A bang for its buck

Former ATF bureau right-sized its IT management when it struck out on its own

Just about anyone here from the CIO on down was involved with swapping hard drives, doing whatever it took to keep things going.'

'Mike Borland, TTB

Rick Steele

The Alcohol and Tobacco Tax and Trade Bureau has a $100 million operating budget, yet it generates revenues of between $13 and $14 billion a year. That's an impressive return on investment.

When the agency became its own entity in 2003 (it was broken off from the Bureau of Alcohol, Tobacco and Firearms under the Homeland Security Act) TTB wanted to get the same kind of ROI from its IT infrastructure. For a while, TTB 'limped along' under the ATF's IT maintenance contract, said Mike Borland, the organization's assistant CIO for infrastructure. 'They provided it all'IT and network services'for about $11 million a year.'

At about the same time TTB set up its own Washington offices, ATF changed IT service providers and Borland's staff saw an opportunity to start fresh'new servers, new systems, the works.

December 2004 became the target. M-Day, as the TTB staff called it, would be Migration Day. The challenge would be finding a solution to help the agency manage its new infrastructure without adding unnecessary overhead. Ultimately, TTB went with an IT asset management and help desk platform that was totally different from what ATF and others used. And it suited the bureau just fine.

Rat in the basement

Leading up to M-Day, TTB's staff took herculean measures to keep its legacy infrastructure running.

'Just about anyone here from the CIO on down was involved with swapping hard drives, doing whatever it took to keep things going,' Borland said.

Today, in TTB's brand-new data center, Borland points to a spot on the floor where his team found a dead rat. When TTB starting building its own infrastructure, the rat was all there was. Now there are racks of Dell PowerEdge servers, EMC storage appliances and Cisco PIX firewalls.

On M-Day, TTB cut over all its users from the ATF's systems to its own Microsoft Active Directory- and Exchange-based infrastructure, with Windows XP on all the desktops and Windows Server 2003 in the data center. All its off-the-shelf applications run on the servers where the dead rat used to be. All its customer applications, such as the Certificate of Label Approval system, which alcohol producers and importers use to submit the labels they must put on their products, are hosted at a nearby outsource facility.

With no ATF contractor to support all TTB's shining new IT, Borland's five-person IT staff needed a management tool that it could get running quickly. In January 2005, it purchased Numara Track-It Enterprise Edition from Numara Software Inc. of Tampa, Fla.

Tools of the trade

Borland said ATF had been using Heat IT service management software from FrontRange Solutions USA Inc., then switched to BMC Software Inc.'s Remedy platform when it changed IT contractors in 2004. 'And they had purchased [IBM] Tivoli,' he said. 'But as with many tools that people buy, everyone was hot about it when they bought it, however there was a pretty good learning curve and a lot of administrative overhead ... so it never really achieved its capability.'

Borland's boss, TTB CIO Bob Hughes, told his staff, 'I'm OK with tools, but if you buy them, you better use them.'

Borland asked contractor Booz Allen Hamilton to add Track-It to the mix with Heat and Remedy and come up with a recommendation for the right platform to manage TTB's 4,000 IT assets, including printers, servers and remote notebook PCs.

For $30,000, TTB got itself up and running with Track-It. The software uses client-based agents to inventory systems (agentless systems required too much overhead for the TTB network, Borland said). Among the modules TTB uses today are Help Desk, Remote and Deploy.

'We use remote management to grab hold of their desktops if necessary, and we push out software,' Borland said. 'We're nearly an all-laptop shop now ... we have road warriors who VPN in.' With its asset management platform, TTB distributes security policies that ensure clients have proper antivirus updates and other patches in place.

TTB uses Track-It to automate service checks across its network, logging into remote servers and desktops, testing services and probing security devices to ensure everything is running properly. The bureau created a batch file to rapidly ping all machines, then dump the results into a work order to be reviewed as necessary. And it's not unusual for Borland to get alerts on his cell phone when the system is undergoing penetration testing to make sure the network is secure.

'We check ourselves before the auditors get to us,' Borland said. TTB is expecting an external audit any day now, and by using an IT management/help desk tool, it's able to document its own security checks, as well as the steps taken to ensure all the systems remain protected.

Although TTB doesn't expect to grow anytime soon, Borland said the Track-It platform could probably scale to twice its size with no problem. And the bureau is still discovering new ways to use the software's capabilities to run its infrastructure. Eventually, TTB plans to tackle projects such as voice over IP, IPv6 and thin-client computing, Borland said. For now, TTB is pleased with its new infrastructure and the system that manages it. 'It was the right tool, the right size at the right price.'

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above