Simplify and virtualize was the law firm of Eskanos & Adlers credo when replacing an overly complex network its IT staff couldnt manage. For help, the firm called on AccessFlow, a Sacramento, Calif., solution provider.
AccessFlow recommended a virtual network built around VMware ESX servers and Cisco Systems switches. The network saved money and provided IT flexibility and scalability, said Steve Kaplan, president of AccessFlow.
The firm also replaced difficult-to-use Avaya phone systems with a Shore-Tel VOIP (voice over IP) solution, cutting cost and complexity.
"We had gotten to the point where our network had become so segmented and complex that our IT staff was having difficulties performing such simple tasks as adding a computer to the network," said Paul Hicks, director of IT at Eskanos & Adler.
The law firm employs 230 people and specializes in the recovery of delinquent consumer and commercial obligations for clients such as American Express and Sears, Roebuck. In 2002, an e-mail virus hobbled the firms IT network for several days, and thats when the trouble started. The cure, designed to prevent future disasters, made things worse.
To listen to an eWEEK podcast on the state of virualization, click here.
Good idea gone bad
A systems engineer hired as a consultant by Eskanos & Adler to prevent future downtime implemented a firewall and multiple VLANs (virtual LANs). It seemed like a good idea, but as the firm grew and VLANs were added, things became too complex.
"Other than the engineer, nobody on the IT team fully understood how the network worked or was configured," Hicks said.
Complexity went from bad to worse in 2003 when Eskanos & Adler added a remote California office with a second Avaya telephone system. More VLANs were added.
"By the end of 2004, we found ourselves with an extremely complicated network that was causing serious problems," Hicks said. IT personnel could not add computers without involving the network engineer, who alone understood the system.
"There were unexplained network delays and dropouts," Hicks said. The firm hired two consultants to analyze the network, and they were stumped by its intricacy.
Instability weakened the firms disaster recovery capabilities and raised concerns about its ability to meet the exacting recovery requirements of its big financial customers.
Eventually Hicks and his staff decided theyd had enough, concluding they had better redesign the network, replace the Avaya systems and bring in external help.
VMwares technology struck Hicks as the most workable solution because of its simplicity, reliability and relative low cost. AccessFlow assessed the firms needs and drew up a plan.
"We liked AccessFlow because it was the one [solution provider] that brought up the importance of having a suitable network configuration as part of a successful VMware implementation," Hicks said.
AccessFlow discovered the VLANs had been created as independent logical networks within the physical network. The technology itself was not the problem, but rather how it was implemented, said AccessFlows Kaplan.
Experts see a link between virtualization and SOA. Click here to read more.
"The virtualization technology is rarely the problem because VMware is very powerful and scalable," Kaplan said. "What is often missing is the proper planning and underlying infrastructure to make it all happen."
A new network was designed around virtualization that had a secure outer shell protecting a simple-to-use core. "We liked the design because it would enable us to reuse many of our existing components," Hicks said.
The bones of the old network consisted of a Cisco 3750 and two 3500 switches, and FortiGate 200 and 100 firewalls. Fifteen servers were connected directly to the Cisco 3750 switch, some with a Gigabit Ethernet link, most with 100 M-bps connections. Four T-1 lines (two for voice and two for data) linked the firms main office to a branch office, where a second Avaya system had been installed.
The telephone systems were a lot of work to maintain, and the Avaya interface was of the older command-line variety requiring hard-to-master syntax, Hicks said.
Getting it right
The biggest challenge presented by the new network design was how to configure the back-end infrastructure to maximize performance. Hicks decided to reduce the number of VLANs and to segment the network into voice and data channels. The work began in February 2006.
"We did this over a month of weekends since it was too much to accomplish all at once with the business running at full capacity," Hicks said.
Hicks said he kept the Cisco 3750 switch and added a second one for redundancy and high availability. He said he reused the Cisco 3500 switches at the distribution layer and added D-Link POE (power over Ethernet) switches to support the ShoreTel VOIP phones.
A secure point-to-point VPN was set up to send encrypted voice packets over the Internet with its interoffice data.
With the infrastructure in place, the VMware implementation started. A SAN (storage area network) and two Hewlett-Packard servers were installed. Two VMware ESX servers were connected to the Cisco 3750s with 4 G-bps links.
"Then AccessFlow and our IT department began the process of converting our old servers to virtual ones," said Hicks. "We converted one or two at a time over the next few months." Paying off
While Hicks wouldnt say how much Eskanos & Adler spent, he said the firm recouped its investment within a year.
The telephone portion of the network paid for itself within six months, he said. The firm cut about $1,000 per month in expenses by disconnecting two T-1 lines between its main and branch offices.
Return on investment on virtualization took longer because the firm had to buy new servers, the VMware software, the SAN and had to pay for AccessFlows services. Overall, the new network has brought nothing but benefits, Hicks said.
"The only downside of virtualizing the network is that Eskanos & Adler has had to learn new ways of solving problems because it has concentrated all its key resources into a virtual space," Kaplan said. "The upsides are greater flexibility, scalability and cost savings."
Check out eWEEK.coms for the latest news, views and analysis on servers, switches and networking protocols for the enterprise and small businesses. Herman Mehling is a freelance writer in San Anselmo, Calif. He can be reached at hermanmehling @-sbcglobal.net.