Multiple Palo Alto perimeter firewalls across various sites needed to be replaced with solutions sized appropriately for each site, while accounting for Zscaler functionality on user devices. The project also required redesigning networking to support customer operations within an integration centre.

Multiple FortiGate firewall models were procured and configured using FortiManager for centralised management. The corporate IP address space was redesigned to accommodate non-publicly routable subnets and multiple VLANs per site. VDOMs and inter-VDOM interfaces were implemented to enable device sharing while segregating administrative control between business units. Routing and security policies were configured to maintain operational efficiency and secure multi-tenant functionality.

The deployment delivered cloud-managed perimeter firewalls at operational sites, sized appropriately for each location and supporting “multi-tenant” style segregation of shared physical devices, while maintaining overarching control with Corporate IT. The architecture provides a scalable foundation for future site expansions and integration with cloud security services.