- Global supply chain management company uses Meraki to manage over 25 locations
- Air Marshal used to ensure network security in locations without on-site IT support
- Speed of Meraki deployment crucial in dynamic supply chain environment
Bilal Khan, ATC’s Global Network Manager and Security Architect, learned about Meraki five years ago through a Meraki webinar at his previous position. When Bilal started at ATC, he found that the company was using “off-the-shelf Wi-Fi” and a standard small/medium business (SMB) solution. Since there was no integration or centralized management console, he quickly realized that he needed to replace the entire wireless environment with something more secure, scalable, and manageable. He architected and proposed to deploy Meraki wireless APs in all ATC warehouses domestically and many of their warehouses abroad.
Our network problems have been reduced quite significantly, I would say by about 80% when we went full stack Meraki. Bilal Khan, Global Network Manager and Security ArchitectOne of the ATC IT network and security teams’ favorite features of Meraki APs has been Air Marshal, which helps identify and disable rogue APs. This feature is particularly useful when dealing with contractors in their warehouses abroad. Air Marshal has been most valuable especially in the international locations where there is no IT staff member on-site. Since Air Marshal can be set to automatically disable rogue APs on the network, the team can rest assured that their Meraki AP is protecting the network from wireless threats 24/7/365.
Additionally, ATC takes full advantage of their Meraki APs’ ability to broadcast multiple SSIDs and shape traffic based on a variety of factors. Depending on the role of the person a guest SSID, a contractor SSID, a corporate office SSID, or VoIP SSID is assigned. Bilal points out that there are “different traffic shaping policies depending on the SSID. We also do time of day, speed bursting, and RADIUS authentication with wireless.” The Meraki dashboard allows for network administrators to choose various forms of user authentication (such as RADIUS, LDAP, Active Directory, and more), throttle bandwidth on a per-client or per-SSID basis, and even use a feature called SpeedBurst. SpeedBurst allows each client to exceed their assigned bandwidth limit in a “burst” for a short period of time, making their experience feel snappier while still preventing any one user from consuming more than their allotted share of bandwidth over the longer term.
Under Bilal’s direction ATC technology team started by only using Meraki wireless APs in their locations, but quickly moved to using Meraki switches as well when it was time to decommission end-of-life switches. When Meraki switches were implemented ATC business users experienced performance improvement immediately. In addition, the unique Meraki virtual stacking functionality allows for ATC’s IT team to push bulk configuration changes to their Meraki switches, even when those switches are not connected to each other or even in the same geographic area. This is especially useful to supply-chain management companies that require seamless network integration and management in different cities, countries, or continents.
When their existing security solution had reached end-of-life, the team deployed the final piece of the Meraki hardware stack, the MX Security Appliance. Before deploying MX, they had been using traditional firewall solutions alongside Meraki equipment. Once the ATC team began using MX, however, the value of Meraki Auto VPN became clearer. When you plug in the MX it builds a dynamic VPN with other locations. That actually has a very significant impact on how ATC IT team manage their network. In addition to dynamic VPN capabilities, ATC implements traditional site-to-site VPN as required by their third party partners. As a result, they have a hybrid system split between site-to-site and dynamic VPN via the Meraki MX appliance.
In explaining the benefits of a full stack of Meraki hardware in some of their warehouses, Bilal said, “The biggest thing for us is the full end-to-end visibility. From Layer 7 visibility to a user putting in a support ticket, we can drill down from their device to what AP they’re connecting to, to which switch that AP is connecting to, and then all the way to the MX, and from the MX out to the Internet.” Their previous solution offered almost no visibility and monitoring/alerting. The ATC network team has been integrating more Meraki hardware in the various ATC offices and warehouses. ATC engineering team explains, “Our network problems have been reduced quite significantly, I would say by about 80% when we went full stack Meraki.”
For ATC field engineers visiting remote plants, the Meraki Z1 teleworker appliance is exceptionally useful in helping them securely relay their findings back to the corporate headquarters. For all the equipment and parts ATC sells, they have to be professionally checked and certified by the field engineers, especially if they are working in a remote plant. Once the engineers test the equipment, they hook up a 4G card to the Meraki Z1 and then the Z1 appliance can send live data back to the probe server in the datacenter.
Expounding on the benefits of Meraki in the sensitive area of government supply-chain management, Bilal says, “The security that Meraki provides is huge. For us, when we do supply-chain for the government, as you can imagine, there are a lot of compliance requirements: they want to know what devices you have, if you are using proper NDAs, and if you are adhering to the best practices. And having this in the cloud and not on premise, we don’t have to worry about security patches.” Additionally, the speed of a Meraki deployment makes a big difference in ATC’s dynamic environment of warehouses constantly opening and closing to meet market demands. Specifically, the team can use configurations and templates to immediately clone and push existing settings to APs, switches, and security appliances in only a few clicks. As he puts it, “We don’t have the flexibility of waiting and taking our time and setting up the warehouses. It’s like 1-2-3 and done. The quickness of the IT deployment in the supply-chain environment is a huge business advantage for ATC.”
Looking back on their experience implementing Meraki at ATC, Lookman Fazal, Global Head of Technology and Security at ATC, reaffirmed the value of the Meraki solution by saying, “At a lot of companies, there’s always a battle between how many resources you need and how lean you’re supposed to be. From an IT point of view, lean is good. But at the same time, you don’t want to sacrifice service. This helps us. Meraki’s implementation helps us fight the battle of being lean but still keep our service delivery at a very high level.”