Building a secure network infrastructure
By Vince Parry, Director–Government ANZ, Alcatel-Lucent Enterprise
Wednesday, 28 November, 2018
Governments cannot rely on legacy network technologies to keep pace with modern mobility, IoT and security demands.
As Australian governments, large and small, strive to integrate the latest innovations in mobility, data analytics, cloud computing and IoT into their processes and IT systems, it quickly becomes clear that their underlying network infrastructure will be fundamental to achieve successful outcomes.
Legacy network architectures aren’t equipped to support today’s user needs — or the new technologies that governments must implement to support a digital transformation. Such networks are unable to support new use cases and scenarios that integrate new technologies to benefit the business, and can no longer offer secure and efficient operations. For instance, they likely were not designed to provide the capacity needed to meet today’s instant-on, multi-device load on the network generated by the latest wave of multimedia applications.
In this landscape, Australian governments must rethink the very foundation of their networks to reduce costs, improve performance and security, and support new devices, technologies and business use cases.
The federal government’s Digital Transformation Agency (DTA) understands this, which is why network equipment and services are two of the key categories in its Hardware Marketplace. The DTA is also encouraging a cloud-first philosophy, which, by its very nature, is heavily dependent on the provision of reliable, high-speed networking.
Drivers of network transformation
The following set of three key trends will drive network infrastructure transformation for government departments and agencies.
Mobility and BYOD. The proliferation of mobile devices connecting to the network is the single most important factor driving the need for evolving the network. According to Deloitte, smartphone ownership rose from 84% of all Australians to 88% in 2017, with at peak of 90–95% expected in the next few years. However, as use of mobile devices increases, networks can easily be overwhelmed with bandwidth demands. For government departments, the problem remains of onboarding and securing the multiple different devices users bring to the network under BYOD policies.
IoT and exploitation of data. Governments of all sizes are taking the IoT very seriously, seeing in it the opportunity to collect valuable information and control infrastructure. An example is Launceston’s LORA network, which will gather data on transport, inventory control, traffic, health and sensing, all in real time. And in NSW, the Newcastle and Lake Macquarie councils are installing shire-wide LoRaWAN networks that they see as being ‘game changers’ for the provision of services.
These IoT networks generate unprecedented volumes of data, presenting challenges for network management and security. To gain the benefits of IoT, Australian governments will require a cost-effective network infrastructure that simplifies IoT device on-boarding, ensures system security and is easy to manage and operate.
Government networks must be resilient, high-performing and scalable to handle ever increasing volumes of traffic. These data flows can now produce their own performance and inspection data, enabling new insights into network operational efficiency and agility. Such services create a kind of self-monitoring network consciousness and intelligence that enables automation of IT functions, increasing network security, resiliency and management simplicity.
Rise of cloud and services. As Australians are now using their mobile phones everywhere for everything, another challenge for government network administrators is to take advantage of this trend by looking for additional ways to engage with citizens and enhance the user experience, while maintaining network integrity, reliability and security. Location-based services (LBS) offer the potential for new services such as targeted communications — for instance, alert messages sent during emergencies and natural disasters. LBS can also provide information that can be analysed to reveal citizen behaviours so that departments and agencies can optimise the services they provide.
Alcatel-Lucent Enterprise (ALE) believes the solution to these challenges lies in adopting the correct network services strategy, underpinned by three pillars:
- Securing mobile and IoT networks by properly onboarding, managing and securing all elements of the network, backed up by sophisticated analytics and management systems.
- Aligning business objectives and investment strategies with flexible provision models, including CAPEX, OPEX and cloud-managed hybrid infrastructures.
- Adopting a verticalised connected experience through value-added solutions and dedicated integration and capabilities designed for specific ecosystems in healthcare, transportation and general government needs.
The need for security hardly needs any description. Cyber attacks are increasing in volume, in complexity and in recovery cost, and the expense isn’t limited to direct financial loss — it also includes damage to public confidence. A high-quality user experience can only be assured if the network is always running and the information is protected. Security is a fundamental component in government network architecture, especially with BYOD, IoT and new applications from the cloud. More than ever before, security needs to be built in from the ground up and applied universally across all methods of access for the network.
Layered security should start with network integrity, device security, user profiles, application analytics and then moving to the levels of IoT containment, the operating system and code validation.
ALE recommends an optimised, high-performance network design based on a single network infrastructure with a secure, automated, efficient, virtual private network (VPN) for every department. We also recommend a multi-layered approach to securing the network from the edge, to the core, and shortest path bridging (SPB) to optimise network performance and minimise network downtime when adding, removing or replacing network devices.
An additional consideration is distributed intelligence control technology, which removes the possibility of a single-point-of-failure from the network and enables easy scalability. And a unified access framework provides for policy integration and consistent user experience, giving users a single set of credentials that grants them access to wireless or wired services with maximum security.
Smart analytics can enable improved decision-making and network planning by providing visibility and detailed information about the network, users, devices and applications being used on the network. It also provides predictive analysis reports that give visibility into potential future bottlenecks.
By adopting the approaches described above, Australian governments can ensure their network infrastructure is fit for purpose in the provision of essential public services, while maintaining the flexibility to meet the opportunities and challenges presented by an increasingly connected world.
As cybercriminals continue to ramp up their attacks, traditional security tools are no longer up...
AusCERT is launching a new brand image and website to further enhance the service it provides to...
The NSW Government has established Cyber Security NSW within the state's Department of...