Skanska is one of the world’s leading construction and project development companies, focused on selected home markets in the Nordic region, Europe, and the United States. Skanska deployed Cisco ACI in 2018 to improve data center automation, security, and resiliency, and is now in the process of stretching network management and policies to the cloud.
Customer Name: Skanska Construction
Location: Stockholm, Sweden
Number of Employees: 33,000
● Align data center and cloud environments
● Improve network segmentation and security
● Accelerate IT operations
● Established hybrid cloud operating model
● Improved data center automation, security, and resiliency
● Increased operational agility and workload portability
From Microsoft 365 to Oracle ERP, Skanska Construction has a number of cloud-based workloads, and company leaders had originally envisioned pushing all of their apps to the cloud. A number of legacy workloads, however, made a wholesale shift impractical.
“We’re sticking with a hybrid model,” says Johan Stengård, solution architect for IT networks at Skanska Construction. “Some apps will be in the cloud, some will be on-prem, and others will be split between the two.”
To avoid having two distinct computing domains — each with its own syntax, policies, and coding procedures — Skanska is now in the process of aligning its data center and cloud environments.
“We’re stretching our data center network to the cloud with Cisco Cloud ACI,” Stengård says.
Skanska deployed Cisco® Application Centric Infrastructure (Cisco ACI®), the world’s leading software-defined networking (SDN) solution, in 2018 to improve data center automation, security, and resiliency.
The network includes 28 leaves and four spines spanning two active/active data centers, providing full redundancy and seamless failover in the event of an outage. Both sites are managed from asingle console, and software-defined automation has supercharged Skanska’s IT operations.
“In the past, we had to manually configure everything using command-line interfaces,” Stengård says. “Deploying a new server for a multi-tier app used to take two weeks, but with Cisco ACI, it only takes a couple of hours. Updating the network is much faster and easier too. We’re saving a lot of man hours.”
“Deploying a new server for a multi-tier app used to take two weeks, but with Cisco ACI, it only takes a couple of hours. Updating the network is much faster and easier too. We’re saving a lot of man hours.”
-Johan Stengård, Solution Architect for IT Networks, Skanska Construction
Leveraging granular segmentation, network security has been improved as well.
“Our most critical workloads have all been segmented,” Stengård notes, “and that makes our security team very happy.”
All of these attributes are now being extended to the cloud. Leveraging Cisco Cloud ACI, the Skanska IT team is establishing a common policy and operating model that spans data center and public cloud domains.
“Instead of learning the ins and outs of Azure and recreating our security policies with a different syntax, we’ll just extend our existing policies,” Stengård says. “It will save us a ton of time, improve the security and consistency of our network operations, and give us much more flexibility for where to place our workloads.”
Moving forward, Skanska plans to place all of its new apps in the public cloud while maintaining legacy workloads on-premises. Stengård says the company will deploy 15 to 20 apps in Azure over the next year.
“It’s very easy,” he says, “because we can use the policies we’ve already created.”
Skanska will also continue to improve a newly created self-service portal to further accelerate network operations. Leveraging Ansible playbooks, internal users will soon be able to spin up their own virtual machines, endpoint groups, and bridge domains.
“You tell the network what you want, and it does everything automatically,” Stengård says. “It’s pretty awesome.”