IT for business
VOL designs and implements optimum solutions for your business. We work with the best engineers, who have been successfully managing projects for businesses for a long time now, both for SMBs and large corporations. We provide support at the planning stage, as well as when the project is already advanced.
Infrastructure migration for a large supermarket specialising in construction and refurbishment materials.
The infrastructure migration project envisaged uninterrupted transfer of IT services (firewall, Internet access, web filtering, VPN, anti-spam) from the headquarters in Germany to the main Polish office in Warsaw.
The work covered the installation of backbone switches - Extreme Networks X670-48x and NGFs (next generation firewalls) - Fortigate 300C. The devices were configured to work in HA Active-Active mode, so that any damage to either does not interrupt access to services.
The existing corporate infrastructure (Cisco switches) was connected to the new backbone switches. Each of the access switches was connected over two 1G links (one per each backbone switch). To avoid loops, MLAG (multi-switch link aggregation) mechanism was used for the backbone switches, along with standard aggregation (port channel). A link from the operator (ORANGE), new servers and an anti-spam filter were connected to backbone switches.
VLANs were established on the switches, both to support the existing services, which could not be changed, and new vlans for the support of new devices and services.
To ensure anti-spam support for the Exchange mail server, fortiMail device was installed, wherein the appropriate mail protection policy was configured, in line with the client's IT department recommendations.
Two Fortigate 300C devices were employed to ensure protection of the entire network and termination of VPN connections. Policies were established on the devices to support traffic from 24 outlets over a SAP server located in Germany. The SAP server was connected to centrally, from the client's main office in Warsaw, over IPSec VPN tunnels. The application of encryption enabled a very secure connection for critical company data. QoS was used in order to ensure appropriate quality/efficiency of the connection.
Additional IPSec VPN connections were established for companies supporting the client company's personnel (cash register and marketing system support).
To ensure secure Internet browsing, WWW page filtering was activated based on LDAP (MS ActiveDirectory) groups and users. A different web page filtering policy was used for each AD group. In order to identify persons currently logged on, agents communicating with the firewall were installed on domain controllers.
