Let´s talk

Case studies

David Jones

David Jones is one of Australia’s most iconic and prestigious department store retailers, with a heritage spanning more than 185 years. Headquartered in Melbourne, the company operates a network of flagship and regional stores across Australia, offering a premium retail experience across fashion, beauty, homewares, and food. As a large-scale retail enterprise, David Jones relies on a highly distributed and resilient IT infrastructure to connect its corporate hub, data centres, and branch locations. Secure and high-performance network connectivity is therefore a critical business requirement. 

Challenges

David Jones faced several significant network security and reliability challenges across its Fortinet-managed SD-WAN and firewall environment. Performance SLAs across the SD-WAN environment were incompletely configured, and at the hub level there were no visible SD-WAN health checks or SLA definitions. This introduced the risk of undetected link degradation and inconsistent traffic-steering decisions across the overlay network. 

Security policy weaknesses also created exposure. Overly broad firewall policies were in place, including an “Allow-DNS-Outbound” rule that permitted DNS traffic from any source to any destination within the Internet zone without security inspection profiles. Traffic traversing MPLS, the SD-WAN overlay, and internal zones was governed by any-any firewall policies without inspection, creating significant risk of lateral movement and potential data exfiltration. In addition, a policy identified as “No NAT on HUB-1” was associated with RADIUS authentication and presented an unresolved production security risk. 

Authentication and access control required improvement. Multi-Factor Authentication (MFA) was not enabled for administrative accounts, leaving privileged access reliant on usernames and passwords only and exposing management interfaces to credential-based attacks. 

Finally, the high-availability architecture was misaligned with the intended data centre design. Both hub firewalls were operating in active-active mode without a formal HA configuration, creating risks to traffic continuity and complicating the planned migration from Checkpoint to Fortinet hub firewalls.

Solution

Oreta conducted a detailed technical assessment of the Fortinet environment and developed a structured remediation and uplift plan to address each identified risk area. 

A comprehensive SD-WAN health-check framework was designed and implemented, including latency and jitter thresholds alongside existing packet-loss parameters. Hub-level health checks and SLA definitions were introduced, enabling the hub to independently monitor link performance and make informed traffic-steering decisions. 

Firewall policies were reviewed and rationalised, replacing overly broad rules with zone-specific, application-aware policies supported by appropriate security inspection profiles. The DNS outbound policy was tightened to restrict source scope and enforce inspection, removing a major blind spot in outbound traffic monitoring. The legacy RADIUS-associated “No NAT” rule was reviewed and remediated to eliminate production risk. 

Multi-Factor Authentication was implemented for all administrative accounts across the Fortinet management plane and integrated with the customer’s existing identity infrastructure. This removed the single-factor authentication risk and aligned the environment with industry best practice and compliance expectations. 

Oreta also redesigned the hub firewall cluster from active-active to active-standby mode, aligning the architecture with the approved data centre design and ensuring predictable and reliable failover behaviour.

Outcome

Following Oreta’s engagement, David Jones achieved measurable improvements across its Fortinet SD-WAN and security environment: 

  • End-to-end SD-WAN SLA visibility with latency, jitter, and packet-loss thresholds configured at both hub and branch levels  
  • Reduced firewall attack surface through the removal of any-any policies and enforcement of inspection across key traffic flows  
  • Hardened administrative access with MFA enforcement across the Fortinet environment  
  • Production-ready active-standby high-availability architecture delivering consistent and predictable failover  

Feedback

“I would recommend Oreta for their strong technical expertise and outcome-driven approach. They took full ownership of identifying, designing, and delivering a solution aligned with best practices and our operational needs. Before Oreta, true high availability was our biggest challenge, and failover was unpredictable and risky. By redesigning our environment with a proper active-standby HA architecture, Oreta gave us confidence that failover would perform exactly as expected. Testing confirmed seamless failover, providing real assurance that the business is protected during outages.”
David Jones,

Other Case Studies

  • Network

Managed Network & Fortinet Security Services for Greystar’s Australian Properties

Greystar is a global residential property leader delivering community-focused rental housing and student accommodation across Australia and worldwide.
  • Managed Services

Constructing a Smarter ICT Future: Oreta’s Managed Services Journey with Winslow

Winslow Constructors is a major Australian construction company delivering large-scale infrastructure projects nationwide.
  • Microsoft

Replacing a Legacy SIEM Solution with Actionable Threat Response Using Microsoft Sentinel

We empower businesses to thrive by delivering tailored cloud, security, network, and telco solutions. Through advisory, delivery, and managed services, we partner with our customers to innovate, connect, and achieve lasting impact.

Melbourne Office
(Managed IT Services)

Level 7, Tower 2
727 Collins Street
Melbourne, VIC 3000

Dubai Office

The Offices 5, Level 3,
Office 303,
One Central Dubai
World Trade Centre
Dubai, United Arab Emirates

Sydney Office
(Managed IT Services)

Level 11, 14 Martin Place
Sydney NSW 2000

India Office

11th floor, Plot No. I-56, IT City, Sector 83A, Mohali, Punjab – 140308

Enquiries

Follow us:

Privacy policy
Conrade Pty Ltd, trading as Oreta. All Rights Reserved.
2026

Let's talk