Keeping up to date on inventory, stocking, and data needs at thousands of grocery stores in North America is no easy task. That’s why C&S Wholesale Grocers decided it needed a major upgrade of its network using SD-WAN technology from Silver Peak to provide efficient, reliable, and secure communications among its data centers and warehouses.
Founded in 1918, C&S is the largest grocery wholesaler in the United States. C&S recently embarked on a major network upgrade focused on implementing SD-WAN technology. The company selected the Silver Peak Unity EdgeConnect™ SD-WAN edge platform to enable more efficient and cost effective wide-area-networking (WAN) to support a variety of applications.
Futuriom recently interviewed Leonard Bernstein, senior director of technology operations for C&S, about this interesting project and how he went about improving the efficiency of the network, simplifying network management and flexibility, as well as reducing networking costs. By Bernstein’s assessment, it has been successful on all counts.
Let’s dive into the details.
Targeting Efficiency in a Network Overhaul
Bernstein told Futuriom that when he joined C&S, they were examining SD-WAN platforms to improve bandwidth utilization, security, and operational efficiency. He said as the project proceeded, they found many ways to improve network operations by implementing Silver Peak Unity EdgeConnect.
First, a little bit about the network. C&S runs two east-coast data centers and supports 60 warehouses across its networking footprint. The company needs to support partners, employees, and customer with a variety of applications running at the warehouses, the data centers and in the cloud. These include mainframe operations, data analytics, Citrix, Microsoft Office 365 apps, and Unified Communications as a Service (UCaaS) provided by Ring Central, just to name a few.
C&S has deployed the EdgeConnect platform in its two data centers and is in the process of deploying it across all 60 of its warehouses, with about a third of that deployment finished. The network can use MPLS, DIA, and 4G LTE circuits as one virtual mesh network, connecting them with tunnel bonding and using quality of service (QoS) and policy for specific applications.
Looking for a Better Way
Supporting the applications, including the data-center connectivity, requires robust networking infrastructure. The company had traditionally relied on MPLS, with backup to direct internet access (DIA) links, and in some cases 4G LTE. However, the company found this networking architecture wasteful, and in some cases, unreliable. An audit of circuits revealed some were underutilized, not functioning properly, and in other cases, not even working at all.
Bernstein said aside from wasted OpEx, the primary issue was downtime or sub-optimal performance, requiring the IT team to react to and remediate incidents. In some cases, performance issues caused the business to come to a stop – even though there were supposed to be secondary circuits ready and on stand-by. When the networking team audited carrier-provided circuits — including MPLS and DIA — it also found that many were unreliable or even failed to deliver the promised bandwidth. Moving to SD-WAN lowered costs and improved the efficiency of the network by optimizing 100 percent of available and configured bandwidth and intelligently routing applications over the best combination of circuits.
“We were looking at a refresh on the infrastructure side and we were looking at where to invest the most from an operations point — where could get the best bang for our buck,” said Bernstein. “The biggest sticking point was connecting in and out of the warehouses and data center locations. A lot of the locations were evolving to internet services and there wasn’t a lot of flexibility in them.”
Bernstein said the that upgrade to Unity EdgeConnect not only provided better bandwidth utilization and cost savings, but a host of other benefits such as operational visibility, policy-based networking, improved security and ease-of-use.
C&S is also able to quantify the return on investment (ROI), says Bernstein. The company expects to save $4M over five years on networking costs alone, including the cost of the technology and the new circuits it has installed. The savings came primarily by eliminating wasteful and expensive MPLS circuits.
“In many cases we were able to replace MPLS circuits with higher speed DIA services. When we spoke to a few folks, they were using broadband circuits in some cases and standard business DIA services. We were subscribing to more than what we needed, paying too much for it and poorly leveraging our investments.”
Improved Operations and Performance
Another big benefit of going the SD-WAN route with Unity EdgeConnect is that networking staff now has visibility across the entire network and can evaluate circuits and networking problems, says Bernstein. In most cases, Unity EdgeConnect can discover and pick the best path, including detecting a low-performance path and shifting traffic away from it. Traditionally this is an exercise that would take valuable IT resources to figure out. In the meanwhile, the business is being impacted.
“The network now has intelligent options to know where it wants to go. If we have problems with a carrier, we can see it right in the Unity Orchestrator™ health map, and we don’t have to involve the carrier. It’s self-healing on its own. This keeps our senior engineers out of the picture as they no longer have to engage in trouble shooting such high-level problems. From the resource standpoint it allows our admins and help desk to know what was going on with the network at any given time. It becomes a good education for more junior members.”
As Bernstein describes it, employees are now able to just do their jobs better and provide customers with the best service possible. Another big benefit is the capability to segment the network and prioritize applications using policy assignment.
For example, real-time applications such as UCaaS can be assigned as “real time,” and mission-critical data-center applications such as Citrix and mainframe access can be classified as “critical.” Other non-business mission critical applications such as email can be classified as “Low”.
“You have the flexibility to create strong policies, including security configurations; templatize them and centrally deploy them to all of your EdgeConnect devices. This is extremely valuable during a time of a security incident or outbreak.” says Bernstein.
Powerful Security Tools
By installing SD-WAN technology, another major stride was made in networking security policy and management. C&S now has a much more flexible and powerful security platform on the WAN edge at warehouses, says Bernstein.
Prior to installing Unity EdgeConnect, Bernstein describe the networking security as inconsistent at best. Not all locations had the same security appliances, devices, tools – and some had none. The SD-WAN approach enabled the network-wide deployment and orchestration of security tools
“When we installed Silver Peak, we realized the value of the security capabilities instantaneously. While we know it’s primarily meant to be an SD-WAN appliance, EdgeConnect has a fully configurable and application aware zone-based firewall by design. We can now deliver warehouse network WAN security better than we were capable of before, for example.”
Now that Unity EdgeConnect is installed, Bernstein says it can support additional projects and expansion of technology on the network. For example, C&S plans to use Silver Peak’s integration with Zscaler to provide more cloud-based security. And it’s going to use the SD-WAN features such as Unity Boost™, First-packet-iQ, and Data Reduction to improve load sharing on the network so that traffic is handled more deterministically.
“I’m a big fan of this SD-WAN technology,” says Bernstein.