The Bureau of Consular Affairs’ (CA) mission within the U.S. Department of State is to protect the millions of lives and interests of U.S. citizens overseas. Services
are provided to Americans through American embassies and consulates all over the world. Citizens are served during their most important moments – births, deaths,
disasters, arrests, and medical emergencies. CA is also responsible for the welfare and protection of U.S. citizens abroad, issuing passports and other documentation
to citizens and nationals, and for protecting U.S borders and facilitating legitimate travel to the United States.
To assist CA in meeting its goal, NetGO has been spearheading the network modernization, implementation, and management of CA’s entire enterprise network
infrastructure. NetGO leads the network operations, engineering, security, and innovation of the network and firewall infrastructures of CA’s primary and backup
Challenged by three aging data centers consisting of legacy equipment, IT was the primary factor Consular Affairs was falling behind in its core mission. IT faced
several obstacles that required immediate resolution:
• The Legacy Equipment was Not Scalable.
• The Infrastructure was Complex, Expensive, and Stagnant.
• Poorly Planned LAN/WAN Architecture led to Operational Outages.
• Network Security Concerns as a result of Security Breach.
• Long Delays for Application Time to Market.
Recognizing that the data centers house mission critical applications accessed by U.S. citizens and Visa seekers all over the world, NetGO implemented best-practice
• Zero Trust Architecture spanning across all Department of State bureaus, through Next-Generation Firewalling, Micro-Segmentation of all perimeters, and Border
Security across thousands of Department of State networks.
• High-Availability LAN/WAN Design of Primary and Secondary circuits configured with IPsec tunnels for Secure Data Transport.
• Local and Global Traffic Managers placed across the Zero Trust Network, locally within the Data Center and across sites, allowing for Increased Application
Performance, Availability, and Flexibility.
• Next-Generation Firewall placement across Department of State’s Zero Trust Network for Enhanced Security, through Deep Packet Inspection at the Application
Layer. (see Figure 1)
• Highly Encrypted Connectivity from On-Premise to Cloud Hosted Applications that contain IaaS for use by Developers and Testers, and SaaS i.e. Office 365.
• Large Scale Deployment of Converged and Hyperconverged Infrastructures for Workload Optimization, Scalability, and Agility.
• Software-Defined Networking for Centralized Management and Accelerated Service Delivery by way of Virtual Network Provisioning.
• End-To-End Monitoring and Alerting Tools creating Full Application, System and Network Visibility for the customer.
The Key Results Include:
• Highly Secure Application Layer Inspection of Data Center Traffic preventing most
Cyber-Attacks. (see Figure 1)
• Simplified Management and Administration of Systems.
• Rapid Self-Service Delivery, from 3+ Months to 1 Hour.
• Improved System Agility and Ability to Scale Up or Down.
• Improved High Availability of Systems and Applications.
• Full End-to-End Visibility allowing for Faster Root Cause Analysis.
• Automation resulting in System Self-Healing and Minimal Negative Impact to Mission
As a result of this successful modernization project, NetGO is now pioneering the
cloud enablement phase of Department of State’s data centers. With a fully optimized
next-generation data center built on standardization, virtualization and convergence, NetGO
is leading the final stages of a fully hybrid data center by automation and orchestration.
Tools and Technologies:
• Palo Alto Networks – Panorama – Network Security Management
• FORCEPOINT Security Management Center
• VMware NSX-T Data Center
• VMware vSphere
• F5 BIG-IP LTM/GTM
• SolarWinds Network Management Suite
• Zabbix Metric Collection
• AppDynamics Application Performance Management