- TunnelBear VPN review: An affordable, easy-to-use VPN with few a few notable pitfalls
- VMware Product Release Tracker (vTracker)
- I use this cheap Android tablet more than my iPad Pro - and it costs a fraction of the price
- One of my favorite budget tablets this year managed to be replace both my Kindle and iPad
- I tested DJI's palm-sized drone, and it captured things I had never seen before
Cofoge’s SD-WAN rollout provides unique customer selling point
Coforge, formerly known as NIIT Technologies, is a global digital services and solutions provider with a presence in 21 countries. The company has more than 20,000 employees, 250-plus customers, and 25 delivery centres spread across nine countries.
However, as recently as three years back, these numbers didn’t look as good. “In 2018-19, the India-based company had about 9,000 employees and 11 offices. This was when the management decided to accelerate growth by aggressively adding employees and newer geographies. The existing network infrastructure at that time, however, was severely inadequate and couldn’t have matched steps with the desired business growth,” says Jitender Mohan Bhardwaj, CIO and CISO at Coforge.
istock
The company was saddled with a distributed network architecture with multiple managed service providers to deal with. There were issues such as high network maintenance costs, poor collaboration experience, only moderate data security, and excessive time for customer onboarding. It ultimately turned to an SD-WAN (software-defined wide area network) to address all these issues.
Sushant Rabra, a partner at KPMG, says the benefits Coforge saw are in accordance with the potential of SD-WAN. “Large and complex organisations, with a lot of legacy infrastructure, pay through their noses when it comes to network connectivity. Managing different service providers, ensuring point-to-point quality of service, and delivering at the right speed are all a burden on companies. The cost savings of 25% to 30% achieved by leveraging SD-WAN, therefore, doesn’t surprise me. The technology uses the same network more efficiently, thereby lowering costs,” he says.
KPMG’s Rabra says the technology is “fairly mature” and its adoption in multinational enterprises, financial services and manufacturing companies will increase going forward. Various reports peg the SD-WAN market growth in India at 24% to 30% annually. “There are several drivers for this growth. COVID has led to a disruption in the location of work. [In India,] companies are now looking at opening offices in smaller cities such as Coimbatore and Lucknow. The explosion of data from varied sources such as IoT and video analytics is driving an explosion in network outreach. With 5G launch around the corner, there will be thousands of sources to connect to. In such a scenario, the classical mode of connectivity is too complicated. SD-WAN can help overcome all these challenges,” he says.
Legacy network infrastructure posed multiple business and technology challenges
As Coforge had overseas development centres at various locations, there were network termination links at each of the sites. To manage these sites, it had to deploy several network engineers, which increased the cost of maintaining the network. “Besides, the teams had to manually migrate failover traffic from one ISP [internet service provider] to other during service degradations. Managing bandwidth of ODCs [overseas development centres] in different time zones of the US, Europe, and Australia was also a challenge,” says Bhardwaj.
“One of the first things a potential customer asks is how much time will it take to set up the IT infrastructure. If I must onboard a customer, I need network connectivity at that place. So, mastering this turnaround time and uptime, once the customer was onboarded, was also on our priority list,” he says.
The emergence of cloud as a business differentiator was another driver for the company to take a new look at its existing network infrastructure. “For instance, earlier, people had Microsoft Exchange on their premises. But with the advent of Office 365, you need to have better cloud connectivity and control over bandwidth optimisation. SaaS collaboration solutions were also gaining traction. In a distributed architecture with multiple service providers in multiple locations, managing all this was a nightmare,” Bhardwaj says.
With a spurt in cyberattacks, there was also a need for a single pane of view of what was happening in the company’s infrastructure. “We needed to know if any link was going down, if a particular router was under threat, or if there was a DDoS attack happening. It was critical to monitor any abnormal traffic flowing from a particular IP address, which could indicate a ransomware attack or malicious activity. Unfortunately, we were unable to track all this with the multiprovider setup,” he says.
Zeroing in on SD-WAN as the right solution
To overcome these bottlenecks in the way of business growth, Coforge decided to implement an SD-WAN.
“In 2019, SD-WAN was a new concept, with few implementations in the country. We therefore decided to go for a proof of concept to see how the solution would work in the company’s environment. Proof of concept is normally done in controlled environments. [But] once the controls are off and the solution experiences full load, performance degrades. Several projects have been rolled back because of this,” Bhardwaj says.
To avoid such a situation, Bhardwaj decided to go for a proof of concept with full load. Locations at two cities that didn’t have too much traffic were run live in parallel, with traffic was diverted to them.
“We spent considerable time of about eight weeks in this because we wanted to test the solution with full load. If successful, this could be the template for other cities. Once we were satisfied with the outcome, we decided to go ahead,” he says.
After a cost-benefit analysis and looking at the lack of relevant skills in the market, the company decided to go ahead with the implementation through the managed services route. Coforge provided sitewide configuration to the service provider, and the implementation was done remotely with policy push at all SD-WAN customer premises equipment (the routers). There were WAN links at Coforge’s offices, the controller was deployed at the ISP cloud to centrally manage all the customer premises equipment, and a cloud gateway was established for connectivity with other locations.
Coforge implemented the SD-WAN across 11 office locations, including Greater Noida, Mumbai, Hyderabad, and even foreign locations such as Atlanta, New Jersey, and London. The project took six months to complete and went live just before the COVID-19 pandemic started.
Appropriate planning to ensure setup with minimal disruption
Bhardwaj divided the project into smaller pieces “to monitor its success and ensure that learnings from each phase are ploughed back into the next phase. Phase 0 involved a lot of brainstorming with our service providers and customers. In phase 1, high-level designs were done, requirements were frozen, and risk mitigation was completed. We identified the cities and conducted the proof of concept in phases 2 and 3. Some of our customers have point-to-point connectivity, while some of them have IPsec tunnel connectivity. In some cases, we had to set up VPN for them. This was taken up in phase 4 where we worked closely with our customers’ IT teams,” says Bhardwaj.
Communication with the technology provider is a bigger challenge. Often, there is a gap between what is promised and what is delivered. So Bhardwaj fixed daily, weekly, and fortnightly meetings to get timely and frequent updates on the project.
“Besides the daily and weekly calls with the service provider’s team, I used to have an in-person meeting with their seniormost person in the country every fortnight. SD-WAN routers were the only hardware needed for the project and their timely delivery was crucial. The meeting helped in tracking the delivery time and the make of the equipment. This helped us to do the back-end calculation and come up with the critical path of the project life cycle,” he says.
Coforge also imparted training to its people for smooth functioning of the SD-WAN after it went live. “We knew we were the project manager and would have to run the project subsequently. So, we invested in our people by getting them trained and certified on the technology,” says Bhardwaj.
Achieving efficiency, security, agility, and cost reduction through the SD-WAN
With the SD-WAN deployment, Coforge has optimized its WAN Infrastructure, resulting in enhanced efficiency, security, and reduced costs, says Bhardwaj.
As part of the reorganisation and consolidation of infrastructure, the company moved from 44 internet links to 11 internet links. By replacing multiple service provider offering portions of the bandwidth with a single provider, Coforge was able to save costs.
With the entire network now managed from a central location, the need for on-site engineers also came down drastically, leading to further cost savings. “While there are one or two network engineers at critical locations, we have removed them from most locations. By remotely controlling the services, we were able to move 20% of our workforce from nonbillable projects to billable projects,” says Bhardwaj. Coforge also offers infrastructure management to its customers, and the excess manpower was shifted there.
“In such projects, one year is not enough to expect return on investment. We therefore looked at a three-year time frame. From a cost-benefit analysis, overall cost savings were in the range of 25% to 30% over three years,” he says.
Because SD-WAN provides a view of the network load at any point in time, it has helped the company achieve bandwidth optimisation. “If there is a process running in the US, we can give more bandwidth to it in the evening, while the same link can be used in the morning for a customer in Asia. Similarly, if there’s an important board meeting scheduled with certain processes running parallelly, we can prioritise bandwidth allocation at the click of a button,” says Bhardwaj.
Coforge was also able to optimise bandwidth for its cloud offerings. “A call over a collaboration tool could have multiple points of failure — a packet drop in the network, a challenge in the endpoint device, or an issue with the cloud service provider. “The SD WAN helps us proactively see where the packet drops are happening and automatically switches over to another link,” he says.
Similarly, with the adoption of Office 365, the MPLS and internet requirements have gone up. “The SD-WAN enables us to recalibrate our bandwidth according to the new infrastructure, thereby lending the much-needed agility,” says Bhardwaj.
Compared to the earlier days of MPLS and distributed architecture, “the company has also been able to accelerate customer onboarding by 50%. It used to take six to eight weeks, which has now come down to less than four weeks. This brings scalability in operations as we can quicky add a new office. Although this is an internal IT infrastructure, it becomes a selling point for my sales team when they approach customers,” Bhardwaj says.
On the aspect of cybersecurity, he says, “The SD-WAN provided us defence against DDoS. We were fortunate to implement it just before the pandemic as we saw lots of attacks during this time on our infrastructure.” KMPG’s Rabra advises, “The SD-WAN initiative should run in parallel to the cybersecurity initiative. As the technology would bring all traffic under one roof, it becomes even more important to enhance the security of the network. While there is some amount of security in-built in SDWAN and it provides visibility at the packet level, technology leaders would need to know what’s happening with data at the broader level.”
With SD-WAN’s active/active mode, which allows for automatic failover without manual intervention, Coforge ensures 99.999% uptime for its customers. In the absence of committing such high uptimes, the organisation risks losing revenue.
“Since the deployment, we have grown tremendously, almost double of our size in terms of revenue and manpower. We have already rolled out SD-WAN to all our offices and delivery centres and will keep extending it to new offices as and when we add them,” says Bhardwaj.