The Future of GovNeTT – Where are we Heading?

GovNeTT 2.0 Current State Obscure Governance Framework Design is Difficult to Evolve to Changing Needs Difficult for some IT Managers to Enact Required Changes Site-to-Kit Lock-in – Difficult to Unbundle and Reduce Managed Costs Difficult to Expand Service Set/Increase DC Utilization Architecture not Fully Suited to Shared Environment Time Required to Fulfil Requests 2

What Are Root Causes? Two Main Categories Include Governance Framework Technology and Architecture 3

Governance Framework Need for Approved Governance Framework and Structure Shared Service Model Buy-in from Agencies Apply Common Framework for Building ICTs Security Framework for All of GoRTT ICT Initiatives 4

GovNeTT Technology From a Technology Perspective there is need for Dynamic ICTs Improved Flexibility Agility of Deployment and Access to Service Scalability Enhanced Security Modular Approach to Service Reduced Development and Operational Costs 5

Current Technology/Design – GovNeTT WAN 6

Current Technology/Design Issues Design is Difficult to Evolve to Changing Needs Inadequate Data Centre hosting facility Site-to-Kit Lock-in – Difficult to Unbundle and Reduce Managed Costs Difficult to Expand Service Set/Increase DC Utilization Architecture not Fully Suited to Shared Environment 7

Current Technology/Design Issues – GovNeTT WAN Networking:- Inefficient resource usage, route determination Complex redundancy configurations & VPN design Unnecessary hops for sub office to sub office communication between different ministries High network latencies for all central resource access 8

Current Technology/Design Issues – GovNeTT WAN Security:- Unnecessary routes in the network Increased possibility of data compromise Shared services:- Distributed caching potential for redundant cache entries in multiple locations No centralized administrative Internet resource control Unnecessary ICT investment for Internet resource control 9

Current Data Centre Layout 10

Current Technology/Design Issues – Data Centre Layout Networking:- Complex logical interconnections Difficult to include new segments Server Farm connectivity not associated with low- latency, high speed access Central switches used to connect all segments Routers terminate majority of user traffic indirectly Servers share common switch infrastructure regardless of function Remote access/extranet connectivity is complex 11

Current Technology/Design Issues – Data Centre Layout Security:- Logical segmentation not as secure as physical segmentation Limited Firewall Tiers Multiple segments interconnected to single Firewall clusters causing increased risk of unauthorized access Complex security rule base causes open rules to maintain access Firewall breach can cause multiple points of possible security breach Multi-purpose security equipment not as stable or secure as dedicated devices DMZ and other similar lower security level segments are inter-connected to common physical switches as segments with higher security levels Firewall cluster tiers are built on common technology, a breach in one Firewalled segment can allow breach in other segments using the same technology 12

Proposed High Level Services Technology/Design 13

Proposed High Level Services Demand aggregation will be used to derive: What common services are required by GoRTT What are the collated system requirements Supporting architecture: – In house? – Outsourced? – Cloud? …Hybrid Approach 14

Proposed High Level Data Centre Topology/Design 15

Proposed Data Centre Low Level Topology/Design 16

Features of Proposed Technology/Design By doing:- Direct mapping to future G-Cloud Direct mapping to shared services and collaborative environments Multivendor approach fostered by tight SLA Management Last Mile determined by Ministry (Agency deals directly with vendors based on iGovTT agreements) Full network segmentation – Infrastructure/service segmentation – Data Centre segmentation – Decoupling of Services 17

Timelines 18

Q&A 19

THANK YOU! 20