top of page
Rectangle 19 (2).png

CLOUD/ NETWORK/ SYSTEM:

Large French banking group specialising in investment banking

Rectangle 27.png

01

The context:

The client wants to:

  • Structure a dedicated network cloud team (a team of 4 people coming from the legacy/on-premises environment) called INC (Inet Cloud) whose mission will be to provide a fully automated and secure multi-cloud (AWS, GCP, Azure) and on-premises landing zone to support all projects of the group and its subsidiaries.

  • Business and application teams will be able to launch projects and provision their own resources on demand from a single interface (MyCloud) displaying a catalogue of standard services and stacks in hybrid multi-cloud environments.

Rectangle 27.png

02

Problem-solving approach:

  • Audit and analysis of on-premises architecture to identify Ready To Cloud services

  • Identification and formulation of needs: Discussions with the various Cloud Experts, Security, PCA (Public Cloud Automation), NetOps and Prod App teams about their needs and constraints in order to identify the priority areas for migration and automation, and to draw up the change management plan, while respecting the compliance and security rules applicable to the banking sector.

  • Analysis of cloud and on-premises architectures and associated billing to identify opportunities for cost containment and/or savings, while ensuring a low level of risk and taking into account the Group's challenges.

  • Designed and implemented a high availability GCP interconnect architecture between the Cyrus and Vega data centres and Google, meeting the conditions for applying the 99.99 SLA, working with the legacy network teams to order links and Google internal teams to validate implementation choices and options.

  • Provide the Kubernetes network foundation for nodes, pods and services in a non-routed hub and spoke architecture across Azure (AKS), Google (GKE) and AWS (EKS) environments.

  • Designed and automated inbound and outbound multi-level SAS to filter and secure inter-intra-extra service flows.

  • Study and implementation of a solution to control and anticipate the scaling of AWS load balancers

  • Define and develop a standard for deployment of ELBs (NLB, ALB)

  • Monitor ELB scaling to anticipate IP address shortages and provision subnets and CIDRs accordingly.

  • Support teams in resolving incidents related to the complexity of cloud environments, RUN knowledge base

  • Documentation: create and deliver architecture, technical and user documentation

  • Change management and support: knowledge transfer and training for teams

Rectangle 27.png

03

Result:

Migrations/Go To Cloud, reduction of INC team members' learning curve by around 20%, acceleration of migration processes, autonomy in incident response and self resolution.

Rectangle 27.png

04

Technical stack used:

OnPremise, Linux, AWS, GCP, AZURE, Terraform, Kubernetes, Docker, Nautobot, Infoblox, Ubika, Ansible, VMWare NSX-V, VMWare NSX-T, Jira, Confluence

USE CASE SPITZKOP (6).png
Rectangle 20 (1).png
bottom of page