×
Project Background:
As cloud computing enters the stage of large-scale application, enterprise IT deployment is evolving from centralized data centers to "ubiquitous" mode. The Asia-Pacific headquarters of an international logistics company in Mainland China and Hong Kong has formed a hybrid architecture of "self-built data center + multiple public clouds (AWS/AliCloud/TianyiCloud)", and its core challenge is how to realize secure and efficient network interconnection between the headquarters, branches in Mainland China, and multi-cloud platforms, as well as to ensure agile access to global business systems. For this reason, the enterprise commissioned Wisdom Vision to build a new-generation cloud-network interconnection architecture, focusing on solving the problems of resource scheduling, data transmission and unified control of network security in a hybrid IT environment.
Technical implementation program:
1.Backbone Network Level
FortiGate-VM is deployed on multiple PoP nodes across the country and utilizes a high-quality backbone network to ensure network quality between POP points. OSPF and BGP are also used as dynamic routing protocols for Underlay and Overlay to realize route reachability across the network.
2.Branch level
According to the different bandwidths of branch offices, two FortiGates are deployed as a highly available architecture to access DIA and MPLS dedicated lines, replacing the original two routers and two firewalls. Branches through the Internet-based Overlay network near the access to the main backup two PoP points to access resources on the cloud, but also through the MPLS access to the data center workloads, and the two can back up each other.
3.Management Platform Level
Deploying the virtualized versions of FortiManager and FortiAnalyzer on the cloud platform to centrally manage the different models and shapes of FortiGate distributed in data centers, branches, and cloud platforms. through Fortinet's industry-leading single-panel management, the combination of FortiManager and FortiAnalyzer realizes The combination of FortiManager and FortiAnalyzer achieves centralized management, unified monitoring, and global analysis of security and network, and can display network and security events and provide timely response through a single panel, greatly reducing operation and maintenance pressure.
Project results:
Successfully built a cloud-network security convergence protection system through joint program design and technical verification. Based on the zero-trust architecture and SD-WAN technology framework, the cross-border network latency is reduced by 40%, the unified control rate of security policies reaches 100%, and the compliance requirements of GDPR and Equal Protection 2.0 are met simultaneously. Relying on the triple value engine of cost optimization (TCO reduced by 35%), agile delivery (network setup cycle shortened by 60%), and intelligent operation and maintenance, it effectively supports the transformation of enterprise multi-cloud architecture and global business expansion.
EN
