AWS for Industries

Skechers Steps up Network Transformation with AWS Cloud WAN, Network Firewall, and Direct Connect

This post is co-written with Dino Padilla, Sr. Cloud Engineer, Skechers USA, and Gabriel Sandoval, Sr. Manager Cloud Platforms & GenAI, Skechers USA

In early 2024, global footwear leader Skechers USA continued its cloud transformation journey. To address the infrastructure challenges that could threaten its growth, Skechers redesigned its AWS Cloud network. This blog post chronicles how Skechers migrated from a complex, fragmented network topology to a streamlined, resilient global infrastructure—securely powered by AWS Cloud WAN, AWS Network Firewall, and AWS Direct Connect.

Reasons to Migrate and Business Problems to Solve

As Skechers cloud platform engineers navigated the complexities of cloud networking, they encountered several challenges that prompted Skechers to reevaluate its infrastructure and practices. Three key issues stood out as significant hurdles in its cloud environment: excessive VPNs, aging firewalls, and manual route management.

1. Excessive VPNs
Skechers’ cloud network had organically grown into a global, multi-region infrastructure, resulting in a proliferation of Virtual Private Networks (VPNs). While these provided secure connections, Skechers cloud engineers found themselves managing an increasingly complex set of policies and a costly network topology that was becoming difficult to maintain and troubleshoot. And with rapid network expansion and hybrid connectivity, constant security analysis became cumbersome because it wasn’t centrally managed.

2. Aging firewalls with single points of failure
As Skechers scaled its cloud presence, it realized that maintaining the legacy firewall infrastructure was not only becoming a security liability but also creating potential single points of failure. And with continual security updates and maintenance delays, these vulnerabilities risked both network stability and business continuity.

3. Manual route management
Skechers’ legacy approach—manually managing network routes and analyzing secure network flows—had become increasingly time-consuming and error-prone. The cloud platform engineering team recognized that this approach was unsustainable and hindered their ability to scale efficiently.

These challenges led Skechers to identify the following three critical business concerns.

i. Risk reduction—modernizing its cloud network infrastructure would eliminate single points of failure and enhance its overall security posture.
ii. Improved time to delivery—streamlining network management and automating processes would allow for faster implementation and new services in Skechers’ cloud environment.
iii. Less operational overhead and waste—simplifying cloud network topology and automating route management would reduce IT workloads, minimize human errors, and optimize resource allocation.

By addressing these issues directly, Skechers aimed to create a more robust, efficient, and scalable cloud networking solution that would better serve its needs and support future growth.

The Path to Transformation

First, Skechers comprehensively reviewed its recurring challenges. In collaboration with AWS and its partners, Skechers held several infrastructure discussions. It settled on addressing business requirements using AWS Cloud WAN, AWS Network Firewall, and AWS Direct Connect.

Recognizing the complexity and scale of the complete transformation, Skechers created a phased implementation timeline of 12 months. To build its core network, Skechers established the AWS Cloud WAN and its various segments. Skechers also migrated from all VPNs to AWS Direct Connect, significantly enhancing network performance and reliability. Finally, Skechers systematically migrated subnets into the AWS Cloud WAN core network, integrating resources into the new architecture.

Using AWS Network Manager, Skechers managed and visualized the entire network from a single portal. This portal helped the team streamline changes and view network utilization reports without switching screens. Configuration changes can also be local—Skechers can wait until maintenance windows to apply changes to the production network—reducing stress and outages that could affect operations.

For infrastructure as code, Skechers used Terraform in conjunction with a third-party Runway tool. Skechers engineers also developed custom scripts to audit their progress, allowing Skechers to track the migration meticulously. To measure migration success, Skechers focused on key metrics for lowering latency, reducing the number of active VPN tunnels, and minimizing the number of core network attachments.

Conclusion

This carefully orchestrated approach helped Skechers navigate the complexities of its network transformation successfully. By using AWS managed services and following a well-planned, phased implementation, Skechers modernized its infrastructure while maintaining service continuity for its users. The solution was successful: Skechers accelerated VPC deployment time by 80 percent, eliminated 100 percent of associated VPNs and third-party firewalls, and significantly reduced transit gateway route management efforts. Skechers has built a more robust, efficient, and scalable network architecture that not only addresses current needs but also positions the company for a competitive edge, continued growth, and innovation in the global marketplace.

Contact an AWS representative to learn how we can help accelerate your business.

Further reading

Acknowledgment

Thank you for your contribution to this blog:

Gabriel Sandoval, a native of Southern California, has roots in diverse communities, including Culver City, South Bay, East Los Angeles, South Central, and Watts. His journey in the technology sector began immediately after high school graduation, showcasing his early passion for the field. As a former Venice Gondolier, Gabriel has cultivated a powerful growth mindset that has driven innovation. Fostering the school’s motto, “Rowing not drifting,” his forward-thinking approach has significantly shaped the future of Cloud technology and expanded its capabilities. Through his work, Gabriel continues to push the boundaries of what’s possible in the ever-evolving tech world. You can reach him on LinkedIn.

Dino Padilla is a senior cloud engineer with 10+ years of experience in enterprise technologies. Specializing in multi-cloud environments, Dino has successfully led large-scale digital transformations for large scale enterprises across diverse industries. His deep knowledge of AWS, coupled with a strong background in DevOps practices, containerization, and serverless architectures continues to drive his optimization of cloud infrastructure for scalability, security, and cost-efficiency, consistently delivering solutions that drive business growth and innovation. You can reach him on LinkedIn.

Ameel Kamboh

Ameel Kamboh

Ameel Kamboh is a Senior Solutions Architect at AWS with a background in building 9-1-1 networks globally. With 28+ years of experience in networking and building complex applications, Ameel has focused his designs on high availability and scalability. At AWS, Ameel has broadened his scope in the retail enterprise sector, delivering innovative solutions to customers.

Nick Berg

Nick Berg

Nick Berg is a Senior Enterprise Account Manager at AWS with 15+ years of experience in digital transformations and enterprise technology. In his current role, Nick serves as a strategic advisor for fashion and apparel customers and is an active member of the AWS retail community.

Vivek Shervegar

Vivek Shervegar

Vivek Shervegar is a Technical Account Manager at AWS, with 8+ years of experience in Network Engineering and Security. In his current role, Vivek serves as an operational solutions architect, focusing on driving operational excellence for AWS Retail customers. He leverages his technical expertise to advocate for and implement best practices, ensuring optimal performance and reliability of cloud infrastructure.