iWAN VPN Solution Case-study

With Cisco CSR 1000v, Katerra can now easily manage their core sites and VPC’s without any compromise.

About CompanyKaterra

Katerra is a Silicon Valley startup that is redefining the multi-faceted construction. The company’s construction technology platform connects Building Information Modeling (BIM) tools and computational design directly to its ERP global supply chain infrastructure for ease of material ordering, manufacturing, tracking, and delivery.  This enables construction companies to optimize every aspect of building development, design, and construction. Today, Katerra has more than 1500 employees, offices in four countries, a growing number of factories, and dozens of active projects across the globe.

Business Case

Katerra was already a large Amazon Web Services (AWS) customer leveraging over 25 sites and 16 Virtual Private Clouds (VPCs) deployed in multiple regions. The network supporting Katerra’s vast infrastructure had become extremely complex, causing security, maintenance and administrative challenges for the engineering team. The intricate connections made it difficult to detect possible outages or tunnel instabilities.

Engineers had to scrutinize each VPC connection independently which was extremely tedious and time-consuming. For Katerra, the downtime costs per minute are extremely high, so it was imperative for the engineering team to be nimble and troubleshoot problems quickly.

To address their challenges, Katerra needed a routing solution which would simplify the infrastructure and ensure seamless connectivity between all their VPC’s and Sites. In addition, Katerra also required the infrastructure to offer high-performance and cost-effectiveness, as these characteristics were critical to their end-offering.

Katerra initially considered using Direct Connect (DC) for connecting the Sites and the VPC’s.  However, DC was not feasible since the sites had limited infrastructure space for building a Multiprotocol Label Switching circuit (MPLS). Katerra realized the need to deploy a (iWAN VPN) VPN solution which would help them overcome their connectivity challenges.

Katerra turned to Mactores –  an advanced consulting partner with AWS to help them design and implement the best solution.


After quickly assessing the technological and business needs, Mactores recommended to Katerra an iWAN VPN solution using Cisco CSR to connect the 16 VPCs and 24 core sites. Mactores set up the Cisco Cloud Services Router 1000v (CSR 1000v) which was a virtual-form-factor router that delivered comprehensive WAN gateway and network services functions into Katerra’s AWS environments.

Mactores implemented the solution in 4 weeks with zero downtime and disruption. A key step in deploying the solution was ensuring Mactores was able to architect a configuration that would work with the systems Katerra already had in place – Mactores had to set up VGP transit protocol to ensure the same configurations.   Mactores designed the architecture to use the same security policies across Katerras environments by leveraging AWS Identity and Access Management.

This allowed Katerra to maintain a strong security posture while eliminating the need for their team to learn and implement new policies or use new credentials. In addition to IAM, Mactores used Amazon CloudWatch to collect and track metrics on Katerra’s AWS environment, this allowed Katerra to understand where they can operate with greater performance, security, and cost-effectiveness.

Business Outcome

Katerra has realized several benefits from implementing CSR 1000V.  Mactores was able to create a centralized AWS networked environment utilizing the transit VPC’s. Moving to a transit VPC solution has simplified management and minimized the number of connections required.

Unlike before, services can be set up virtually without the expense of deploying physical equipment or establishing physical presence in colocation transit hubs. This saves time and effort while lowering costs.

With multiple network links to manage, it was always a challenge for the IT team to maintain appropriate security. Now, with the Cisco CSR 1000V, they have more superior segmentation tools, along with greater control over cloud interconnections. The engineering team can now quickly detect and determine any issues without having the need to scrutinize all the VPC connections.

Looking for a First-Class Technology Consultant?