Stephenson Harwood

“Our customers demand the highest security from their legal partners. It was time to rethink the way we managed our DNS and DHCP. We needed an appliance-based solution that provided centralized management of our core network services while also giving us the tools to easily gain access to critical auditing and compliance records.”

—Chris Petrie, IT Director at Stephenson Harwood

The Customer

Stephenson Harwood is an international commercial law firm with clients across a range of sectors that include financial services, transportation, real estate and energy. Based in the UK, Stephenson Harwood has offices across Europe and Asia, providing clients with quality resources and expert local knowledge in Africa, Asia, Europe, the Middle East and Latin America.

The Challenge

When it came to managing their core network services, including DNS and DHCP, the law firm was relying on DNS & DHCP from Microsoft, which is provided as a convenience feature within Microsoft AD and has limited functionality.

For many legal entities, including Stephenson Harwood, the challenges and issues of managing this legacy core network services solution were growing as the firm expanded, the network became more complex, more and more IP-based applications were being run on the network and the pressures mounted for increased security, audit logging and compliance. Unfortunately for Stephenson Harwood, the inherent limited ability of Microsoft AD made the IT department’s job of managing DNS and DHCP chaotic and labor intensive. For example:

• Manual Spreadsheets: Stephenson Harwood was relying on outdated software to deliver DNS and DHCP services with limited management functionality. The IT department was then forced to manually perform IP address management (IPAM) functions and rely on spreadsheets for tracking addresses and devices. This proved to be difficult and time consuming.
• Frequent Downtime: Stephenson Harwood’s branch offices are spread across thousands of miles and several time zones including Paris, Athens, Singapore, and Hong Kong. Using the Microsoft solution required frequent patching of server software. Server downtime for patch management and upgrades was a necessity; with Stephenson Harwood’s global 24x7 operation, this was unacceptable.
• Compliance Reporting: An international law firm is mandated to provide ample records for compliance and audit purposes. Using the Microsoft solution provided no easy way to provide records and reports or to investigate network breeches.
• Lack of Security: Perhaps most important to Stephenson Harwood was the issue of security. Their general-purpose operating system using an older version of BIND was vulnerable to a potentially fatal Denial of Service attack.

“Our customers worldwide demand the highest security from their legal partners,” said Chris Petrie, IT Director at Stephenson Harwood. “It was time to rethink the way we managed our DNS and DHCP. We needed an appliance-based solution that provided centralized management of our core network services while also giving us the tools to easily gain access to critical auditing and compliance records.”

The Solution

Stephenson Harwood needed a new core network services solution. They wanted a hardened appliance-based solution for its inherent security. After evaluating appliance solutions, Stephenson Harwood selected Infoblox by a clear margin.

“Infoblox is the market leader,” said Chris Petrie. “We purchased Infoblox appliances because the appliances give us the tools to provide real-time and historical information for regulatory compliance issues, greater security and more efficient network operations.”

Stephenson Harwood purchased 16 appliances including Infoblox-250’s, -550’s and -1050’sto be used in the data center and worldwide branch offices. Infoblox provided the simplicity ofappliances with the power of advanced distributed database technology to control, automate andsimplify managing the services and associated data (i.e. DNS records, IP addresses, etc.). UsingInfoblox for their core network management solution allows Stephenson Harwood:

• Easy IPAM Management: Stephenson Harwood is no longer using Excel spreadsheetsto track their IP addresses. Infoblox’s built-in IPAM functionality allows IP addressmanagement to be fully automated, making management tasks easier, faster, morereliable and more accountable. Stephenson Harwood’s IT staff can now manage DNS,DHCP and IPAM from a single centralized console through an intuitive GUI.
• Zero Downtime: Infoblox’s grid technology allows easy upgrades with zero downtime.Infoblox appliances enable “one-button” upgrades to accommodate new features andeasy installation of the latest BIND releases. No downtime necessary.
• Easy Compliance and Audit Reporting: Infoblox appliances provide detailed audit logs andtrails for regulatory compliance. For Stephenson Harwood, there is now easy insight intohistoric and current IP usage, as well as automatic discovery of IP devices on the network.With a click of a button, Stephenson Harwood can provide internal reporting. In the eventof a malicious attack, leveraging rich data, such as DHCP lease history, available throughthe Infoblox approach, the IT staff can easily identify which port had a rogue appliance/address on it. They can shut down the port, device, and/or identify the malicious user tostop the incident or prevent them from accessing the network again.
• Superior Security: Infoblox appliances are hardened and, therefore, secure fromvulnerabilities. They also include special features to alert and block potential denial ofservice attacks.

The Result

Stephenson Harwood’s deployment of Infoblox appliances has resulted in secure, streamlinedand simplified core network services infrastructure. The IT department now has a highly availableand efficient system that has dramatically decreased dedicated manpower and maintenancehours. Stephenson Harwood also has a bulletproof foundation to lay the groundwork for futureapplications including VoIP, cloud computing and IPv6.

Stephenson Harwood has become the first law firm to purchase the Infoblox PortIQ appliancewhich is essential for network capacity planning, security investigations, and ease oftroubleshooting. With the PortIQ appliance, Stephenson Harwood can now easily identify thephysical port associated with every connected device and get reports on network port utilization.This enables the IT department to get more from their existing assets and make more intelligentswitch purchase decisions, saving capital expenses.