The Future of GovNeTT – Where are we

Heading?

2

GovNeTT 2.0 Current State

• Obscure Governance Framework• Design is Difficult to Evolve to Changing Needs• Difficult for some IT Managers to Enact Required

Changes• Site-to-Kit Lock-in – Difficult to Unbundle and Reduce

Managed Costs• Difficult to Expand Service Set/Increase DC Utilization• Architecture not Fully Suited to Shared Environment• Time Required to Fulfil Requests

3

What Are Root Causes?

Two Main Categories Include

• Governance Framework

• Technology and Architecture

4

Governance Framework

• Need for Approved Governance Framework and Structure

• Shared Service Model Buy-in from Agencies• Apply Common Framework for Building ICTs• Security Framework for All of GoRTT ICT

Initiatives

5

GovNeTT Technology

From a Technology Perspective there is need for• Dynamic ICTs• Improved Flexibility• Agility of Deployment and Access to Service• Scalability • Enhanced Security• Modular Approach to Service• Reduced Development and Operational Costs

6

Current Technology/Design – GovNeTT WAN

7

Current Technology/Design Issues

• Design is Difficult to Evolve to Changing Needs• Inadequate Data Centre hosting facility• Site-to-Kit Lock-in – Difficult to Unbundle and

Reduce Managed Costs• Difficult to Expand Service Set/Increase DC

Utilization• Architecture not Fully Suited to Shared

Environment

8

Current Technology/Design Issues – GovNeTT WAN

Networking:-• Inefficient resource usage, route

determination• Complex redundancy configurations & VPN

design• Unnecessary hops for sub office to sub office

communication between different ministries• High network latencies for all central resource

access

9

Current Technology/Design Issues – GovNeTT WAN

Security:-• Unnecessary routes in the network• Increased possibility of data compromise

Shared services:-• Distributed caching potential for redundant cache

entries in multiple locations• No centralized administrative Internet resource control• Unnecessary ICT investment for Internet resource

control

10

Current Data Centre Layout

11

Current Technology/Design Issues – Data Centre Layout

Networking:-• Complex logical interconnections• Difficult to include new segments• Server Farm connectivity not associated with low-

latency, high speed access• Central switches used to connect all segments• Routers terminate majority of user traffic indirectly• Servers share common switch infrastructure regardless

of function• Remote access/extranet connectivity is complex

12

Current Technology/Design Issues – Data Centre Layout

Security:-• Logical segmentation not as secure as physical segmentation• Limited Firewall Tiers• Multiple segments interconnected to single Firewall clusters causing

increased risk of unauthorized access• Complex security rule base causes open rules to maintain access• Firewall breach can cause multiple points of possible security breach• Multi-purpose security equipment not as stable or secure as dedicated

devices• DMZ and other similar lower security level segments are inter-connected

to common physical switches as segments with higher security levels• Firewall cluster tiers are built on common technology, a breach in one

Firewalled segment can allow breach in other segments using the same technology

13

Proposed High Level Services Technology/Design

14

Proposed High Level Services

Demand aggregation will be used to derive:• What common services are required by GoRTT• What are the collated system requirements• Supporting architecture:– In house? – Outsourced? – Cloud?…Hybrid Approach

15

Proposed High Level Data Centre Topology/Design

16

Proposed Data Centre Low Level Topology/Design

17

Features of Proposed Technology/Design

By doing:-• Direct mapping to future G-Cloud• Direct mapping to shared services and collaborative

environments• Multivendor approach fostered by tight SLA Management• Last Mile determined by Ministry (Agency deals directly

with vendors based on iGovTT agreements)• Full network segmentation

– Infrastructure/service segmentation– Data Centre segmentation– Decoupling of Services

18

Timelines

19

Q&A

20

THANK YOU!