Future-ready IT for mission-critical security

SOC IT Migration & Platform Build

Since 2016, we have delivered, implemented, and supported solutions for a major Fortune 500 telecommunications provider via an intermediary.
They had built a new Security Operations Centre (SOC) environment in the UK to monitor more than 200 sites across the UK and overseas. The SOC would be responsible for aggregating alarms and logs from mission-critical security systems, where even brief outages could have serious operational and reputational consequences.

Kanj Technologies was engaged to design and implement the core network and server platform, and to migrate existing workloads onto a modern, virtualised infrastructure without disrupting 24/7 operations.

The challenge

The SOC needed to ingest and process events from a geographically dispersed estate that included head offices, communications depots, satellite locations and customer-facing centres. Each site generated alarms and logs from access control, CCTV and other security systems, and these had to be monitored in near real time.

The existing environment relied on a fragmented collection of physical servers and multiple connectivity methods, including MPLS, VPLS and 4G VPN tunnels. There were no single, centrally managed platform and no consistent way to manage performance, security or troubleshooting across the estate. At the same time, the SOC was required to operate on a 24×7 basis, leaving very little room for downtime or extended maintenance windows.

The organisation needed a new architecture that would bring 200+ sites into a secure, centrally managed environment, consolidate the server estate and support highly available SOC applications – all while keeping live security operations online throughout the migration.

The solution

Kanj Technologies designed and built a new master–spoke architecture to underpin the SOC, combining a resilient network design with an enterprise-grade virtual server platform.

At the network layer, the team created a segregated but centrally managed environment that could accommodate all existing connectivity methods whilst maintaining strict logical separation between tenants and locations. This design gave the SOC clear, consistent visibility of alarms and events across every site, regardless of how it connected into the core.

On the compute side, Kanj Technologies consolidated four physical servers into a VMware vSphere Enterprise cluster backed by Dell EMC² storage and Cisco Nexus switching, with Cisco firewalls providing secure perimeter and site-to-site connectivity. The migration was carefully phased: legacy and new platforms ran in parallel, allowing workloads to be moved in a controlled way without interrupting live monitoring and response activities.

The result was a 27 virtual server based single, coherent platform that delivered the performance, resilience and scalability required by a mission-critical SOC, while also simplifying day-to-day management for the internal teams.

The results

The new SOC platform provided a step change in stability and operational control. Monitoring systems now run on a highly available virtual infrastructure designed for low-latency performance, significantly reducing the risk of outages across 200+ monitored locations. Centralised management allows engineers to see and act on issues quickly, rather than working around the limitations of isolated physical servers and fragmented connectivity.

By consolidating hardware and standardising on VMware vSphere, Dell EMC² SAN and Cisco switching, the organisation has reduced operating costs and extended the life of its infrastructure, with a platform that can scale to support new tools, higher event volumes and additional sites without major redesign.

For the SOC teams, the environment is easier to work with and more predictable. They spend less time firefighting infrastructure issues and more time focusing on their internal SLAs: monitoring, detecting and responding to threats across a complex, global estate.