Services Australia is set to replace its decade-old wide area network with a software-defined one that supports multiple government entities and provides faster connectivity to cloud services and for hybrid workers.
The agency also revealed an embrace of several Zscaler services as part of its adoption of secure access service edge (SASE), which will enable staff to directly connect to the internet, rather than having their traffic backhauled through an agency-run internet gateway.
The projects come under what Services Australia is calling the telecommunications services program or TSP, which is intended to give both Services Australia and up to 10 entities that rely on it for ICT, “a new set of world class telecommunications capabilities.”
“Our current telecommunications services contract has been in place since 2012, with many capabilities considered end-of-life,” Services Australia said.
“[We have] an exciting opportunity to future-proof our telecommunication and digital services to serve as the base for solutions that enable transformation capability into the future.”
The agency said in a tender that its current wide area network (WAN) “harks back to a time where corporate applications resided on-premises and users accessed them mostly from within corporate office locations.”
“This is in stark contrast to the work environment of today,” it said.
“With the advent of cloud-based apps and the transformation of work habits including the dramatic uptake in the use of collaboration platforms, legacy corporate networks have to cope with usage patterns that they were not designed for and are consequently struggling to provide users with an experience that delivers adequate network performance, reliable seamless connectivity, and effective security.”
Services Australia noted the emergence of three technologies to aid hybrid workforces and largely cloud-based environments: SD-WAN, secure access service edge (SASE) and zero trust network access (ZTNA).
The agency is moving on the latter two, SASE and ZTNA, via “subscriptions for several Zscaler products”.
It is targeting Zscaler Private Access (ZPA) as a replacement for VPN functionality currently served with Cisco AnyConnect; and Zscaler Internet Access (ZIA) “to allow branch based or remote personnel to connect directly to internet resources using a local internet connection.”
“This will enable seamless policy enforcement without the current requirement for traffic to traverse the centralised Services Australia secure internet gateway,” it said.
Services Australia is now moving to execute on the third core technology, SD-WAN, and on Tuesday started its search for a partner to build the new WAN, and to offer managed network services over the WAN on an ongoing basis.
One aspect of the new SD-WAN is that it is intended to be “a single consolidated network that is capable of supporting logically separated official and protected networks” operated by Services Australia.
Services Australia provides shared ICT services to multiple departments and agencies; these include “internet gateway and/or data centre hosting services for 10 Australian government entities”, according to its most recent annual report.
The needs of one such entity - the Department of Social Services (DSS) - are afforded particular focus in the tender, although Services Australia notes that “other partner agencies’” needs are also being taken into account.
“DSS and other partner agencies will be tenants in [the new SD-WAN] network,” Services Australia said, adding that “this will remove the requirement for DSS to maintain and operate a separate physical network.”
Services Australia is hoping to sign a contract for an SD-WAN and managed network services by the end of the calendar year.