An established South East law firm has trusted M-Tech with its technology for more than two decades — one of our longest-standing partnerships. Over that time the firm's environment has moved through several generations of infrastructure: physical servers, virtualisation, hosted services, Microsoft 365, modern cyber security, resilient connectivity and hybrid working.
A legal practice places particular demands on its IT. Availability, confidentiality, performance and control all matter. Case management, document stores, email, telephony, dictation, accounting and the line-of-business applications fee earners rely on all have to be there when they're needed, and protected at the same time.
The most recent phase of the relationship focused on a coordinated refresh of the foundations: replacing an ageing hyperconverged platform that had become unreliable with a new, properly resilient three-node platform, modernising the wide area network around software-defined routing and resilient managed circuits, and tightening the security posture around the firm's data and devices. Three workstreams, one underlying goal — restore confidence in the foundation.
Some of our clients prefer to stay unnamed, especially in law and other regulated fields where discretion is part of the job. We're glad to respect that, so this story is told without identifying the firm.
What modern legal IT has to do
- Context:
Availability isn't optional — case management, documents, email and accounting are the working day; an unreliable foundation lands directly on fee earners
- Context:
Confidentiality is core, not a tick-box — sensitive client information sits across the whole estate, with regulatory and professional obligations on top
- Context:
Internal IT needs depth, not replacement — most mid-sized firms keep a strong internal team and need a partner who augments them, not one trying to absorb them
- Issue:
Modernisation can't be a leap of faith — legacy platforms become fragile, but reckless rip-and-replace creates as much risk as it removes
- Context:
Multi-site connectivity is now business continuity — working across more than one location depends on the network being there, secured and accountable
What we delivered
Three full-flash nodes giving the firm a modern hyperconverged platform with the resilience model a three-node cluster should offer, rather than the constraints of a minimal two-node design.
Virtualisation built into the platform and managed from the same console as storage and compute. In a market where many organisations are reviewing their hypervisor strategy, it offered a practical alternative without bolting a third-party stack on top.
Backup and operating-system licensing aligned to the new platform from day one — the refresh delivered as a complete software stack rather than just a hardware swap.
Diverse primary and secondary circuits across every site, with high-capacity managed fibre and resilient secondary connectivity to remove single points of failure.
Centrally managed firewalls and switching across every site, working as one security and routing fabric, with core internet transit handled centrally.
Managed detection and response (MDR) for active, human-led threat detection and response, zero-trust application control for allowlisting and ringfencing, and zero-trust remote access for managed endpoint connectivity — behaviour, application control and identity working as one.
Core infrastructure hosted in M-Tech's resilient datacentre, rather than tucked into a comms cupboard at one of the offices — a more appropriate home for the platform a legal practice depends on.
An ongoing M-Tech managed service wrapping the circuits, the software-defined WAN, the security fabric, the datacentre infrastructure and the firm's telephony — proactive monitoring, central management and accountable support.
The platform and the network
The firm's previous foundation was a two-node hyperconverged platform. Over time it became unreliable, not through the original design but because the platform's vendor failed to address problems that emerged as Microsoft server software was updated. Issues went unresolved, support stalled, and confidence in the platform eroded. The move to a three-node design wasn't simply new hardware for its own sake — it was about replacing a platform the vendor had let drift with a properly resilient architecture M-Tech could fully stand behind.
The virtualisation choice was equally deliberate. With many organisations now reviewing their hypervisor licensing and long-term strategy, the easy answer is no longer the obvious one. An integrated hypervisor gave the firm a clean alternative: virtualisation built into the platform itself, managed from the same console as the storage and compute, without bolting a separate licensing model onto a refresh that was already substantial.
In parallel, the wide area network needed similar treatment. Working across more than one location had grown into the firm's normal operating mode, but the connectivity it depended on hadn't kept up. Every site moved to resilient managed connectivity, with diverse primary and secondary circuits. The point wasn't faster lines for their own sake — it was moving the firm to a managed, resilient, security-aware network where multi-site working could actually be trusted.
A security fabric, not a stack of point products
For a legal practice, security is the work, not an add-on. Sensitive client information sits across the estate. Regulatory and professional obligations sit on top. And the threat landscape facing professional services — phishing, business email compromise, ransomware, insider mistakes — keeps moving.
The firm's defence posture is built as a fabric rather than a stack. Centrally managed firewalls and switching share one set of definitions across every site and every device, so policy, visibility and enforcement stay consistent. Inspection happens once. Logs land in one place. A policy change in one site flows through the others.
Managed detection and response (MDR) sits behind that perimeter doing what perimeter and policy alone cannot — active, human-led threat detection and response. Suspicious behaviour gets investigated by people, not just by an algorithm, and remediated when it matters.
Zero-trust application control adds the layer most organisations still don't have. Only approved applications execute, and even those are ringfenced in what they can touch once they do. The most common ransomware path — a user tricked into running something they shouldn't — gets shut at the door, not caught in the corridor.
Each layer covers what the others cannot. Network and identity from the managed fabric. Behavioural detection from the MDR layer. Application control from the zero-trust allowlisting layer. Together: the visibility, control and confidence a modern legal practice should have.
Platform at a glance
- Client
- an established South East law firm — full-service legal practice
- Sites
- multiple offices, run as one connected estate
- Relationship
- continuous M-Tech partnership for over two decades
- Compute & storage
- three-node full-flash hyperconverged cluster
- Virtualisation
- integrated hypervisor — no separate stack to license
- Backup & OS
- enterprise immutable backup platform and current Windows Server licensing
- Connectivity
- managed fibre — diverse primary and secondary circuits at every site
- Security & routing
- software-defined WAN with a centrally managed firewall and switch fabric
- Endpoint
- managed detection and response (behavioural), zero-trust application control, zero-trust remote access
- Hosting
- core infrastructure in M-Tech's resilient datacentre
- Managed service
- ongoing M-Tech managed WAN service covering circuits, SD-WAN, security, datacentre and telephony
- Distinctive
- a long-standing legal practice modernised in place — internal IT augmented rather than replaced
M-Tech have consistently supported us as we have invested in our technology estate over the last twenty-plus years. They have a thorough understanding of this industry but more importantly they take the time to understand the business needs of their clients.
What changed
Confidence restored
The platform that had become a source of operational risk is gone, replaced by a mature hyperconverged architecture the firm and M-Tech can both rely on. Internal IT can plan rather than firefight.
Resilience across sites
Primary and secondary connectivity at every location, plus centralised SD-WAN and security management, mean the firm's sites operate as one connected practice rather than separate islands.
Centralised visibility
Routing, firewalling, endpoint, reporting and managed service pulled together under one accountable layer — fewer blind spots, faster diagnosis, less time spent reconciling consoles.
Internal IT augmented, not replaced
The firm retains its own IT team and day-to-day ownership. M-Tech provides the infrastructure, network, security and project depth — the partnership model that actually fits a mid-sized professional practice.
In numbers
- 02 / 04Full-flash hyperconverged nodes0
- 03 / 04Layers of endpoint defence0
- 04 / 04Diverse circuits at every site0
Modernised in place, not torn down
This project shows what considered modernisation looks like for a long-established legal practice. Not a reckless jump to the cloud. Not a wholesale outsourcing of internal IT. A pragmatic refresh of the foundations — better infrastructure, better connectivity, better security visibility, better managed support — done in coordination with an internal team that has been there throughout.
Legal firms are conservative for good reason. Systems hold sensitive client information. Downtime affects fee earners. Regulatory obligations are real. But doing nothing is also a risk: legacy platforms become fragile, vendor support frays, and connectivity designed for a previous era becomes a constraint on the present one.
The infrastructure and network projects sit inside a much wider relationship — across infrastructure, connectivity, cyber security, cloud, licensing, endpoint management and operational support. That is the part that's hard to recreate. Not the products themselves, but the partner who knows how the firm actually works, and has earned the right to be in the room when the next decision needs making.

