With offices in North America, Europe and Asia Pacific, full-service law firm Duane Morris LLP helps clients address the legal and business challenges of evolving global markets. The firm’s more than 650 attorneys and almost 1,000 staff employees support diverse industries and practice areas that range from Intellectual Property to Energy and the Environment to Estate and Asset Planning.
Like most global service companies, to succeed, the firm needs its key office productivity applications — communications, e-mail document management, CRM (Customer Relationship Management) and billing — to be available across boundaries and time zones.
Based on a “lights-out” IT infrastructure designed to bolster security, the law firm’s IT department supports a 250-server data center and equipment rooms in 24 branch offices. The IT team of 60 is located in the firm’s Philadelphia headquarters, as is the main data center. For the past several years, the IT staff has been using Raritan’s remote out-of-band management solutions to access and keep servers tuned in all their locations.
But how do you manage equipment not accessible through a network, specifically the equipment located in each of the firm’s branch offices that provides voice communications?
When Duane Morris set out to build its new data center almost three years ago it was designed to be lights-out with limited physical access into the server room. Centralization was another design criterion. “Our data center and our staff are centralized,” says Technical Services Director Mike Carpinella, who is in charge of the network administration and hardware groups for Duane Morris worldwide. “We used the same two design criteria for our branch office server rooms,” he adds. Remote management tools — such as Raritan’s solutions to access servers and remediate problems without having to enter a server room — were key to creating Duane Morris’ IT infrastructure approach.
“As a lights-out data center, our key IT assets are locked down,” explains Carpinella. “There are only seven to eight authorized people who have access to that room. We know who has entered the data center, and we’re also in control of what is going on inside the data center. Our remote management solutions from Raritan provide server audit logs and other tracking reports.”
The majority of Duane Morris systems — both in the data center and branch offices — are managed by Raritan’s Dominion KX KVM-over-IP solutions that provide secure remote con- sole access. The Dominion KX is also deployed in the firm’s hosted disaster recovery data center.
The Raritan devices are helping the data center staff streamline their work processes and assure system availability. With easy-to-access BIOS-level controls — as well as virtual media support for accessing the drives of remote servers — Raritan’s products help simplify administrative tasks, such as software installation, patch management, troubleshooting and reconfiguring network cards. “Because I’m coming into the server on the KVM ports, I can do things like reconfigure network card settings. That’s something you can’t do with Terminal Services,” says Carpinella. “Our work can be done more quickly and from anywhere.”
Up to 16 servers connect to each Dominion KX216 switch. In turn, all the Dominion KX switches can be controlled through Raritan’s CommandCenter Secure Gateway, which provides user-defined, logical views of the entire enterprise, as well as BIOS-level access to all servers via a Web browser. Through a single sign-on to a single IP-address, CommandCenter Secure Gateway provides real-time views of an enterprise — physical and virtual servers — on one screen.
“I bring all our IT equipment into the CommandCenter, so I have one central console,” explains Carpinella. “Being able to see every server from one console is ideal. I have console access to any one of the Raritan switches. I can log in with a single sign-on to our entire IT infrastructure anywhere — from home or from the office. And with the logical views, I can quickly find any device in the data center or branch offices that I need.”
The hierarchical mapping of servers and other devices on the CommandCenter Secure Gateway’s screen helps pinpoint equipment. “With CommandCenter, I can see the Miami office, for example. Underneath Miami, I can see my PX device. I also see my KX101 device and my SX device — and if there are multiple ones, they’re labeled by floor. By clicking Miami on the screen, I can look at every Raritan device in that location and be able to access it, and the servers connected to it, right from my desktop.”
Carpinella also centralized authentication and authorization by integrating the CommandCenter Secure Gateway with Duane Morris’ Active Directory® authentication servers — thereby leveraging the existing Active Directory user profiles.
Duane Morris’ 24 branch offices range in size from the four- person Boca Raton, Fla., office to the 150-employee New York City office. Each location has the same equipment; but the number of communication switches varies based on the size of the office.
Server rooms from San Francisco to Singapore house Nortel voice-over-IP switches, signaling servers and multimedia gateways; an HP server for file and print services, and UPS (Uninterruptible Power Supply-Battery Backup).
With the deployment of Raritan’s palm-sized, one-port version of the Dominion KX in branch offices, routine troubleshooting, patch or operating system installment and system diagnostics is done remotely. “We wanted to have a virtual set of hands in those remote locations to do these kinds of functions,” says Carpinella. “It gives us console-level access to a server, so we can look at the BIOS and look at the configuration of the server.”
With the one-port Dominion KX101, Carpinella leverages his system administrators’ expertise across all offices. For a few servers, the one-port KX101 is more cost effective than a multi-port KVM switch and, more importantly, saves the cost of dispatching IT staff to branch offices.
To provide the IT infrastructure group console access to Nortel routers in the branches, the law firm recently deployed Raritan’s Dominion SX solutions that provides secure access though the router’s serial port.
Now each piece of IT equipment in the branch office could be accessed remotely — except for the Nortel voice-over-IP equipment.
“The only way to recover functionality from this piece of equipment is to power cycle,” explains Carpinella. “Having to have IT personnel travel to the branch offices to hit the power switch on this piece of communications equipment was not a great option — even if it was only a rare occasion. Every minute that the communications switch is down translates into lost revenues and, possibly, poor client service.”
Duane Morris approached Raritan on how it could better manage their communications switches. Raritan recommended its Web-based power distribution unit (PDU) that powers on and off connected devices remotely.
At the time the law firm was looking at the Web-based PDU solution, Raritan was getting ready to introduce its next- generation of rack PDUs with advanced remote power control capabilities. Raritan’s R & D team was adding intelligence to the PDUs, so that companies could not only power sequence equipment over a network, but also gather energy intelligence on the equipment — such as the power being drawn and real-time rack temperature and humidity. The new intelligent PDUs, the Dominion PX, would meet Duane Morris’ current remote power cycling needs, as well as future green computing initiatives.
The law firm deployed eight-port PXs in each of its branch offices. Servers and other devices plug into the ports on the back of the intelligent power strip, which plugs into a power source. It also has an LED power meter and serial and Ethernet ports.
Plugged into the Dominion PX are: the voice-over IP communications switch, servers and UPS devices. “When the communications switch gets into an unresponsive state, the only solution is to physically power it off, which is what the PX does remotely for us,” says Carpinella. “It basically shuts off power and then restores power to the device. The PX has come in very handy.”
“It doesn’t happen often. But, when it does happen, it’s costly. There is the cost to send someone to an office or to hire a local vendor to go on site to turn on and off the power to the switch. There is also the cost of being down during the couple of hours we’re waiting for a person to get on site. So, we’re saving on service costs, and, more importantly, we’re reducing downtime. That’s a big savings for us. If we use the device just one time to keep a branch operational, the device pays for itself.”
With a click or two on the Dominion PX screen, Duane Morris’ centralized IT staff is able to get power information for each piece of equipment anywhere in the world. Controlled remotely via a Web or command line interface, the PX meters — in real time — power at both the PDU level and outlet level.
“We can look at the power statistics on the individual ports, so that we can tell the amount of watts that a server is drawing,” says Carpinella. “In emergencies, we have the ability to turn the server on and off. We also have the ability to tell the PX to power up machines in a sequence, instead of all at once, to prevent a massive power draw at boot-up. We have done this already in several offices with great success.”
Through the PX’s Web interface — similar to the interface of Raritan’s Dominion KVM-over-IP switches — Duane Morris is keeping an eye on the power statistics of its UPS devices in branch offices. To avert downtime, the firm requires that its UPS devices have a minimum of 30 minutes of backup power at all times in all locations. If the power goes out at a particular office, the IT team has 30 minutes to react — and can use Raritan’s solutions to power cycle equipment down correctly.
The IT team can now monitor and set PX thresholds and alerts to let them know if a UPS battery goes below the 30-minute level. “We’re very conscious of our UPS battery runtime in the branches,” says Carpinella. “The PX provides me real-time details on the power draw of each piece of equipment plugged into it, and it helps determine the power impact of adding new equipment.”
“For example, if I plan to add another signaling switch I would first plug it into the PX. It would tell me that the new switch is going to take up about 15 more watts. Based on the new device’s power draw and what the existing equipment is drawing, you can gauge what your runtime is going to be for your UPSs. We can easily determine if we are meeting our 30-minute battery threshold.”
If there is a potential problem, such as a UPS with less than 30 minutes of runtime/battery, alerts based on user-defined thresholds are sent.
With full SNMP support, outlet status and power utilization data can be used for trend analysis and external monitoring. The information can also serve as an early pre-failure warning; a server’s power draw spikes, for example, may be an indication of a problem.
To protect from unauthorized power cycling, the PX is encrypted with 256-bit AES (Advanced Encryption Standard) at the hardware level. Also standard are strong password support, outlet-level permissions, per outlet Access Control Lists, group- level permissions and a built-in firewall. Dominion PX operates securely in a stand-alone mode with local authentication available, and can integrate to external authentication and authorization services. Outlets can be grouped together and authorized users can be presented with only the outlets or groups of outlets they are allowed to control.
“The PX tells me when somebody logs onto the device. The PX will send out an alert saying, okay, somebody logged into the device. It also will tell me, for example, outlet two on that particular power strip was rebooted.”
With PX units deployed around the world, Duane Morris is taking advantage of Raritan’s new Power IQ solution — a downloadable virtual appliance that provides centralized management of Raritan PX PDUs. Firmware and configuration management and PX health monitoring for all the PDU units can be done with Power IQ. For analysis and reporting, Power IQ provides real-time data via CSV or ODBC.
“Power IQ is a great tool to centralize and manage all the PX devices,” says Carpinella. “I can go to one single console using one IP address, whether I’m in the office or I’m coming in remotely, and look at the statistics of each of my devices in all my locations. So, I don’t have to remember IP addresses. I don’t have to remember which office to go to. I go to the one console, and I can get to every device that I need. I can do mass firmware upgrades for all my PX devices, whereas before I would have to individually go on each device, upload the firmware, do the process, reboot it — and I would have to do that hundreds of times. I’m all for centralization and having one single point of access to get to all the devices. It makes it easier for me and for the people that work for me.”
With the higher server densities and hotter processors, today’s data centers are coming up against cooling and power constraints. To remove some of the pressures on rack space, power supply and cooling, PX offers significant advantages for power management and capacity planning.
“It’s very important that we monitor all the environmentals in each remote location,” says Carpinella. “The PX provides some of that just by letting us know what kind of power is being consumed in a room, and it helps identify areas where we can conserve. Green computing, through more efficient power and cooling, is something we’ve definitely been moving towards.”
Duane Morris uses the PX to monitor daily the amount of amperage and watts drawn by each piece of equipment. With the real-time detailed information, devices that are wasting energy can be identified, such as servers that are turned on but are doing little or no computational work.The PX can also help power down non-critical equipment during off-peak hours to reduce the power draw on each rack.
Raritan’s intelligent PX PDU also helps reduce data center space consumption. The PX can help find valuable rack space using real-time power draw information of equipment instead of relying upon nameplate data. According to industry experts, the actual draw in many cases is about 50 percent of the wattage or amperage listed on a device’s nameplate.
Duane Morris’ lights-out data center approach not only improves security, but helps reduce the loss of cool air from the room with less frequent door openings. The firm is also saving energy by eliminating hundreds of server monitors and keyboards from racks, as a result of using Raritan’s KVM consoles in their place. This saves the company power and cooling costs and rack space.
Duane Morris also has environmental sensors in its data center and branch offices that monitor for noise, humidity, water and doors opening. If temperature or humidity hits a certain threshold, or if there are other events, alerts are sent to the IT team. “If somebody opens the door to a server room, I’m sent an e-mail and the system takes a picture of who walked into the room. I can jump onto the Web camera and see exactly what’s going on in the room,” says Carpinella. “So we have virtual eyes, ears and hands on the scene.”
In the past when any of the law firm’s branch equipment experienced problems, it usually meant a long drive by IT administrators from the firm’s Philadelphia headquarters location or contacting outsourced contractors to go to the site. “Today it’s very rare that I have to have somebody physically go into a remote branch office computer room,” says Carpinella.
When asked what IT issues keep him up at night, Carpinella said that he gets a good night’s sleep. “That’s a good thing, because five to six years ago when these remote management products weren’t available, I would get calls in the middle of the night and we would have people traveling to various offices. It used to be a big headache and stressful.
“Raritan’s remote solutions really do wonders for us. Today, we have access to all our remote locations 24/7. It’s very rare that I get calls in the middle of the night. I feel pretty comfortable with the environment that we have put in place and with the products that we’re using to give us remote management capabilities.”
Duane Morris LLP, one of the largest law firms in the U.S.; based in Philadelphia, PA.
To create an end-to-end solution to manage diverse equipment in 24 branch offices — with lights-out operations — in the U.S., U.K., Singapore and Vietnam.
KVM-over-IP Remote Management Web-based Power Management