Legal services/ Case Study · South East law firm

Modernising the foundation of a long-term legal IT partnership

More than two decades into the partnership, a coordinated refresh of platform, network and security for an established South East law firm — internal IT augmented rather than replaced.

South East England
Introduction

An established South East law firm has trusted M-Tech with its technology for more than two decades — one of our longest-standing partnerships. Over that time the firm's environment has moved through several generations of infrastructure: physical servers, virtualisation, hosted services, Microsoft 365, modern cyber security, resilient connectivity and hybrid working.

A legal practice places particular demands on its IT. Availability, confidentiality, performance and control all matter. Case management, document stores, email, telephony, dictation, accounting and the line-of-business applications fee earners rely on all have to be there when they're needed, and protected at the same time.

The most recent phase of the relationship focused on a coordinated refresh of the foundations: replacing an ageing hyperconverged platform that had become unreliable with a new, properly resilient three-node platform, modernising the wide area network around software-defined routing and resilient managed circuits, and tightening the security posture around the firm's data and devices. Three workstreams, one underlying goal — restore confidence in the foundation.

Some of our clients prefer to stay unnamed, especially in law and other regulated fields where discretion is part of the job. We're glad to respect that, so this story is told without identifying the firm.

What modern legal IT has to do

  • Context:

    Availability isn't optional — case management, documents, email and accounting are the working day; an unreliable foundation lands directly on fee earners

  • Context:

    Confidentiality is core, not a tick-box — sensitive client information sits across the whole estate, with regulatory and professional obligations on top

  • Context:

    Internal IT needs depth, not replacement — most mid-sized firms keep a strong internal team and need a partner who augments them, not one trying to absorb them

  • Issue:

    Modernisation can't be a leap of faith — legacy platforms become fragile, but reckless rip-and-replace creates as much risk as it removes

  • Context:

    Multi-site connectivity is now business continuity — working across more than one location depends on the network being there, secured and accountable

What we delivered

A resilient three-node hyperconverged platform

Three full-flash nodes giving the firm a modern hyperconverged platform with the resilience model a three-node cluster should offer, rather than the constraints of a minimal two-node design.

Integrated virtualisation

Virtualisation built into the platform and managed from the same console as storage and compute. In a market where many organisations are reviewing their hypervisor strategy, it offered a practical alternative without bolting a third-party stack on top.

Enterprise backup + OS licensing

Backup and operating-system licensing aligned to the new platform from day one — the refresh delivered as a complete software stack rather than just a hardware swap.

Resilient managed connectivity

Diverse primary and secondary circuits across every site, with high-capacity managed fibre and resilient secondary connectivity to remove single points of failure.

Software-defined WAN and security fabric

Centrally managed firewalls and switching across every site, working as one security and routing fabric, with core internet transit handled centrally.

Layered endpoint defence

Managed detection and response (MDR) for active, human-led threat detection and response, zero-trust application control for allowlisting and ringfencing, and zero-trust remote access for managed endpoint connectivity — behaviour, application control and identity working as one.

Datacentre hosting

Core infrastructure hosted in M-Tech's resilient datacentre, rather than tucked into a comms cupboard at one of the offices — a more appropriate home for the platform a legal practice depends on.

Managed WAN service

An ongoing M-Tech managed service wrapping the circuits, the software-defined WAN, the security fabric, the datacentre infrastructure and the firm's telephony — proactive monitoring, central management and accountable support.

The platform and the network

The firm's previous foundation was a two-node hyperconverged platform. Over time it became unreliable, not through the original design but because the platform's vendor failed to address problems that emerged as Microsoft server software was updated. Issues went unresolved, support stalled, and confidence in the platform eroded. The move to a three-node design wasn't simply new hardware for its own sake — it was about replacing a platform the vendor had let drift with a properly resilient architecture M-Tech could fully stand behind.

The virtualisation choice was equally deliberate. With many organisations now reviewing their hypervisor licensing and long-term strategy, the easy answer is no longer the obvious one. An integrated hypervisor gave the firm a clean alternative: virtualisation built into the platform itself, managed from the same console as the storage and compute, without bolting a separate licensing model onto a refresh that was already substantial.

In parallel, the wide area network needed similar treatment. Working across more than one location had grown into the firm's normal operating mode, but the connectivity it depended on hadn't kept up. Every site moved to resilient managed connectivity, with diverse primary and secondary circuits. The point wasn't faster lines for their own sake — it was moving the firm to a managed, resilient, security-aware network where multi-site working could actually be trusted.

A security fabric, not a stack of point products

For a legal practice, security is the work, not an add-on. Sensitive client information sits across the estate. Regulatory and professional obligations sit on top. And the threat landscape facing professional services — phishing, business email compromise, ransomware, insider mistakes — keeps moving.

The firm's defence posture is built as a fabric rather than a stack. Centrally managed firewalls and switching share one set of definitions across every site and every device, so policy, visibility and enforcement stay consistent. Inspection happens once. Logs land in one place. A policy change in one site flows through the others.

Managed detection and response (MDR) sits behind that perimeter doing what perimeter and policy alone cannot — active, human-led threat detection and response. Suspicious behaviour gets investigated by people, not just by an algorithm, and remediated when it matters.

Zero-trust application control adds the layer most organisations still don't have. Only approved applications execute, and even those are ringfenced in what they can touch once they do. The most common ransomware path — a user tricked into running something they shouldn't — gets shut at the door, not caught in the corridor.

Each layer covers what the others cannot. Network and identity from the managed fabric. Behavioural detection from the MDR layer. Application control from the zero-trust allowlisting layer. Together: the visibility, control and confidence a modern legal practice should have.

Platform at a glance

Client
an established South East law firm — full-service legal practice
Sites
multiple offices, run as one connected estate
Relationship
continuous M-Tech partnership for over two decades
Compute & storage
three-node full-flash hyperconverged cluster
Virtualisation
integrated hypervisor — no separate stack to license
Backup & OS
enterprise immutable backup platform and current Windows Server licensing
Connectivity
managed fibre — diverse primary and secondary circuits at every site
Security & routing
software-defined WAN with a centrally managed firewall and switch fabric
Endpoint
managed detection and response (behavioural), zero-trust application control, zero-trust remote access
Hosting
core infrastructure in M-Tech's resilient datacentre
Managed service
ongoing M-Tech managed WAN service covering circuits, SD-WAN, security, datacentre and telephony
Distinctive
a long-standing legal practice modernised in place — internal IT augmented rather than replaced

M-Tech have consistently supported us as we have invested in our technology estate over the last twenty-plus years. They have a thorough understanding of this industry but more importantly they take the time to understand the business needs of their clients.

Voice of the clientPartner · South East law firm

What changed

Outcome

Confidence restored

The platform that had become a source of operational risk is gone, replaced by a mature hyperconverged architecture the firm and M-Tech can both rely on. Internal IT can plan rather than firefight.

Outcome

Resilience across sites

Primary and secondary connectivity at every location, plus centralised SD-WAN and security management, mean the firm's sites operate as one connected practice rather than separate islands.

Outcome

Centralised visibility

Routing, firewalling, endpoint, reporting and managed service pulled together under one accountable layer — fewer blind spots, faster diagnosis, less time spent reconciling consoles.

Outcome

Internal IT augmented, not replaced

The firm retains its own IT team and day-to-day ownership. M-Tech provides the infrastructure, network, security and project depth — the partnership model that actually fits a mid-sized professional practice.

In numbers

01 / 04
Years of continuous partnership
20+
  • 02 / 04
    Full-flash hyperconverged nodes
    0
  • 03 / 04
    Layers of endpoint defence
    0
  • 04 / 04
    Diverse circuits at every site
    0

Modernised in place, not torn down

This project shows what considered modernisation looks like for a long-established legal practice. Not a reckless jump to the cloud. Not a wholesale outsourcing of internal IT. A pragmatic refresh of the foundations — better infrastructure, better connectivity, better security visibility, better managed support — done in coordination with an internal team that has been there throughout.

Legal firms are conservative for good reason. Systems hold sensitive client information. Downtime affects fee earners. Regulatory obligations are real. But doing nothing is also a risk: legacy platforms become fragile, vendor support frays, and connectivity designed for a previous era becomes a constraint on the present one.

The infrastructure and network projects sit inside a much wider relationship — across infrastructure, connectivity, cyber security, cloud, licensing, endpoint management and operational support. That is the part that's hard to recreate. Not the products themselves, but the partner who knows how the firm actually works, and has earned the right to be in the room when the next decision needs making.

/ Start a conversation

Tell us what you're trying to do.

Whatever the shape of your team or your stack — multi-site, lean on IT, or somewhere in the middle — we'll listen first, ask the right questions, and tell you honestly how we'd approach it.