Born is an award-winning global digital agency with a core focus on creativity, content, and commerce. Born provides a holistic suite of market-leading services, from large-scale image production to bespoke content experiences and innovative eCommerce solutions. BORN evolution over 25 years represents their passion for delivering fully integrated creative work to their global clients. They help brands create powerful media assets, tell their story meaningfully, and sell their products and services across the world.
Following Born Locations are in scope:
• UK (Telecity & Penton Ville)
Key Challenges Faced by Client
NTPL started with assessing the network performance and security infrastructure of the client spread across multiple locations. Given below are the key observations.
- Client used a flat network without VLAN Segmentation.
Flat networks provide following key some drawbacks.
- Poor Security – Because all traffic pertaining to multiple departments travel through the same switches. It is not possible to divide the networks into multiple segments and prevent users from accessing certain parts of the network. It is easier for hackers to intercept data on the flat network.
- A flat network is not segmented or separated into different broadcast areas by using routing. Generally, all devices on the network are a part of the same broadcast area. This will impact the performance of the network as broadcasts are flooded across the entire network.
- Daisy Chained Switches
Layered architecture is not employed in the network. The current network switches are daisy-chained. Daisy-chaining will pose serious latency issues as and when more switches are added in the network when the network infrastructure is expanded.
Daisy-chaining also has an impact on the performance of the network. In addition, if a switch in the daisy chain fails, it could result in the network breaking into two segments and impacting end-to-end connectivity.
- High Availability
HA at the WAN link level is configured only at Telicity, UK. Even though redundant WAN links are available, HA is not configured in other locations. Hence, human intervention is required when one of the WAN links fails. In other words, failover is not automatic. This will impact both availability and manageability and in turn productivity.
NTPL Solution to Client
In flat or meshed network architectures, faults or changes tend to affect a large number of systems. Hierarchical design helps constrain operational changes to a subset of the network, which makes it easy to manage as well as improve resiliency. Modular structuring of the network into small, easy-to-understand elements also facilitates resiliency via improved fault isolation.
The born network was completely analyzed and redesigned into a layered Hierarchical design. Redundant core switches are incorporated to support fault tolerance. Daisy chaining is removed and all access switches are connected to both the core switches.
These changes are implemented in all the Born locations in India, UK & the US to ensure network scalability, better performance, manageability, troubleshooting, and redundancy.
- Network Segmentation is implemented splitting a flat network into multiple VLANs primarily for boosting performance and improving security.
- Reduced congestion: Improved performance is achieved, because on a segmented network there are fewer hosts per subnetwork, thus minimizing local traffic as well as limiting broadcast traffic.
- After reviewing the applications used by different departments of the client and the traffic flow NTPL implemented multiple VLANS including guest access and Management VLAN. Management VLAN contains all the IT devices.
- Altogether this resulted in better performance for users and a secure network that is also more manageable. Hence resulted in happy end-users as well as the IT team.
HA at WAN link level is configured in all locations with redundant WAN links. This will improve both availability and manageability. This also reduced the burden on the IT team and eliminated or reduced manual intervention at times of link failures. This is in addition to improving availability and hence productivity. HA implemented at perimeter devices such as router and firewall at all Born locations in scope.
Benefits to Client:
|VLANs have provided a number of advantages, such as ease of administration, confinement of broadcast domains, reduced broadcast traffic, and enforcement of security policies.|
Layered physical networks with redundant core switches and without daisy-chaining have resulted in higher availability, higher performance, and better manageability to clients.
After VLAN segmentation is implemented in the Born environment, even if users on a VLAN move to a new physical location they continue to enjoy the same level of access privileges and continue to perform their job functions without any hindrance. This is done without any compromise in security. The endpoints of those users need not be reconfigured. And Confinement of broadcast domains with VLANs on the network has significantly reduced flooding of traffic.
VLANs have provided a number of advantages, such as ease of administration, confinement of broadcast domains, reduced broadcast traffic, and enforcement of security policies. The client enjoys a secure network with higher performance. The IT team finds the network more manageable with fewer efforts and also able to provide better availability and user experience.