Cisco Secure Service Edge Rollout
- Customer
- LTIMindtree
- Project manager on the customer side
-
- Year of project completion
- 2024
- Project timeline
- August, 2024 - November, 2024
- Project scope
- 80000 automated workstations
- Goals
- The primary objective of this project is to implement a scalable, cloud-native security solution that enables secure, unified, and zero-trust access for a rapidly evolving modern work environment. This initiative aims to support the increasing adoption of SaaS applications and remote access by streamlining user access management, enhancing secure connectivity for remote and hybrid workforces, and improving enterprise-wide visibility and data protection. By optimizing identity management, threat detection, and secure web gateway operations, the project seeks to reduce complexity and strengthen the overall security posture across all business units.
- Project Results
- We ended up migrating 80,000+ endpoints and 1,200+ projects across 40+ business units in under 100 days. This also covered all geographies that LTIMindtree operates in - which is 41 countries. This initiative was a cornerstone of the company’s Zero Trust strategy, modernizing proxy infrastructure to enhance security, policy enforcement, and operational efficiency
The uniqueness of the project
The Cisco SSE migration project at LTIMindtree stands out for its scale, speed, and strategic impact. It transformed enterprise security across 80,000 endpoints, 1,200+ projects, and 40+ business units—all within an aggressive 100-day timeline. The initiative replaced legacy proxy systems with a modern Zero Trust architecture, enabling secure, scalable, and policy-driven access globally.
A key differentiator was the sprint-based execution model, which included both Windows and macOS platforms. Deployment was automated using Microsoft Intune, enhanced by in-house Python and PowerShell scripting to:
- Seamlessly deploy the Cisco SSE client,
- Switch over from legacy proxy platforms,
- Enable automated rollback as part of a robust recovery plan.
Operational excellence was ensured through real-time PowerBI dashboards, centralized issue tracking, and proactive user communication. The project maintained uninterrupted operations during migration and supported compliance for customer ODCs.
Importantly, LTIMindtree’s complex use cases directly influenced product innovation at Cisco, shaping new features that have since been adopted across the industry. This project exemplifies how engineering-led execution and strategic collaboration can redefine enterprise security at scale- Used software
-
Below platforms / solutions were consumed during the project
-
Cisco Secure Service Edge (SSE) Proxy
-
Microsoft Intune (automated rollout)
-
PowerShell scripting (Windows endpoint transition)
-
Python scripting (Mac endpoint transition)
-
Power BI dashboard (governance and progress tracking)
-
SSL decryption and SSO integration
-
- Difficulty of implementation
-
The Cisco SSE migration involved navigating proxy conflicts, VPN instability, and trusted network detection gaps during the transition from the legacy proxy solution. These were mitigated through phased deployment, dynamic proxy switching, and pilot testing. Automation via Intune and JAMF, supported by in-house Python and PowerShell scripting, enabled seamless rollout, switchover, and rollback across Windows and macOS devices.
To ensure continuity and momentum, unforeseen issues and user availability challenges were proactively addressed by engaging the Cisco Tiger Team, Cisco Product Team, and in-house SMEs, ensuring the migration process was never halted. Latency was resolved through Cisco route optimization, customer resistance to IP whitelisting was managed through strategic engagement, and visibility gaps were closed with a Power BI dashboard for real-time tracking. Feature compatibility was ensured through phase-wise testing and success criteria validation. - Project Description
-
LTIMindtree became one of the first in the industry to adopt Cisco Secure Service Edge (SSE) Proxy at scale—migrating 80,000+ endpoints and 1,200+ projects across 40+ business units in under 100 days. This initiative was a cornerstone of the company’s Zero Trust strategy, modernizing proxy infrastructure to enhance security, policy enforcement, and operational efficiency.
The phased rollout—from UAT to full production—was automated via Microsoft Intune, with SSL decryption and SSO integration ensuring secure, seamless access. Platform-agnostic scripting (PowerShell for Windows, Python for Mac) enabled consistent deployment across environments.
A Power BI dashboard provided real-time governance, allowing leadership to track progress and intervene proactively. Despite the complexity of the migration, business disruption was kept to a minimum—demonstrating precision in execution and strong cross-functional coordination - Project geography
- The user base of 80000+ is spread across 41 countries, that covers all geographies that LTIMindtree operates in
- Additional presentations:
- press release.pdftestimonial.pdfGlobal CIO POTY - Cisco SSE.pdf