One of the so-called “big four” accounting firms in the World, PwC employs more than 284,000 people worldwide and provides a wide variety of financial services including audit, assurance, tax, and consulting. From their beginnings in 1849 in London, they now have over 800 offices in 157 countries. And they are still growing.
PwC recently built their new glistening Italian headquarters in Milan. The curved 28-story tower is quite a landmark in the city of tall towers, with several distinctive achievements – maximization of natural light throughout, a glass façade that reflects the local urban fabric, an advanced rainwater recycling system, and a crown inspired by the domes of Italian renaissance – reinforcing their commitment to sustainability through smart building design.
The HQ is also reflective of their “Be Well, Work Well” commitment that seeks to create an environment that encourages people to be their best, accomplish more, in less time, and in a more balanced manner. They equipped the building with the most advanced technology available, with cutting-edge multimedia conferencing systems, state-of-the-art lighting, and best-in-class energy management. And, for networking the HQ, they chose Cisco SD-Access, a solution of Cisco Digital Network Architecture (Cisco DNA).
“We wanted to equip our brand-new Italian headquarters with the very best networking technology. After a careful evaluation of available options, we decided on Cisco DNA and SD-Access. Together they simplify our IT operations, provide a great experience to our users, and secure our clients’ confidential data. We are now rolling it out to all our branch offices across Italy”
~ Mario Licenziato, Chief Technology Officer, PwC Italy
|Industry: Professional Services
A network designed around user needs
“Providing an uninterrupted and the most secure experience possible was our foremost network design criteria,” explained Simone Demaria, network architect and infrastructure manager at PwC Italy, “and a close second was to get our IT admins the best tools, so they could ensure that the network was continuously delivering it.”
PWC were able to get both with Cisco DNA. Cisco DNA digital-ready Catalyst switches and Wi-Fi 6 access points provide a strong wireless coverage throughout the building. Cisco SD-Access provides the required zero trust security through its multi-level network segmentation that limits the level of access granted to each user or device. IT admin also get more done with Cisco DNA Center, the network controller, with its automation, orchestration, and its use of AI/ML technology in spotting potential issues and helping fix them.
In order to further enhance users’ Wi-Fi experience, “We placed Cisco Aironet Active Sensors at strategic locations in the building.” described Simone, “These sensors send real-time Wi-Fi performance information to the Cisco DNA Center, which is able to detect and fix issues before the users even notice them.” User experience is further enhanced by extensive data aggregation and analytics built into the assurance capabilities of Cisco DNA Center, which provides a complete 360-degree view of each client device making it easy for admin to further monitor and guarantee the best experience possible.
A happy intersection of SecOps and NetOps
Client data privacy and confidentiality is obviously extremely important to PwC. So much so that the corporate office has laid down strict guidelines for all locations globally. “Up until now we have used traditional methods with access control lists (ACLs) in switches and firewalls to filter out unauthorized attempts to access such data, but with the variety of users and the vast amount of data that we have, these can get real complicated real fast,” detailed Simone, “but the zero trust controls built into SD-Access removed the complexity, even eliminated some firewalls, and helped us achieve as much, if not better, levels of security as our corporate mandates.”
IT admins now use SD-Access to define and enforce access policies. These policies define in granular detail the network resources and data that each device can or cannot reach based on its business role. Compared to ACLs, these policies are much easier to setup and maintain and require no manual configurations. Potential security issues are now easier to debug and fix too, and the networking team can usually handle it themselves without involving the security team, saving a lot of time and effort.
From installation to production in four days
With all its capabilities and advanced features, one might think that setting up Cisco SD-Access would be quite a difficult and involved process. On the contrary, the extensive automation built into the Cisco DNA Center and Catalyst 9000 devices makes it a snap. “Exceeding our own expectations, we were able to install, configure redundant core switches, 100 access switches and 380 access points, online and ready for traffic, within four days.” Cisco DNA Center was able to recognize the devices, configure them appropriately, and bring them into production soon after they were installed.
The future is all about innovation
Understanding that networking innovation doesn’t stand still, PwC acquired a long-term Cisco DNA Premier software subscription. This license gives them the freedom to deploy and use a range of networking and security products in the Cisco DNA portfolio, and benefit from the latest features as soon as they are available.
Given the number of connected devices in the building, PwC also plans to use AI Endpoint Analytics – an endpoint discovery and profiling service built into the Cisco DNA Center – to accurately determine the nature of these endpoints and ensure that they are properly segmented and secured.
Although the present prevailing conditions with COVID-19 have slowed return to the office, their HQ tower will eventually host over 2,500 employees. PwC now plans to replicate their success with SD-Access in all their 35 branches across Italy, providing 7,500 employees all over the country with the same robustness, assurance, and security, that their colleagues in HQ are experiencing. With the migration capabilities built into SD-Access, we won’t be surprised if they are able to delight them in no time at all!
Browse more customer stories.
Check out our Intent-Based Networking video channel