Food Industry Case Study | 2
Real-world Technical and Business Pain Points
The enterprise in this case study was confident it could build a cloud networking
infrastructure on its own that would address its multi-cloud needs. The company
wanted to move fast, but only made its operational environment more complex. We've
outlined the technical and business challenges the enterprise faced along with a
diagram of the company's original state.
Technical Challenges
1. Initial design centered heavily around
on-prem
The organization's in-house networking team had a vast
amount of on-premises networking experience, but it lacked
cloud networking expertise. As a result, it failed to fully
realize the inevitable impact cloud technologies would have
on its infrastructure. The architecture was designed to fulfill
on-prem needs, resulting in a cloud migration that increased
complexity and costs.
2. Application deployment took weeks
The process for deploying an app in the cloud required
opening a ticket, deploying the virtual cloud, route table,
routing configuration, VMs, and implementing firewall rules.
The organization was using a single cloud service provider
(CSP) and intended to onboard another, which would further
complicate the process.
3. Multi-cloud infrastructure management was
complex
The organization had workloads in one CSP and planned
to onboard a second CSP. But the organization lacked both
centralized cloud control and a repeatable multi-cloud net-
work architecture. Without this, the complexity of its cloud
network would quickly increase as more CSPs were added
to its infrastructure.
4. Team's overconfidence led to complex cloud
infrastructure issues
Once in the cloud, the organization attempted to build its
own transit-based network architecture and found that it
lacked the time, resources, and talent to make the cloud
work. This created issues with network orchestration, rout-
ing, UDRs, and firewall insertions. Attempts to automate
inconsistent steps between the clouds resulted in a struggle.
5. Management of multiple firewalls was
ineffective
The organization deployed four different firewalls: East-
West, North-South, ERP, and Landing VPN (Virtual Private
Network). However, the Landing VPN firewall was deployed
only to make the VPN work, even though it incurred high
firewall costs. These four firewalls across multiple regions
increased the management complexity of all the firewalls,
including routing and permissions. As a result, deploying
and managing these firewalls across the cloud regions
became very difficult.
6. Visibility and troubleshooting capabilities
were insufficient
Private links to SD-WAN made it difficult for the organization
to troubleshoot. In addition, the native tools provided by
the CSPs were insufficient to allow full visibility and trouble-
shooting of the cloud infrastructure.
