In 2024, UniSQ kicked off a major uplift of our network perimeter, inter‑campus core, and Internet edge to support rapidly growing bandwidth demands and new high‑throughput firewall capabilities. What started as a simple bandwidth increase quickly evolved into a full re‑architecture of how our campuses connect, encrypt, and route traffic across the UniSQ Wide Area Network.

This session walks through the technical and operational drivers behind the redesign, including the push towards 100Gbps inter‑campus and Internet capacity, the introduction of new firewall hardware, and the need to eliminate legacy Layer 2 stretching between sites. We’ll share how we approached building a highly available, no single point of failure design while running multiple routing protocols (OSPF, BGP, EVPN) and simplifying firewall routing through a static‑route model.

Rather than a deep dive into configs, this presentation focuses on the architectural decisions, the trade offs we had to make and the lessons learned along the way. If you're thinking about redesigning your perimeter or scaling your Internet edge, this is a story you’ll probably recognise and hopefully find useful.