Selected Projects

Selected Projects

A sample of recent engagements. Client names are withheld under standard confidentiality terms; sector and scope are described to illustrate the type of work delivered.

Automotive & Retail — Firewall Migration

Multi-Vendor Firewall Migration Under Live Operations

Challenge

A national automotive retail and auction group needed to replace a multi-VSYS Palo Alto firewall estate with a clustered multi-VDOM platform, without disrupting live trading operations.

Approach

Delivered a phased migration plan covering system hardening, HA configuration, and BGP routing, translating and optimising several thousand security policy and NAT rules while maintaining continuity of security posture. Migration waves were executed out of hours with tested rollback procedures.

Outcome

A modernised, clustered firewall platform migrated with no unplanned disruption to trading systems, and full validation of routing, failover, and IPsec VPN behaviour post-migration.

Financial Technology — Data Centre Consolidation

Five-Site Data Centre Consolidation

Challenge

A payments technology business needed to consolidate five legacy data centres into two managed environments, across multiple vendors and security domains.

Approach

Led discovery and gap analysis across all sites, designed hybrid connectivity (point-to-point circuits, IPsec, and ADVPN hub-spoke) to bridge the transition, and coordinated firewall and switching migration to a consolidated fabric as design authority over the managed service provider's delivery.

Outcome

Legacy sites decommissioned in a controlled sequence, with connectivity, security, and workloads migrated to the target environments without unplanned outages.

Consumer Goods — Cloud Migration

On-Premises to VMware Cloud on AWS

Challenge

An international consumer goods business needed to migrate its on-premises data centre to a cloud-hosted software-defined data centre, while maintaining existing security segmentation.

Approach

Engaged as network architect within a change consultancy's delivery team, designed the AWS landing zone and hybrid connectivity architecture, and implemented micro-segmentation within the new SDDC to preserve distributed firewalling and security policy from the legacy environment. Designs were validated through architecture review board sessions before implementation.

Outcome

A validated cloud landing zone with hybrid connectivity and equivalent security segmentation to the legacy estate, delivered as the technical foundation for the wider migration programme.

Housing & Regulated Sector — Network Consolidation

Post-Merger Network and Data Centre Consolidation

Challenge

Following an organisational merger, two independent network estates — including four legacy data centres and inconsistent security tooling — needed to be consolidated into a single enterprise network.

Approach

Directed consolidation of four data centres into two modern facilities, migrating switching to a multi-pod fabric, and delivered an enterprise-wide firewall rollout alongside an SD-WAN deployment across data centres and over 150 remote sites.

Outcome

A single, consistent enterprise network and security platform across the merged organisation, including a new head office campus network design.

Financial Services — Application Delivery Modernisation

Application Delivery Platform Migration

Challenge

An investment platform business needed to migrate from an ageing application delivery controller to a modern platform while maintaining DDoS protection during the transition.

Approach

Implemented DDoS protection using BGP and GRE tunnels ahead of migration, then led the phased migration from the legacy ADC platform to the target platform, validating application delivery and failover behaviour at each stage.

Outcome

A modernised application delivery platform with no gap in DDoS protection coverage, and validated failover behaviour across all migrated applications.

Get In Touch

Discuss a Similar Programme