Speed, Redundancy, and Visibility: Building a Managed SD-WAN for a Leading Pharmaceutical Packaging Provider
Enterprise IT is a collaborative process often involving multiple stakeholders, especially when connecting remote sites to a primary data center. Typically, an internal IT team works with an equipment vendor, their regional partner, and an ISP that supplies inter-site connectivity. With so many parties involved, communication is crucial, as is setting priorities and responsibilities. If you have to constantly tell your ISP what you need because it controls your entire infrastructure, your IT team is at a disadvantage, especially if your provider is unresponsive.
And when your manufacturing business relies on the just-in-time model, there’s never any time to waste.
Faller Packaging is a German manufacturer of pharmaceutical and healthcare packaging, including folding cartons, adhesive labels, and package leaflets. Founded in 1882 as a lithographic printing company in Waldkirch, we branched into pharmaceutical packaging in 1992 and now operate six production sites and employ 1,300 people in Germany, Poland, Denmark, and Hungary. Pharmaceutical packaging is highly regulated. Product batches require lot numbers and expiration dates, and partly package has a unique serial number for authentication. Leaflets must provide comprehensive dosing, drug interaction, and adverse reaction information in multiple languages, which is constantly being updated to reflect new clinical studies and patient reports. Our customers also provide graphics files and producton relevant data, which require constant communication between their teams, our head office, and our printing plants.
If your ISP controls your entire infrastructure and you have to tell them what you need constantly, your IT team is at a disadvantage.
The first step was to establish a centralized IT department. As our chief information officer, I am responsible for implementing our IT strategy: promote digital transformation, standardize IT solutions group-wide, improve internal and external communications, and strengthen cybersecurity defense to protect patient data. To overcome our obstacles and build out our centralized IT architecture model, we had to rethink our infrastructure and its procurement.
Pharmaceutical packaging is highly regulated. Product batches require lot numbers and expiration dates, and partly package has a unique serial number for authentication. Leaflets must provide comprehensive dosing, drug interaction, and adverse reaction information in multiple languages, which is constantly being updated to reflect new clinical studies and patient reports. Our customers also provide graphics files and producton relevant data, which require constant communication between their teams, our head office, and our printing plants.
Our Network Lacked Visibility and Redundancy
I’ve been with Faller Packaging for 17 years, and as our Head of IT Systems, I ensure all our locations can communicate with our primary data center, each other, and our customers. In the past, our IT infrastructure was organized as a hub. Each of our six production sites was connected to the primary data center through a MPLS line. Our ISP had exclusive control of our leased lines. With no visibility into our infrastructure, we couldn’t predict or prevent network failures, and when something went wrong, our hands were tied. We had to wait for our ISP to resolve the issue.
Everything came to a head when we lost the connection at one of our sites for two days. There was no way to reroute production to another plant. Although we could ensure production and customer deliveries using workarounds, this incident highlighted our lack of control over our infrastructure and our ISP’s lack of accountability, failure to communicate, and inability to restore service promptly.
We issued an RFP to remediate these issues. Our requirements were explicit: we wanted SD-WAN connectivity, redundancy, and increased visibility into our network. We sought a partner who could plan, deploy, and manage our infrastructure while giving us enough oversight to monitor our network to ensure it met our performance standards.
Freeing Ourselves from an ISP
After looking at the various submissions, we selected Riedel Networks because they offered the best solution: industry-standard Cisco SD-WAN technology with LTE backup and Riedel’s in-house network monitoring tools that fully comply with Cisco specifications. Riedel’s team also inspired trust: their sales presentation was comprehensive, and their engineers and technicians were extremely knowledgeable. They showed us how Cisco hardware and Riedel monitoring software work together to meet our needs and keep our plants online.
Riedel understands how manufacturing works and how to support our business processes. Unlike other potential vendors, Riedel didn’t leave us at the mercy of our ISP. Although Cisco SD-WAN runs on third-party MPLS, internet and LTE infrastructure, Riedel’s monitoring tools provide full visibility into these leased connections so we can see trouble coming and ask for assistance. Combined with Cisco’s smart routers at our six sites and primary data center, we have a network that is easy to manage and seamlessly connects our operations with minimal disruptions.
A Staggered Multi-Site Deployment
Multi-site deployments can be challenging and require a lot of planning. When our previous vendor migrated our network to MPLS five years ago, the project stalled, and we didn’t go live on schedule. This time, we had a hard deadline of June 30th, 2022, when our existing MPLS contract would expire. Riedel understood the gravity of that timeline and proceeded to demonstrate their aptitude for project management. We signed an agreement in October 2021, ordered equipment, and completed the project between late May and mid-June 2022.
Our IT team comprises six engineers and an apprentice, and we didn’t have the skills or time to set up our new infrastructure. Riedel took care of everything—they wired the routers at our seven touch points, connected them to the leased MPLS and internet lines, and gave us the IP addresses and other information we needed to route traffic to and from each remote site and our data center.
Riedel’s engineers worked one site at a time. Once the new MPLS and Internet lines were connected, Riedel installed a router and network appliances at each site’s server room in parallel with our existing equipment. This staggered deployment happened during business hours, and there was no loss of connectivity. We could then migrate that site to our new infrastructure and fall back to our previous setup if we encountered any issues. In doing so, we avoided the “big bang” of switching everything over at once and troubleshooting our entire network in case of a problem.
Riedel migrated our entire European operations to our new SD-WAN in less than seven months. Their team maintained constant contact throughout the process, so we had a clear idea of how the project was progressing. I have to admit that I was skeptical at first. Having dealt with constant setbacks during our previous migration, I expected something to go wrong. But once Riedel met our first milestone, we felt confident they would continue to deliver on schedule—and they did.
Enhanced network visibility allows IT teams to clearly communicate the requirements for fast, uninterrupted service.
Professionalism and a Willingness to Communicate
Riedel continues to demonstrate the same level of professionalism and open communication now that our new network has gone live. Their ticketing system is straightforward, and incident management is stellar. Their engineers can resolve an issue in minutes or hours instead of days, but our network never goes down because it automatically switches to prepared backup scenarios.
We recently experienced a partial network failure when the MPLS line connecting one of our sites stopped working. Riedel immediately informed my IT team of the issue and began correcting it. All of this happened in the background and unnoticed by Faller Packaging employees, who experienced no interruptions and continued using our ERP and other production systems.
We can also self-monitor our infrastructure. We have read-only access to monitor network traffic and performance and see which IPs, hosts, and users are consuming bandwidth. Enhanced network visibility allows us to communicate our requirements to Riedel more clearly. We can identify potential issues and discuss solutions in the future.
In fact, we just filed our first change request with Riedel to make some adjustments at our primary data center. Unlike our previous provider, they are responsive, and there are no headaches or hassles, which is a relief.
A privileged partnership
Riedel has become a valuable go-between when dealing with our ISP providers and other secondary partners. In the past, we had to call our ISP and deal with long delays to re-establish MPLS service because we’re such a small customer. However, Riedel has existing service agreements with these providers and acts as an intermediary for its many customers. Faller Packaging benefits from this privileged relationship. It also means that my IT team can focus on providing better service to our internal end users instead of repairing the network.
Thanks to Riedel Networks, Faller Packaging now has a state-of-the-art, fully redundant, high-visibility, and high-availability SD-WAN network connecting our six European production sites and 1,300 employees. From our head office to our shop floors and warehouses, our people can meet our fast-paced production quotas knowing that our infrastructure is rock solid, and my IT team has found the perfect partner to help keep our network running smoothly.