Most of today’s IT leaders take a Best of Breed approach to procuring solutions and toolsets for their enterprises. They
Company builds infrastructure in Microsoft Azure that will support its IT modernization initiatives and position it for the future.
Driving profitability in the mortgage servicing industry is a constant challenge. To be successful, companies must find ways of growing business in a competitive, regulation-driven industry while at the same time reducing operational costs. And technology plays an important role.
For one California-based company, finding economies of scale and competitive advantages through new technology meant modernizing its IT infrastructure. The company had two geographically separated data centers, one in the east and one in the west, and remote offices connected via a wide-area network. The organization’s leaders realized that to position the organization for the future the company needed to adopt a cloud-first strategy for new applications and to move other legacy apps into the cloud. But to carry out that strategy, they first needed to build a secure cloud infrastructure.
When Lightstream spoke to the company’s CIO, the organization was in the early stages of designing a cloud environment. His technical team, however, had limited experience with cloud computing, and they were open about their questions and concerns, especially around the best way to implement security in the cloud.
As the technical team began envisioning the company’s new infrastructure, several requirements were identified. First, since the existing wide-area network and security implementation was based on Palo Alto Networks’ platform, the team wanted to continue using the Palo Alto platform in the cloud. Second, the existing network design had caused intermittent problems with authentication. As a result, the company wanted to implement a different network design for authentication, with the cloud serving as the primary domain controller for authentication services and an existing data center serving as its backup.
To address the company’s needs, Lightstream conducted a Cloud Foundation Framework engagement coupled with guided implementation services for Microsoft Azure and Palo Alto Networks Next-Gen Firewall (NGFW).
The first step was to understand the company’s legacy environment. Lightstream experts reviewed the company’s business requirements, infrastructure, data services, security landscape, application portfolio, operations tools, and processes to gain a clear understanding of the company’s operating environment.
Next, the team conducted whiteboard design sessions. Using information about the company’s existing environment, its cloud infrastructure functional requirements, and optimal cloud design practices, the Lightstream team developed the company’s hybrid cloud infrastructure design, including core cloud configurations, standards and governance, identity and access management (IAM), network interconnectivity, security, and operational processes.
Included in the design step was a review of the company’s network design and Palo Alto Networks configuration. The team then redesigned the network into a hybrid configuration using a hub and spoke topology based on Palo Alto’s VM-Series NGFW (next-generation firewall).
The last step was to implement the Azure environment along with the new network design. This effort involved building two Azure environments (one for production and one for development to support analytics) and included the core infrastructure configurations, virtual networks and subnets, and native security services, as well as deploying the Palo Alto NGFW in a redundant configuration to ensure high availability.
Highly Available Hybrid Network Design
From the beginning, the company planned to move as much to the cloud as possible, but the leadership team understood that some applications would need to remain in a legacy data center. As a result, the network design had to ensure high availability for both cloud apps and on-premises services.
The new network design utilizes redundant Palo Alto firewalls to ensure high availability. Also, by moving the domain controller for authentication to the cloud, remote locations now have two connection points for authentication instead of one. Therefore, if one link is down, users are automatically routed to the backup site for authentication, thereby eliminating the chance of a network outage causing a disruption of services.
Secure Platform for IT Modernization
With the implementation of an Azure landing zone, the company now has a secure cloud environment that will support its IT modernization strategy. The company can deploy new applications with confidence, knowing the environment has been designed and implemented with proper security and availability features, and begin to move legacy apps to the new environment as its business will allow.
Faster Cloud Deployment
Because the company’s technical team had limited experience with cloud computing, designing and building a cloud environment was both time-consuming and challenging. And there was a lot of uncertainty on the best way to accomplish the company’s objectives.
Working with Lightstream experts, however, alleviated a lot of concerns, and the company was able to deploy a cloud infrastructure faster and more confidently than it could have done on its own.
To learn more about how Lightstream Managed Services can help you architect, implement, and manage a cloud environment that meets your business needs, visit Lightstream.tech.