Cenegenics Builds Resilient Cisco Network to Support Its Growing Practice

It is easier to have just one specific vendor, especially for the switching gear, because there is a lot you have to worry about.”
– Dror Nisenbaum, IT Manager, Cenegenics

Pressures of Growth on IT

Dror Nisenbaum, IT Manager at Cenegenics, clearly remembers his first day of work. He arrived at eight o’clock in the morning, sat down and the phone rang before he could take the first sip of coffee. It was a disgruntled user who had been waiting a month to fix an IT problem. Nisenbaum walked him through a solution right there on the phone. The user was pleasantly surprised and relieved, while for Nisenbaum it was a not-so-subtle hint of the road ahead. In fact, after spending four intense months working through the IT support backlog, he turned his attention to the challenge of redesigning and rebuilding the network and other IT infrastructure to support the company’s fast growth.

Cenegenics, based in Las Vegas, Nevada, is the largest age management practice with 20 medical centers in the United States serving more than 20,000 patients. Age management emphasizes prevention, as opposed to treating disease, and employs nutrition, exercise, supplements and hormone treatment under the care of a physician to maximize the quality of life for its patients as they age. Cenegenics is well known for ads showing one of its physicians, Dr. Jeff Life, a 72-year old man with the toned body of a youthful muscle builder.

Cenegenics experienced many years of rapid growth. From 2006 to 2012, it expanded from 3 medical centers in Las Vegas, Boca Raton and the Carolinas to 20 medical centers throughout the United States. The number of corporate staff at its headquarters in Las Vegas quadrupled. By any measure, the practice was successful and growing.

However, the expansion and growth put a strain on its aging IT infrastructure. Ten years ago, Cenegenics had a flat network with HP equipment supporting its users and applications. They added a voice over IP (VOIP) system. The VOIP provider installed Cisco networking equipment with power over Ethernet (POE) support, so they had two networks connected via uplinks, one for data and the other for voice. Unfortunately, the features and configurations were inconsistent and many problems arose. Phones did not power up if connected to the HP switches, and computers would not acquire the right IP addresses if connected to the Cisco switches. There were many dropped calls because the HP switches did not support QoS. Data storms flared up on a couple of occasions because of misconfigurations between the networks. The IT contractor who managed Cenegenic’s network was an HP reseller trained to support HP networking equipment, but not Cisco. They had to manufacture artificial phone problems and call the VOIP provider to get Cisco support. “It was very difficult. It was the perfect storm,” said Nisenbaum.

After the support backlog was finally under control and response times were reasonable, Nisenbaum focused on diagramming and labeling the entire network, including switches, cables, distribution points and servers. “I had to redo all of the wiring closets because it looked like a spaghetti ball,” he said. The jumble of cables and switches was so confusing they resorted to pulling cables after business hours and walking to the adjacent suite to see which device turned off. The result of the effort was a diagram that provided a comprehensive view of the infrastructure and identified the single points of failure.

Building a Consolidated, Highly Resilient Network

Next they developed a plan for a consolidated, highly-available, virtualized infrastructure. It included two Cisco Catalyst 3560-X switches as the core of the network and a Cisco 3945 Integrated Services Router to replace a SonicWALL router and one other that were too small for the expanded user load. The two 3560-X switches had redundant power supplies and were paired up for failover. Six existing Cisco Catalyst 3560s would serve as edge switches. Connections around the headquarters building would have four strands trunked in pairs to make a redundant fiber ring. Pipes between suites in the building would carry not more than one fiber optic cable to eliminate the risk of a severed pipe disrupting communication. The design also included three powerful Dell servers with dual six-core processors running VMware and a Dell EqualLogic iSCSI SAN with dual controllers connected via the 3560-X core switches.

Nisenbaum felt strongly that the network should be consolidated on Cisco equipment, not a mixed-vendor environment. “It is easier to have just one specific vendor, especially for the switching gear, because there is a lot you have to worry about,” he said. Nisenbaum is Cisco-certified and very comfortable using their equipment. Though he had some experience with HP and SonicWALL equipment, he thought some of their configuration procedures were unnecessarily complicated. “Having multiple vendors brings so much complexity… I wanted to consolidate everything to one vendor, so I can train my employees and make sure the team we have in place can manage it all.”

The plan was presented to Cenegenics’ executive board. The project cost was in the six figures, a substantial investment for a company of that size. Nisenbaum’s approach was to show them all the points of failure in their existing infrastructure. “If any of these devices goes down, this is the catastrophic effect. How much is it going to cost you per day if this doesn’t work? That was my pitch. I came in six months after one of their servers crashed and they were down for almost a week. What I was saying was very fresh in their minds,” he said. The board decided to approve and fund the project.

I can sum it up with one statement:  I can sleep at night.”
– Dror Nisenbaum

Uptime Makes Everyone Happy

Installation of the new equipment took four months because some aspects of the transition had to be handled carefully to avoid disrupting users. Today the company’s applications and users run on the rebuilt and highly resilient network as well as server and storage infrastructure. It has been 16 months since a server went down. While individual components have failed and had to be replaced, such as a GBIC on a switch, the redundancy of the design ensured that users did not experience downtime. Executives and staff are pleased because they can focus on running the practice and serving patients with a stable IT infrastructure supporting them.

Asked about how he feels about the situation now, Nisenbaum replied, “I can sum it up with one statement: I can sleep at night. When I had all the aging hardware and there was such a support backlog, I didn’t have a personal life. Now that things have slowed down, it gives me the ability to see how I can improve Cenegenics as a whole.”

 Copyright © 2012 Apropos LLC. All rights reserved.

Purewire Relies on Brocade for Delivering a Global Web Security Service with a Cloud-Based Infrastructure

We have two main goals. One is keeping users secure, and the second is not to disrupt normal web browsing activity.”
– Dr. Paul Judge, CTO and Co-Founder, Purewire

Software as a Service – Around the Globe

What infrastructure is needed to deliver a web-based software service with consistently fast performance to users around the world? While it is one matter to deliver performance to users in a dedicated, local environment, it is another altogether to deliver performance globally over the World Wide Web. This question of performance is one Purewire had to answer as it built out a data center infrastructure for its web security service, which it launched a little over a year ago.

Purewire is a software-as-a-service (SaaS) provider of web security services for organizations of all sizes – small businesses to Fortune 1000 enterprises. “Purewire provides a service to secure users while they are surfing the web,” said Dr. Paul Judge, chief technology officer and co-founder of Purewire. “We accelerate traffic, so they are getting legitimate content faster. We also are looking at the destination to make sure they are going to the appropriate places, especially in the case of businesses. And then the third thing we do is examine the responses from those websites to make sure they are not malicious and trying to attack the user’s PC or compromise that user’s computer.”

Purewire acts like a security guard sitting between a user and the web at large. “A user simply points outbound web surfing through the Purewire service. And regardless of the location or destination they are visiting, their web activity is going through this infrastructure,” he said.

The Purewire service appeals to enterprises because it offers comprehensive web security for their workers. Enterprises can enforce a user policy for web activities like browsing, web applications and social networks. It protects users inside and outside of a company’s firewall. Judge continued, “The Purewire service not only protects users when they are at the office, but also when the user picks up that laptop and goes across the street to the coffee shop or across the country to a hotel. Purewire is always in between that user and the web, so we have the same level protection regardless of location.” It applies to laptop PCs as well as mobile devices like the iPhone and Blackberry, which have previously gone unprotected. A cloud-based service also avoids having to install web security appliances at every remote or branch office. Thus, it is easier to deploy and centrally manage.

The challenge for Purewire was to deliver these security benefits without causing a perceivable slowdown in a user’s web experience, regardless of their location. “We have two main goals. One is keeping users secure, and the second is not to disrupt normal web browsing activity,” he said.

Brocade ServerIron for Global Server Load Balancing

Purewire set up server farms hosting its web security service in several data centers around the world. Then it needed a means to direct users to the best data center for the fastest response time, and within a data center, to route requests to the most available server. They chose Brocade ServerIron 350, ServerIron 450 and ServerIron 4G series of application delivery controllers to provide this global server load balancing and traffic routing capability. These application switches offered high performance and application throughput as well as ease of management in a globally distributed environment.

Dr. Judge elaborated, “No matter where a user is in the world, we need to reliably get their data routed to our data center and through our data center. So we use Brocade for load balancing and traffic redirection. Whenever a user is, say, in the middle of South America and decides they need to connect to a Purewire service, the load balancing will direct them to the appropriate data center. Then within that data center, we again use intelligent load balancing to direct that traffic to the best possible server.”

A user doesn’t know we’re there, unless and until we have to protect them from some threat.”
– Dr. Paul Judge

Performance as Designed

When asked if this cloud-based infrastructure is meeting expectations, Judge responded, “Yes, absolutely. Customers are delighted. Our channel partners are delighted. People are becoming more aware of the need to protect their users and more aware of the advantages of deploying that as a service. The number of customers that we service and the amount of traffic that we monitor is steadily increasing… The Purewire service is performing as designed – a user doesn’t know we’re there, unless and until we have to protect them from some threat.”

 Copyright © 2009 Apropos LLC. All rights reserved.