The Assessment: Our client is a US-based HVAC business comprised of multiple HVAC businesses located in several states. They needed a new network to support their intra-networking and inter-networking systems. All offices required internet connectivity for access to SaaS applications as well as systems hosted in cloud IaaS. In addition, the client needed a limited amount of site-to-site connectivity and local user VPN client access to the network.
The DSS Solution: DSS subject matter experts (SMEs) provided the architecture, design, engineering, hardware acquisition, networking circuit acquisition, and implementation of the new network. We also worked with internet connectivity brokers to find the most cost-effective direct internet access (DIA) circuits available from dual providers in each location to achieve network redundancy. Next, we determined that a cloud-managed, software-defined wide area network (SD-WAN) would best meet the client’s needs. To provide the best balance of centralized management, security, and performance, we chose Cisco Meraki systems for the SD-WAN hardware components, including router/firewalls, local access switches, and wireless access points.
We determined a standard set of devices to provide the necessary connectivity at each site. To minimize the workload on our client’s minimal IT staff while maintaining services, all hardware was provisioned to provide redundant capabilities in the event of failures. A DSS project manager developed hardware deployment and configuration schedules based on circuit installation schedules and hardware delivery timeframes from Cisco, and DSS engineers worked onsite at client locations to install and configure hardware. After validating the hardware installations and local network configuration details such as WLAN SSID and VLAN settings, we configured the network in a hub and spoke SD-WAN mode to provide connectivity with central resources such as those in the Microsoft Azure cloud via a virtual Meraki router/firewall appliance. The Cisco Umbrella product, which enables more fine-grained control of the network security guardrails, provided additional security layers.
The network now covers all 14 of the current client locations and has a presence in the Microsoft Azure cloud. The network supports approximately 500 users, each with multiple devices, including mobile phones and laptop computers. As the business grows, new locations can easily be accommodated with the standard set of devices and internet connectivity.
DSS engineers monitor and maintain the network on behalf of the client and will continue to do so indefinitely based on the client’s development of permanent IT staff. DSS engineers use the Cisco Meraki dashboards and tools as well as some additional ticketing and tracking systems to address issues called out by the systems automation as well as end user help requests or end user problem callouts. DSS engineers are also helping to enhance end-user device security by integrating those devices with the security features inherent in the network and its controls. Ultimately, all of the client’s company devices will have network security controls that validate sites being accessed, prevent unauthorized access to company networks, and provide continuous network security intelligence.
The DSS Difference: When our client needed a new network to support its intra-networking and inter-networking systems, DSS’s consultative approach provided a true end-to-end solution. At the outset of the engagement, we worked to understand the nature of their needs and developed an elegant solution that addressed all of them. A key aspect of the DSS difference is that the senior personnel who designed the solution are also skilled practitioners who stayed with the client to implement it. We focused on solving the client’s IT dilemma so that the client could focus on their main business. Furthermore, our vendor-agnostic approach ensured cost savings since we proposed only the equipment and services that would serve our client’s needs with no unnecessary embellishments.