Microsoft Cloud & Datacentre Management MVP

Unlock the Power of the Cloud

Make your infrastructure as flexible as your business

SD-WAN & SASE Zero Trust Multi-Cloud Design Authority Network Architecture
Explore Services Get in Touch
20+ Years of Enterprise Experience
8 Cloud & Network Certifications
1000+ Locations Transformed
MVP Microsoft Most Valuable Professional

Services

Specialist consulting across the full lifecycle — from strategy and architecture through to design, delivery, and operational handover.

SD-WAN & SASE Design

Specialist Fortinet and zScaler architecture for enterprise SD-WAN, SASE, and ZTNA deployments — from design through to operational handover.

  • Fortinet FortiGate/FortiManager SD-WAN architecture
  • zScaler ZTNA & Internet Access integration
  • Overlay design & performance-based routing
  • DIA & MPLS migration planning
  • HLD/LLD production & migration runbooks
Get Started →

Zero Trust & Network Security

Design and deploy Zero Trust architectures with identity-aware segmentation, NGFW policy, and modern security governance frameworks.

  • ZTNA policy design & deployment
  • Identity-aware network segmentation
  • NGFW architecture & policy definition
  • SSL inspection & IDS/IPS configuration
  • Security governance & change control
Get Started →

Cloud Connectivity

Build secure, resilient hybrid networks connecting your locations, data centres, and cloud platforms with BGP-based routing strategies.

  • ExpressRoute & Direct Connect design
  • BGP routing strategy & peering policy
  • Multi-provider internet & DIA
  • Hybrid WAN architecture & resilience
  • Cloud on-ramp & transit design
Get Started →

Infrastructure Architecture

Design scalable, resilient cloud infrastructure aligned to your business objectives and security requirements across Azure and AWS.

  • Cloud platform selection & guidance
  • High availability & DR planning
  • Security architecture & compliance
  • Cost modelling & optimisation
  • Terraform & IaC automation
Get Started →

Cloud Migration Strategy

Plan and execute network and infrastructure migrations from legacy environments to modern cloud platforms, with minimal disruption to operations.

  • Legacy system analysis & workload mapping
  • Phased migration roadmap
  • Risk assessment & business continuity
  • HLD/LLD & migration runbooks
  • Post-migration optimisation
Get Started →

Cloud Readiness Assessment

Evaluate your organisation's network and infrastructure readiness for cloud adoption with a vendor-neutral, structured assessment framework.

  • Network & infrastructure capability review
  • Vendor-neutral technology analysis
  • Detailed readiness scoring
  • Prioritised action plan
  • Executive briefing pack
Get Started →

Success Stories

Delivering network and cloud transformation across retail, financial services, and the public sector — from FTSE 100 retailers to global trading infrastructure.

Marks & Spencer

Retail ● Current

Network Transformation at Scale

Leading network engineering and Design Authority function during major cyber recovery across one of the UK's largest retail estates.

  • Fortinet SD-WAN migration across 1000+ retail & logistics locations
  • zScaler ZTNA deployment with Zero Trust policy definition
  • Design Authority governance framework during crisis response
  • C-level advisory to CIO, CTO, and CISO
Outcome

Delivering network resilience and transformation while maintaining business continuity across a 1000+ location retail estate.

London Stock Exchange Group

Financial Services

Cloud Networking for Global Trading Infrastructure

Cloud Network Architect and Design Authority for the LSEG/Microsoft Azure strategic partnership, supporting enterprise-scale financial services infrastructure.

  • Azure connectivity patterns for low-latency global trading
  • Multi-cloud networking strategy across Azure and AWS
  • Network segmentation & security for regulatory compliance
  • Technical standards and governance across global teams
Outcome

Resilient, low-latency multi-cloud architecture supporting high-frequency financial transactions with strict SLAs.

ASDA

Retail

SD-WAN & Zero Trust for UK Retail

Network architecture leadership driving SD-WAN strategy, zScaler ZTNA deployment, and cloud connectivity across complex always-on retail and logistics operations.

  • SD-WAN roadmap and delivery for cloud-first retail environment
  • zScaler ZTNA with identity-based access controls
  • HLD/LLD for Azure connectivity across retail & logistics
  • Zero-downtime LAN & Wi-Fi migration in 24/7 logistics
  • DIA with BGP peering across multiple providers
Outcome

Modernised, secure network infrastructure supporting always-on retail and logistics operations.

Morrisons

Retail

Cloud-Native Network & Telephony Strategy

Designed comprehensive network and telephony strategy for cloud transformation across 500+ retail and manufacturing locations.

  • VMware NSX-T deployments across data centre & manufacturing
  • Cloud connectivity strategy & roadmap
  • Network security architecture for 500+ retail locations
  • LAN, WAN, data centre, and wireless roadmap development
Outcome

Strategic foundation for cloud-native infrastructure transition while maintaining business continuity.

TSYS / Global Payments

Financial Services

Secure SD-WAN for Global Contact Centres

Designed and led secure SD-WAN architecture for 20+ global contact centres as lead technical authority, producing full HLD, LLD, and migration documentation.

  • SD-WAN HLD, LLD, and migration plans for 20+ contact centres
  • NGFW configuration and segmentation models
  • High-availability design with performance-based routing
  • Dual-underlay architecture for resilience
  • Operational runbooks and service transition
Outcome

Secure, high-performance global network supporting critical payment processing operations.

Leeds City Council

Public Sector

Public Sector Digital Transformation

Network architecture leadership for major local authority, modernising infrastructure and enabling hybrid cloud adoption across 100+ council sites.

  • Cisco ACI data centre migration with runbooks
  • Enterprise wireless across 100+ council sites
  • Technical SME for Full Fibre Broadband programme
  • Network standards and governance framework
Outcome

Modernised infrastructure supporting efficient delivery of public services across the region.

About Simon

Network Lead, Design Authority, and Microsoft MVP with over 20 years delivering enterprise network transformations.

Simon Painter

Network Architect · Design Authority · Microsoft MVP

Simon Painter is a Network Lead, Design Authority, and Microsoft MVP with over 20 years delivering enterprise network transformations across financial services, retail, healthcare, and the public sector. Currently engaged at Marks & Spencer following a major cyber incident, driving Fortinet SD-WAN and zScaler ZTNA deployment at scale across a 1000+ location retail estate.

A specialist in SD-WAN, SASE, and Zero Trust architectures, Simon brings hands-on production experience with Fortinet FortiGate, FortiManager, and zScaler across complex multi-site enterprise environments. His approach combines deep technical authority with strategic clarity: producing High-Level Designs, Low-Level Designs, and migration runbooks that translate business requirements into actionable, resilient solutions.

Prior to M&S, Simon served as Cloud Network Architect and Design Authority for London Stock Exchange Group (LSEG) in partnership with Microsoft Azure, architecting low-latency global trading infrastructure across multi-cloud environments. Earlier engagements at ASDA, Morrisons, Leeds City Council, TSYS, and Lloyds Banking Group have given Simon broad experience across retail, financial services, and the public sector.

Recognised as a Microsoft MVP for Cloud & Datacentre Management in 2025, Simon also writes regularly at simonpainter.com, publishing deep-dive content on BGP, DNS, Azure networking, and cloud connectivity for network engineers navigating the transition to cloud.

Core Expertise

SD-WAN & SASE Architecture

Fortinet FortiGate/FortiManager, zScaler, overlay networking, performance-based routing and DIA migration.

Design Authority & Governance

HLD/LLD production, migration runbooks, change control frameworks, and technical standards for enterprise programmes.

Zero Trust & Network Security

ZTNA deployment, identity-aware segmentation, NGFW policy definition, IDS/IPS, and SSL inspection at enterprise scale.

Multi-Cloud Networking

Azure and AWS ExpressRoute, Direct Connect, BGP, hybrid connectivity, and cloud on-ramp design.

Professional Certifications

Microsoft Most Valuable Professional (MVP)

Cloud & Datacentre Management · Awarded 2025

Azure Network Engineer Associate

Microsoft Certified · AZ-700 · Valid 2026

2023
AWS Advanced Networking Specialty

Amazon Web Services · Valid 2028

2025
AWS Solutions Architect Associate

Amazon Web Services

OCI Architect Associate

Oracle Cloud Infrastructure

Terraform Associate

HashiCorp Certified

Aviatrix ACE Associate

Multi-Cloud Network

Cisco CCNA

Routing & Switching · Operating at CCNP+ level

From the Blog

Deep-dive technical content on BGP, DNS, Azure networking, SD-WAN, and cloud written for network engineers navigating the transition to cloud.

connectivity
Networking

BGP for Enterprise Cloud Connectivity

March 2026 · 42 min read

Read article → Security

Encrypted DNS: What DNS over HTTPS Means for Your Network

February 2026 · 27 min read

Read article → Azure

Azure Virtual Network Routing Appliance

February 2026 · 14 min read

Read article → Strategy

Reducing HIP: This Meeting Could Have Been Code

March 2026 · 14 min read

Read article →
View All Articles →

Simon consistently demonstrated exceptional technical expertise, problem-solving skills, and a strong ability to adapt to new technologies. He communicates complex concepts with clarity, making him an invaluable resource for both technical and non-technical stakeholders. He is also proactive in mentoring others, sharing his expertise, and fostering a culture of learning within the team.

Saleh Ahmed Head of Networks, M&S · Retail Industry Tech Leader & Changemaker

Get in Touch

Ready to transform your network infrastructure? I'd love to hear about your project. Reach out via email or LinkedIn to start the conversation.

Email [email protected] LinkedIn Connect with Simon Blog simonpainter.com