Pay Attention to Your Network

If you’ve been to a casino lately, I’m sure you’ve seen the loyalty cards the gamers use. All those flashing slot machines are connected to each other and to a central server, which communicates with them in real-time for player point computations and redemptions. Furthermore, casino security systems, including the Casino Management System and the Wireless Cash Voucher Redemption Handhelds, all ride on the network. I live with this environment 24/7/365, and I’ve learned that CIOs who take their network for granted or who delegate its oversight two or three levels down in their organization do so at their peril.

In gaming, as in other industries where high touch with customers is central to revenue, the network is increasingly the heart of the business, and the top-level IT executive must take a personal interest in network design, deployment, planning and operations.

Like any utility, as long as the network is up and running, no one notices it. But the moment a lonely switch somewhere in the basement has a hiccup, all hell breaks loose, and the help desk is inundated with irate customer calls. Even when the network is running well, it’s a popular scapegoat for everything from poor application performance to security breaches.

Viejas Enterprises is owned by the Viejas band of Kumeyaay Indians of Southern California. Viejas Enterprises owns and operates multiple business units, including a 2,500-slot casino, a 57-store shopping mall, entertainment venues, tribal government facilities, RV parks and more. Casino revenue has been growing at a double-digit rate in the past few years; in 2006, we added 500 new slot machines to a brand-new, 40,000-square-foot area.

To meet the requirements of this business growth, the IT team added infrastructure on an “as required” basis. Even though all our front- and back-end business systems depend on the network, as recently as 2003 (the year I joined Viejas) the network was a combination of switches and routers from multiple vendors. There was no scalable design, nor a consistent architecture to support future growth, let alone security.

The CIO as Network Futurist

To be successful, CIOs have to think like futurists, to foresee business expectations and plan their network capacity today to deliver business value tomorrow. For a casino, network capacity planning has become the most challenging exercise lately because the industry is undergoing a sea change in terms of technology standards and the use of Ethernet-based networking on slot floors. As a CIO, one has to leverage network capacity for current usage and plan for the network-intensive traffic that is just around the corner, such as audio and video.

To plan our network capacity for the future, we rely on industry trends and learn from our vendors about their product road maps. I look for business-focused solutions for my enterprise from our vendors, not just deeply discounted hardware. The technical folks from our preferred network partner, Foundry Networks, understand our business vision, our near-term technology road map and our network infrastructure.

I also keep a close eye on technology innovations in the gaming industry, because that will affect our network capacity planning decisions. I participate in technology standards development in the gaming industry as a board member of the Gaming Standards Association. My participation provides us with a preview of technologies that vendors are planning to implement in their gaming machines.

One very important development is the strong push by almost all gaming vendors to provide server-based gaming solutions. With these systems, a central server will host all games, and the end-user device, a conventional slot machine in this case, will become a very thin client. This development is still two to three years away, but when the technology emerges, it will make the network the most mission-critical component of the business. It will require hundreds of KBps of network traffic (including audio, video and conventional data streams) to pass through our network in real-time. Considering this, we have future-proofed our network infrastructure. In January, our state-of-the-art data center—equipped with blade servers, 10G fiber connectivity and virtualized servers in a redundant environment—became operational. With this capacity in place, we will be ready to deploy server-based gaming with a minimal upgrade to our network whenever the gaming vendors deliver server-based products with regulators’ approval.

Responsibility for Security

IT security starts and ends with network. I don’t know how many CIOs can say with confidence how many ports and devices in their whole network infrastructure are completely secure. We have invested a considerable amount of capital in technology, people and processes to secure our network from external as well as internal security breaches. We have created a comprehensive IT security policy that addresses all security-related issues, enforceable actions and a communication plan.

Our internal auditors have helped us immensely in securing our IT portfolio—from physical assets (including wireless devices) to the information stored in application databases. Now, we have taken our security measures one step further—to our vendors. We require them to learn our network security requirements so that they can develop applications to our specifications. For example, we demand that all our application traffic be completely encrypted even on our internal network.

If someone breaches your network from any of the hundreds or thousands of nodes (or wireless devices) scattered across your enterprise, it may cost you your job. But when you secure your network, taking into account a few acceptable risks, then the bulk of your security issues become manageable

Accountability to the Business

I offer one more reason why CIOs should at least be conversant with their network operations. Business users as well as IT folks often blame the network for poor application performance. A good knowledge of the network layer helps in communicating with users intelligently about the true cause of service interruption or poor application performance.

I always have real-time statistics to prove that performance degradation is a result of many factors, ranging from user errors (too many applications open on desktop) to a poorly designed or written query in the application or even problems in database configuration or maintenance (such as re-indexing). It’s too easy to blame the network, and CIOs who have a network blind spot will not be able to pinpoint, explain and solve the real problems.

Like you, I have enormous responsibility to lead IT and help drive business strategy for my enterprise. But I know that in the gaming business, with its aggressive growth, cost consciousness and security threats, the network has got to be on my agenda.

Moti Vyas is CIO of Viejas Enterprises in Alpine, Calif., and a member of the CIO Executive Council.