~/jwright
← All projects

Case study

Global Infrastructure Modernisation

Modernised enterprise infrastructure at scale — ~1,000 VMs, segmented networks, multi-region cloud migration.

Infrastructure Engineer · Virtus Health / Linde·2019 – 2025

  • VMware
  • Azure
  • SD-WAN
  • Aruba ClearPass
  • FortiGate
  • Microsoft 365

Problem

Enterprise estates accrete. Flat networks, sprawling VM counts, aging firewalls, and on-prem-only services become a security and operations drag. The work: modernise without breaking a global business that runs 24/7.

Constraints

  • Keep the lights on — change a live, multi-region estate without downtime.
  • Security and compliance — segmentation, patching, and auditability throughout.
  • Cost-aware — modernise to cloud where it pays, not for its own sake.

Design

Across global roles I ran and improved a ~1,000-VM VMware estate and re-segmented flat sites into isolated VLAN ranges, layering in SD-WAN and Aruba ClearPass onboarding for a tiered, authenticated network. Palo Alto / FortiGate firewalls were upgraded and redesigned around the new segmentation. Workloads and identity moved to Azure (Blob, AVS) and Microsoft 365 — including an ERP hardware refresh with a new DR solution, and a region-wide PBX-to-VoIP migration.

Security & reliability decisions

  • Flat → segmented — isolation by design, not by exception.
  • Authenticated access (ClearPass, 802.1x) — the network knows who’s on it.
  • Patched, current firewalls — closing the easy doors first.
  • DR built in — recovery designed, not assumed.

Outcome

A more secure, segmented, cloud-leaning estate that’s cheaper to run and easier to operate — delivered against live-business constraints across multiple regions.

Future improvements

The throughline from this work to the edge platforms: take the same segmentation and identity rigour and express it as code, so a thousand-VM estate and a single edge node are governed the same way.