Case Studies Archive Search Case Studies

Consulting Firm Avoids Significant Infrastructure Costs, Improves Application Availability

With roughly 70 percent of its consultants working from client sites or from home, A.T. Kearney depends heavily on email, instant messaging, VoIP, and other unified communications services. The company needed to ensure that these tools are secure and available to users from any location and on any device.

A.T. Kearney replaced its existing load balancing solution with F5 advanced Application Delivery Controllers that intelligently manage traffic across the firm’s global network. With this solution, A.T. Kearney eliminated the need for costly infrastructure investments at branch offices worldwide and, at the same time, dramatically improved application availability and performance.

Business Challenges

Headquartered in Chicago, A.T. Kearney is a global management consulting firm that helps enterprises achieve business objectives in areas such as strategic IT, mergers and acquisitions, complexity management, manufacturing and supply chain management. With 52 offices in 36 countries and more than 3,500 users worldwide, the firm’s unified communications (UC) system is one of the most important tools employees have for communicating with each other and with clients, whether by phone, email instant message, or audio/video conference. To deliver these services, A.T. Kearney relies on the Microsoft Office product suite, as well as SharePoint Server, Office Communications Server (OCS) 2007, and other solutions. When users work remotely, they can access OCS without a VPN connection, but they can’t access other critical business applications in the same way.

“We wanted to improve the performance and availability of all our applications from any device,” says A.T. Kearney’s Global Network Architect, Kevin Rice, adding that about 300 of the firm’s executives are now using iPads. “Long term, we want users to have access to all the applications they need without requiring a VPN connection.  Currently, we have between 400 and 700 concurrent VPN connections at any given time during the day.”

The core infrastructure in A.T. Kearney’s two Chicago-area data centers was based on Cisco Systems’ solutions, including Cisco routers that handled network load balancing. “Whether users were in London, Bangkok, Tokyo, or San Francisco, all their critical applications and data were served from our primary data center in Chicago,” says Rice.

Rice continues, “The challenge with our existing solution was that it didn’t offer the flexibility for us to have an active/active data center model; we were limited to an active/passive one. That meant we couldn’t load balance traffic between the two data centers, so our secondary data center was purely a disaster recovery site. The majority of the time it just sat dormant, and we realized that was a huge waste of costly, high-end resources.” Downtime was also an issue because the secondary data center had to be down in order to migrate and bring up applications there.

To adequately serve its growing number of users worldwide, one option for A.T. Kearney was to serve applications from regional or branch locations, but that would have required either building additional data centers in Europe and Asia or deploying application servers in each branch office.  Rather than taking a step backward with a distributed application model, Rice says, “We wanted a forward-looking solution that supported a private cloud, enabled traffic management between our two data centers, and helped us better utilize our existing infrastructure.”

“When we moved our Microsoft application server behind the BIG-IP LTM devices, we immediately saw a dramatic performance improvement—the difference was like night and day.” Kevin Rice, Global Network Architect, A.T. Kearney

Solution

After evaluating the current vendor’s latest offerings and coming up short, Rice and his team decided to evaluate other vendors.  “We quickly discovered that the F5 solutions were able to deliver exactly what we were looking for,” says Rice, referring specifically to F5 BIG-IP Local Traffic Manager (LTM) and BIG-IP Global Traffic Manager (GTM).

“Comparatively, the F5 solution required a lot less infrastructure than our current vendors’ offerings,” says Rice. “We chose F5 based on its overall capabilities and the sheer reduction in infrastructure it provided.”

The relationship between F5 and Microsoft also had a part in A.T. Kearney’s decision.  Rice explains, “It appeared that F5 and Microsoft had done a lot of work together to integrate their products—that close integration between F5 and Microsoft was a driving factor in our decision.”

In May 2010, A.T. Kearney replaced its existing Cisco routers with two BIG-IP LTM devices in each data center. These devices,  which now sit in front of all Microsoft application servers (Exchange Server, SharePoint Server, OCS, Lync Server, and ActiveSync), not only intelligently load  balance and manage all network traffic— they also provide advanced application  security, acceleration, and optimization.

A.T. Kearney also deployed BIG-IP GTM to intelligently manage traffic between its two data centers. BIG-IP GTM distributes user requests based on business policy, data center and network conditions, and application performance by automatically directing requests to the best-performing data center.

To assist in upgrading Microsoft OCS 2007 to the newer Microsoft Lync Server 2010 platform, A.T. Kearney is using the F5 Application Ready Solution for Microsoft Lync Server 2010. This solution includes application-specific templates and detailed configuration guidance that can reduce the time required to deploy Lync Server by one-third. To further support a dynamic IT infrastructure, A.T. Kearney is planning to use the F5 Management Plug-In for VMware sphere to apply existing BIG-IP LTM traffic management policies to newly provisioned virtual machines.

“With F5, we were able to avoid substantial infrastructure investments at our branch offices.” Kevin Rice, Global Network Architect, A.T. Kearney

Benefits

By deploying BIG-IP Local Traffic Manager and BIG-IP Global Traffic Manager, A.T. Kearney accomplished its goals to fully utilize its existing IT resources, curtail additional infrastructure costs, and improve application availability.

 Maximizing IT investment

A.T. Kearney paid too high a price to build and maintain a secondary data center that was essentially inactive. As a result of deploying BIG-IP LTM and BIG-IP GTM, both sites now function as fully active data centers while providing disaster recovery.  If one data center were to go down entirely, BIG-IP GTM would dynamically and transparently route traffic to the other data center.

With the F5 solution providing redundancy across data centers, A.T. Kearney was able to repurpose many of the high-end dual servers that previously front-ended all its tier one applications. The firm moved many servers to its branch offices where they are now used as mediation servers—integral components of Microsoft Lync Server 2010 deployments. Mediation servers enable employees to take advantage of the VoIP feature in OCS and Lync Server to make phone calls toll-free or at competitive rates.

A.T. Kearney sent additional servers to branch offices, repurposing them as VMware ESX-based virtual machine servers that are used as local file and print servers or to host non–mission critical applications.

Infrastructure control and cost avoidance

Because A.T. Kearney is now able to serve applications and data to users worldwide from both data centers, it avoided the expense of purchasing new infrastructure components for its branch offices to support a distributed computing model.

“A couple of years ago we looked at just the licensing cost to duplicate the Chicago infrastructure elsewhere, such as in Europe, for example. The estimate was about $60,000 per month—and that was just for the licensing costs,” says Rice. Multiply that by 12 months and three or four sites, and the savings is significant—including infrastructure expenses, it’s somewhere between $1 million and $2 million per year per site.

“With F5, we were able to avoid substantial infrastructure investments at our branch offices,” Rice says. “And we’ve successfully centralized all our applications across our two data centers in Chicago without sacrificing the redundancy we need or the availability and performance our users expect.”

 Improved performance

Rice says he and his team didn’t realize how significantly the existing routers degraded application performance because the routers never indicated any utilization or throughput issues, nor did the network itself.  “When we moved our Microsoft application servers (such as SharePoint) behind the BIG-IP LTM devices, we immediately noticed a dramatic performance improvement— the difference was like night and day. The performance of those servers was very noticeable—and not just with SharePoint but with all of our applications at all of our sites.” Rice notes that pages that previously took a minute or more to download are now loading in less than five seconds.

A.T. Kearney’s custom-built applications also performed noticeably better with BIG-IP LTM alone, but when BIG-IP WebAccelerator was added, the performance improved even more. BIG-IP WebAccelerator is specifically designed to improve performance of web applications for users who are not located near the corporate data center and often experience degraded service or no service at all. As a result of the incremental performance increase, Rice’s team is now testing SharePoint 2010 and other custom-built applications with BIG-IP WebAccelerator to see how significantly it can boost performance across the board.

Rice adds that there’s no question that user productivity has improved, but he says it’s difficult to measure with hard numbers.  “Users are happy and using the applications.  We get virtually no performance-related support calls from users, so clearly things are working much better now.”

Simplified deployment and management

For A.T. Kearney, the F5 solution goes a long way toward simplifying IT tasks. Rice says F5 provides many helpful integration tools such as the templates included in the F5 Application Ready Solution for Lync Server 2010 and the F5 Management Plug-In for VMware vSphere.

The team also made use of F5 iRules, a powerful scripting language that enables developers to control and customize traffic management. “We manage well over 100 web parts that support hundreds of applications, so we’ve written some iRules for redirecting users to different SharePoint sites,” says Rice, explaining that before, the team used a web server to perform SharePoint redirects.

Rice continues, “IRules provides a more comprehensive solution because it enables us to offload the burden of redirects from the web server coupled with a UI for easier management. It also gives us a level of reporting and the ability to look at usage that we didn’t have previously.”

A.T. Kearney also found that the F5 DevCentral online community and AskF5 Knowledge Base provided helpful resources for a successful deployment.  DevCentral is a community-driven website where developers and network professionals can get application development and networking tips, share best practices, and post code examples. “I can’t say enough about how important and useful DevCentral and AskF5 are to us,” says Rice. “Getting feedback from ordinary users really helped us craft some of the concepts and strategies we wanted to put in place using iRules.”

Rice also appreciates that he can create partitions with the F5 solution. “On my team, I have different groups of people who manage different things, so with partitioning, I’m able to give people access only to the things they need access to.” With this feature, Rice can enable application developers to maintain their own applications.  “They can take their servers out of the rotation whenever they do maintenance.  That’s a very helpful feature that we didn’t have before.”