Information on multi-cloud networking, cloud network platform, cloud networking, cloud network security, cloud network operations
Issue link: https://aviatrix.com/resources/i/1493522
For Inmarsat — a global mobile satellite communications leader for the aviation, maritime, government and enterprise industries — becoming a cloud-first company helps reduce operational risk related to aging infrastructure and allows for agility in developing applications and services. The Need for a Secure Solution Across Multiple Clouds While Inmarsat originally intended to migrate to a single cloud, the company realized that multicloud was a fundamental requirement for both business and technical reasons. Being able to run an application or service in whichever cloud made the most sense was a critical factor in this decision. However, a key challenge of adopting a multicloud approach was integrating various solutions from multiple cloud providers, all while ensuring ironclad security. Easy Firewall Integration with Aviatrix AirSpace When Inmarsat first came across Aviatrix, the company was looking for a better approach to integrate Palo Alto Networks VM series firewalls between different segments in their Amazon Web Services (AWS) cloud network. At the time, they were also deploying Cisco SD-WAN and Palo Alto Networks Prisma Access. "It was a lot easier than I expected to integrate those solutions with Aviatrix AirSpace," said Sheldon Parsons, senior network engineer at Inmarsat. Aviatrix AirSpace provides Inmarsat with data plane telemetry data that offers insights into events at the application, security and network layers. Aviatrix AirSpace uses BGP at the edge to integrate with other vendors and takes into consideration BGP path selection criteria — such as AS Path — when making routing decisions, both at the edge and between transit gateway peerings. These capabilities helped the Inmarsat team simplify the implementation of hot potato routing between its Prisma Access solution and Aviatrix AirSpace. "Combining these solutions with the Aviatrix AirSpace gives us a way to provide our workforce with the most optimal path to our cloud resources, regardless of if they're at home or in the office," Sheldon says. Inmarsat also needed to move legacy Oracle workloads and utilize exadata on Oracle Cloud Infrastructure (OCI). A quick and easy way to connect OCI to Inmarsat's cloud and on-prem infrastructure was required. Aviatrix allowed them to spin up new Aviatrix spoke gateways in their VCN, connect them to their backbone, and easily reach back to legacy applications or other cloud connectivity as needed. Accelerated Troubleshooting and MCNA with FireNet Shortly after deploying the POC for Aviatrix MCNA with FireNet Inmarsat ran into some stability issues with their existing transit VPC design. After a few weeks of trying to solve the issue and with the launch date for one of their customer-facing applications approaching, Sheldon quickly deployed Aviatrix MCNA with FireNet to resolve the problem. "In an afternoon, I had the Aviatrix MCNA with FireNet deployed, and the next day we migrated over all the VPCs using the Aviatrix controller. And we haven't had that problem since then," Sheldon says. Simple, Scalable, and Repeatable Design Overall, Sheldon says that Aviatrix has been critical to Inmarsat's migration journey. "The Aviatrix solution provides us a scalable, repeatable way to design where new pods of connectivity can be onboarded in minutes and we can easily insert our firewalls between segments of the cloud that require the extra security," he says. Sheldon adds that Aviatrix is easy to deploy and test out because the Aviatrix's controller provides an easy-to-follow workflow and documentation that covers most of the configuration. "And for the 1% of things you might get stuck on, Aviatrix support and engineering teams are great at helping you get unstuck," he says. Aviatrix AirSpace and Firenet Help Inmarsat Easily and Quickly Scale Secure Multicloud and Firewall Integration COMPANY • Inmarsat is a world leader in global mobile satellite communications providing reliable connectivity to customers anywhere in the world across various industries, including aviation, maritime, government, and enterprise. CHALLENGE • Required efficient and secure migration of workloads from aging on-prem data centers to multicloud environment on their journey to becoming a cloud-first company • Needed quick and easy ways to securely integrate solutions and firewalls between multiple cloud providers and connect Oracle Cloud Infrastructure (OCI) to company's cloud and on-prem infrastructure • Designing spoke solutions to integrate company's network security stack based on the native cloud constructs of each provider was time- consuming and came with caveats SOLUTION • Aviatrix distributed firewalling allows for easy distribution of firewalls between segments of the cloud that require extra security. • Aviatrix AirSpace supports edge connectivity of Palo Alto Networks Prisma Access and Cisco SDWAN solutions using Border Gateway Protocol (BGP). • Aviatrix AirSpace simplifies the deployment and redirection of traffic to 3rd party firewall vendors such as Palo Alto Networks VM-Series across CSPs. • Aviatrix AirSpace delivers consistent transit networking across public cloud regions as well as across CSPs to empower Inmarsat to provide its remote and in-office workforce with the most optimal path to cloud resources. RESULTS • Accelerated troubleshooting and firewall distribution • Simple, scalable, and repeatable design across multiple clouds INDUSTRY Telecommunications CASE STUDY For more information, visit aviatrix.com © Aviatrix, 2023. Sheldon Parsons Senior Network Engineer