Toll Group modernises network to bypass data centres

Toll Group has started a network modernisation project that will eventually see it close data centres currently linking 250 sites around the world to its Azure and AWS cloud environments.

Toll Group’s head of technology David Linton told iTnews that the modernisation project would instead allow the company to connect its sites into the environments with Zscaler’s Zero Trust Exchange (ZTE) cloud platform.

The project will see Toll deploy Zscaler’s Zero Trust Branch (ZTB) hardware gateways across the 250 sites along with its Zero Trust Networking Access offering, Zscaler Internet Access (ZIA) and Zscaler Private Access (ZPA) – the latter providing the means to set access policies.

Speaking to iTnews on the sidelines of Zscaler’s Zenith Live customer event in Vienna, Linton said that the move would shift access-brokering and connectivity to the edge of the company’s network, bypassing SD-WAN nodes and firewall technologies currently hosted in the data centres.

Toll began the project nine months ago. Since then, Linton said, the company had completed the network modernisation program for its two Australian data centres, rolling out the replacement gateways across the 23 domestic sites they served.

The company has shortlisted two delivery partners to repeat that process across the remaining four data centres and 250 sites in its global network.

The ambition, Linton said, was to close the company’s remaining data centres once the project was complete.

“We'll get this done. We'll then do a comprehensive review of our data centres, of what's left there and then look to modernise that into the cloud, and then eventually shut the data centres. That will be the long-term play,” Linton said.

The new model moves Toll’s networking and cloud operations away from a capex spending model to one more reliant on opex. The company estimates that it will generate annual savings of 20 percent per year, Linton said.

Linton said Toll’s data centre network equipment was reaching end-of-life when he took up his current role with the company 14 months ago, requiring a decision on whether to refresh, renew or go in a different direction altogether.

It has provided Toll with an opportunity to re-evaluate its approach to managing its network, he said.

“We've been running some lifecycle management programs around that and we just feel that the cost of running traditional SD-WAN compared to the value you get from it we look at it as a legacy today.

“There are just smarter ways to do things. Rather than our branch sites connecting through to our data centre and then going out to the cloud, we connect to Zscaler and then straight out to the cloud,” Linton said.

Linton said that the move had helped the company eliminate a procurement bottleneck slowing its time-to-market when it needed to establish new sites.

Under the previous approach, he said, establishing new sites required the company to rely on a managed service provider to acquire its connectivity and SD-WAN hardware, which was supplied as a package.

“What our predecessors had done is given this out to managed service providers and it’s all bundled up, so our business didn't have choice of ISP and SD-WAN overlay.

“It’s not a one size fits all – there are multiple patterns created – but it’s slow to procure,” Linton said.

The current process takes around six to eight weeks. However, under the new approach, the company can choose an internet provider, install a ZTB gateway at a new site and deploy a set of access policies in around two weeks.

The move also appears to be part of a broader change that has seen the logistics specialist move away from its reliance on its data centres, with Toll having already moved around 70 percent of its application workloads into AWS and Azure.

Andrew Colley travelled to Vienna as a guest of Zscaler