op online jewelry supplier Fire Mountain Gems and Beads faced end-of-life devices in its mission-critical, on-premises data center. Replacing components and consolidating functions with a cost-effective F5 solution resulted in immediate performance improvements and a more secure, more easily managed, and readily extensible deployment.
Vendor support was due to expire for 12 critical devices in the Fire Mountain Gems and Beads network. Replacing the equipment with current but similar hardware and configurations promised to be expensive and provide limited benefits.
With so many critical touchpoints, network administration staff found that merely upgrading the topology was not cost effective nor beneficial to the company and its customers. Network administrators also found it difficult to adapt this environment to meet the demands of its growing worldwide online customer base, especially with its mission-critical requirement to maintain both security and availability during any changes.
The production environment offered few opportunities to evaluate fixes and enhancements before they were deployed. A viable solution would need to take advantage of advances in hardware and software to bring improvements in speed, security, manageability, and visibility, all while saving the organization money.
“We had to improve functionality without breaking the bank, and we wanted a platform that would give us the features we needed right away, plus the capability to expand as necessary,” explains Mike Sullivan, Network Architect at Fire Mountain Gems and Beads.
Fire Mountain Gems and Beads chose to replace its devices and upgrade its environment with the F5 BIG-IP product family. The company evaluated the F5 Good, Better, Best pricing model and determined that the comprehensive feature set included in the F5 Best licensing option would provide the broad functionality and specific capabilities it required.
Fire Mountain Gems and Beads now uses BIG-IP DNS and BIG-IP Local Traffic Manager (LTM) for intelligent traffic management, protection against malicious activity, and managed access to pooled resources in the back-end network. It secures administrative traffic with BIG-IP Access Policy Manager (APM), which provides two-factor authentication capabilities for internal VPNs. BIG-IP Application Security Manager (ASM) helps the company protect critical applications against a variety of security threats with an ISCA-certified web application firewall. BIG-IP ASM also gives administrators visibility into the network by enabling packet capture to track and diagnose client-server communications issues.
With F5 IP Intelligence Services, the company identifies known threats proactively and reduces the effort spent processing bad traffic in the data center.
Fire Mountain Gems and Beads administrators used F5 Professional Services to help speed deployment and ensure that they took full advantage of available options.
With its F5 deployment, Fire Mountain Gems and Beads has a more manageable, consolidated, extensible platform architecture featuring enhanced security and improved performance. This cost-effective solution positions the company well for the future, offering a better customer experience while enabling administrators to plan, test, and deploy new and changed services efficiently.
By replacing older discrete equipment and consolidating functionality in a modular architecture from F5, Fire Mountain Gems and Beads created a cost-effective deployment that can be extended readily to accommodate the growing demands of its online business. Administrators gained a flexible, integrated environment that is easier to manage, monitor, and secure.
The company’s upgraded platform offers a much improved customer experience, and the overall cost was about 50 percent less than would have been required for a parallel piecemeal update of the old system. With the Best licensing option, administrators can deploy features and capabilities as required, which saves the company up to 65 percent compared with the cost of purchasing components individually.
The F5 solution provides Fire Mountain Gems and Beads with a secure, efficient combination of VPN for administrative traffic and speedy routing for production traffic to back-end services. By adding intelligent traffic management, the company boosted its efficiency in resource usage, resulting in faster page loads—and ultimately the potential for increased business. Mike Sullivan notes, “We used to encounter time-consuming customer experience and performance issues; now things just work. Before F5, client server issues were much more difficult to diagnose.”
For administrators, two-factor authentication on the VPN helps keep back-end services secure, and high visibility into network traffic enables staff to identify issues proactively, as well as isolate and fix them responsively when required. “F5 technology allowed us to address issues that were otherwise unsolvable. Using advanced features as HTTP profiles and iRules, we’ve been able to fix problems in flight, allowing our customers to get to the content they want, regardless of the URL mangling that can occur on the Internet,” says Sullivan. “With BIG-IP ASM, we can see the return code and analyze the issue; then, in the case of mangled URLs, the LTM can look at the request and map bad sequences to good characters before it even hits the web server.”
The company’s use of F5 IP Intelligence Services further enhances both security and performance by blocking potential threats and suspicious sources before they even reach the Fire Mountain network.
Change management is a key task for network administrators at Fire Mountain Gems and Beads. To maintain a secure, responsive network, they need to be able to make configuration changes and updates quickly and with as little disruption as possible to the production environment. With their new F5 platform’s virtualization features, they can now configure and test updates to pooled applications servers easily before directing production traffic to those resources.
They also can test changes to security components safely before going live. “We can bring up a new firewall pair without disrupting web traffic at all,” says Sullivan. “We now manage change efficiently using F5 technologies. Virtualization allows us to be very nimble.”