In today’s rapidly evolving business landscape, divestitures have become a common strategy for organizations to restructure, focus on core competencies, or drive growth. However, executing a successful divestiture involves intricate planning, especially when it comes to the transformation of network infrastructure. Networking infrastructure is where Alkira’s innovative NaaS solutions come into play. Alkira confidently empowers businesses to navigate the challenges of network separation, connectivity, and security by seamlessly integrating cutting-edge technology with the complexities of divestitures. In this use case, we delve into how Alkira’s NaaS networking facilitates smooth and efficient divestitures, ensuring businesses can focus on their strategic goals while leaving network complexities in capable hands.

Business Challenges

Financial Implications: Divestitures can have significant financial implications regarding one-time gains or losses on the sale and ongoing financial performance after the divestiture. The parent company must carefully assess the impact of the divestiture on its financial statements and future profitability.

Operational Challenges: The finance department of the selling company is a significant contributor to the operational side of the divestment. Their primary function is to measure the effects on the company’s bottom line (net profits or net earnings). Hence, accurate record-keeping and financial reporting are necessities for a successful divestment.

Business Continuity: Ensuring business continuity for both the parent company and the divested entity during the transition is crucial. It requires detailed planning to prevent disruptions in operations, customer service, and supply chain management.

Data Separation: One of the most significant challenges is separating the IT infrastructure and data of the divested entity from the parent company. The divestitures involve disentangling databases, applications, and systems that were previously integrated, ensuring data privacy and security during the process.

Technical Challenges

Application and System Separation: Divesting a business unit may require separating shared applications and systems. This can be complex, especially if the divested entity relied heavily on systems tightly integrated with the parent company’s infrastructure.

Infrastructure Transition: Divesting a business unit may require migrating IT infrastructure to a separate environment or handing over the ownership and management of infrastructure components to the new entity.

Cybersecurity and Data Privacy: Divestitures can introduce cybersecurity risks and data privacy concerns. Ensuring the security and privacy of both the parent company’s and divested entity’s data during the transition is critical.

Technical Requirements

Figure 1: Connectivity for On-premise and cloud environments using CSP (Cloud Service Provider) Transit for Divested Entity (New Corp) and Parent Company (ABC Corp)

Divestitures involve separating network infrastructure, applications, and data between entities. To ensure a successful and smooth transition, several networking features are essential. Here are some key networking features required for divestitures:

Network Segmentation: Divestitures demand precise segmentation of network resources to isolate the divested entity’s operations from the parent organization’s. This prevents data leakage, ensures compliance, and maintains operational efficiency.

Micro-Segmentation: Beyond basic network segmentation, the divestiture involves micro-segmentation, dividing networks into smaller segments for finer control over data flows. This is essential to prevent lateral movement of threats and unauthorized access.

Zero Trust Architecture: Implementing a zero trust approach ensures that no internal or external entity is trusted by default. This security model helps maintain a strong security posture during and after the divestiture.

Virtual Private Networks (VPNs): VPNs provide secure communication channels over public networks, ensuring encrypted data transmission between divested entities and other networks, including the parent organization.

Firewalls and Access Controls: Robust firewalls and access controls are necessary to define and enforce policies that limit access to specific resources. This prevents unauthorized access and ensures compliance with security standards.

Network Monitoring and Analytics: Real-time monitoring and analytics tools help detect anomalies and potential security breaches. Visibility into network traffic is crucial for identifying and addressing issues promptly.

Alkira Solution for Divestitures

Alkira Cloud Networking is the first unified global backbone multi-cloud network delivered as a service. With its pioneering NaaS solution, Alkira introduces a new era of simplicity and agility in managing network separations during divestitures. By seamlessly integrating advanced networking capabilities with the intricacies of divestiture scenarios, Alkira empowers businesses to execute these transformative journeys with unprecedented ease.

Alkira allows spun companies to use the same architecture to onboard their resources, whether in multiple cloud environments or on-premise environments. Alkira CNaaS offers the same approach for connecting on-premise infrastructure to Alkira CXPs by leveraging various methods, including AWS Direct Connect, Azure Express Routes, and IPsec/SD-WAN Connections from their DCs and branches.

Alkira’s solution also allows customers who would like to inspect the traffic between on-premise to cloud or multi-cloud environments to use a policy-driven framework to inspect traffic as per the requirements.

Figure 2: Connectivity for On-premise and cloud environments using Alkira for Divested Entity (New Corp) and Parent Company (ABC Corp)

Alkira Solution Benefits

Segmentation

Alkira can provide isolation of workloads and communication for parent companies and divested entities. Traffic across segments can be inspected as well. Since a segment represents a unique routing and policy space, maintaining isolation becomes seamless for customers. Workloads for the parent company and divested entity can be isolated as needed.

Refer to this blog for more details about cloud network segmentation.

Seamless Firewall Integration

Alkira provides seamless integration with vendors like Fortinet, Check Point, and Palo Alto or traffic inspection for any type of traffic flow. Functionality like autoscaling comes as part of the solution, which helps to scale up or down depending on the requirements.

For more details, please refer to this multi-cloud inline traffic inspection blog.

NAT

The Alkira CXPs or cloud exchange points form a networking fabric in the cloud that you can connect to on-premise sites like SD-WAN or standard IPsec sites or private connectivity options such as Direct Connect and Express Route connect your cloud networks using native constructs. Once these on-prem sites and cloud networks like VPC or VNets are connected to the Alkira CXPs – where overlapping IP spaces are allowed, Alkira’s policies can be applied network-wide to them, and part of the policy is NAT. Hence any resources which have overlapping IP addresses can be handled via NAT.

For more details, please refer to this blog about solving overlapping IPs in a multi-cloud environment.

Automation with Terraform

Network Infrastructure deployment at a large scale requires automation, and Alkira helps to solve this, wherein the customer can use Terraform to provision the network infrastructure for Alkira.

Schedule a demo today, and our team of experts will be happy to show you how Alkira can provide seamless connectivity for divestiture environments.

About the Authors :    & 

Ahmed Abeer is a Sr. Product Manager at Alkira, where he is responsible for building a best-in-class Multi-Cloud Networking and Security Product. He has been in Product Management for more than ten years in different big and small organizations. He has worked with large enterprise and service provider customers to enable LTE/5G MPLS network infrastructure, automate Layer 3 Data Center, enable Next-Gen Multi-Cloud architecture, and define customers’ Multi-Cloud strategies. Ahmed’s technical expertise in Cloud Computing and Layer 2/Layer 3 network technologies. Ahmed is a public speaker at various conferences & forums and holds a Master’s Degree in Computer Engineering

Deepesh Kumar is a Solutions Architect and product specialist in the computer networking industry with over 8 years of experience. He currently works as part of the post sales team at Alkira and focuses on working with customers to design and deploy the Alkira solution. Prior to working here, he worked at Viptela which was acquired by Cisco Systems. He holds a masters degree from San Jose State University.