How a Multi-Site Dubai Group Secured Its Network with Segmentation and FortiGate
Multi-Site F&B Group (Dubai) - Network Infrastructure & Security
Challenge
A growing food & beverage group operating multiple venues across Dubai had expanded faster than its network could keep up. The infrastructure had grown organically into a flat, largely undocumented topology — point-of-sale terminals, back-office accounting, CCTV and guest Wi-Fi all shared the same broadcast domain, with no isolation between sensitive systems and public traffic.
Leadership needed a clear, documented picture of what was actually running on the network, a firewall they could trust at the edge, and proper segmentation so a compromised guest device or POS terminal could never reach financial or management systems.
Solution
NOCKO began with a full L2/L3 topology audit, mapping every interface, VLAN and data flow into a single as-built diagram. We deployed a FortiGate firewall as the edge gateway handling NAT and secure IPsec VPN access for remote staff, and configured a Cisco Nexus core switch to perform inter-VLAN routing.
The flat network was re-architected into dedicated VLANs — corporate, point-of-sale, back-office, CCTV and guest — with access-control lists restricting the sensitive segments so that guest and public devices are fully isolated from financial and management systems. The entire design was documented and handed over as a maintainable reference.
Results
"For the first time we actually know what our network looks like. Guest devices can no longer touch our POS or accounts, and remote staff connect securely. NOCKO turned a tangle of cables into a documented, defensible system."