WAN Transformation Challenged by SAP S/4 HANA Integration and China Connectivity Challenges
Mergers and acquisitions always present IT challenges. Networks must be interconnected, server and software permissions updated. But M&As are even more challenging when applications are simultaneously being migrated to the cloud. How do you pull all of that off without increasing budget? Ask Lars Norling.
We were striving to do more for the same, building a state-of-the-art communications platform but with the same bag of money that we used before.
Several years ago, the director of IT operations at ADB SAFEGATE, a provider of airport efficiency and productivity solutions, found himself not only merging the networks of ADB and SAFEGATE but also looking to give his increasingly mobile workforce access to ERP and other key business applications in process of being migrated to the cloud. “We were striving to do more for the same, building a state-of-the-art communications platform but with the same bag of money that we used before,” says Norling.
Neither ADB’s nor SAFEGATE’s corporate networks would serve the combined needs of the new organization. One WAN was too expensive, in part due to being outsourced to a telco. The other WAN was locally based making it extremely hard to maintain. “They had limited possibilities for any type of quality of service and/or high availability,” he says.
Noring knew that MPLS could not meet his needs. “Our analysis clearly showed that the shift in the IT landscape, namely extended mobility and the move towards providing core services as cloud services, led us to look outside of the box, beyond traditional WAN architectures,” he says. But existing contracts prevented them from moving forward with their WAN transformation until 2018
ADB SAFEGATE’s SD-WAN Criteria Emphasizes Flexibility, Performance, and Strong Customer Support
With contracts expiring, Norling began looking for a flexible SD-WAN that could meet global requirements. Half of ADB SAFEGATE’s users were seated at four main offices in Austria, Belgium, Sweden, and Columbus, Ohio. The other 50% were scattered around the globe. As such, “We needed local cost-effective Internet connections that we could upgrade individually,” says Norling.
China connectivity was also important. “China has been a challenge for us as its been for everyone else. We have extremely expensive connections with limited bandwidth and functionality. Users grew frustrated, and, ultimately, led to unsanctioned localized solutions with separate public Internet connections and shadow networks,” he says.
And whatever organization he chose to handle his SD-WAN, strong customer support was critical. “We need to work with reliable partners where we are customers and not just a customer number,” says Norling.
ADB SAFEGATE Turns to Videns and Cato
Norling considered and dismissed managed SD-WAN services from local telcos. “My feeling is that the telcos and their ISPs still have a journey themselves to understand what it means to be a solution provider and not just a product supplier,” he says. “We fear that we could get the same poorly managed services as we have seen before. I also think that they’re still, to some extent at least, ticket takers and not actually problem solvers.
What we see nowadays is that everyone looking at SD-WAN looks at security. The two go together. Cato addresses both dimensions in one seamless solution.
He turned to Videns for help. Videns had been providing ADB SAFEGATE networking services. “We were extremely pleased with Videns so they had a jump start in the discussion about our future needs,” he says.
Videns selected Cato for the project. “Cato offers one, integrated solution with a global backbone including, security, and mobility. What we see nowadays is that everyone looking at SD-WAN looks at security. The two go together. Cato addresses both dimensions in one seamless solution,” says Joost van der Struijk, managing director for sales and marketing at Videns IT Services.
Cato connects all enterprise resources — locations, cloud resources, and mobile users — to a common, optimized global backbone, which today is built from more than 45 PoPs across the globe. With all traffic on the Cato backbone, Cato applies a common security policy to protect all resources. Next-generation firewall (NGFW), secure web gateway (SWG), URL filtering, malware prevention — all are built into the Cato service. Cato MDR, a managed threat detection and response (MDR) service, offloads the resource-intensive and skill-dependent process of detecting compromised endpoints onto the Cato SOC.
With POPs in Beijing, Dubai, and Melbourne Cato mapped well with ADB SAFEGATE’s requirements. “And the possibility to include everyone within the solution, including all of our travelling colleagues and all of our small offices using the Cato mobile client, has been extremely important to us,” says Norling.
ADB SAFEGATE Tests and Deploys Cato
After the summer of 2018, Norling signed a contract with Videns and Cato for the conditional rollout starting in November. The organization was consolidating ERP systems so ensuring SAP S4/HANA could be provided as a cloud service by connecting the SAP datacenter in Frankfurt as a site was very important.
“During the conditional rollout, we, of course, also put a focus on stability, performance, and traceability. Since we are a small IT organization we also needed a solution that is easy to deploy so that we can do prepared plug-and-play installations on all small sites.”
Our China colleagues have been amazed by the performance so far and, yeah, as I said, we haven’t really done anything else for them yet other than connecting the Cato Socket to the public Internet line.
As for connecting his China sites, he was very pleased with Cato’s approach. “We just connected Cato Socket to the existing public Internet line and it worked,” he says, “I was at one of our Chinese facilities and ran our client-based Swedish ERP system from China without any major latency. So that was a success itself.”
The next step in China for Norling will remove expensive legacy lines and connect the Cato Socket to a new public fiber connection. “Our China colleagues have been amazed by the performance so far and, yeah, as I said, we haven’t really done anything else for them yet other than connecting the Cato Socket to the public Internet line.”
His goal was to deploy all 26 sites within two months. “A goal which we met,” says Norling. “A few small offices around the world only have a limited number of users and we will only utilize the mobile client for them.”
Preparing the Network to Meet Today’s and Tomorrow’s Requirements
Today, ADB SAFEGATE is in the final stages of its deployment. There’s still some work to be done in enabling mobile client for all users and adjusting some QoS rules. Those are minor issues, though, for him.
The big issue? Norling has positioned his network to ADB SAFEGATE’s future networking requirements. “With Videns and Cato, we are building the foundation on which all of our global IT services from now on will be delivered upon,” he says.