About This Project

The client

Blue Coat

The Challenge

To help our client expand their UK Head Office operations to include a new connection to a UK Data Centre, 4 additional satellite offices and also to integrate 2 outsourced offshore locations with the new infrastructure. Our client is a medium sized enterprise with circa 300 staff.

Requirements

The overall solution needed to meet the following requirements:

01

Security

The solution needed to maintain appropriate levels of network security in terms of segregation and access controls, but could not be overly draconian to the point of impacting business operations.

02

Resilience

The solution needed to eliminate single points of failure where it was deemed appropriate, i.e. at most critical points. This requirement applied to network connections and security devices. Availability of (centralised) networked applications for staff (in particular those offshore) was critical to the business.

03

Performance

the solution could not introduce any performance bottlenecks. Communications should be managed and optimised where possible. Latency for offshore users should be minimised.

04

Scalability

the solution should provide a foundation for the future of our client’s distributed operations. Additional sites should be accommodated uniformly and with the minimum of hassle.

The Solution

Network Surety delivered a solution centred on Check Point IP Series appliances and Blue Coat Systems ProxySG technologies to address all the client requirements. We worked closely with the incumbent service provider ensuring Leased-Line and MPLS circuits were implemented correctly on our client’s behalf. We also liaised with offshore service providers, providing design specifications and ensuring that resilient paths were correctly implemented.

01

Security

  • Check Point Firewall-1 was used in every location to address network security requirement.
  • BlueCoat ProxySG technology with integrated (on-box) URL Filtering provided Web Content Security at every location. BlueCoat Reporter provides detailed information on employee web usage for management or HR review.
02

Resilience

  • Check Point VPN-1 technology was combined with features from IPSO to provide Virtual Tunnel Interfaces as backup paths for dedicated circuits. Resilience and dynamic failover was implemented using OSPF and IPSec.
  • Check Point ClusterXL (state synchronisation only) and VRRP provided device resilience at critical locations.
03

Performance

  • Check Point Floodgate-1 provided a means to control and prioritise bandwidth at the Data Centre.
  • BlueCoat’s ProxySG technology means that the client is also poised to take advantage of BlueCoat’s Content Delivery Network technology for optimising HTTP/CIFS/FTP/HTTPS and many more protocols over WANs and VPNs.
04

Scalability

  • The chosen hardware platforms were sized to provide ample capacity for the current and projected network load over the next 3-5 years.
  • The solution provided our client with a template for small (<25 staff) and medium-sized (25-100 staff) offices; new office could be up and running in a short space of time and the resource required to integrate them into the growing corporate WAN was minimal.

Summary

The solution was designed and implemented by Network Surety using best of breed technologies. We continue to support the environment year-round. It meets all requirements and allows our client to concentrate on their growing business, knowing that their (security and network) IT operations are perfectly positioned to maintain business operations on an even keel.