Electronics retailer CompUSA is popular among seekers of high-tech upgrades, whether for superfast PCs, photo-quality printers or the latest games.When it came time for CompUSA to upgrade the network supporting its 230 U.S. stores, the No. 2 consumer electronics retailer reached for some leading-edge technologies for its own use: voice over IP (VoIP), Wi-Fi and a converged IP VPN\/frame relay WAN."We tell our customers we've got the leading technology, and now we're starting to use some of that ourselves," says Ken Monroe, director of IT communications and support services. "There are a lot of savings out there with [VoIP] and wireless."One problem CompUSA wants to address is its expensive telecom infrastructure. The company has Nortel Meridian PBXs in each store, but these systems are basically islands - there is no unified management, and long-distance calls result in big monthly bills."Stores are always calling each other for inventory checks, or for personnel transfers," Monroe says.He estimates the company can save about $2.7 million over five years by moving inter-store calls off of the public switched telephone network and onto CompUSA's data network. With IP PBXs on CompUSA's backbone, software updates and maintenance to the systems also could be done centrally.Monroe and his staff evaluated Alcatel, Cisco and Mitel IP PBX offerings. But the Alcatel product proved too costly so it came down to Cisco's CallManager IP PBX and Mitel's ICP 3300."The problem with Cisco was it didn't have a PBX feature we use extensively - multiple call ringing," he says. Having the ability of an incoming call to ring multiple phones is useful in retail, Monroe says. That left the Mitel box as the primary choice.The next step was to bring the Mitel ICP 3300 into the lab. "The first thing we did was sic our security people on the product," Monroe says. "They're basically a couple of hackers. We tell them go break things, so they went into the Mitel box and broke it. We test everything that way."The ICP 3300 is a Linux-based appliance with an operating system modified to support only IP PBX functions. But Monroe's staff found some problems."The Mitel [IP PBX] just had a ton of ports open," says Rob Hilliard, WAN manager at CompUSA, who helped discover the vulnerabilities. The ports let Hilliard and Security Manager Pat Hykkonen reach the appliance's operating system and shut it down. "That was the configuration straight out of the box," Hilliard says. "The developers must not have thought about that. We told them, and they fixed it."Now the IT group has more confidence in the product, he says.Each CompUSA store will get an ICP 3300 and up to 50 IP telephones. CompUSA also is upgrading store LANs, installing Cisco Catalyst 2900 series switches that support 802.1p traffic prioritization. That will ensure voice packets are given top priority when switched over the LAN and WAN.Most CompUSA stores have product support\/repair departments and provide in-store training classes, and some stores provide small-business IT services.These subgroups have unique call-feature requirements, such as voice mail for the service groups, hunt groups for support technicians, and multi-line calling and paging for sales. The Mitel box supports these functions. "We wanted the changeover to be as transparent as possible to our staff" in terms of features available, Monroe says.Thirty of the Mitel boxes have been deployed and another 168 will be installed next year. The rest of the stores, and several new ones scheduled to be opened, will be upgraded in 2005. This schedule takes into account stores coming off Nortel leases. " We didn't want to buy a bunch of equipment and sit on it," Monroe says.Shaping up the WANBefore deploying the Mitel IP PBXs, Monroe and Hilliard decided the two 512K bit\/sec frame relay connections serving each store would not be adequate for VoIP. So the company opted to move its primary voice\/data backbone to a T-1-based IP VPN service from XO Communications. To back that up, each store will retain one 512K bit\/sec frame relay link.CompUSA worked with XO and AT&T engineers to combine the frame relay and VPN circuits into one virtual pipe that delivers more than 2M bit\/sec of bandwidth to each store. This trick, which is used for failover, is done with Enhanced IGRP, a Cisco routing protocol running on 2600 routers installed at each site. "If one line goes down, whether it's frame or VPN, the other carrier takes on the voice and data loads," Monroe says.XO also helped CompUSA configure quality-of-service settings between Mitel's gear and XO's network to ensure voice quality stayed consistent across the WAN. "We put the Mitels in the stores, pointed them to the new XO circuits, and they sounded beautiful," Monroe says.The IP VPN service from XO cost half as much as what the company was paying for one AT&T frame relay circuit. And now the WAN is twice as fast.Cutting wires and costsCompUSA also is benefiting from integration with its new in-store LANs. Putting voice on the LAN infrastructure in stores saves on phone wiring, Monroe says. Cabling costs are reduced by rolling out Wi-Fi on store floors. Combined, these savings will amount to $30,000 per store, he says.A combination of new Cisco wired and wireless LAN gear, and some creative network configurations, will let the retailer better serve the vendors whose gadgets it sells."Lots of vendors want to do kiosk displays, which require moving a lot of things around the store floors," Monroe says. "That's also a lot of cabling moving around."Instead of hard-wiring displays as in the past, CompUSA is in the process of installing Cisco Aironet Wi-Fi gear in the kiosks. A wired switch or hub is used to connect products in the display, and then wirelessly tie the kiosks to the store's wired network.To avoid giving display PCs open access to store networks - where IP voice and sensitive data such as sales figures and credit card numbers are flying around - CompUSA is setting up secure virtual LANs (VLAN) with the Cisco Catalyst 2900 switches in each store. One VLAN is dedicated to display merchandise that requires Internet access."PC vendors want Internet access for their machines," Monroe says. "AOL also has displays in our stores and they need access out. The VLAN gives everyone a secure, separate pipe to get to the Internet, and nothing else in the store."This wireless VLAN also keeps snooping Wi-Fi users off the company's corporate network, he says.