RUPA Unified Network for Public Agencies

1
RUPA- Unified Network for Public Agencies

• Claudio Brosco

2
Agenda

• RUPA overview
• RUPA today highlights
• Architecture Services
• Security
• Outcome of RUPA experience
• The Future

3
RUPA (Rete Unitaria delle Pubbliche
Amministrazioni) Overview

• In 1998 Telecom Italia won the tender issued by
  AIPA (Authority for the IT in the Public
  Administration) for provision of an integrated
  network connecting Public Agencies
• As per conditions set in the Tender, Path.Net
  was created in 1999 by Telecom Italia with the
  task of operating the RUPA contract
• RUPA Contract characteristics
• yearly price adjustment to lowest market fees
• very demanding SLA (Service Level Agreement)
  conditions
• Deployment of RUPA Customer Networks started in
  the year 2000 up to date it includes all Italian
  Government Agencies and Ministries and the main
  Local Agencies.

4
RUPA Overview Targets

• promoting electronic exchange of information
  among Public Agencies
• enforcing a common platform for data
  transmission
• allowing development towards the Italian
  e-Government model
• Central PAs provide back office Applications to
  be utilized by Local PAs. These provide front
  office online services and information to the
  public or to enterprises (G2C and G2B).
• Access to services by citizens/enterprises is
  provided by means of Portals at PA premises or
  through the Internet (the official portal is
  www.italia.gov.it)

5
RUPA todayPOPs and Customers
RUPA is widespread throughout Italy with POPs in
103 cities
Up to date (August 2003) consolidated numbers
- 70 Public (Central and Local) Agencies - more
than 7.700 sites connected
6
RUPA today Traffic
7
RUPA todaySpeed distribution
8
RUPA todayeconomics

• Savings due to yearly price adjustment to lowest
  market fees

Present total RUPA Costs about 100 Millions
per year
9
RUPA todayPrincipal Extranet Applications

• vehicles circulation tax
• Taxes DB
• Local territorial IS
• Income tax observatory
• Social Security DB
• Electronic Tax form
• Human Resources IS for Ministry of the Treasury

• PAs Electronic Fund Transfer
• PAs General Accountancy
• Ministry of Agricolture DB
• Court for Bankruptcies DB
• Jail System DB
• Enterprises Unified Portal
• Monitoring of Government Program

10
Architecture Services - 1

• RUPA includes VPNs belonging to different Central
  PAs interconnected through single gateways. Also
  Local PA VPNs, private enterprises and citizens
  are connected through local network providers
  Internet.

ASP
P.A. VPN
P.A. VPN
Interconnecting Domain
OLO/ISP
INTERNET
P.A. VPN
CITIZENS ENTERPRISES

11
Architecture Services - 2

• Transport Services (for intranet, extranet and
  internet)
• IP and ATM on the entire italian territory
  (accessed by leased line, ISDN, XDSL, SDH local
  loop) up to 155Mb/s
• Metropolitan Area Network in major cities up to
  100Mb/s
• In preparation
• multimedia services
• Management and professional services
• performance traffic monitoring
• customer network management
• help desk and technical assistance 24x365
• technical support in designing Customer VPN
• capacity planning

12
Security key issues

• 92 risk reduction measured through an Authority
  approved Risk Analysis algorithm.
• Conformance to International Standards for
  Security
• Continously updated Security System through
  Approved Procedures and yearly auditings
• Provided Security Services
• Firewalling
• Antivirus
• Intrusion Detection
• Penetration tests
• Vulnerability assessment

13
Security Measures

• Secure Network Management Centre distributed
  through Independent Screened Subnets
• Intranet traffic segregation for each PA
• Extranet traffic interchange through secure
  gateways
• Access to the Internet through a single secure
  gateway
• Up to date Intrusion Detection Systems
• Operators Authentication through Token System

14
Some relevant new projects on RUPA

• MIUR An XDSL network for 11.000 schools
• (intranet internet)
• INPS Data Centre Business Continuity
• Min. della Giustizia A customized Firewalling
  solution
• Regione Lazio A network for e-Lazio
• Monopoli di Stato Bingo network
• Ministero Interno Demographic Services
• AGEA A network for agriculture subsidies data
  transfer
• Several Central P.As. Metropolitan Area Networks

15
Outcome of RUPA experience

• Great reduction in costs/bandwith ratio for all
  services
• Increase of bandwidth demand by PAs (annual
  average increase of 39)
• Standardization of applications networking in the
  PAs
• Fast provisioning of Customer links and low time
  to restore
• Increased Network Security
• Need for different standards of service
  according to Customer requirements
• Long time and high costs needed to change Network
  solution

16
The futureSPC (Sistema Pubblico di Connettività)

• Main targets
• To provide a shared infrastructure both for
  implementing PAs intranet as well for the
  interconnection between PAs, promoting the
  homogeneous development on the entire territory
  and saving as much as possible the
  assets/investments already been deployed.
• SPC, although based on the Internet paradigmas,
  should offer guaranteed performances
• Services should be diversified in terms of
  quality and security, depending on the different
  requirements
• to allow interaction between PAs and the
  external environment (enterprises, research,
  citizens, etc.), providing diversified access
  privileges
• to found a multivendor system that can leverage
  on the market opportunities

17
SPC Architecture (source Centro Tecnico della
Presidenza del Consiglio dei Ministri)
CERTIFIED PROVIDERS
QUALITY-SECURITY RULES
Provider 1 Provider 2 Provider 3
ASP 1
RULE 1 RULE 2
ASP 2
Internet
Qualified Internet
ASP 3
Local ISP
Regional ISP
National ISP
Other networks
T
Security Management Centre
3
Citizens Enterprises
Quality Monitoring Centre