Date post: | 26-Mar-2015 |
Category: |
Documents |
Upload: | gabrielle-dunlap |
View: | 214 times |
Download: | 0 times |
EEE – September, 2003
RUPA- Unified Network for Public AgenciesRUPA- Unified Network for Public Agencies
Claudio Brosco
2EEE – September, 2003
AgendaAgenda
RUPA overview RUPA today: highlights Architecture & Services Security Outcome of RUPA experience The Future
3EEE – September, 2003
RUPA (Rete Unitaria delle Pubbliche RUPA (Rete Unitaria delle Pubbliche Amministrazioni): Amministrazioni):
Overview Overview
In 1998 Telecom Italia won the tender issued by AIPA (Authority for the IT in the Public Administration) for provision of an integrated network connecting Public Agencies
As per conditions set in the Tender, Path.Net was created in 1999 by Telecom Italia with the task of operating the RUPA contract
RUPA Contract characteristics: yearly price adjustment to lowest market fees very demanding SLA (Service Level Agreement) conditions
Deployment of RUPA Customer Networks started in the year 2000: up to date it includes all Italian Government Agencies and Ministries and the main Local Agencies.
4EEE – September, 2003
RUPA Overview RUPA Overview TargetsTargets
promoting electronic exchange of information among Public Agencies
enforcing a common platform for data transmission allowing development towards the Italian e-Government
model:
Central PAs provide back office Applications to be utilized by Local PAs. These provide front office online services and information to the public or to enterprises (G2C and G2B).
Access to services by citizens/enterprises is provided by means of Portals at PA premises or through the Internet (the official portal is www.italia.gov.it)
5EEE – September, 2003
RUPA is widespread throughout Italy with POPs in 103 cities
Up to date (August 2003) consolidated numbers: - 70 Public (Central and Local) Agencies - more than 7.700 sites connected
RUPA today:RUPA today:POPs and CustomersPOPs and Customers
0
1000
2000
3000
4000
5000
6000
7000
8000
gen-
00
mag
-00
set-0
0
gen-
01
mag
-01
set-0
1
gen-
02
mag
-02
set-0
2
gen-
03
mag
-03
set-0
3
Nr.
of
site
s
Comune di RomaRegione LazioRegione CampaniaRegione LombardiaRegione MarcheRegione Emilia RomagnaRegione PiemonteRegione Basilicata
0
1000
2000
3000
4000
5000
6000
7000
8000
gen-
00
mag
-00
set-0
0
gen-
01
mag
-01
set-0
1
gen-
02
mag
-02
set-0
2
gen-
03
mag
-03
set-0
3
Nr.
of
site
s
Comune di RomaRegione LazioRegione CampaniaRegione LombardiaRegione MarcheRegione Emilia RomagnaRegione PiemonteRegione Basilicata
6EEE – September, 2003
RUPA today: RUPA today: TrafficTraffic
MONTHLY TRAFFIC DISTRIBUTION
INTERNET18 900 GBytes
EXTRANET700 GBytes
INTRANETS3 300 GBytes
7EEE – September, 2003
CONNECTED SITES SPEED DISTRIBUTION2.3
80
1.1
48
1.6
04
239
491
262 1.5
20
61
-
500
1.000
1.500
2.000
2.500
64 K
bps
128 Kb
ps
256 Kb
ps
384 Kb
ps
512 Kb
ps
768 Kb
ps
2 Mbp
s
34 M
bps
Speed
Nr.
of si
tes
RUPA today:RUPA today:Speed distributionSpeed distribution
8EEE – September, 2003
RUPA today:RUPA today:economicseconomics
-
1
2
3
4
5
6
7
8
1998 1999 2000 2001 2002 2003
Ban
dw
idth
(Gb
it/s
)
Bandwidth
Price/Bandwidth
- 75
- 50
- 25
- 100
- 125
Pri
ce/B
and
wid
th R
atio
(€ m
illi
on
/ G
bti
/s)
Savings due to yearly price adjustment to lowest market fees
Present total RUPA Costs: about € 100 Millions per year
9EEE – September, 2003
RUPA today:RUPA today:Principal Extranet ApplicationsPrincipal Extranet Applications
vehicles circulation tax Taxes DBLocal territorial ISIncome tax observatorySocial Security DBElectronic Tax formHuman Resources IS for Ministry of the Treasury
PAs Electronic Fund Transfer PAs General AccountancyMinistry of Agricolture DBCourt for Bankruptcies DBJail System DBEnterprises Unified PortalMonitoring of Government Program
10EEE – September, 2003
P.A. VPN
Interconnecting Domain
OLO/ISP
ASP
P.A. VPN
P.A. VPN
CITIZENS & ENTERPRISES
INTERNET
Architecture & Services - 1Architecture & Services - 1
RUPA includes VPNs belonging to different Central PAs interconnected through single gateways. Also Local PA VPNs, private enterprises and citizens are connected through local network providers & Internet.
11EEE – September, 2003
Architecture & Services - 2Architecture & Services - 2
Transport Services (for intranet, extranet and internet) IP and ATM on the entire italian territory (accessed by leased
line, ISDN, XDSL, SDH local loop): up to 155Mb/s Metropolitan Area Network in major cities: up to 100Mb/s In preparation:
• multimedia services
Management and professional services performance & traffic monitoring customer network management help desk and technical assistance 24x365 technical support in designing Customer VPN capacity planning
12EEE – September, 2003
Security key issuesSecurity key issues
92% risk reduction measured through an Authority approved Risk Analysis algorithm.
Conformance to International Standards for Security Continously updated Security System through Approved
Procedures and yearly auditings Provided Security Services:
Firewalling Antivirus Intrusion Detection Penetration tests Vulnerability assessment
13EEE – September, 2003
Security MeasuresSecurity Measures
Secure Network Management Centre distributed through Independent Screened Subnets
Intranet traffic segregation for each PA
Extranet traffic interchange through secure gateways
Access to the Internet through a single secure gateway;
Up to date Intrusion Detection Systems
Operators Authentication through Token System
14EEE – September, 2003
Some relevant new projects on RUPASome relevant new projects on RUPA
MIUR: An XDSL network for 11.000 schools(intranet & internet)
INPS: Data Centre Business Continuity
Min. della Giustizia: A customized Firewalling solution
Regione Lazio: A network for e-Lazio
Monopoli di Stato: “Bingo” network
Ministero Interno: Demographic Services
AGEA: A network for agriculture subsidies data transfer
Several Central P.As. Metropolitan Area Networks
15EEE – September, 2003
Outcome of RUPA experienceOutcome of RUPA experience
Great reduction in costs/bandwith ratio for all services
Increase of bandwidth demand by PAs (annual average increase of 39%)
Standardization of applications networking in the PAs
Fast provisioning of Customer links and low time to restore
Increased Network Security
Need for different standards of service according to Customer requirements
Long time and high costs needed to change Network solution
16EEE – September, 2003
The future:The future:SPC (Sistema Pubblico di Connettività)SPC (Sistema Pubblico di Connettività)
Main targets:
- To provide a shared infrastructure both for implementing PAs intranet as well for the interconnection between PAs, promoting the homogeneous development on the entire territory and saving as much as possible the assets/investments already been deployed.
- SPC, although based on the Internet paradigmas, should offer guaranteed performances
- Services should be diversified in terms of quality and security, depending on the different requirements
- to allow interaction between PAs and the external environment (enterprises, research, citizens, etc.), providing diversified access privileges
- to found a multivendor system that can leverage on the market opportunities
17EEE – September, 2003
SPC ArchitectureSPC Architecture(source: Centro Tecnico della Presidenza del Consiglio dei Ministri)(source: Centro Tecnico della Presidenza del Consiglio dei Ministri)
SPC ArchitectureSPC Architecture(source: Centro Tecnico della Presidenza del Consiglio dei Ministri)(source: Centro Tecnico della Presidenza del Consiglio dei Ministri)
T
3
Internet Qualified Internet
ASP 1 ASP 1
Citizens & Enterprises
PACRUPAR
PAL
PAC
RUPARPAL
PAC
RUPAR
PAL
Quality Monitoring Centre
Security Management Centre
National ISPRegional ISP
Local ISP
Other networks
ASP 2 ASP 2
ASP 3 ASP 3
Provider 1
Provider 2
Provider 3
CERTIFIED PROVIDERS
RULE 1
RULE 2
…
QUALITY-SECURITY RULES