Johnsonville Sausage makes cutting-edge links with SD-WAN
- 08 January, 2020 04:21
About a year ago it was becoming clear to Johnsonville Sausage’s IT department that it had to modernize its wide area network to get costs down and simplify the overall enterprise network environment to effectively move the business forward.
The company embarked on a two-pronged path that moved its US and global business and industrial networks toward a software-defined WAN (SD-WAN) environment -- eliminating costly MPLS links -- and a more automated, controlled system that has restored quality of life back to IT, said Johnsonville Sausage Global Network Operations Manager Anthony Wild.
Johnsonville Sausage is privately owned, has about 2,000 employees and is headquartered in Sheboygan Falls, Wis. Founded in 1945, the company is known worldwide for its variety of sausage products, including Italian, breakfast and chicken sausage, bratwurst and meatballs.
Wild’s IT team of four is responsible for the core network, wireless , data center fabric, telecom and WAN. It’s hub-and-spoke designed network stretches from two data centers in Wisconsin – one in Sheboygan and one Milwaukee – to five other core campus locations across the US as well as international locations in Singapore, Japan and the Philippines. The network supports eight core production facilities, a number of water treatment plants and upkeeps some 50,000 endpoints with a host of business and industrial network servers, IoT devices and applications.
At the outset, the idea was to eliminate confusing topologies, multiple management siloes and disjointed alerting to problems, Wild said. The network did feature a number of Dynamic Multipoint VPN (DMVPN) overlays which offered enterprise scale VPN support but it wasn’t supporting what we needed, Wild said.
As it turned out, the revamping the WAN plan came at about the same time Cisco said its SD-WAN software would be supported across its family of core ISR/ASR routers. Johnsonville had 16 model Cisco ISR/ASR 4000s in core sites across its global network – some over five years old – and made the aggressive decision to upgrade the software on all of them to support SD-WAN features.
“We basically blew the dust off of some of them, upgraded the software, turned them on and did a live cutover,” Wild said. Each site has two ISRs so the company upgraded one at each site first, then if it worked as expected the other followed. “We were very aggressive in our rollout,” Wild said.
In its branch and sales offices, the company rolled out SD-WAN support in the form of Cisco’s Enterprise Network Compute System (ENCS). ENCS is a package of Cisco software and appliances that support SD-Branch, wireless and Enterprise Network Functions Virtualization (ENFV) capabilities in small branch offices.
“We were challenged by the business to provide low cost, consolidated services for beachhead locations. ENCS runs the latest and greatest WiFi 6 controller, latest most sophisticated NGFW, and SD-WAN plus has the room for additional workloads like Windows Servers. This lets us serve our remote office customers with the absolute latest in secure and robust connectivity in a 1U form factor,” Wild said.
“This is an absolute necessity for places where we also don’t have the floor capacity or HVAC requirements to place big iron, without sacrificing performance/capability. Someday as we refine our Cloud and IaaS strategy this will help us bridge the gap and balance premise and Cloud services through a graceful and sane migration path,” Wild said.
The rollout was simplified by the fact that in the core network no additional hardware was required. Across the branch sites, a home-grown template that defined what security, services and features got gear there configured and working quickly. “We live and die by templates,” Wild said.
All of those sites can now use high-bandwidth direct internet access lines. "With ENCS/ENFV we can bring up additional branch offices quickly across the globe with a few clicks, and we now have application visibility, assurance and alerting, and we can manage it all from one central location," Wild said.
Rolling out the SD-WAN environment also let the company revamp its telecom contracts as well – eliminating $200,000 in annual MPLS costs globally. “That move saved incalculable in human effort and man-hours and a substantial amount of money the company could reinvest in innovation,” he said.
In addition to the ISR SD-WAN rollout, Johnsonville is also piloting SD-WAN for industrial automation and factory deployment using Cisco SD-WAN software on the Cisco IR 1101 ruggedized integrated services router that will connect their wastewater treatment-plant facilities to the corporate network. “There is usable data in those locations that we never had any great access to, and we are trying to change that,” Wild said.
While the SD-WAN portion of the network was solidified and modernized, the company set out to further integrate the network and develop a central control tower for operations that allows Johnsonville to do even more with less, Wild said.
Core for this part of the company’s plans was the deeper integration of Cisco’s DNA Center and becoming an early adopter of its AI Network Analytics service. Johnsonville already had DNA Center to help manage its wireless networks and its Cisco-based core data-center networking environment made up of Cisco Application Centric Infrastructure (ACI)-driven Nexus 9000 switches.
ACI is Cisco’s core networking software that gives customers the flexibility to run and control applications anywhere they want across private or public clouds or at the edge while maintaining consistent network and security policies across their entire domain.
DNA Center is Cisco’s core-networking control platform that features myriad services from analytics, network management and automation capabilities to assurance setting, fabric provisioning and policy-based segmentation for enterprise networks.
AI Network Analytics is a software package that uses AI and machine learning techniques to learn network traffic and security patterns that can help customers spot and fix problems proactively across the enterprise.
"The idea was to simplify things further by having SD-WAN included in what we were doing with ACI and DNA Center," Wild said. DNA Center lets Johnsonville push security policies and manage the entire network from a central location.
“The Analytics program helps us spot problems quickly that no human would be able to figure out without a ton of work,” Wild said. He cited an example that involved what was a mystery network-performance problem at one of the company’s sites. A tiny Bluetooth radio on a forklift was throwing off so much interference it was bringing an operational network to its knees, and the Analytics program figured it out quickly. “There was no human way to sit and watch the data that was needed to figure that out,’ Wild said.
"The Analytics program also reduces the amount of alerts the IT team gets because it is homed in on what we consider to be important," Wild noted.
The company expects to move toward a more automated, intent-based network in the future. “As the technology matures, the automation gets better and everything becomes more tightly integrated, the opportunities are boundless,” Wild said.