Smith & Nephew deploys a Unified Wireless Network at its headquarters and several satellite offices.
With annual sales of $2.5 billion, Smith & Nephew is a global leader in developing and manufacturing advanced medical devices. The company operates four business units: Orthopaedic Reconstruction, Orthopaedic Trauma and Clinical Therapies, Endoscopy, and Advanced Wound Management. Among its recent product advancements is the renowned Birmingham Hip Resurfacing System, which preserves a patient's bone structure better than traditional hip replacement.
In order to continue providing innovative medical technology to its customers, Smith & Nephew must keep up with the latest networking technology. With operations in 33 countries, global connectivity is a necessity. Five years ago, in order to support a deployment of wireless scanning devices, the company installed a wireless LAN of stand-alone access points on the manufacturing floor of its Memphis headquarters. More recently, the company realized the need for a wireless LAN in its offices, too.
"We had executives who, while in meetings and away from their desks, needed true connectivity to the network," says Chris Graziosi, a network architect at the company.
Because these executives often travel to keep apprised of company operations, officials at Smith & Nephew wanted to extend WLAN access to several remote offices worldwide. Graziosi knew that this would pose a management challenge because the company's IT staff is relatively small. Of Smith & Nephew's 8500 employees, only four work support the global network for the Reconstruction and Trauma business units. Furthermore, that entire IT staff is based at the company's headquarters. As a result, any global network that the company deployed required centralized management tools.
Also, Smith & Nephew wanted to offer wireless network access to company guests, while making sure to adhere to federal security standards. Because it keeps confidential data about prospective patients on its corporate network, the company is subject to strict Health Insurance Portability and Accountability Act (HIPAA) requirements.
Early in 2006, the IT team at Smith & Nephew decided to move to a WLAN with access points connected to controllers using centralized management. After evaluating several different vendors, the team chose the Cisco
® Unified Wireless Network and deployed 200 Cisco Aironet
® 1100 and Cisco Aironet
® 1200 Series lightweight access points and three Cisco 4400 Series wireless LAN controllers. Two of the controllers manage the access points, and the third acts as a failover controller. The team added the Cisco Wireless Control System (WCS) for centralized management of the access points and controllers.
"Adding Cisco WCS gave us a solid platform for wireless LAN planning, configuration, and management. This allowed us to manage the entire network, including our remote offices, from a centralized location," says Billy Anderson, a network technician at Smith & Nephew.
The company also upgraded its existing Cisco Aironet
® 1200 Series Access Points on the manufacturing floor, using Cisco's free software-upgrade tool to support Lightweight Access Point Protocol (LWAPP). This helped protect the company's existing investments and reduced costs.
"We engaged our Cisco wireless Product Sales Specialist, Mike Bundy, who helped demonstrate to the customer how the Cisco Unified Wireless Network had built-in intelligence," says John Schuler, Cisco enterprise account manager. "For instance, if one access point fails, the two access points nearest to it will increase their power to extend their coverage. That feature gave Smith & Nephew the confidence to deploy a wireless network in the executive areas of the company."
In addition to network intelligence, centralized management, and deployment of all of the access points, the Cisco Unified Wireless Network allowed for separate Service Set Identifiers (SSIDs) within the WLAN. This feature enabled the IT staff to configure guests for access on a separate subnet from the one used by company staff. By ensuring that guests could not inadvertently access confidential medical information, the company could adhere to HIPAA regulations. Smith & Nephew also appreciated the network's ability to detect and thwart malicious attacks.
"One of the things that really set Cisco apart was the system's ability to identify any security risks and rogue access points, pinpointing and addressing unauthorized devices and intrusion attempts," says Marcus Butler, a systems engineer at Cisco.
Shortly after ordering the equipment, the IT staff at Smith & Nephew received some disconcerting news from upper management: they had only two weeks to deploy the wireless network.
"We are a big Systems Applications and Products (SAP) software shop," Graziosi says. "We were preparing to roll out a new SAP system in the fall of 2006. It is hugely important to have a network stable before a new SAP system goes live. So we were given a tight deadline."
The company worked with two engineers, one from Cisco and another from Dimension Data, a Cisco Gold Certified Partner to successfully deploy the new WLAN at company headquarters within the two-week window.
"Everyone knew that we were under such a crush to get this completed, and they were very helpful," says Anderson.
In the course of that two-week deployment, the company decided to bolster its new wireless network with a Cisco 2700 Series Wireless Location Appliance, which provides advanced location services; this readied the network for any future deployments of Wi-Fi radio frequency identification (RFID) tracking systems and improved rogue device detection.
Over the following several months, the team deployed wireless access points to 25 remote sites all over the United States-secure in the knowledge that they could be configured, controlled, and managed from headquarters by the controllers and Cisco WCS. They deployed hybrid remote edge access points (Hybrid REAP) at these remote sites. Hybrid REAP is a solution for branch office and remote office deployments that allows control of the remote access points from the corporate office through a wide area network (WAN) link without deploying a controller in each office. The access points can switch client data traffic locally and perform client authentication locally when the access points' connection to the controller is lost. When the access points are connected to the controller, they can also send traffic back to the controller.
Twenty-four additional sites will be added to the wireless network by the end of 2007, including sites in France and Germany, Anderson says.
The IT team at Smith & Nephew knew that a unified wireless LAN with centralized management would be much easier to manage than their previous WLAN. But when they deployed the network, they still were worried that they might have to hire someone just to manage the WLAN. They were in for a pleasant surprise.
"We really only need five or ten hours a month to manage the whole global wireless infrastructure," Anderson says. "It is essentially hands-off. Every time a remote site needs to add a new access point, we just send one in the mail, they plug it in, and it is up on the network."
"Now I can keep a staff of four and run the wireless network, too," Graziosi says. "With all of the access points managed through controllers with a centralized visibility from Cisco WCS, the network is easy to troubleshoot, and that is a huge benefit. But since we have moved to a controller-based infrastructure with the unified network, I have rarely had to go looking for problems."
Wireless access has proven to be invaluable to Smith & Nephew's executives and other mobile office employees.
"They cannot live without it now," Graziosi says. "The ability to walk into any site in the world, open their laptops, and get to work has been a great benefit. Accessing the SAP system is a necessary part of their jobs, and now they can access that globally."
Furthermore, visiting medical equipment vendors now have consistent Web access-without compromising the security of the corporate network. "Now they can get on the Internet with an SSID that is set up just for them. This lets them give more enriched presentations as they show us new products," Anderson says.
Currently, Smith & Nephew is using the network's location capabilities to keep close track of every access point and device attached to the WLAN, and to monitor for rogue access points and client devices. But the company is considering taking location services one step further. The IT staff has been testing active RFID tags, which it could use to track every product that the company manufactures from the time that it is built to the time that it leaves the warehouse. Although there are no immediate plans for an RFID deployment, "If the business wants them, the network is ready, thanks to the location appliance." Graziosi says.
The company also is considering a deployment of wireless voice over IP. Because the Cisco Unified Wireless Network can handle separate SSIDs for voice, the network is ready if the company decides to go forward with such a deployment.