Help Your Customers Move From Dial-Up To VPN

Suburban Propane in Whippany, NJ, has experienced significant growth over the years. When the company had just a main office with a few remote locations, those remote offices accessed the company's network via a dial-up network architecture. However, as Suburban grew, that dial-up architecture became increasingly slow and unreliable.

Suburban Propane currently has around 300 remote customer service centers. The customer service employees in those remote offices had to dial into the main office in Whippany to download information they needed to access throughout the day, including pricing information, e-mails, and sales data. As the company grew, its business requirements changed and the company's environment became more of a real-time, transaction-oriented environment. Suburban's needs quickly outgrew the existing network.

"This was a customer we had worked with for years," says Kelly Lynk, managing director for the Cisco Global Alliance for Unisys (Blue Bell, PA). "We were doing desktop support for them and became increasingly aware of their need for a better network connection from these remote locations. We knew we could bring value to the company by restructuring their network."

Dial-Up Is Slow And Unreliable
Suburban had modems at many of the smaller remote locations connecting into a modem bank at the headquarters, which was tied into the server. While reliability and performance were issues, there were also huge costs associated with all of the long-distance phone calls being made.

One of the first things Unisys did was implement Cisco Systems' (San Jose, CA) PIX Firewalls across the network. The firewalls served to create a more secure environment. "By deploying the firewalls we protected their servers and data centers from intrusion and hacking," says Lynk. "Firewalls are put in front of the corporate network. When anyone tries to access the network by dial-up or the Internet, the firewall will identify whether it is an authorized user. It will also ensure that anything sent to the network does not contain viruses. This solution in and of itself made even the dial-up network more secure."

Secure Connections Via VPN
The second step involved installing a virtual private network (VPN). A VPN allows users to take advantage of the Internet to access a corporate network. "Accessing the network via the Internet would save the company a lot of money on phone calls," says Lynk. "But because the Internet is open to the public, messages going back and forth could be hacked. When setting up a VPN, the VPN will recognize authorized users and create a tunnel through the Internet so messages are secure. The VPN provides security just as if you purchased a dedicated network from a carrier, but at a significantly lower cost." In installing the VPN, Unisys used a VPN3000 concentrator from Cisco. A concentrator is located at the head end of a remote access network and brings all the remote access points into a single point. This is where the VPN is established between the headquarters and the local offices.

The VPN required all connections out to the remote offices to be changed, but the actual applications environment in the remote offices as well as the infrastructure in the home office were not changed. Unisys was required to perform integration work for the customer to ensure the network they installed worked with all the existing applications and infrastructure at both the home office and the 300 remote locations.

Thin Clients Simplify Upgrades
Unisys also installed thin client devices. Applications sitting on a PC are often tied into an application back at the headquarters. This requires very high-powered PCs running all of the applications needed throughout the day. With a thin client, customers can instead purchase low-cost monitors, keyboards, and controllers for the desktops with the bulk of the applications and data residing at the server level. The server can be at either the remote location or back at the headquarters. From an administrative standpoint, the advantage is that the IT department only has to put applications out to each server and the server will then service hundreds of thin clients. In a PC environment, upgrades would be required on every desktop.

The installation took several months because Unisys employees had to perform upgrades at all 300 locations. All upgrades also had to be performed without disruption to the network. This required the work to be performed a segment at a time.

The results were readily apparent to Suburban. The new network gives employees a much faster and more reliable connection. With the thin clients deployed throughout the network, the company also has a centralized application repository put in place. This replaced having to send CDs and diskettes on a regular basis to all of the offices as they tried to bring up new features of their existing applications or entirely new applications.

"With a dial-up connection, you are at the mercy of the phone company circuits you connect into on any single phone call," says Lynk. "Because of the size of Suburban Propane, they were dealing with many different phone companies across that environment." With the upgrade, the company gained faster access to network resources from all locations, accessibility to business applications from all locations, a higher level of network reliability, a more secure network because of the firewalls, and increased operational efficiencies and network performance.

"Any time we do a network transformation, one of the biggest objections we hear from customers revolves around the up-front price," says Lynk. "But from that standpoint, the return on this customer's investment was clear, especially in light of the boost in reliability, the more secure network, and the increased performance and efficiency in their operations."