Printing firm dumps MPLS service

Shortcomings of an MPLS service led printing firm Wise Business Forms to dump the network service in favor of an Internet-based VPN that delivers better speed at less cost and will pay for itself in 16 months.

The firm's 250 users had recurring troubles with reliability of the four AT&T T-1s feeding MPLS to its Alpharetta, Ga., headquarters, says Marc Picardo, director of IT for Wise, but the determining factor was cost not performance.

When the private company installed a new digital printing application that would boost the bandwidth requirements among its eight locations spread out in six states east of the Mississippi, Picardo started looking for less-expensive options than the $1,400 to $1,800 per month per site that doubling up the 1.5M bps MPLS T-1s would cost. The monthly cost per site of the VPN connections, which double the bandwidth of the T-1s, is about $250, he says -- less than he was paying for the MPLS service.

Click to see: Diagram of Wise Business Form's network

Wise's system integrators, Perket Technologies, recommended using the Internet as the WAN and connecting to it via lower-cost DSL and cable connections. Having a DSL link to an ISP and a cable link to another ISP at each site, they would have redundant services to maintain reliability, Picardo says.

Perket, which had initially assisted Wise in converting from frame relay to MPLS two years ago, recommended dual Stonesoft StoneGate firewall/VPN appliances at each site to link them to the Internet. Picardo says the firewalls can use both Internet connections simultaneously to load balance traffic at each site, and if one link goes down the devices failover to the other line.

One of the more time-consuming jobs of the transition was lining up the DSL and cable services. Because of the wide dispersion of the sites and the mix of access technologies, Picardo had to contract for WAN services with nine separate providers.

Now that all the lines are in, that number of providers doesn't create extra work. If a line fails, he makes a call to the provider of that line; he'd have to make such a call even if there were just one provider. So far, the only outages the VPN has experienced were due to problems inside the providers' networks, not on the last-mile access lines to Wise sites, he says.

Bandwidth the cable and DSL links provide is ample, and when one line has failed, the StoneGate appliances have diverted all traffic to the second connection.

At the same time, Wise moved its data center from its headquarters office to a collocation site to avoid issues the company had been having with losing power for so long at the data center that its UPS would run out of juice. Unlike the corporate sites, the data center is connected to the Internet via a 7M bps connection that can burst to 10M bps to handle peak traffic, he says. That way at peak times when corporate sites are each sending heavy traffic, the connection to the data center doesn't become a choke point.

One downside of cobbling together DSL connections is that the available speeds vary due to the quality of copper lines and the distance between the corporate sites and the providers' central offices. The worst case for Wise is at its headquarters, where the maximum upstream DSL speed it can get is 512K bps, which is inadequate in times of high use, Picardo says. As a stopgap he installed two DSL lines to give an aggregate of 1M bps. Cable service in the area was prohibitively expensive because the provider would have to extend its network at Wise's expense.