With competition from companies all over the world, Navistar, a leading manufacturer of commercial trucks, buses, recreational vehicles, defense vehicles, and engines, has to stay at the forefront of change. The company decided to consolidate several offices to create a new world headquarters campus in Lisle, Illinois, both to increase efficiency and to support an integrated product development initiative (IPD) intended to foster greater collaboration. Approximately 3500 staff now work at the new campus, which comprises 10 interconnected buildings on 88 acres. As part of the IPD, Navistar also renovated its Melrose Park facility to bring truck development to a site that had previously been used just for engine development and manufacturing.
Because the Lisle facility was a green-field site, Navistar's IT team saw it as an opportunity to build an ideal IT infrastructure to support productivity and security at the campus: an enterprise-class communications structure that offered a high degree of automation and rock-solid reliability, both for the complete wiring of the Lisle campus and for a LAN upgrade project at Melrose Park.
Bret Jaquish, manager, LAN/WAN Services at Navistar, had recently completed a large project at another facility and had learned from that experience that such a large-scale deployment would require a high degree of automation to meet the targets for provisioning network services. Plus, he had learned that making a perfectly clean cutover was virtually impossible: devices or equipment coming from other sources might not be ready when the cabling teams came through, or groups might not be ready to deploy that equipment.
Automating the configuration helped enabled the team to provision the network equipment when they were ready and significantly reduced the error rate of configuration mistakes.
The Navistar's team prior experience with Cisco convinced them that a routed access architecture, rather than the more traditional layer-two architecture, would be ideal for the Lisle campus. Though routed access is more technically complex to implement, the team was confident that they could leverage Cisco to simplify implementation, and gain all the benefits of routed access, including better availability, scalability, flexibility, simplified management, and the ability to contain network issues with no impact to other devices in the network.
The Cisco® network infrastructure at Lisle includes room-based and desktop-to-room based videoconferencing, mobile clients, and Cisco Enterprise Voice, which delivers phone service to more than 5000 phones at Lisle and 1200 at Melrose Park. Employees mostly work from desktop and laptop computers, but the company also has Wyse thin-client terminals in some of its conference rooms. Throughout campus, the Cisco network is the foundation for delivery of services such as building automation and security. Approximately 500 security cameras and door strikes communicate with Navistar's security systems using Cisco infrastructure, most powered over Ethernet with Cisco Catalyst® 3750-X Switches and Cisco Catalyst 4500E Switches.
Cisco Catalyst 4500E with Supervisor Engines 7L-E and 6L-E, an enterprise-class borderless campus access and price/performance aggregation switch, support data collection to provide Navistar with a centralized view of data analysis and reporting and help increase security by facilitating better monitoring, logging, and playback. Cisco Auto SmartPorts, along with user-defined Auto SmartPort macros, help enable Navistar to efficiently and effectively deploy and configure equipment by automatically detecting, recognizing, and configuring devices as soon as they are plugged in to the network.
Navistar has all the bandwidth that it needs: the new infrastructure delivers 80 GB of uplink capacity and a quad core of Nexus switches form the backbone of a scalable, high-efficiency computer room, with dual 10 GB routed out of every chassis, and four chassis in every closet.
The Cisco infrastructure has proven so powerful and resilient that, though approximately 3500 employees work at Lisle, Navistar does not have dedicated network maintenance staff at the site. Five technicians took a year to build the infrastructure because of all the physical cabling involved in deploying more than 100 chassis and 600 access points (APs), but now the network runs with little maintenance. At Melrose Park, just one employee is helping to guide the process of remodeling while integrating with or migrating legacy equipment and making the transition from a trunked environment to routed access.
Routed Access Delivers Performance and Reliability
"Routed access has been a home run for us," says Tobias Hall, manager, Network and Data Centers. "Even in Melrose Park, where it would have been easier to stick with trunk switching, the performance gains of routed access were more than worth the effort of implementing it." And with automation of IP address usage and subnet management making the transition to routed access easier, the payback is even greater.
The routed access infrastructure that Navistar implemented has proven extremely reliable. "Nothing has brought down the campus network," says Isaac Pankonin, network engineer. "We can turn up closets during the day with complete confidence. Even if for some reason the routing can't connect, there's still no spanning tree convergence to deal with. We've been very happy with the reliability."
Navistar further enhances reliability by using Cisco StackPower technology, an innovative feature that allows Cisco Catalyst 3750-X Series to share power among stack members, to help ensure consistent supply despite spikes on one switch or another.
Automation Speeds Deployment
Because staffing is more or less constant regardless of project load, Navistar's IT team is constantly looking for ways to save time during deployment. It does a "full patch", connecting every jack to a switch, regardless of whether or not the switch is currently being used. This saves time after deployment, because there is no need to go back and do patching if somebody decides to move their equipment around in their office.
At Lisle, Navistar developed configuration scripts to reduce the amount of time required to configure and document a switch for deployment. Though implementing routed access is more complicated than deploying switches with layer-two access (it uses 15 variables instead of two), the configuration script takes addresses from the database and builds a configuration from that, recording which subnets and addresses are used where. This automated what was often a lengthy manual process, saving 1.5 hours per switch, including time that would have been spent configuring subnets for routed access and troubleshooting manual configuration errors, for a total savings of 180 hours for 120 switches.
Based on lessons learned at Lisle, Navistar leveraged Cisco Auto SmartPorts to support automatic detection, configuration, and activation of its 400 APs, security cameras, and other devices at Melrose Park. The Navistar team estimates that implementing all those devices with Auto SmartPorts cut implementation time in half. "It used to take 20 minutes to install a security camera due to process complexity and back and forth communications," says Jaquish. "Auto SmartPorts enabled us to reduce configuration time by 50 percent and to complete configurations that had been outstanding for months following IT project completion."
In addition, the flexibility of SmartPorts automation helped the team provide rapid response to organizations that didn't have their equipment or devices ready for implementation in time for cut-over. "With large-scale projects, there are always delays," says Jaquish. "With Auto SmartPorts we can say, `just plug in the AP when you're ready for it, and it will provision itself.' My team can move on, and our users get the functionality they need when they need it."
And at Melrose Park, the team saved approximately 150 hours due to automation. Developing a script to configure and document switches for deployment saved two hours per switch. The Cisco Auto SmartPorts feature and process improvements saved about ten minutes per client device, for 400 devices. Using Dynamic Host Configuration Protocol (DHCP) for Cisco Lightweight APs and Dynamic Domain Name System (DNS) for monitoring eliminated the need to configure and document static addresses, saving three minutes per AP.
All told, the ability to automate configuration through Cisco features meant that Navistar spent longer putting in switches and cables than configuring them. "Automation means that every piece of the network is implemented in exactly the same way, with no errors, and so no need to go back and fix things later," says Jaquish. "It made it easy for us to get everything right, every time."
Security Protects the Campus and the Network
Navistar collects and aggregates data from multiple devices for a centralized view of data analysis and reporting, helping to increase security through better monitoring, logging, and playback. Navistar uses large amounts of NetFlow data on its WAN, and the company is looking forward to leveraging Flexible NetFlow in the near future to get even more options for looking at source security data.
Navistar has only had to use its Embedded Event Manager once, but that single experience was enough to impress the team because it was able to monitor a specific user's traffic to investigate and resolve a potential security issue.
Going forward, Navistar is continuing to leverage Cisco capabilities and products to enhance its infrastructure. For example, the Navistar team is now using NetFlow in a Security Information and Event Management (SIEM) project to enhance security by identifying and authenticating subscribers on mobile telephony devices.
"The Cisco infrastructure has delivered the seamless, powerful communication and collaboration that Navistar needs to maintain its leadership in this market," says Hall. "We knew all along that it would be the high-performance choice, and we were pleasantly surprised by how fast and easy it was to deploy."