Department of Information Services

1
Department of Information Services The IT Road
Ahead Strategies for 2003 - 2005 CAB Update -
May 24, 2004
2

• Key DIS Service Strategies

3
DIS Services Leadership

• Mike McVicker, Deputy Director of Operations
• Mike Emans, Assistant Director
• Telecommunication Services Division
• Laura Parma, Assistant Director
• Interactive Technologies Division
• Becci Riley, Assistant Director
• Computing Services Division
• Ellen Wolfhagen, Program Manager
• K-20 Educational Network

4
Key DIS Service Strategies

• Network Strategy
• Computing Strategy
• Security Strategy
• Web Strategy
• Business Continuity Strategy

5

• Network Strategy

6
Communities of Interest

• K-20 Educational Network (K20)
• State Governmental Network (SGN)
• Inter-Governmental Network (IGN)
• Justice Information Network (JIN)

7
Network Strategies

• Voice Over IP (VoIP) Initiatives
• Enterprise Active Directory
• Multiprotocal Label Switching (MPLS)
  Asynchronous Transfer Mode (ATM) Implementation
  Project
• Updated Strategic Direction and Initiatives

8
VoIP Initiatives

• Phase 1 Strategic Assessment Framework
  Completed
• Phase 2 Proof of Concept Completed
• Phase 3 Technical Standard Engineering
  Guidelines Completed
• Small VoIP Systems Master Contract(s) Available
  by 3rd Qtr. 2004

9
Enterprise Active Directory

• Framework for Enterprise Authentication
• Framework for Enterprise Access Control
• Natural By-product of Windows Infrastructure
• Supports Decentralized Administration and Control
• Standardized Best Practice
• Supports State-wide Business Continuity

10
Enterprise Active Directory Current Production
Participants
11
Enterprise Active DirectoryPre-Production
Participants
Lab Participants
12
MPLS/ATM Upgrade

• Currently Underway with Three Customers
  Participating
• Progress Slower than Planned
• Business Continuity Overlay
• Strategic Direction Recommendation Core,
  Distribution Access Layers

13
Strategic Direction

• Continuous Availability
• Increased Bandwidth and Managed Performance
• Increased Security

14
Strategic DirectionContinuous Availability

• Discrete Core, Distribution and Access Layers
• Core Highly Redundant Switching Layer
• Distribution Managed Firewalls, Load Balancing,
  Intrusion
• Access Services / Customer Layer
• Equipment Redundancy
• Geographically Diverse Dual Internet Connections
• Single Integrated SONET Ring

15
Strategic DirectionIncreased Bandwidth and
Managed Performance

• ATM Node Access
• Ethernet Local Access
• Ethernet Transport (10 MB 100 MB)
• MPLS and Quality of Service (QoS)

16
Strategic DirectionIncreased Security

• MPLS Virtual Private Network
• Redundant Firewall Clusters
• Intrusion Detection
• Secure Access Services

17
Current Network Architecture
18
Network Reference Architecture
19
Network Security Reference Architecture

• Establish updated Network Security Roadmap
• Based upon Business Requirements from agencies
  and local governments
• Convergence of requirements for network
  infrastructure, security infrastructure, business
  continuity infrastructure

20

• Computing Strategy

21
Computing Strategy Elements

• Continue to deliver Advanced Computing
  Hardware/Software Technologies
• S/390 Z900 - Z/OS April 18 Installation
• UNISYS Clearpath May 10 Installation
• Support Enterprise Integration Requirements
• MQ Series / Websphere
• Entire X-Broker
• I-Way

22
Computing Strategy Elements Human Resources
Management System

• Windows 2003 / SQL 2003 / Active Directory
• HP 8-Way Server Implementation
• Quality Assurance Environment
• Completed in February
• Acceptance Training Environments
• Completed during April June timeframe
• 8 Servers
• Production Environments
• May Delivery September Completion
• 23 Servers
• Active Directory Enabled Security Strategy

23
Computing Strategy Elements Exchange 2003 Support

• Exchange 5.5 Hub will only support Enterprise
  Active Directory (EAD) participants after June
  30, 2004
• EAD participants can begin migration activities
  to Exchange 2003 after July 1, 2004
• Anticipate first agency deployment to Exchange
  2003 by July 30, 2004
• Expect Microsoft long-life support of Exchange
  2003

24

• Security Strategy

25
Governance
Strong Policy
1
2

• State
• Regional
• National

3
Operation
26

Strong Policy ISB Security Enhancement Project

• Agency Input gathered following the first
  security compliance audits
• WACIRC will provide initial recommendations for
  the Security Standards and Guidelines
• WACIRC will provide recommendations for Patch
  Management Remote Access
• CAB and Enterprise Architecture will review

27

Governance WACIRC

• Launched Incident Reporting Web Site
• Established an Incident Alert listserv to notify
  cities counties connected to the IGN of
  incident alerts
• Established an additional Incident Alert listserv
  for interested government employees or
  organizations not in the SGN or IGN

28

Operation

• Washington participated in the National Livewire
  Cyber Exercise
• New Authentication Gateway, Fortress Version 3 is
  under construction
• New more robust VPN technology deployed,
  migrating current customers
• New Roaming Digital Certificates Deployed

29

• Web Strategy

30
Web Strategy Elements

• Content Management for Web Sites DSHS live!
• Web Search the Enterprise Approach with Ask
  George
• Web Usability Study underway for Access
  Washington Portal summer implementation
• Usability Results will be documented as Best
  Practices and incorporated in the Web
  Presentation Guidelines Version 5.0

31

• Business Continuity Strategy

32
Business Continuity Objectives

• Provide Network Continuity following event driven
  elimination of any single node site
• Provide continuous ISP following single node site
  elimination
• Provide customer agencies with multiple recovery
  options and strategies
• Recognize budget limitations faced by customer
  agencies

33
Network Preparation Steps
Implement Redundant Network Structure

• Completed 2nd ISP connection
• Completed Redundant Core Network Switching
• Completed Redundant Active Directory
  Infrastructure
• Establish Redundant DNS
• Establish Redundant Firewall, Access Washington,
  Transact Washington and Fortress Infrastructure

34
Network Reference Architecture
35
Agency Reference Architecture
36
Agency Reference Architecture
37
Agency Reference Architecture
38
Agency Reference Architecture
39
Agency Reference Architecture
40
Secure ISP

• Load Balanced Geographically Diverse Dual
  Internet Connections
• Redundant Load Balanced Firewalls
• Redundant Load Balanced Secure Access Services

41
Wa.gov Domain

• Redundant Load Balanced Domain Name Services
  (wa.gov)
• Agencies maintaining local DNS services must
  develop recovery strategy

42
Next Steps

• Establish Recovery SAN Environment on East Side
• Explore Digital Academy class resulting in a
  Business Continuity Template
• Conduct Recovery Site RFP for Master Contract
• Explore Managed Firewall Services

43
Recovery Center Options

• Agency Operated Location
• Agency Contracted Location
• DIS Master Contract (Summer 2004)
• Agency Issued RFP
• Yakima County Recovery Center
• DIS Targeted Recovery Center

44
Business Continuity Limitations

• Clients requiring continuous network access must
  connect to multiple node sites to guarantee
  continuous operation Client must be recovered
  in place!
• Continuous network operation cannot be
  cost-effectively guaranteed following the
  elimination of multiple node sites
• Business Continuity Strategy assumes connectivity
  to the SGN

45
Questions?
46
(No Transcript)