peshkova - Fotolia
When Nigerian pirates and employees falling overboard rank as important company concerns, you don't have time to worry about network reliability.
While pirates and sea-based accidents might not draw much attention from most enterprises, they're occupational hazards for DSC Dredge LLC, a dredging supply company headquartered in Reserve, La.
With operations in 40 states and more than 40 countries -- including ones where piracy remains a valid threat -- managing DSC Dredge's 3G cellular-based WAN infrastructure used to connect the dredging machines was a constant challenge, said Richard Groce, the company's IT director.
Each machine had its own manually configured IPsec VPN tunnel through which data was passed along to corporate headquarters. That required DSC Dredge to fly technicians to various countries -- a costly proposition -- whenever a network needed to be set up or if troubleshooting was required.
Furthermore, to get the static IPs required for the cellular connections, Groce said his team needed to parse through various cellular companies -- a task made more difficult depending on the location. As a result, the company was forced to use a variety of 3G router brands and models in its distributed network design, further complicating management and configurations.
"We couldn't settle on one technology," he said. "Everything was configured separately for the individual dredge or individual location. We had to work with whatever cellular company was available at that location or in that country."
What DSC Dredge needed was a method to simplify its network connectivity to locations worldwide, while also providing a robust security foundation. To do that, it tapped Cradlepoint Inc. to install a network with 4G Long Term Evolution (LTE) connectivity, featuring software-defined perimeter security, across its fleet of dredges.
Establishing the LTE connectivity
Each dredge is now equipped with a Cradlepoint IBR1100 router, overseen by the vendor's NetCloud management software. DSC Dredge has upgraded its WAN to 4G LTE connectivity across the majority of its dredging sites, but it still must rely on slower 4G and even 3G speeds in regions of the world where higher-speed alternatives aren't available.
Before implementing Cradlepoint's routers and software-defined technology, Groce said it might have taken DSC Dredge weeks to configure a new dredge site. Now, with the upgraded distributed network design, he said that time has decreased considerably.
"When we put one of these Cradlepoints with the NetCloud on the router -- from commissioning a SIM card from the cellular service to having it up and running on NetCloud -- it may take 30 minutes, where it used to take 30 days," Groce said. And, he added, DSC Dredge can activate the router on site before shipping it off to the remote location. When it's powered-up, IT can see it via NetCloud, which helps eliminate costly travel expenses.
Although LTE connectivity as the sole network connection is relatively uncommon, Lee Doyle, analyst at Doyle Research, said he expects that type of deployment will grow in popularity, particularly as LTE evolves to the even faster 5G standard.
"The benefits are clear in terms of being able to leverage internet connections with high speed, low cost and reliability," Doyle said.
These benefits will help make LTE connectivity a more compelling option for enterprises.
"Wireless is going to be a real business broadband option," he said. "I don't think people are aware of that as broadly" as they might, mostly because the option is now more typically found in smaller environments.
"You may have to use different LTE providers, but you're already working with them at that location anyway, so you don't have to go through procurement of internet or MPLS and then configuration," he added. "It's a lot easier."
For DSC Dredge LTE connectivity, Groce said the company works with six LTE providers throughout North America, Mexico, Africa and the Middle East.
Lee Doyleanalyst at Doyle Research
The LTE network and NetCloud management combination is yielding benefits, said Billy Wetta, DSC Dredge's CTO.
Users can remotely access, manage, update and troubleshoot each connected dredge through the cloud-based management platform with individual logins. This creates a more unified and easier approach to configuring and managing dredge sites within the network, he said.
If DSC Dredge needs to upgrade an older dredge machine, IT only needs to install a Cradlepoint router to set up the connection, Wetta added.
"When we send the field guys out, because we have no connectivity with the machine, the first thing they'll do is install the Cradlepoint systems," he said. "That will eliminate the trip next time."
The security aspect
Because of increased visibility into the dredge network, DSC Dredge can offer additional management capabilities and services to its customers, which it was unable to do before. The dredges provide valuable analytics, status information and real-time reports about the machines, Wetta said.
But this data transmission also makes security a compelling concern.
"There's a lot of sensitive information, especially with all these [dredge] mines," he said. "[The customers] don't want all the [dredge] mines to know what production rates they're doing, what the cost is and what the energy burn is -- and all of that is being transmitted back and forth."
Cradlepoint's security for its software-defined perimeter and NetCloud management platform concentrates on device authentication, according to Ryan Allphin, CTO at Cradlepoint, based in Boise, Idaho. Each edge device receives an assigned private IP address. If a device requests access to network information, the request goes to the authentication layer for approval.
"We have an authentication layer that says, 'OK, this is a trusted device ... We're going to let them onto the network.' That IP address we assign them at that point in time can now be seen by anybody else configured within that software-defined network," Allphin said.
This security measure not only increases visibility within the network, but also simplifies the configuration process.
"As soon as an IT person says, 'Yep, that's a trusted device,' the authentication into the network and then visibility into all the assets in the network is immediate," he said. "That's taking away that complexity of having to manually configure point-to-point VPN tunneling."
For DSC Dredge, each user has a specific login that grants access to each of the dredge networks, Groce said. Overall, he said he found the system totally secure.
Now, a remote user in the United States can securely connect into a dredge in Africa to push an update.
"We're doing more and more complete remote operation," Wetta said. But, there are some site exceptions.
"On a lot of sites, they'll put additional people [on the dredge] because of security or safety," Wetta said. "They don't want somebody falling overboard or, like in Nigeria, you'll actually have to keep pirates off the machine ... A different kind of security aspect."
LTE connectivity is a growing SD-WAN trend
Software-based networking frees up IT professionals
Explore another Cradlepoint case study