Oriental Weavers rolls out SD-WAN for elevated customer service levels

Oriental Weavers rolls out SD-WAN for elevated customer service levels

Egypt-based Oriental Weavers one of the world’s largest carpet producers recently rolled out SD-WAN in record time for elevated customer service levels and reduced operating costs up to 80%. Ahmed Dawood, IT Director, Oriental Weavers group, tells Intelligent CIO Africa why it was important for the company to embark on this project.

With a successful history spanning more than four decades, Oriental Weavers has grown to become one of the world’s largest producers of carpets, rugs and associated supplies, distributing to over 130 countries worldwide. Headquartered in Cairo, Egypt, the company sells nationally through a network of 180 showrooms across Egypt, ranging from small neighbourhood stores to the world’s largest carpet and rug showroom-an 8,000 square metres property outside of Cairo.

Oriental Weavers operates on holistic integration, allowing economies of scale and scope. Flexibility in production capacity combined with operational agility allows the business to respond quickly to market conditions and ensure that they always have the right products at the right time and at the right price.

According to its Founder, Mohamed Farid Khamis, a constant focus on technological innovation in product and customer service development, as well as in enabling and empowering its valued human capital, has been key to the group’s continued success.

Digital Transformation and regulatory compliance

For Oriental Weavers’ IT group, two factors recently combined to drive a major Digital Transformation of the company’s IT network and security infrastructure. The first was a requirement to enhance the security, performance and reliability of SAP applications and services across the group’s network of national showrooms, while simultaneously reducing operating costs. The second was a decree (number 188-2020) from the Egyptian Tax Authority (ETA) announcing the introduction of a mandatory clearance e-invoicing framework that requires all issued invoices to be digitally transmitted to the ETA in real time before being sent to the customer.

The solution to both challenges lay in the adoption of a new software-defined wide-area networking (SD-WAN) infrastructure, through which communications linking the group’s 180 showrooms to the central data centre and headquarters in Cairo (based mainly on multiprotocol label switching [MPLS]) could be replaced with a more flexible, cost-effective network using locally available broadband connections such as ADSL.

As with any transition to SD-WAN, the benefits of providing direct access to cloud and Internet resources at the network Edge needed to be weighed against the security implications of bypassing previous centralised security checks as traffic is no longer backhauled to the data centre. For Oriental Weavers, the potential risk exposure was even greater due to the operational technology (OT) systems of the group’s manufacturing, logistics and supply chain.

180 locations online within three months

After drawing up a shortlist of vendors and evaluating each against both current and anticipated future requirements, Oriental Weavers chose the Fortinet Secure SD-WAN solution based on FortiGate next-generation firewalls (NGFWs). In addition, FortiClient endpoint protection, FortiManager and FortiAnalyser for centralised management, reporting and analytics, were also selected.

“The most important attributes for us were centralised control and connection reliability,” explained Ahmed Dawood, IT Director, Oriental Weavers group. “To deliver the customer experience we required while complying with the ETA invoicing mandate, we needed fast, secure, reliable, 24 by 7 connectivity and an ability to monitor and control everything from a central location.”

With the project rollout coinciding with new government lockdown measures put in place to combat the rising global COVID-19 pandemic, the importance of centralised control was further elevated.

“With restrictions on travel and increasing numbers of staff working remotely, the ability to push out central configuration changes and policy updates in real time proved invaluable,” added Dawood. “In the end, not only did we complete the rollout at a time when many projects were being postponed, but we had all 180 showrooms online within just three months.”

The combination of FortiOS and FortiGate purpose-built security processors (SPU) enabled comprehensive threat protection with the industry’s best performance as well as ultralow latency-even for secure sockets layer (SSL) encrypted traffic. Advanced SD-WAN features such as auto-discovery virtual private network

(ADVPN) allow traffic to be routed directly between remote locations rather than via the HQ hub, which further simplifies management and improves application response times.

By combining the sophisticated intrusion prevention system (IPS) and application control of the FortiGate NGFWs with the endpoint protection provided by FortiClient, Oriental Weavers was able to lock down its OT and other traffic based on combinations of user, device and application protocol, and thus effectively eliminate a large range of potential attack vectors.

With a simple and friendly user interface, FortiClient uses SSL and Internet Protocol secure (IPsec) VPN to provide secure, reliable access to corporate data and applications from virtually any Internet-connected remote device. Built-in capabilities such as VPN auto-connect, always-up, Dynamic VPN Gateway Selection and split-tunnelling ensure a smooth user experience across all device types, whether connecting from home, remote branch, or public places. FortiManager provides Oriental Weavers with sophisticated centralised management and deep insight into network traffic and threats through a single pane of glass.

Dawood and his team now have full control and visibility over the entire infrastructure with FortiAnalyser for centralised logging, reporting, and analysis. The result is less time spent firefighting and more time optimising and planning. The final crucial component of any Fortinet solution is the threat intelligence delivered by FortiGuard Labs. Gathering threat information from customer networks and a global community of threat partners around the world, Fortinet’s analysts employ the latest Machine Learning (ML) and Artificial Intelligence (AI) tools to process over 100 billion events per day. This collection, correlation and automated delivery of real-time threat intelligence back to Fortinet’s products provides Oriental Weavers and all Fortinet customers, with comprehensive and actionable security updates across the full range of threats encountered.

Looking to the future

In the months following completion of the SD-WAN rollout, Oriental Weavers was able to reduce their branch communications costs by up to 80% with zero downtime in applications availability. Real-time access to critical data and applications has led to faster transaction processing, which in turn has driven greater efficiencies in stock and logistics management. The effect has transformed the overall customer experience, while further reducing operating costs.

Not content to rest on their laurels, however, Dawood and team are now considering reinforcing their resilience to network failure and cyberattack through unified event correlation and risk management. The Fortinet security information and event management solution, FortiSIEM, uses ML to detect unusual user and entity behaviour analytics (UEBA) without the need to create complex rules. Such an approach can help to identify both insider and inbound threats that might otherwise pass traditional defences. High-fidelity alerts then prioritise which threats require immediate attention.

“The project so far has proven a great success. The customers are happy with the improved service, the executives are happy with the lower risk profile and operating costs, and my team is happy to have more time to focus on new challenges,” he said.

Click below to share this article

Browse our latest issue

Intelligent CIO Africa

View Magazine Archive