Ski & Sea d.o.o., a renowned distributor of sports equipment and nautical equipment, has successfully implemented a complete overhaul and protection of its network infrastructure. The aim of the project was to increase the security, transparency and separation of business segments within the network, while at the same time providing a reliable and powerful basis for the company’s further digital growth.
1. Segmentation with VRF (Virtual Routing and Forwarding)
To ensure separation between the different organisational units (e.g. sales, warehouse, administration and guest network), we have segmented the network through separate VRFs. Each segment operates as a logically separate network with its own routing tables, which means that traffic between them is strictly controlled and only allowed to pass through in accordance with security policies.
This approach allows:
increased security (isolation of key systems)
better control of access
easier network and policy management
2. Installing a Cisco Aggregation Switch
A powerful Cisco Layer 3 aggregation switch supporting VRFs, high throughput and redundancy was installed to connect all local switches and route traffic between segments.
Key functionalities:
Support for Layer 3 routing
High throughput and reliability
VLAN management and QoS (Quality of Service)
Expandable for future business needs
The aggregation switch is the heart of the network, carrying all inter-segment traffic and integration with security devices.
3. Installing the Next Generation Firewall (NGFW)
As part of the renovation, we have also included an advanced NGFW (Next-Generation Firewall), which enables:
deep traffic analysis (Layer 7, application layer)
advanced filtering based on content and users
IPS/IDS intrusion protection
VPN access for remote users
The firewall is installed at the edge of the network, where it ensures secure communication with the internet, while allowing controlled communication between the individual VRF segments.
Results
With the renewal of the network infrastructure, Ski & Sea d.o.o. has gained:
High network security
Logically and physically separate compartments
Scalable and stable core network
Advanced access control and security surveillance
We would like to thank the Ski & Sea d.o.o. team for their trust and excellent cooperation. We are confident that the new network architecture provides a solid basis for further development, expansion and digital security of the company.
