Fednet enabling secure G2G services
The UAE’s FEDnet is providing a single, secure hub to connect government
As smart government matures in the UAE, so there is an increasing need for integration of services between government entities. Now an important project is aiming to create a central platform to connect and support these entities and help them to build more advanced services — the UAE’s Federal Government Network (FEDnet).
Launched under the supervision of the Telecommunications Regulatory Authority, FEDnet aims to provide the infrastructure platform which will eventually connect all of the Federal government entities in the country. The project was launched at the beginning of 2014, after two years of planning through studying similar projects in the region and internationally, and consulting with stakeholders from the federal government entities.
Saeed Belhoul, Director of e-Government Operations, TRA explained that while there are already two networks serving Abu Dhabi — Abu Dhabi Network (ADNET) and Dubai — the Government Information Network (GIN) — the UAE Smart Government National Plan required a network serving the government on the federal level as well.
As government entities have developed e-services, they have begun interconnecting their systems individually with government-to-government services, Belhoul said, but FEDnet aims to replace these connections with a more efficient central service: “The UAE government has a vision, of developing state of the art public and government services. This needed the typical services offered by the government entities to have some smartness. This requires information to be exchanged — the Labour Ministry wants information from the Ministry of Health, the Ministry of Health wants information from the Ministry of Interior, the Ministry of Interior wants information from the Emirates Identity Authority. So the entities started connecting with each other, and the result of this was something like a mesh network, each entity had to connect separately with many other entities in order to get the information required to be able to develop the services that are currently provided to the citizens.
“The best scenario to establish this connectivity and achieve this integration among the government entities is to create a hub, which is FEDnet, and allow everybody to connect through this hub, and the hub will take responsibility for routing traffic to the various entities, rather than having each entity connect to all the others. There is a cost saving here, and more efficiency in the network,” he said.
FEDnet has been designed to act a central hub for connectivity for all federal entities, so that government agencies do not have to create their own connections with other entities or the Internet. By creating a central shared hub, FEDnet frees up the government agencies from having to manage interconnectivity, and also handles network security and reliability.
The initial scope of FEDnet was to connect 42 government entities. The TRA formed a committee and a technical design authority, and a special interest group was formed consisting of the six biggest federal entities. The present and future requirements of all of the 42 entities were extensively assessed, to ensure that FEDnet can scale to meet future demands. Belhoul said that although around 20% of the entities account for the majority of traffic through FEDnet, the network serves all entities equally, and helps smaller entities to gain access to higher bandwidth and better standards of security.
To deliver the communications infrastructure which underpins FEDnet, the TRA contracted both UAE telecoms operators, Etisalat and du, as partners for the project. Belhoul said this has the immediate advantage of providing FEDnet users with two internet providers in a single offering. FEDnet has developed extensive service level agreements (SLA) with the operators to manage the service.
“Among the things that we are very happy with is that we have developed very mature SLAs with both the telcos. The SLAs mainly focus on the availability, the change management and incident handling, each one has certain KPIs,” he said.
To manage the security and connectivity of FEDnet, the TRA has put in place a full range of management and security facilities. A Security Operations Centre (SOC), Network Operations Centre (NOC) and Cloud Command Centre have been put in place for 24/7 monitoring and management.
“There is a lot of focus on security, as FEDnet is a critical infrastructure for the government,” Belhoul explained. “We have utilised whatever security controls are needed, including firewalls to segregate the different zones within the network, we deployed intrusion prevention systems, anti-virus, anti-malware, protection against DDoS attacks. Security is a critical part of this project.”
Data traffic between government entities is secured with IPSec encryption, a PKI infrastructure, and Application layer firewalls; and a dedicated security incident event management (SIEM) solution will manage any security incidents. FEDnet is also operating from multiple data centres with a full disaster recovery capability, to further enhance the resilience of services.
The services provided by FEDnet do not stop at just connectivity, Belhoul said, but extend to offering cloud computing solutions to government users: “One of the value propositions for this project for our stakeholders is to provide cloud services, providing Infrastructure-as-a-Service (IaaS), where our ultimate vision is that entities don’t have to worry about hardware for their new projects. The hardware will be part of the cloud, they can provision virtual machines with the specified processing power, memory and storage. This gives them speed to market, they can immediately launch an application, they can reduce their overheads, because the nature of the cloud is that there is a better optimisation for utilising the hardware resources.
IaaS has undergone pilot testing with a number of government entities connected to FEDnet , he added, and will be made available to federal entities soon. Entities will be able to provision their own virtual machines, which will be in a virtual data centre under their own control. The cloud services will be particularly useful for smaller government entities, Belhoul said, as it will allow them to focus resources on developing new services rather than having to manage commodity items like server and storage hardware.
“In the cloud we will be moving up the stack, so Software-as-a-Service is one of the new areas. We will offer email service for all the entities — it is there, and it will be rolled out at the same time as the IaaS. Some of the services now have become very much standardized, especially email, many of the entities don’t want to concern themselves with administering and managing the email service, they want to focus on other things where they can develop their services relating to their core business and integrate them with the other entities,” he added.
Belhoul stressed that FEDnet is intended to provide the foundation for government entities to enable them to work together to create innovative new services: “The ultimate goal of the success of the national plan really depends on the collaboration among the government entities — they have to work together. FEDnet provides only the bottom layer, the network connectivity. We are providing enablement through the infrastructure to enable them to deliver their projects, and security, so they can communicate securely. With the FEDnet as a common platform in place, it is the Government entities on the federal and the local level who will collaborate and make the effort to further develop the government services that will lead ultimately to the happiness of the people.”