Ukrtelecom completed the stage of migration of two data centers located in Kyiv and Dnipro to the new modern network architecture Software-defined Networking based on Cisco ACI.
The history of this project began 3 years ago, when Ukrtelecom had a need to modernize the heterogeneous network infrastructure of data centers. The main condition was the lack of support from the manufacturers of the old equipment park and the associated possible risks for the company's business.
When analyzing the proposals, the customer was looking for a promising and already mature solution available in Ukraine. As a result, the Cisco ACI architecture was chosen for the project. The company “IT-Integrator” acted as an implementation partner.
One of the primary tasks for Ukrtelecom was to understand the operating principles of the chosen solution and analyze its possibilities for further development of the company. Among the advantages of the solution are extensive opportunities for service segmentation and creation of service chains, a single point of management of a converged network, as well as automation of settings. These and other technological advantages generally opened opportunities for further development of digital services and business of Ukrtelecom.
After completing the mandatory stage of the full design cycle, the next step was the implementation of the solution and the migration of all data center network services to it (Network Centric). Ukrtelecom chose Cisco Firepower firewalls, to which all corporate network security policies were transferred during the project. This task turned out to be difficult, because during its existence, the network infrastructure accumulated a large number of specific settings, which had to be competently transferred to the new infrastructure. In fact, the process consisted of transferring a huge distributed heterogeneous and multi-vendor network of data centers to a modern software-controlled factory with a different internal logic of work.
Certain challenges arose during the implementation and were successfully resolved, among others:
- Coordination of service windows and definition of the scope of services for a specific stage of migration
- Determination of the mutual influence of services transferred to other services during the period of service windows
- Checking the operability of the services carried by the given SLA determined by the service window
Oleksandr Rudenko, Head of Implementation Department at IT-Integrator: “The implementation of Cisco ACI is not just a story about solutions, it is a long-term choice and implementation of Ukrtelecom's development strategy in the direction of the network infrastructure of the data center – a strategy designed to fundamentally change approaches to the functioning of the company's digital services”.
Kyrylo Honcharuk, CIO of Ukrtelecom: “The transition to SDN architecture is a truly significant event, because the rapid change in traffic volumes and changes in its structure require us not only to modernize networks and switch to fiber-optic technologies, but also to review approaches to software transformations that allow us to maintain the leading position in the digital services market and open new directions, adapting our IT landscape as flexibly and quickly as possible to new market challenges. I thank the partners with whom we have worked side by side over the past two years to implement the Cisco ACI architecture. It is thanks to the competences of IT-Integrator and Cisco that we confidently moved towards the set goals and continue our path of transformations”.
Serhii Martynchuk, Head of Cisco business in Ukraine: “Cisco ACI is the best solution in the industry for software-configured networks, which increases the flexibility of applications and the efficiency of data center automation. We are very happy that thanks to our technologies, Ukrtelecom will have the opportunity to quickly and safely develop new digital services”.
The next stage after the complete migration to the new network architecture of both main data centers will be the Application Centric phase, during which the immediate transformation of the network infrastructure and the policies implemented in it will take place. Such a transformation will be aimed at describing the network interaction in relation to those services that are located in data centers. The chosen service-centric approach will allow maximum protection of Ukrtelecom services at the basic network level, while simultaneously reducing the risks of horizontal spread of network attacks by implementing the White-list policy or Zero Trust paradigm.