Shared infrastructure for government cloud
State and local governments, government agencies and the public sector are modernizing information communications and technology (ICT). Aging infrastructure is being transformed to ensure sustainable, reliable, secure, anytime access to information and data for citizens, businesses and employees.
New data center technologies such as virtualized architecture and software defined networking (SDN) enable governments and public sector agencies to greatly improve efficiency, simplify operations and increase agility. Cloud computing and shared network infrastructure provides an agile, flexible and dynamic government cloud and can also support public sector initiatives such as smart cities, e-health, e-learning and e-government.
The business benefits are clear
According to a report published by the US Government Accountability Office (GAO), projects across 24 participating federal agencies resulted in 3.6 billion US dollars of cost savings from 2011 to 2014, of which 2 billion US dollars have been attributed to data center consolidation and optimization.
In the Netherlands, the Dutch government’s services have been transformed and made more easily available through its private cloud iStrategy. This has reduced 66 data centers to just four new modern data centers, boosting interaction with e-government to 79% of citizens compared to an EU average of 41%.
Implementing a government cloud enables government departments and public sector agencies to share information and resources while achieving greater coherence and economies of scale. Key steps in a government cloud strategy are consolidating and virtualizing data centers in the cloud, and implementing secure shared network infrastructure:
- Fewer larger data center facilities with common architecture built on open standards allows common applications and services to be integrated and shared, increasing efficiency, reduing costs and eliminating duplicated IT environments.
- Shared infrastructure with common data access and security procedures makes collaboration among departments and agencies much simpler. Sharing of data and information with citizens and businesses is also easier to implement and control.
Government cloud requires secure DCI
Secure data center interconnect (DCI) can provide the shared infrastructure for government cloud. It connects data centers in a secure private cloud of virtualized compute and storage. It can also connect private government data centers with IT assets hosted in approved third-party data centers and to enable outsourcing of non-critical government and public sector IT to public cloud providers.
Using secure DCI to provide shared infrastructure enables the right mix of private, virtual private and hybrid cloud models and public cloud services. It can support a government cloud that is more agile, flexible and cost effective and much better able to match cost models to business requirements.
Different cloud models for government and public sector
Different types of cloud are often referred to when discussing government cloud:
- Private cloud: Data centers are on-premise and may be owned and operated by government and public sector agencies or by approved ICT partners. In a private cloud, the data centers and network that support them are completely dedicated to and operated by or on behalf of the government.
- Virtual private cloud: Government and public sector data centers are virtualized, which allows them to include resources in off-premise multi-tenant data centers or co-location facilities owned and operated by an approved communications service provider (CSP) or carrier-neutral provider (CNP).
- Public cloud: An internet cloud content provider (ICP) offers cloud services to the government and public sector for use on a pay-as-you-go basis, either hosting services in the ICP’s own data centers or increasingly in CNP co-location facilities.
- Hybrid cloud: Government private and/or virtual private clouds are combined with public cloud services, usually in a controlled and restricted way because of data sovereignty, security, privacy and control concerns.
Figure 1. Types of cloud and how they might be used to implement government cloud
Addressing shared infrastructure business and technical concerns
Government and public-sector projects can be particularly volatile. Decision makers are often only in position for a few years, and direction and priorities can change frequently. This can create uncertainty over budgets and a lack of commitment to projects.
Projects to consolidate data centers and create shared infrastructure are more likely to be supported if they are seen to be essential to and part of government cloud strategy. Such projects are strategic investments that enable the government cloud, particularly where they demonstrate business benefits in addition to the benefits of cloud. For example:
- Additional cost savings
- Greater resource efficiency
- Better collaboration
- Improved governance
Consolidating data centers and using a shared DCI infrastructure also involves technical challenges. For example, the cloud, the services it offers, the data centers that host these services and the DCI infrastructure that supports them must be available at all times – without fail and particularly at times of crisis.
Fortunately, the cloud is inherently resilient. For example, server virtualization across data centers and mirrored services between different cloud types – such as between private and virtual private clouds – create a high level of service resiliency.
However, ensuring that critical cloud services remain available at all times requires additional measures. When combined, these can contribute significantly to cloud service resiliency and availability:
- Well thought out data center backup and recovery procedures to provide a robust business continuity and disaster recovery solution
- Redundant network connectivity, data switching and path protection to support high service availability in event of network or equipment failures
- Carrier-grade network technology and equipment to ensure high network availability and reliability as well as network control, security and integrity
- Agile and flexible network and service provisioning, management and troubleshooting across multiple layers
- Security, encryption and intrusion detection to ensure data privacy and integrity and protect against loss of service due to cyber attack, hackers or vandalism.
Data security and citizen privacy is paramount for government and public sector agencies. This means ensuring that:
- The data is encrypted using strong symmetric encryption and key exchange algorithms that are government certified and approved
- The system that generates and manages the encryption keys must be separate from the network management system so that operations can be performed by separate groups
- Mechanisms should be deployed in the network to detect tampering and physical intrusion, with automatic network alerts triggered when a breach is detected.
Cloud DCI – secure shared infrastructure for government cloud
Cloud data center interconnect (cloud DCI) enables secure shared infrastructure for data center consolidation and government cloud. It provides scalable, sustainable and reliable connectivity between data centers and controlled access to them for citizens, government departments and public-sector agencies alike. Cloud DCI:
- Enables the evolution to a distributed cloud-based architecture with minimal network impact
- Provides a resilient and cost-effective infrastructure for shared cloud services and robust business continuity and disaster recovery
- Supports flexible cloud deployment models – for example deliver services in the private cloud as well as access to approved public cloud services
- Supports quantum proof data encryption and key generation algorithms that are government certified and approved, with separate, centralized security management
- Simplifies network management and service orchestration and offers more agile and dynamic service provisioning
- Allows the future automation of network operations while maintaining the high performance of virtualized applications
- Enables a return-on-investment (ROI) model that quantifies the operational benefits of shared infrastructure.
Advantages of cloud DCI for shared infrastructure
Cloud DCI offers several advantages over traditional shared infrastructure solutions, including:
- Scalable, flexible, secure bandwidth: Cloud creates a demand for very high and easily scalable bandwidth. Cloud DCI supports very high bandwidth for different cloud applications — and allows bandwidth to be increased and decreased flexibly as needed.
- Multi-site, multi-technology, multi-cloud capabilities: Cloud DCI helps to share data, distribute applications and balance workloads more easily across different cloud types, between multiple locations and between different cloud providers.
- Agile, dynamic provisioning: Cloud DCI supports orchestration of network resources across cloud boundaries to ramp up or turn down resources when and where required. It provisions bandwidth and orchestrates network resources dynamically, quickly and easily.
Cloud DCI delivers the capacity, flexibility and security government and the public sector need for fast turn-up of cloud services. At the same time, cloud DCI helps ensure business continuity, improve asset utilization and reduce costs.
For more information about cloud DCI and shared infrastructure for government cloud, see the Nokia Cloud DCI for government white paper, or click here to find out more about Nokia’s cloud DCI solutions.