Case Study

INDUSTRY

Payroll Processing - Entertainment

Industry

CHALLENGES

-> Limited or no documentation -> Certificate monitoring issues -> Complicated and manual workload for normal tasks -> Limited monitoring capability

Network Environment

• 13 offices and 2 Data Centers

• Router (Cisco ASR 1k series, ISR 4k series) - 40

• Core Switches (Cisco Nexus 9k, 6k, 5k, 2k) - 10

• L2 Switches (Cisco 2960, 3750 & 3850) - 50

• Cisco ASA 555X - 4 firewalls

• 15 MPLS Circuits

• 18 Internet Circuits

Roles & Responsibilities

• Solarwinds, Smokeping and MRTG Monitoring

• NAT and Access Policy changes on Firewall

• Creating IPSEC tunnel on routers between Data Center and AWS VPC

• Creating and Managing BGP between Office and Data Center

• Installation of new hardware and RMA processing

• iOS upgrade on all Routers to the stable version based on security

recommendations

• Brought a partner company and migrated all the Network Environment to

our Standard Design

• Deployed 2 new offices with Standard Network Design

• Configuration/Change management based on the requirements

• Introduced the failover network setup with dual link utilization using IP SLA

in all the offices

• Performance and Fault management

Value Additions

• Xenarmor SSL Certificate Monitoring

• VPN Tunnel and BGP Creation and Deletion Script using PowerShell

Load Balancer - F5 Environment Load Balancers

• Configuration, upgradation

Firewalls

• Palo Alto

• Cisco ASA

• Checkpoint

• Fortinet

• Juniper SRX

Remote Access

• Pulse Secure

• Cisco AnyConnect

• Palo Alto GlobalProtect

Roles & Responsibilities

• Configuration, upgradation and support for Cisco ASA, F5 load balancer,

Checkpoint, Palo Alto, Fortigate (Fortinet), Juniper Netscreen and SRX

firewall devices

• Troubleshooting problems and committing configuration changes on

different firewalls devices

• Working on Cisco Switches, Routers in addition to making required changes

in firewall

• Reviewing health of firewall devices like high CPU utilization, memory usage,

and latency issues

• Implementing time-based ACLs for maintenance window and Capture to

troubleshoot network issues besides taking care of LAN based issues in the

network

• Actively coordinating with vendor specific TAC in case of device failures and

RMAs raised

• Coordinating with other departments/sections regarding any new services or

installation to avoid any security hazard when deployed

• Recommending modifications to existing security infrastructure, based on

analysis of incident reports and planning and enforce security policies and

procedures on all company network zones

• Maintaining the availability, reliability and functionality of the Systems

through proactive monitoring and prepared project documentation

Value Additions

• Migrated a dozen offices and three data centers firewall platforms to Palo

Alto from legacy Cisco/Juniper devices, including full Palo Alto next-gen

security suite implementation, all managed from Panorama

• Securely connected multiple AWS and Azure cloud environments into

multiple data centers

• Implemented and configured a third party tool "OXIDISED" to take regular

configuration backups from all the network devices

• Deployed multiple Juniper Virtual Chassis, Virtual Chassis Fabric and Qfabric

data center LAN deployments

About ATMECS Inc ATMECS is a result oriented full-service engineering and R&D organization. We are Technology Accelerators bringing in visible transformation for our clients through automation, adoption of leading edge integrated development platforms, CI/CD, Dev Ops, Cloud, and Big Data. Several Fortune 500 customers and exciting next gen start-up companies engage us to partner with them to solve critical business challenges. As Innovation Catalysts we help clients lead change through AI/ML, AR/VR, IOT, Conversational BOTs & Blockchain.