Auxis Achieves Aggressive AWS Network Architecture for a Retailer

Client Profile

Our client is a publicly traded, Fortune 50, general merchandise retailer with nearly 2,000 stores spread across every U.S. state and the District of Columbia. It ranks among the 10 largest retailers in the U.S., employing more than 450,000 people and reporting more than $106 billion in revenue in 2021. The client also owns 45+ brands unique to its stores and operates several subsidiaries.

The client operates an AWS (Amazon Web Services) cloud-based platform that simplifies the process of selling and activating connected products like mobile phones. The platform integrates with the largest cellular network providers and supports ancillary processes like payment programs, insurance, fraud protection, and warranties.

However, the platform’s legacy network infrastructure and architecture presented several significant challenges for the client:

• Network equipment had reached End of Life. That made it less reliable and prone to failure as the busy holiday retail season – and most important, Black Friday – approached.
• Several routers were independently connected to key vendors like the largest telecom providers without any redundancy or high availability. With a single point of failure, unreliable equipment, and no backup plan, the client risked mobile sales and activations shutting down on the busiest shopping day of the year.
• Legacy equipment hindered the ability of network engineers to act nimbly and meet business demands in a timely manner.
• The amount of connected equipment created too much complexity for the architecture and environment, making it costly and difficult to maintain.

As the client’s cloud infrastructure management provider, Auxis recognized these risks and proposed migrating the network to a highly available infrastructure – replacing outdated Cisco CSRs (Cloud Service Routers) with top-of-the-line Cisco Secure Firewalls (ASAv – Adaptive Security Virtual Appliances).

However, the project faced a very tight implementation deadline because the client couldn’t finalize approval until September. Since technical changes can cause errors or downtime that would negatively impact holiday sales, most retailers freeze technology implementations between November and January – giving Auxis about a month to complete the complex migration.

After extensive analysis of the client’s workloads, Auxis network and DevOps engineers designed a scalable and robust solution and migration path based on key business requirements, considering security, usage/cost, and operational management.

Key steps included:

• Migration roll-out support. Auxis engineers effectively designed and supported the creation of new network resources with high availability and redundancy. They used Terraform, an IaC (Infrastructure as Code) tool to automate the creation of new firewalls and manage and maintain the network – lowering costs, speeding implementation, and eliminating the risk of human error.
• Vendor coordination. Auxis helped mitigate downtime during the migration by preparing work for specific timelines that did not affect production sales.
• Configuration migration. Auxis migrated configurations, ensuring new firewalls worked as expected for each vendor. Auxis teams also simplified management of new environments by centralizing router configuration.
• Security controls. Updated features on the ASAv firewalls helped Auxis ensure solid security monitoring and controls for the new infrastructure, providing better insight and visibility into the health of devices.
• Day-to-day cloud monitoring and operations management. Auxis implemented the proper tools to monitor and manage the client’s new AWS production and security environments from its Global Delivery Center in Costa Rica.

We run, operate, and optimize your infrastructure and applications on AWS

Learn more

Despite the aggressive deadline dictated by the fast-approaching holiday retail season, Auxis successfully replaced all the mobile platform’s outdated routers with top-of-the-line Cisco ASAv firewalls, running on three AWS accounts. That included spinning up multiple environments, such as Production, Staging, User Acceptance Testing (UAT), Disaster Recovery, and Development.

Migrating to the new firewalls and utilizing Auxis monitoring tools helped the client achieve the following benefits: