SOUTH BAY BMW ACHIEVES UNMATCHED AVAILABILITY AND SECURITY WITH ITS CISCO NETWORK



Similar documents
CISCO PIX SECURITY APPLIANCE LICENSING

How To Get A New Phone System For Your Business

Cisco IOS Public-Key Infrastructure: Deployment Benefits and Features

CISCO CONTENT SWITCHING MODULE SOFTWARE VERSION 4.1(1) FOR THE CISCO CATALYST 6500 SERIES SWITCH AND CISCO 7600 SERIES ROUTER

CISCO METRO ETHERNET SERVICES AND SUPPORT

Cisco IT Data Center and Operations Control Center Tour

Cisco CNS NetFlow Collection Engine Version 4.0

Cisco Conference Connection

CISCO SMALL AND MEDIUM BUSINESS CLASS VOICE SOLUTIONS: CISCO CALLMANAGER EXPRESS BUNDLES

CISCO IP PHONE SERVICES SOFTWARE DEVELOPMENT KIT (SDK)

CISCO MDS 9000 FAMILY PERFORMANCE MANAGEMENT

THE CISCO CRM COMMUNICATIONS CONNECTOR GIVES EMPLOYEES SECURE, RELIABLE, AND CONVENIENT ACCESS TO CUSTOMER INFORMATION

Cisco CNS NetFlow Collection Engine Version 5.0

Cisco 2-Port OC-3/STM-1 Packet-over-SONET Port Adapter

Cisco Router and Security Device Manager File Management

NETWORK AVAILABILITY IMPROVEMENT SUPPORT OPERATIONAL RISK MANAGEMENT ANALYSIS

It looks like your regular telephone.

CISCO NETWORK CONNECTIVITY CENTER

Cisco Systems GigaStack Gigabit Interface Converter

Figure 1. The Cisco Aironet Power Injectors Provide Inline Power to Cisco Aironet Access Points and Bridges

CISCO IOS SOFTWARE FEATURE PACKS FOR THE CISCO 1700 SERIES MODULAR ACCESS ROUTERS AND CISCO 1800 SERIES (MODULAR) INTEGRATED SERVICES ROUTERS

THE BUSINESS CASE FOR MANAGED SERVICES IN SMALL AND MEDIUM-SIZED BUSINESSES

Cisco Secure Access Control Server Solution Engine

CISCO WIRELESS SECURITY SUITE

NetFlow Feature Acceleration

CISCO IOS IP SERVICE LEVEL AGREEMENT

PUBLIC KEY INFRASTRUCTURE CERTIFICATE REVOCATION LIST VERSUS ONLINE CERTIFICATE STATUS PROTOCOL

CISCO CATALYST 3750 SERIES SWITCHES

CISCO SFP OPTICS FOR PACKET-OVER-SONET/SDH AND ATM APPLICATIONS

E-Seminar. Financial Management Internet Business Solution Seminar

Cisco Blended Agent: Bringing Call Blending Capability to Your Enterprise

CISCO IOS SOFTWARE RELEASES 12.4 MAINLINE AND 12.4T FEATURE SETS FOR THE CISCO 3800 SERIES ROUTERS

PREVENTING WORM AND VIRUS OUTBREAKS WITH CISCO SELF-DEFENDING NETWORKS

HIGH-DENSITY PACKET VOICE DIGITAL SIGNAL PROCESSOR MODULE FOR CISCO IP COMMUNICATIONS SOLUTION

CISCO AIRONET POWER INJECTOR

CISCO IOS SOFTWARE RELEASES 12.4 MAINLINE AND 12.4T FEATURE SETS FOR THE CISCO 2800 SERIES ROUTERS

Cisco Aironet 1130AG Series

Combined voice and data solution supports Orange s ongoing success in the UK business market

Cisco GLBP Load Balancing Options

IS YOUR OLD PHONE SYSTEM HANGING UP YOUR DISTRICT? CISCO K 12 DIRECT LINE SOLUTION FOR IP COMMUNICATIONS

CISCO 7304 SERIES ROUTER PORT ADAPTER CARRIER CARD

CISCO ISDN BRI S/T WIC FOR THE CISCO 1700, 1800, 2600, 2800, 3600, 3700, AND 3800 SERIES

Cisco IOS Telephony Services Survivable/Standby Remote Site Telephony

Cisco IOS Firewall Intrusion Detection System

Cisco 7200 and 7500 Series Routers

Cisco Catalyst 6500 Series/Cisco 7600 Series Supervisor Engine 720-3BXL

Cisco IT Data Center and Operations Control Center Tour

IP Networking and the Advantages of consolidation

Cisco 7200 Series Enterprise WAN Aggregation Application

How To Outtask Metro Ether To A Managed Service Provider

CISCO CATALYST 6500 SUPERVISOR ENGINE 32

Cisco SMB Class Solutions Your Next Phone System Purchase

Cisco WebEx Social Compatibility Guide

Cisco 2600XM DSL Router Bundles

Serial Connectivity Network Modules for the 2600, 3600, and 3700 Series (NM-1HSSI, NM-4T, NM-4A/S, NM-8A/S, NM-16A/S, NM-16A, NM-32A)

CISCO CATALYST 6500 SERIES CONTENT SWITCHING MODULE

CISCO 10GBASE X2 MODULES

CISCO IP PHONE EXPANSION MODULE 7914

CISCO MEETINGPLACE FOR OUTLOOK 5.3

Cisco Intelligent Contact Management Enterprise Edition

CONNECT TO COMPREHENSIVE NETWORK SECURITY SOLUTIONS WITH THE CISCO IP NETWORK DEFENDER PROGRAM.

Cisco Solution Incentive Program Asia Pacific

Enabling High Availability for Voice Services in Cable Networks

DATA SHEET. GigaStack GBIC THE CISCO SYSTEMS GIGASTACK GIGABIT INTERFACE CONVERTER (GBIC) IS A VERSATILE, LOW-COST,

Cisco Outbound Option

Internal IT Staff at a Serbian Children s Hospital Takes Innovative Approach to Outpatient Care

CISCO NETWORK CONNECTIVITY CENTER MPLS MANAGER 1.0

Cisco Router and Security Device Manager Dial-Backup Solution

CISCO ATA 186 ANALOG TELEPHONE ADAPTOR

CISCO 7609 ROUTER ENHANCED 9-SLOT CHASSIS

City Government Improves Caller Service and Cultivates Economic Vitality

Cisco PBX Interoperability: Lucent/Avaya Definity G3si V7 PBX with CallManager using Analog FXS and FXO Interfaces as an MGCP Gateway

CISCO MEETINGPLACE MANAGED SERVICE

CISCO 100BASE-X SFP FOR FAST ETHERNET SFP PORTS

Optical Service Modules: OC-3/STM-1, OC-12/STM-4 and OC-48/STM-16 POS, OC-12/STM-4 ATM, Gigabit Ethernet WAN, Channelized T3 (CT3) and OC12/STM-4

What is network convergence all about?

The Palace of Versailles Goes Digital, Increasing Revenue and Enhancing Overall Visitor Experience

CISCO ATA 188 ANALOG TELEPHONE ADAPTOR

E-Seminar. E-Commerce Internet Business Solution Seminar

CISCO CALLMANAGER EXPRESS 3.2

Cisco AVVID Network Enterprise Data Center Solution Overview

Cisco Business Communications Solution. Brochure

IP Communications for Small Offices Using Cisco CallManager Express and Cisco Unity Express

CISCO ISDN BRI S/T WIC FOR THE CISCO 1700, 1800, 2600, 2800, 3600, 3700, AND 3800 SERIES

How To Connect A Cisco Aironet 350 Series Wireless Bridge To A Network With A Wireless Bridge

CISCO WAN MANAGER 15 DATA SHEET

CISCO DISTRIBUTED DENIAL OF SERVICE PROTECTION SOLUTION: LEADING DDOS PROTECTION FOR SERVICE PROVIDERS AND THEIR CUSTOMERS

Cisco Systems Brings World-Class Online Banking Solutions to State Bank of India

Cisco CSS Series Content Services Switch

SERIAL AND ASYNCHRONOUS HIGH-SPEED WAN INTERFACE CARDS FOR CISCO 1800, 2800, AND 3800 SERIES INTEGRATED SERVICES ROUTERS

networks (VPNs). models, the Cisco 800 series of routers addresses wide range Figure 1 Cisco 800 Series Routers give Small Offices and Corporate

SURGE PROTECTION CABLES FOR SMART SERIAL INTERFACES

Cisco Unified IP Conference Station 7936

END-OF-SALE AND END-OF-LIFE ANNOUNCEMENT FOR SELECTIVE CISCO CATALYST 6503, CATALYST 6506 AND CATALYST 6509 CHASSIS

Transcription:

CUSTOMER SUCCESS STORY SOUTH BAY BMW ACHIEVES UNMATCHED AVAILABILITY AND SECURITY WITH ITS CISCO NETWORK EXECUTIVE SUMMARY CUSTOMER NAME South Bay BMW INDUSTRY Automotive BUSINESS CHALLENGE Help assure high network availability for mission-critical applications Secure network from malicious attacks and unauthorized software installations Reduce costs associated with implementing emergency security measures NETWORK SOLUTION Cisco switching and routing solutions Cisco security solutions Cisco wireless solutions BUSINESS VALUE Dramatically improved network resiliency Significantly reduced costs of implementing security patches and helped eliminate downtime due to virus attacks Provided cost-effective wireless access across a 110,000-square-foot facility for automotive technicians, customers, and delivery of training materials South Bay BMW needed to guard its network and mission-critical applications against service-affecting fiber cuts and virus outbreaks. By choosing a secure, high-availability network from Cisco, South Bay BMW was able to build the ultimate dealership network. BUSINESS CHALLENGE When Hitchcock Automotive relocated its South Bay BMW dealership to accommodate a growing customer base, it moved into the ultimate sales and service facility in Torrance, California. From the beginning, the new facility was designed to be the flagship store for Hitchcock Automotive, including more than 110,000 square feet and 80 enclosed service bays. Hitchcock s corporate headquarters is connected to six dealerships, including South Bay BMW, and the company employs 600 employees who rely on its network. Rich Morris, vice president of information systems, is solely responsible for the company s networking capabilities. Hitchcock Automotive already had a network from Cisco Systems and the new South Bay BMW location offered a clean slate for implementing the most current networking features and capabilities. My primary concern is application availability, says Morris. If the network goes down, I have 150 employees at the South Bay BMW dealership who are unable to be productive. For example, if we spend $50,000 to run a weekend promotion and our main application is down, we will lose significant amounts of money. When it was time to build the network for the new facility, Morris insisted that the dealership build in maximum resiliency. In the past, the most common cause of network downtime was a fiber cut to the local service provider s T1 links. A severed line eliminated the dealership s WAN connection to headquarters and access to its main productivity application. In addition, Ethernet lines strung between multiple buildings made it difficult to create a high-availability, secure LAN. This made the local network susceptible to virus, worm, and spyware attacks, which slowed network performance. Furthermore, viruses and worms that entered the network were able to replicate and spread, making the entire corporate network vulnerable. Morris would often need to hire as many as 12 people to patch 150 systems every time new system patches and security updates became available as frequently as once or twice a month, costing $5000 6000 each time. All contents are Copyright 1992 2005 All rights reserved. Important Notices and Privacy Statement. Page 1 of 5

Without an army of network engineers and information systems staff to rely on, Morris chose to work with Praxis Computing, a Cisco Premier Partner. The Cisco Premier designation is awarded to independent computer consulting firms that have demonstrated a commitment to technical excellence and continuing education. Membership in the Cisco Premier Partner program provides Praxis Computing with the resources it needs to excel at implementing and supporting Cisco Systems network solutions. When I first decided to build a WAN, I talked to the big service providers, but I didn t think they understood our need for high availability, says Morris. That search led me to Jeff Roback at Praxis, and he listened to our needs and came back with a superior solution. I naturally turned to him to help when we moved the South Bay dealereship. Rich and I decided to take advantage of the new security and resiliency advancements in Cisco equipment, says Jeff Roback, vice president of engineering for Praxis. With a solid WAN in place, it was relatively easy to build on that foundation. I wanted to achieve network availability and security and we have absolutely done that and more. Rich Morris, Vice President, Information Systems, South Bay BMW, the Hitchcock Automotive Group NETWORK SOLUTION To help ensure that the new South Bay BMW network met Morris requirements for high availability and security, Roback upgraded the corporate router to a Cisco 3845 Integrated Services Router and installed Cisco 3825 integrated services routers at South Bay BMW. The Cisco 3800 Series integrated services routers support advanced security features, including intrusion prevention, stateful Cisco IOS Firewall support, antivirus defense support through Cisco Network Admission Control (NAC), and support for as many as 2500 VPN tunnels with the AIM-HPII- PLUS Module. South Bay BMW s routers also include optional Power over Ethernet (PoE), also known as inline power, allowing the routers to easily support peripheral devices, such as security cameras, and reduce the cost of supplying them with Ethernet cable and power. The Cisco 3800 Series integrated services routers integrate intelligent protection switching (IPS) in the router, allowing us to perform firewall functionality as network traffic flows through the router, says Roback, This helps to significantly improve our ability to secure the network. Redundant point-to-point T1 links connect headquarters to South Bay BMW s Cisco 3825 Integrated Services Router. At the dealership, Morris also deployed two Cisco Catalyst 3750 48-port switches with PoE for the LAN core. The Cisco Catalyst 3750 Series switches feature Cisco StackWise technology, providing scalability and high resiliency in a compact footprint. With Cisco StackWise technology, South Bay BMW can connect up to nine Cisco Catalyst 3750 Series switches and manage them as a single, 32-Gbps switching unit. With PoE, the Cisco Catalyst 3750 switches can also power a number of wireless access points deployed throughout the large facility. By connecting redundant switches to the Cisco 3825 Integrated Services Router, either switch could fail without compromising the network. Threat defense features are also built into Cisco Catalyst switches, helpping Morris to more effectively guard against viruses and worms. Seven Cisco Catalyst 2950 48-port switches are deployed in wiring closets, providing wire-speed Fast Ethernet and Gigabit Ethernet connectivity with a range of software features and configurations that allow Morris to select the functionality combination needed for South Bay BMW s network edge. All contents are Copyright 1992 2005 All rights reserved. Important Notices and Privacy Statement. Page 2 of 6

To further increase the network s security and resiliency levels, Roback recommended replacing the original Internet routers with Cisco 2811 integrated services routers. The Cisco 2811 routers offer advanced security services such as hardware encryption acceleration, IP Security (IPSec) VPN, firewall protection, inline intrusion prevention (IPS), Cisco Network Admission Control (NAC), and URL filtering support. In the event that the main router fails or both T1 links are broken, the entire network can failover to the Internet and use the Cisco 2811 integrated services routers VPN capabilities as a backup. Ten Cisco Aironet 1300 Series access points are deployed throughout the dealership, many of them located high overhead, making it difficult to run power or Ethernet cabling to connect them. Morris uses PoE on the Cisco Catalyst switches to power the access points, connecting half of the access points to one switch and the remainder to the second switch. If either switch fails, at least half of the access points will still be available and the CiscoWorks Wireless LAN Solution Engine (WLSE) will dynamically readjust the signal strength on the remaining access points to maintain the network s functionality. Roback also installed Cisco Security Agent on every employee desktop, further increasing the dealership s defenses against viruses, worms, spyware, and unauthorized software installations. Cisco Security Agent monitors each computer for abnormal behavior. Unlike antivirus software that depends on regular virus signature updates, Cisco Security Agent is not signature-based and protects the network regardless of the location s last antivirus update. By residing on desktop PCs and identifying invaders before they are able to reach the network, Cisco Security Agent can help to significantly limit potential damage. BUSINESS VALUE While fiber cuts and malicious software will always be potential threats, the South Bay BMW network is no longer as vulnerable. Morris says that the single most important benefit of the new Cisco network is its resiliency. Using Cisco integrated services routers, the new network can reroute around itself to avoid Internet failures not only at South Bay BMW, but at other dealership locations through the corporate headquarters. We re able to back up each dealers Internet feed with another dealer s feed, says Morris. Now, each Internet router monitors the Internet connection for outages, and if it detects one, it will dynamically reroute all of the Internet traffic from the BMW dealership over to the Ford dealership, for example. We ve had issues with fiber cuts, but our built-in redundancy has enabled us to overcome them. Managers from other locations can now visit the South Bay BMW location and log onto their network, increasing their productivity when they are away from their offices. With a highly available network, the dealership s primary dealer management system application is now always available to employees in sales, parts, service, used cars, accounting, and payroll. The flexibility to interconnect in different ways and provide for failover has been great, Morris says. The Internet is always available and it s fast. Our goal was to make the network transparent to our employees, and we ve achieved that. The PoE feature not only gave South Bay BMW flexibility in its wireless deployment, it also helped to significantly reduce the cost of running electrical wires and cabling in the building s 100-foot ceilings and to the service bays. In addition to providing auto technicians with secure, direct access to BMW s corporate network for troubleshooting and information, it gave South Bay BMW the ability to provide Wi-Fi access and entertainment for customers while they waited for their cars, as well as provide employees with easy access to training materials. Morris estimates that the cost of supplying power to the wireless system would have quadrupled without the PoE capabilities. They also allow each part of the wireless network to be secured individually. For example, the technician s wireless access to BMW s diagnostic network can be secured from the customers Wi-Fi access network. Employees have wireless access to the core dealer management system application. Each access point can determine whether the user is a BMW employee and if so, require that the transaction be encrypted before the network routes the traffic towards the dealer management system. If the user is a customer wanting to browse the Internet, the network allows them to browse only. The network can also distinguish and separate video camera traffic for security from satellite TV feeds. All contents are Copyright 1992 2005 All rights reserved. Important Notices and Privacy Statement. Page 3 of 6

Cisco Security Agent has saved Morris time and money. If a virus enters a PC, Cisco Security Agent prevents it from taking malicious action. When Roback and Morris first piloted the software, they installed it on half of the desktops. Two weeks later a virus outbreak occurred, and while the machines without Cisco Security Agent were affected, none of the equipped machines experienced any problems. The software guarded against spyware attacks as well. I don t spend any more of my Friday nights patching machines, says Morris. If a virus outbreak does happen, we have time to address the problem. Morris can successfully test patch compatibility with the dealership s main application and he spends less than half of what he did previously on support costs. Cisco Security Agent has almost eliminated problems with spyware, unauthorized software installations, and virus attacks. We also are subject to Gramm-Leach-Bliley Act compliance, he continues. With Cisco Security Agent and other security features built into our network, I can demonstrate that we have deployed effective security controls to protect information confidentiality. NEXT STEPS Roback and Morris are testing VPN failover capabilities before instituting it on the network. By transitioning to VPN failover as a backup strategy, Morris hopes to eliminate a TI connection and its monthly cost at each location without reducing network reliability. By investing in the network and building a secure, reliable infrastructure, I can focus on managing our critical productivity applications, says Morris. I wanted to achieve network availability and security and we have absolutely done that and more. FOR MORE INFORMATION To learn more about Cisco routing solutions, visit: http://www.cisco.com/go/routing. To learn more about Cisco switching solutions, visit: http://www.cisco.com/go/switching. To learn more about Cisco security solutions, visit: http://www.cisco.com/go/security. To learn more about Cisco wireless solutions, visit: http://www.cisco.com/go/wireless. To learn more about South Bay BMW, visit: http://www.southbaybmw.com/. To learn more about Praxis Computing, visit: http://www.praxis.com/. This customer story is based on information provided by South Bay BMW and describes how that particular organization benefits from the deployment of Cisco products. Many factors may have contributed to the results and benefits described; Cisco does not guarantee comparable results elsewhere. CISCO PROVIDES THIS PUBLICATION AS IS WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Some jurisdictions do not allow disclaimer of express or implied warranties, therefore this disclaimer may not apply to you. All contents are Copyright 1992 2005 All rights reserved. Important Notices and Privacy Statement. Page 4 of 6

Corporate Headquarters 170 West Tasman Drive San Jose, CA 95134-1706 USA www.cisco.com Tel: 408 526-4000 800 553-NETS (6387) Fax: 408 526-4100 European Headquarters Cisco Systems International BV Haarlerbergpark Haarlerbergweg 13-19 1101 CH Amsterdam The Netherlands www-europe.cisco.com Tel: 31 0 20 357 1000 Fax: 31 0 20 357 1100 Americas Headquarters 170 West Tasman Drive San Jose, CA 95134-1706 USA www.cisco.com Tel: 408 526-7660 Fax: 408 527-0883 Asia Pacific Headquarters 168 Robinson Road #28-01 Capital Tower Singapore 068912 www.cisco.com Tel: +65 6317 7777 Fax: +65 6317 7799 Cisco Systems has more than 200 offices in the following countries and regions. Addresses, phone numbers, and fax numbers are listed on the Cisco Website at www.cisco.com/go/offices. Argentina Australia Austria Belgium Brazil Bulgaria Canada Chile China PRC Colombia Costa Rica Croatia Cyprus Czech Republic Denmark Dubai, UAE Finland France Germany Greece Hong Kong SAR Hungary India Indonesia Ireland Israel Italy Japan Korea Luxembourg Malaysia Mexico The Netherlands New Zealand Norway Peru Philippines Poland Portugal Puerto Rico Romania Russia Saudi Arabia Scotland Singapore Slovakia Slovenia South Africa Spain Sweden Switzerland Taiwan Thailand Turkey Ukraine United Kingdom United States Venezuela Vietnam Zimbabwe All contents are Copyright 1992 2005 All rights reserved. Aironet, Catalyst, Cisco, Cisco Systems, the Cisco Systems logo, and IOS are registered trademarks or tracemarks of and/or its affiliates in the United States and certain other countries. All other trademarks mentioned in this document or Website are the property Cisco of their Systems, respective owners. Inc. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (0502R) DR/LW8091 03/05 All contents are Copyright 1992 2005 All rights reserved. Important Notices and Privacy Statement. Printed in the USA Page 5 of 6

All contents are Copyright 1992 2005 All rights reserved. Important Notices and Privacy Statement. Page 6 of 6

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information