Customer Challenge: Visibility and Maintenance Misery
With more than 4 million members across Canada, and 18 stores in 6 provinces, Mountain Equipment Co-op (MEC) is an outdoor retail co-operative that exists to encourage and inspire Canadians to live active outdoor lifestyles. David Greekas is the Manager of IT Infrastructure at MEC and he, along with his team, is responsible for the company’s core infrastructure. As Greekas began researching options to upgrade security, top of mind was to address frustrations around manageability. “In order to keep current, we were spending a huge amount of administrative time and money simply maintaining our existing solution. It took us weeks to update and patch the appliances and much time was spent updating configurations between store sites
through a very manual process,” he said.
They were finding a growing number of their applications hard to identify on the old appliances, whereas new technology allows application-level inspection, providing deep scrutiny of applications, traffic, threats, and data patterns. “We needed to be able to prioritize and control cloud services, and find a simplified way to manage this,” said Greekas.
MEC sat down with the Scalar account team to discuss their requirements and
identified key must-haves in their new security solution that would be deployed
in their head office and retail stores, including:
- Strong Central Management
The security solution needed to feature centralized management that would
eliminate the administrative and operational costs MEC was incurring managing
patches and upgrades for the remote sites under their care.
In order to speed up the roll out of the appliances, MEC required central
templates that would allow them to create one template for a store, which they
could then deploy across all of the stores in the network. Central templates also
help with future updates – if the template is updated, all of the stores would
inherit the functionality of the template, saving configuration time and ensuring
consistency of security policies.
- Application Visibility
MEC required greater visibility into their network. With growing demand
for cloud services such as Office 365, they needed the ability to identify,
differentiate, and manage traffic at a high level.
- Quality of Service (QoS)
QoS functionality was important to manage network bandwidth and ensure
priority applications would be getting the bandwidth they need.
Scalar took these requirements and mapped out a multi-phased approach
that consisted of training, architecture, design, and deployment. “Scalar spent
a great deal of time with us mapping out the configurations,” said Greekas.
Looking to realize the benefits of the new technology as soon as possible, MEC
wanted the roll out to be a drop-in replacement. “The design architect mapped
out our current environment and developed a design that allowed us to unplug
our old appliances and plug the new ones in.”
The Scalar team was incredibly helpful, working with us to troubleshoot the problem. Scalar engineers and the security vendor worked for a week straight and through the nights to find the root cause of the problem.
Challenges: Finding the Needle in the Haystack
Prior to the implementation of the new technology, MEC were experiencing intermittent failure with one of the devices marked for replacement by the project. Convinced that the upgrade would take care of the issue, the team was surprised and frustrated when the problem continued with the new equipment in place. “The Scalar team was incredibly helpful, working with us to troubleshoot the problem. Scalar engineers and the security vendor worked for a week straight and through the nights to find the root cause of the problem,” said Greekas.
After working for days trying a number of different approaches, the engineers decided to isolate a narrow subset of Address Resolution Protocol (ARP) traffic to record a manageable log they could review. Through deep troubleshooting, they discovered a very arcane configuration error that was causing the failure. “The collaborative effort from Scalar and the vendor was great – in the past I have dealt with situations where anything outside of the implementation becomes the sole problem of the customer – that was not the case here,” said Greekas.
A robust defence solution was implemented to maximize visibility, understanding, and control of the MEC environment. The solution delivered by Scalar consisted of:
- Product Training: Hands-on training for MEC’s IT staff to learn how to install, configure, and manage their appliances, as well as configuration steps for the security, networking, threat prevention, logging, and reporting features.
- Network Conversion: Reconfiguration of the core network routing infrastructure to migrate
from EIRGP to OSPF.
- Architecture and Design Workshop: Comprehensive mapping of the current environment and the development of a detailed implementation and cutover plan.
- Deployment and Knowledge Transfer: Configuration and installation of the head office and 2 stores.
- Knowledge transfer for deployment of remaining stores.
Scalar’s diligence in developing and documenting the architecture and working through the challenges with the failing appliances made for a happy client. Greekas states, “Scalar’s accuracy in the design and configuration work, combined with the new template functionality, allowed us to roll out new appliances faster than we had been able to patch our previous devices – it was a night and day situation.”