Objective

The primary objective of this project was to completely redesign and rebuild the enterprise network infrastructure across two international locations. Each site had to support high availability, scalability, enhanced security, and efficient wireless coverage tailored to the operational needs of both office environments and industrial freight handling.

The challenge wasn’t just upgrading technology—it was transforming two outdated, flat networks into modern, robust infrastructures aligned under a unified design strategy.

Background

The existing network infrastructure at both sites was outdated. It consisted of:

  • A flat Layer 2 network with minimal segmentation
  • Basic Wi-Fi coverage with weak encryption
  • Limited VLAN usage and almost no access layer security
  • No redundancy, leaving the business exposed to outages

With one location comprising 14 buildings and the other consisting of 6, both sites had to be treated as large, complex campuses. Moreover, they needed to be interconnected with resilient and secure routing between countries.

This was not just a hardware refresh—it was a complete re-architecture involving design, procurement, implementation, and fine-tuning.

Planning and Design

1. Physical Layer Overhaul

  • Fiber Layout Redesign: We re-mapped and re-designed the entire fiber layout to improve redundancy and performance.
  • Vendor Coordination: Procured external fiber installation teams and planned out civil works, trenching, and splicing.
  • Structured Cabling Documentation: Ensured all links were documented for future scalability and maintenance.

2. Logical and Layered Network Redesign

  • Access Layer: Redesigned using Cisco access switches across all buildings with dedicated uplinks and hardened port-level security (port security, DHCP snooping, ARP inspection, and MAC limit policies).
  • Core/Distribution Layer: Built as a collapsed core model using Cisco 4500 series switches with redundant supervisors, ensuring high availability and reduced convergence time.
  • Segmentation and Routing:
    • Introduced VRF segmentation at the core to isolate traffic types.
    • Inter-site connectivity was ensured via two MPLS circuits for redundancy and a third site-to-site VPN tunnel as a backup path.
    • Routing protocols included BGP for external routes and OSPF internally between local routers.

3. Wireless Infrastructure

  • Upgraded to Cisco WLC 5505 in High Availability (HA) mode at both locations.
  • Designed to support:
    • Office users
    • Industrial areas including truck loading zones and freight container terminals
    • Rugged handheld terminals used for cargo movement
  • Wi-Fi authentication was transitioned from basic WPA to 802.1X with certificate-based authentication for terminals.
  • A device management platform was integrated for centralized monitoring, updates, and remote troubleshooting of terminals.

Implementation

  • Phased Migration: The rollout was performed in stages to avoid operational downtime.
  • Parallel Builds: The networks in both countries were built in parallel using the same architectural blueprint.
  • Testing and Validation: End-to-end connectivity, failover scenarios, and Wi-Fi roaming tests were completed at each phase.
  • User Cutover: Once validated, users were migrated in batches to ensure smooth transitions.

Benefits

  • Modern, Layered Design: The network now supports scalability, flexibility, and future growth with industry best practices.
  • Full Segmentation: Multiple VLANs aligned with worker roles and departmental needs, reducing broadcast domains and enhancing security.
  • Redundancy and Resilience: Dual MPLS paths with a VPN failover ensures high availability between international sites.
  • Secure Access Layer: Mitigated internal threats via strict access-layer protections and monitoring.
  • Advanced Wireless Coverage: Seamless 802.1X-secured wireless access in warehouses, improving operational efficiency for freight handling.
  • Centralized Device Control: Easier management of all industrial handheld devices with streamlined onboarding and policy enforcement.

Conclusion

This project marked a successful transformation of a legacy, insecure network into a modern, secure, and high-performing infrastructure that spans two countries. By standardizing designs and utilizing proven Cisco technologies, we delivered a future-ready network that now supports complex logistics operations, warehouse automation, and enterprise collaboration without compromise.

The solution not only brought the network up to speed—but positioned the organization for the future.