Booz & Company centralized Internet access and file services with Cisco Wide Area Application Services (WAAS)
Booz & Company is a leading global management-consulting firm, helping the world's top businesses, governments, and other institutions. Among the firm's more famous contributions are the contract system for Hollywood movies, the merger of the National and American Football Leagues, and the rescue of the Chrysler Corporation from bankruptcy.
After becoming a separate company from Booz Allen Hamilton in July 2008, Booz & Company needed to build its own IT infrastructure to deliver voice, video, and data services to 3300 employees in 60 offices. "Centralizing IT in two data centers, in North America and Europe, would minimize branch-office infrastructure costs and simplify the enforcement of backups and security policy," says Ted Theofanos, senior manager of IT infrastructure, Booz & Company.
To implement consolidated data centers, Booz & Company would need to deliver LAN-like performance over the Multiprotocol Label Switching (MPLS) WAN. In small offices, several people share a 1.5- to 4.5-Mbps connection, and in large offices, up to 400 people share an 8- to 10-Mbps connection. This bandwidth is not adequate for sharing large files through Microsoft SharePoint or as email attachments, or for videoconferencing. "Our options were to upgrade existing bandwidth, an expensive proposition, or else accelerate WAN performance and optimize existing bandwidth," says Theofanos.
Booz & Company found its WAN acceleration solution in Cisco® Wide Area Application Services (WAAS). "Of the solutions we considered, only Cisco WAAS retains the QoS [quality of service] markings we apply to application traffic to give highest priority to videoconferencing traffic, next highest priority to Microsoft SharePoint traffic, and so on," Theofanos says. Other vendors' solutions directed all accelerated traffic through a special tunnel, hiding the QoS markings and, thereby, preventing marked traffic from receiving priority treatment.
For the same reason, only Cisco WAAS would enable the firm to analyze accelerated traffic using Cisco NetFlow statistics, for capacity planning. "We like the precision and granularity of Cisco NetFlow information, and other WAN acceleration products hide that information," says Theofanos. The application that Booz & Company uses to analyze Cisco NetFlow data, called NetQoS Reporter Analyzer, has integration with Cisco WAAS, making it simpler for the IT team to measure application acceleration.
Booz & Company has deployed Cisco WAAS in 45 global offices. Offices with fewer than 50 employees receive a Cisco Integrated Services Router (ISR) 2851 that includes a Cisco WAAS Network Module NME 522. Larger offices receive a Cisco Wide Area Engine (WAE) 574 or 674 Appliance. Each data center has a pair of Cisco Wide Area Engine 7341 Appliances that can fail over to each other. If both Cisco WAAS devices should fail, employees can still access data center applications, just not with accelerated performance.
Booz & Company currently uses Cisco WAAS to accelerate web browsing, Microsoft Exchange, Microsoft SharePoint, Microsoft System Center Configuration Manager, Common Internet File System file services, and file transfer protocol (FTP).
"With Cisco WAAS, our WAN bandwidth usage has decreased by 60 to 65 percent in most branches, and up to 80 percent. We avoided the need to buy bigger pipes, for considerable ongoing savings."
-Ted Theofanos, Senior Manager of IT Infrastructure, Booz & Company
Increased Productivity Through Faster Application Performance
Branch office employees can quickly access even very large files over the WAN, saving time and facilitating global collaboration. The first time that an employee in a given branch accesses a file, the file is cached locally on the branch's Cisco WAE. The next time that someone in the branch accesses the same file, access is much faster. "Downloading a 40-MB Cisco IOS Software update to install on branch routers previously took 5 to 10 minutes," Theofanos says. "With Cisco WAAS, the first download takes 2 to 3 minutes, and subsequent downloads take just 10 seconds." Gains are similar for other large files, including Microsoft software patches, and FTP downloads take half as long or less, even without caching. Caching is especially useful when global teams collaborate on large customer presentation files.
The IT department sometimes prepositions large files on branch office Cisco WAEs, the evening before the file is needed. Examples include 40- to 100-MB software upgrades, such as Microsoft Office Service Packs. "We're seeing some of the most impressive acceleration for Microsoft Exchange and Microsoft System Center Configuration Manager," Theofanos says. "We have eliminated the expense of dedicated patching servers in each branch by prepositioning patches on each branch's Cisco WAE."
The value of Cisco WAAS to protect productivity surfaced when an employee inadvertently emailed a 17-MB attachment to all 3300 employees. Ordinarily, every office would experience very slow WAN performance for an hour or more as employees, one by one, downloaded the attachment from the centralized Exchange server. With Cisco WAAS, the file traveled over the WAN just once to each branch, where it was cached locally on the Cisco WAE. "We didn't receive a single call about slow performance," Theofanos says. "We can't stop accidents like this, but Cisco WAAS prevents them from affecting network performance and employee productivity."
Secure Internet Access at Lower Cost
Web security measures are essential for Booz & Company, both to protect intellectual capital and to meet contractual agreements with customers. Accelerated WAN performance has enabled Booz & Company to route all Internet access through the two data centers, enabling consistent enforcement of security policy.
Cisco WAAS also decreases security equipment costs. Without Cisco WAAS, the dozen or so offices most distant from the data centers, including those in India and Russia, would not be able to use the data center's Internet access because of latency issues. Therefore, the company would have had to purchase and maintain firewalls and intrusion prevention systems for each of these locations, at an estimated cost of four or five times the typical local office capital investment. "With Cisco WAAS, even our most remote offices can take advantage of centralized Internet access, so we don't need to hire onsite IT staff, or assign centralized IT staff to scrutinize logs of suspicious events," Theofanos says. "And hackers can't penetrate our network through branches because they are not Internet-connected."
WAN Optimization, Avoiding Costly Bandwidth Upgrades
Cisco WAAS compression technologies, caching, and prepositioning reduce bandwidth consumption. "With Cisco WAAS, our WAN bandwidth usage has decreased by 60 to 65 percent in most branches, and up to 80 percent," Theofanos says. "We avoided the need to buy bigger pipes, for considerable ongoing savings."
Bandwidth optimization will become even more useful as the firm increases its use of videoconferencing. "The growing use of videoconferencing would worry us if we didn't have Cisco WAAS," Theofanos says. "Now we have no concerns about encouraging employees to use videoconferencing for travel reduction, internal collaboration, and client intimacy."
Lower-Cost Disaster Recovery
Thanks to Cisco WAAS, the firm has completely eliminated the expense of maintaining tape libraries and offsite storage for 45+ offices, local IT staff to administer tape backups, and shipping tapes to local offices that need to restore lost files.
"Downloading a 40-MB Cisco IOS Software update to install on branch routers previously took 5 to 10 minutes. With Cisco WAAS, the first download takes 2 to 3 minutes, and subsequent downloads take just 10 seconds."
-Ted Theofanos, Senior Manager of IT Infrastructure, Booz & Company
Booz & Company plans to increase the value of its Cisco WAAS solution in the following ways:
• Implement Cisco WAAS Mobile: The firm has purchased licenses for Cisco WAAS Mobile, which consultants can use on their own PCs and laptops to accelerate connections from home or client locations, over Wi-Fi, cellular, or even their customers' guest networks. "We anticipate far-reaching productivity gains from Cisco WAAS Mobile, because our consultants rarely work in the office," Theofanos says.
• Connect the few offices still using a VPN connection to the MPLS network. Booz & Company expects to fund the move completely by eliminating local Internet service provider contracts.
• Simplify the enterprisewide upgrade to Windows 7: With a combination of Microsoft Systems Configuration Manager for image deployment and WAAS, the IT department plans to preposition the Windows 7 image on each branch Cisco WAE, so that employees can download it over the LAN instead of the WAN.