The Itential Platform
The agentic operations platform for infrastructure teams.
Platform Overview
CAPABILITIES
DEVELOPER RESOURCES
Our Customers
See why top organizations choose Itential
Learn More
INDUSTRIES
CASE STUDIES
Customer Stories
Lumen’s Network Automation Journey: From Manual Workflows to AI-Assisted Autonomy
Customer Stories
How Southern California Edison Is Automating the Grid for an AI-Driven Future
Latest News
Itential unveils FlowAI, delivering agentic orchestration for infrastructure operations.
Learn More
Company
Partners
Featured Partner
KNOWLEDGE HUB
Explore all Resources
SEARCH BY TYPE
FEATURED RESOURCES
Analyst Reports
451 Research: Autonomous, Governed AI for Enterprise Infrastructure Operations
Blogs
Why Agent Sprawl Is the Next Script Sprawl
Podcasts
Operator to Agent Manager: Network Engineering’s Future | Ship AI
Itential logo
Case Study

Major FinTech Shifts From Yearly Change Windows to On-Demand Network Security

How a major FinTech saved 2,313 hours and closed the security exposure that came with patching its multi-vendor network only once a year.

Challenge

Frequent vendor patches and security updates were essential – but the network team could only execute upgrades inside a single yearly change window. Devices sat out of date, creating security exposure the business could not accept.

Icon of a lightbulb
Solution

Itential turned manual, multi-vendor software upgrades and configuration changes into end-to-end orchestrated workflows – with pre-checks, post-checks, and systems of record integrated into a single execution.

icon showing a checkmark on lines of text or code
Why Itential

Workflow building was fast enough to translate SME knowledge into reusable assets in days. Out-of-the-box integrations and Golden Configuration gave the team multi-vendor standardization without writing per-device scripts.

The Challenge

Escalating Security Requirements in a High-Stakes Industry

Operating in financial services means a constantly rising security bar. Vendor patches and software updates arrive more frequently than they used to, and the consequences of falling behind grow with every cycle.

The network team faced that bar armed only with scattered task automation and mostly manual change processes. At the scale of their multi-vendor network, that meant upgrades happened once per year inside a designated change window – leaving devices out of date and creating security exposure the business could not accept.

Their infrastructure spanned multiple domains and vendors, with diverse toolsets and systems. Existing Python automation worked for small tasks but fell short of end-to-end orchestration. The manual effort, time, and specialized skills required for upgrades placed growing strain on team capacity.

Three Constraints Behind the Yearly Change Window

Each one made it harder to keep a multi-vendor network patched, compliant, and audit-ready.

Scripts That Stopped Short of Orchestration

Existing Python scripts handled small-scale tasks but did not deliver end-to-end orchestration across the multi-vendor infrastructure. Each upgrade still required manual coordination, custom validation, and engineer-intensive handoffs.

Specialist Capacity, Not Specialist Volume

The effort, time, and specialized skills needed to manage updates placed growing strain on team capacity. Senior engineers spent cycles on repeatable upgrade work instead of higher-value initiatives.

Yearly Windows, Year-Round Risk

A single change window per year meant most devices spent most of the year out of date. With stringent security standards and a fast-moving threat landscape, that exposure was no longer tolerable.

The yearly change windows just were not working. But there was nothing else we could do with what we had. Because we have some pretty stringent security standards, we really just had to try something different.
Network Engineer
Major FinTech

The team did not need more scripts. They needed an orchestration platform that could move multi-vendor change off the yearly change calendar entirely.

Why Itential

Why They Chose Itential

During the evaluation, the organization worked through use cases in Itential workshops and demos – SD-WAN deployment, Panorama security rule management, CI/CD pipeline integration. The team built working workflows for those use cases in days, translating business logic and SME knowledge into repeatable, scalable assets. Several capabilities anchored the decision.

One Platform for Multi-Vendor Standardization

Five capabilities sat at the center of the decision – together giving the team a foundation for end-to-end orchestration with governance and compliance built in.

Explore the Platform
End-to-End Orchestration

Seamless integration across the multi-vendor, multi-domain infrastructure, incorporating existing Python scripts rather than forcing a rewrite. The team kept what worked and orchestrated above it.

User-Friendly Workflow Builder

Drag-and-drop functionality abstracted the underlying network complexity, letting engineers build modular, reusable, scalable workflows quickly – and giving SMEs a way to translate their knowledge into shared assets.

Out-of-the-Box Integrations

Open source integrations for ServiceNow, Palo Alto Panorama, and other common systems reduced time-to-value. Rapid API generation handled everything else, so the team did not write new integration code for every controller.

Golden Configuration

Hierarchical Golden Configuration templates automated compliance management across multiple device types, vendors, and network domains – providing the configuration consistency multi-vendor environments rarely achieve.

Compliance Reporting

Reports across both CLI and API devices, with Compliance Plans that deliver key compliance insights directly to the applications and teams that need them.

The Solution

Multi-Domain Workflows Built Once, Run On-Demand

With Itential, the network team turned software upgrades and configuration changes from once-a-year manual processes into orchestrated, repeatable workflows – running whenever the business needed them.

icon showing connections between nodes
Software Upgrades, On-Demand

Upgrade workflows decoupled from a yearly change window. Pre-checks, the config push, post-checks, and systems of record updates all run as one end-to-end execution – letting the team patch when patches arrive, not when the calendar allows.

Firewall Policy Automation

Standardized firewall rule management across multiple network and cloud domains, including Palo Alto Panorama and Zscaler whitelisting – giving security and network operations a shared, governed execution path.

icon of a cog and lines of text or code
Golden Config & Compliance Reporting

Hierarchical Golden Configuration templates plus compliance reporting across CLI and API devices – keeping multi-vendor infrastructure consistent and audit-ready without manual reconciliation.

box with organizational lines below icon
Change Management Integration

Network workflows integrated with the team’s existing change control systems, so every orchestrated change carried the same approval, audit, and record-keeping standards the business already required.

Itential let us build out workflows that account for all our requirements. Not just the config push, but things like pre-checks, post-checks, systems of record took up a lot of engineers’ time. It lets us decouple our software upgrades from a preset change window so we can ensure everything is always up to date across the network.
Director, Network & Cloud Infrastructure
Major FinTech
The Outcome

Reducing Risk & Delivering Business Impact with Orchestration

Moving from once-a-year change windows to on-demand orchestrated execution produced measurable returns in hours, capacity, and security posture.

2,313
Hours Saved
By automating software upgrade and configuration management use cases across the multi-vendor infrastructure.
1.11
FTE Freed Up
Equivalent engineering capacity returned to higher-value work after upgrade and configuration automation went live.
5
Use Case Domains Automated
Firewall policy, software upgrades, SilverPeak routes, Zscaler whitelisting, and device onboarding – all orchestrated through one platform.
5+
Vendor Domains Unified
Multi-vendor, multi-domain workflows spanning network, cloud, security, load balancers, and change management systems – orchestrated through a single platform.
Decoupled from the Yearly Change Window
Software upgrades and configuration changes no longer wait for an annual change calendar. The team now patches when patches arrive – closing the security exposure that came with devices sitting out of date.

What’s Next


With orchestration in place across software upgrades, firewall policy, and compliance, the team is extending the model to more of its multi-vendor estate – driving toward a NetDevOps-style operating model where every infrastructure change runs through a governed, repeatable workflow integrated with change management.


Continued focus areas include expanding compliance plans across additional device types, deepening ServiceNow and Panorama integrations, and treating the workflow library as a shared organizational asset that grows with every new use case.

Keep Learning

The Latest in Infrastructure Orchestration

Customer Stories
How a Global Enterprise Is Orchestrating PCI Compliance & Infrastructure Change With Itential
Read more
Blogs
Customer Spotlight: How a Major FinTech Is Delivering Secure, Consistent, & Compliant Network Operations
Read more
Demos
Agentic Network Device Health Checks with Templated Prompts | FlowAI
Watch now
Analyst Reports
Gartner Predicts 2026: AI Agents Will Reshape Infrastructure & Operations
Read more
Blogs
The New Hybrid Reality: How Distributed Infrastructure Is Breaking Traditional Automation
Read more
Get Started

Agentic infrastructure operations starts here.

See how Itential connects AI reasoning to governed execution across your entire infrastructure.

Talk to our Experts