network.

Seamless Kubernetes Integration: The selection of Calico CNI as the production solution for Kubernetes connectivity ensured seamless integration between the Kubernetes clusters and the network infrastructure. This allowed for efficient management and deployment of containerized applications.

Increased Operational Efficiency: The adoption of an Infrastructure as Code (IaC) approach using Terraform enabled the automation of various datacenter operations. This resulted in faster deployment of new services, reduced manual errors, and improved overall operational efficiency.

By deploying Cisco ACI with the specific features mentioned above, the financial institution in Russia successfully addressed their challenges and achieved their desired outcomes.

The implementation of a more reliable routing scheme, transition to Active-Active firewalls, seamless Kubernetes integration, and automation of datacenter operations significantly improved network stability, security, and operational efficiency.

This case study highlights the importance of selecting the right solution and implementing it effectively to overcome challenges and drive positive outcomes in the financial industry.

Related Products

Related Content

Oil and Gas

Preparing for the New NIS2 Directive: A Case Study on a Major Multinational Oil and Gas Company

In an era where cyber threats loom large, ensuring robust cybersecurity measures is paramount, especially for critical sectors like oil and gas. This case study delves into how a leading multinational Oil and Gas company to not only meet but exceed the requirements set forth by the new Network and Information Systems (NIS2) directive, marking a significant leap in operational technology (OT) cybersecurity.

Read more →

Public/Government

A Case Study of Secure Telephony Implementation for a Government Institution

In today's interconnected world, global institutions face the challenge of establishing secure and efficient communication systems across their distributed branches. This case study explores how a government institution with a global presence successfully implemented a telephony solution to connect its branches worldwide, ensuring secure communication through IPSEC VPN tunnels.

Read more →

Construction

Enhancing Remote Workforce Security: A Construction Company’s Journey with FortiClient EMS

In today's digital era, remote work has become increasingly prevalent, even in industries traditionally reliant on physical presence, such as construction. However, ensuring the security of remote employees and their access to critical systems can be a challenging task. This case study explores how a construction company in the USA overcame these challenges by implementing FortiClient EMS, a Zero Trust Network Access (ZTNA) solution, to enhance their remote workforce security.

Read more →

Leading Brewery Group

FortiLink Implementation Ensures Uninterrupted Network Connectivity for Leading Brewery Group in Cyprus

In today's digital age, businesses heavily rely on their network infrastructure to ensure seamless operations and uninterrupted connectivity. This case study focuses on a leading brewery group in Cyprus that faced a critical challenge regarding their network infrastructure's redundancy and potential outage threats. Through the implementation of FortiLink, a robust and reliable solution, the company successfully achieved a redundant Layer 2 topology, ensuring the stability and continuity of their critical infrastructure.

Read more →

Software Development

Overcoming Wireless Network Coverage Challenges for a Software Development Company

In today's digital age, a reliable and efficient wireless network is crucial for businesses to operate smoothly. For a software development company in the USA, the challenge of redefining their wireless network became a top priority when they moved to a new building. The main issue they faced was poor coverage offered by the old access points (APs), which hindered the productivity of their developers who required mobility within the building. This case study explores the solution implemented by the company to overcome this challenge and enhance their wireless network infrastructure.

Read more →

Public/Government

Streamlining Global Network Infrastructure: A Government Institution Case Study

In today's interconnected world, organizations face the challenge of maintaining a consistent, stable, and secure network infrastructure across multiple sites spread across the globe. This case study explores the journey of a government institution that sought a single-vendor solution to address these challenges. By implementing a Hub-n-Spoke IPSec topology and leveraging various features, the institution successfully achieved its goals of network uniformity, optimized security, and efficient administration.

Read more →

Public/Government

Safeguarding Critical Infrastructure: A Government Institution’s Battle Against DDoS Attacks

In today's digital age, government institutions face numerous cybersecurity challenges, particularly when it comes to protecting their critical infrastructure. One such challenge is the rising threat of Distributed Denial of Service (DDoS) attacks, which can cause significant disruptions and inconvenience to users. This case study explores how organization successfully tackled this challenge by deploying FortiDDoS, a robust DDoS protection solution.

Read more →

Public/Government

Strengthening Data Security for a Government Institution in Nepal: A FortiGate Firewall Case Study

In today's digital age, securing confidential information is of paramount importance for government institutions. This case study explores how a research department in Nepal tackled the challenge of securing their perimeter and internal servers' confidential information. By implementing a robust solution using FortiGate firewalls, the institution achieved a single-vendor environment and significantly enhanced their data security.

Read more →

Insurance

Enhancing Email Security: How FortiSandbox Transformed an Insurance Company’s Antispam/Antivirus Protection

In today's digital landscape, email security is of paramount importance for businesses across all industries. This case study explores how an insurance company in Romania successfully tackled the challenge of improving their email scanning process for URLs, attachments, and content. By deploying FortiSandbox, an advanced threat detection solution, the company significantly enhanced their FortiMail Antispam/Antivirus protection, ensuring a safer and more secure email environment for their employees and clients.

Read more →

Insurance

Enhancing Email Security: A FortiMail Case Study for an Insurance Company in Romania

In today's digital age, email remains a primary communication channel for businesses. However, with the increasing sophistication of cyber threats, it is crucial for organizations to fortify their email security measures. This case study explores how an insurance company in Romania successfully improved their antispam/antivirus protection for their on-premise Exchange server by deploying FortiMail as their email gateway solution.

Read more →

Finance

Cisco ACI Deployment

This case study focuses on a financial institution in Russia that sought to overcome various challenges by implementing Cisco ACI as their next-generation Data Center solution.

Read more →

Finance

Cisco ACI Deployment

This case study focuses on a financial institution in Russia that sought to overcome various challenges by implementing Cisco ACI as their next-generation Data Center solution.

Read more →

Finance

Cisco ACI Deployment

This case study focuses on a financial institution in Russia that sought to overcome various challenges by implementing Cisco ACI as their next-generation Data Center solution.

Read more →

Finance

Cisco ACI Deployment

This case study focuses on a financial institution in Russia that sought to overcome various challenges by implementing Cisco ACI as their next-generation Data Center solution.

Read more →

Finance

Cisco ACI Deployment

This case study focuses on a financial institution in Russia that sought to overcome various challenges by implementing Cisco ACI as their next-generation Data Center solution.

Read more →

Finance w

Cisco ACI Deployment

This case study focuses on a financial institution in Russia that sought to overcome various challenges by implementing Cisco ACI as their next-generation Data Center solution.

Read more →