With IT called to support more users and deliver more services without increasing budget, the IT team at Arlington Orthopedics P.A. faced the kind of pincer move all too familiar to IT professionals. Normally, such an objective would be mission impossible for a network built on MPLS and firewall appliances. The sheer complexity and cost of the infrastructure would make lean operation difficult. That’s why the team turned to Cato.
“It was obvious to me that I had to focus my resources,” says George McNeill, director of I.T. for Arlington, one of the largest orthopedic practices in North Texas. “I needed my infrastructure to be as lean as possible. This way we could invest in business analysts or other customer-facing roles and technologies not internal IT roles, such as networking and security specialists.”
The company was looking to nearly double its regional network, growing from three Texas locations — a main office in Arlington and branches in Mansfield and Irving — to five locations, adding offices in Midlothian and Odessa. The existing locations had firewall appliances connected by 100 Mbits/s, layer-2, MPLS connections. Internet-bound traffic was backhauled to Arlington, which had a 100 Mbits/s Internet connection secured by another firewall appliance.
All of which meant that the Arlington network was anything but lean. The company spent $10,000 per month for the 100 Mbits/s MPLS service and connections were still “choking out,” McNeill says. MPLS’s infamous deployment times also meant he needed a 90-day window for deploying new offices — far too long for the firm.
The existing firewall appliances were also sucking up resources he didn’t have. “Firewalls are complicated by default, but they’re even more complicated when set up by someone else who’s no longer with the company and with his or her own ideology and thought,” he says.
Troubleshooting the performance problem that was “choking” his network wasn’t easy. The company’s office and regional networks were flat, layer-two subnets. Firewall appliances at each location were connected by meshed, point-to-point, virtual private networks (VPNs). Servers located in Arlington were accessed by the branch locations. George knew that some locations had performance problems, but diagnosing them was very difficult. “We could see the traffic, but figuring out the source of the problem was impossible,” he says.
And with IT resources spent keeping “the lights on,” other projects had to be pushed to the side. Disaster recovery (DR) was one such example. “I could have set up a DR site using a site-to-site VPN,” he says, “But then I would have to put a whole lot of work into the effort and still have a single point of failure.”
George tried a carrier-managed SD-WAN service, but found himself back in the world of MPLS-like thinking. “The provider wanted me to buy without a trial. What person in his right mind would use a service without a trial?” he says.
Instead he turned to Cato for help building a secure cloud-based SD-WAN as an affordable MPLS alternative. What happened next simply amazed him…
Read the full story here.