230 likes | 435 Views
RENATER RIE The French Interdepartmental Government Network TERENA TF-MSP 6-7 May 2013. RIE : Starting point.
E N D
RENATER RIEThe French InterdepartmentalGovernment NetworkTERENA TF-MSP 6-7 May 2013
RIE : Starting point On May 25th, 2012, the Council of Ministers has decided to implement a “secured interdepartmental telecommunication network, unifying departmental networks and ensuring the continuity of public action in case of severe Internet failure”. The network will replace overall existing departmental networks (17 000 sites).
Project timeline 2012 2013 2014 2015 Q4 Q1 Q2 Q3 Q4 Q1 Q2 Q3 Q4 Q1 Q2 Q3 Q4 Q1 Technical model definition Contracts preparation Launch of consultations on infrastructure building Contracts notifications Backbone and fiber optic infrastructure construction Economic analysis Budget validation Sites step-by-step connection to the network First perimeter department sites Other sites SCN creation Financial and technical framework definition Implementation phase: infrastructure building and time-phased connection of department sites to the network
RIE : goals Renovation of public action : Secured and unified network dedicated to public administrations National scope : metropolitan and overseasterritories Long term and high performance infrastructure based on RENATER Concreteanswer to strategicgovernment issues : Simplified collaboration between public administrations Secured network : improvesecurityagainst « internet » Controlledoperationalcosts : sharing network betweendifferententities Improvement for end-users : Single operator for public administrations : SCN RIE User-orientedevolving services : at the core of digital transformation
RIE : a dedicatedgovernmentagency With national authority: • SCN RIE = Service à Compétence Nationale - Réseau Interministériel de l’Etat • SCN RIE = national (metropolitan and overseas) authority • National and international connectivitybetween all public administrations SCN RIE assignments: • Design and roll-out of network • Management of network includingsecurity and operating conditions • Implementation of shared services
Key success factor: Partners Selection of an architecture which meets financial efficiency and technical flexibility requirements Administrations • Architecture based on high-speed fiber optic backbone • Points of connection with the backbone hosted in departments datacenters • 17 000 sites connected to the points of connection via operators networks (end-to-end) Remote sites International networks Mobile access External hosts Perennial and flexible architecture supporting the implementation of high-speed connectivity and the development of new services.
Key success factor (2): 4 basic principles • Long-term operability, supported by sustainable technological options, high-speed backbone and addressing scheme optimizing cross-department exchanges. • Network resilience, thanks to a high degree of autonomy from third-party networks and overall IT security management ensuring defence in-depth. • Flexible connection options: various types of connections are offered to department sites to respect their constraints and meet their needs (network throughput, availability and service level) • Progressive connections to the network: departments impacted by the territorial administrations reform and Culture and Communication department will be connected first. Remaining departments will be connected afterwards according to the expiry date of their operator contract.
Two major challenges Local administrations optimisation and mutualisation requirements strengthened by territorial administration reform Government IT systems security • Facts • Currently, departmental networks are operating separately, they are expensive and unable to evolve according to organizational changes. More their services offer is fragmented while the need for interdepartmental coordination is stronger. • Challenges • Develop interdepartmental exchanges as part of territorial administration reform, following previous initiatives on infrastructure level (AdER/SIGMA network) and service level (Chorus, ONP) • Ensure service continuity and a high quality level • Control IT costs • Facts • A steady increase in cyber attacks against government IT systems • A exponential growth of the number of entry points on departmental networks • Different IT systems security levels according to the department considered • Strengthened information systems defence and security measures since 2011 (information system security policy (PSSI), general security database (RGS), French Network and Information Security Agency (ANSSI)) • Challenges • Protect French government data heritage • Prevent cyber attacks • Preserve confidence in government data and services
Network infrastructure construction phase • Based on the French NREN RENATER • Fiber optic infrastructure • Acknowledged expertise • Economic benefits > €20 million • Dedicated wavelength for flow transportation • Functional autonomy • Security • Additional links to be built • Interconnecting points with the backbone located in department data centers
Interdepartmental telecommunication network • A flexible and evolving architecture based on optic fiber • Points of connection with the backbone hosted in departments data centers • Building on existing capabilities for key functions of network operations management • Backing on RENATER has been instructed and validated • An agreement between RENATER and DISIC is in progress • First contracts notifications have been issued • Fiber optic infrastructure installation has been I initiated • The construction of the backbone has been launched
Example : NR and PIB vers Nantes NR-Bordeaux Shelter NR-Toulouse Shelter vers Montpellier PIB-Bordeaux PIB-Toulouse NR = Nœud Réseau = Network Node PIB = Interconnexion point to backbone
Focus on security Cyberdefense is structurally integrated to the government network • The French Network and Information Security Agency (ANSSI) is associated to all work in progress to integrate intrusion detection systems. • The information systems security is part of a specific working group which involves all departments. • Best practices and security requirements are natively part from network specification. • During the operational phase, security teams will ensure the maintenance in a state of operational security in close partnership with the French Network and Information Security Agency • A security operating center will be created
Focus on security (2) Use of NREN for ministry of defense !!!!! Or some other ministries … needs a security audit of RENATER backbone (NR vs PIB) RENATER must fit security requirements of ALL ministries • Physical security • Access and redundancies • Electricity • … • Need a regular reporting; monitoring of lightpaths • Data much critical than for ESR … ?