Stretching a Data Center to the Cloud

Skanska extends its data center network to Microsoft Azure with Cisco Application Centric Infrastructure (ACI) and Cisco Nexus Dashboard.

Contact Cisco

  • Get a call from Sales
  • Call Sales:
  • 1-800-553-6387
  • US/CAN | 5am-5pm PT
  • Product / Technical Support
  • Training & Certification

Skanska

A leading construction and project development company, Skanska deployed Cisco ACI in 2018 and is now in the process of stretching network management and policies to the cloud.

Industry: Construction
Location: Stockholm, Sweden
Size: 33,000 employees
Website: skanska.com

Summary

Challenges

  • Align data center and cloud environments
  • Increase operational efficiency and speed
  • Improve network and application security

Solutions

Results

  • Established hybrid cloud operating model and laid the foundations for infrastructure as code (IaC)
  • Accelerated network deployments from weeks to days
  • Separated and secured workloads through microsegmentation

Going hybrid

After realizing an all-cloud computing strategy would be cost prohibitive and unworkable for a number of legacy workloads, Skanska shifted to a hybrid computing approach in 2018. But the company's IT team was wary of managing two separate domains, each with its own syntax, policies, and coding procedures.

"We wanted the same model for managing [on-premises] and cloud resources" says Eric Nilsson, senior network engineer for Skanska.

It's one of the main reasons why Skanska adopted Cisco Application Centric Infrastructure (Cisco ACI), he adds. The world's leading software-defined networking solution is uniquely capable of extending data center networks—including visibility, orchestration, and policy automation—to the public cloud.

"Cisco ACI has enabled us to stretch our tenant environment to Microsoft Azure," Nilsson explains, noting the environment currently includes four tenants—production, development, test, and user acceptance testing—with more to be added in the future.

Skanska is also stretching production workloads like Microsoft Active Directory to the cloud, not only for redundancy but also to enable anytime, anywhere network access for internal users.

Because the [Cisco Cloud Network] controller is directly integrated with Azure, we don't have to use a separate GUI when configuring, deploying, and managing workloads in the cloud. It saves us a ton of time.

Eric Nilsson, Senior Network Engineer

"We're using the Cisco Cloud Network Controller to extend the application policies and constructs we have on-prem into the cloud," Nilsson says. "And because the controller is directly integrated with Azure, we don't have to use a separate GUI when configuring, deploying, and managing workloads in the cloud. It saves us a ton of time."

Security through microsegmentation

In addition to stretching its tenant environment, production workloads, and application policies to the cloud, Skanska is using the combination of Cisco Nexus Dashboard Orchestrator and HashiCorp Terraform to establish infrastructure as code (IaC) and accelerate network operations. On-premises deployments that used to take a week now take less than a day, Nilsson says, and the multiweek cloud deployments of the past are now completed in a few days. 

"We're mostly doing simple things like creating application profiles, bridge domains, and endpoint groups," he explains. "But our goal is to use Nexus Dashboard and Terraform to configure and automate everything in the future, both on-prem and in the cloud."

Although the two environments are being increasingly amalgamated, the resources within them are separated and secured through microsegmentation. Skanska's VMware footprint, for example, has been segmented into seven different endpoint groups.

"We're segmenting lots of things—tenants, endpoint groups, bridge domains, service contracts—which is really beneficial from a security standpoint," Nilsson says. "We view and manage our on-prem and cloud environments as a single domain, with segmentation reducing the attack surfaces."

Although there is more work to do, Nilsson says that Skanska has made significant progress aligning its on-premises Cisco ACI network with Microsoft Azure. And the company can extend the environment to additional clouds in the future using the same toolset and policies.

"This has been a big effort, and Cisco has been a fantastic partner throughout the process," he concludes. "Everyone has been very helpful and supportive, and we've really appreciated the technical assistance we've received from the engineers and the entire Cisco team."

More for you

Technology has changed how we live and work.

Organizations like yours are innovating with Cisco solutions to connect, secure, and transform.

Every industry is unique.

Each industry has its own challenges that require tailored solutions.

You are a changemaker, innovator, and discoverer.

We want to help you share your story. Learn more about how you can build your organization's profile—and your own—as you expand your network.