in partnership with

State of OklahomaCIO Assessment StudyNetwork Recommendations

© Copyright Capgemini 2011 All Rights ReservedIn collaboration with

Network, Security, and Telecommunications Baseline

2

● We are observing very fragmented network services within and across State agencies.

● Multiple platforms for network, telecommunications, and security within an agency and across agencies. This usually results in higher TCO and poor support model.

● No state-wide compliance model for network, telecommunications, and security.

● No State-wide (One Net excluded) shared WAN/extranet .

● Several agencies maintaining their own PBXs and circuits. Telephony is a good example for shared service.

● Too many access points to the Internet casing a potential huge liability risk..

● We are observing very fragmented network services within and across State agencies.

● Multiple platforms for network, telecommunications, and security within an agency and across agencies. This usually results in higher TCO and poor support model.

● No state-wide compliance model for network, telecommunications, and security.

● No State-wide (One Net excluded) shared WAN/extranet .

● Several agencies maintaining their own PBXs and circuits. Telephony is a good example for shared service.

● Too many access points to the Internet casing a potential huge liability risk..

Current StateCurrent State

● We seek a network and security infrastructure environment that will enable centralized governance and shared services.

● Standardization, rationalization and consolidation is required to achieve the future state vision of centralized technology.

● Future vision includes centralized and common/shared services like telecommunications, shared extranet, Insourced or outsourced MPLS cloud used by multiple agencies.

● Services requiring agency-specific competencies will remain at the agency level.

● We seek a network and security infrastructure environment that will enable centralized governance and shared services.

● Standardization, rationalization and consolidation is required to achieve the future state vision of centralized technology.

● Future vision includes centralized and common/shared services like telecommunications, shared extranet, Insourced or outsourced MPLS cloud used by multiple agencies.

● Services requiring agency-specific competencies will remain at the agency level.

Vision for the FutureVision for the Future

Build an infrastructure foundation leveraging a common language and reference architecture to enable:

●Simplified, optimized, standardized enterprise IT infrastructure (including telecommunications, network, and security).

●Centralized application and infrastructure services.

●Common, effective management practices.

●Future vision to be enabled through delivery of an integrated project roadmap comprising infrastructure rationalization and capability development initiatives.

Build an infrastructure foundation leveraging a common language and reference architecture to enable:

●Simplified, optimized, standardized enterprise IT infrastructure (including telecommunications, network, and security).

●Centralized application and infrastructure services.

●Common, effective management practices.

●Future vision to be enabled through delivery of an integrated project roadmap comprising infrastructure rationalization and capability development initiatives.

ROADMAP - BlueprintROADMAP - Blueprint

© Copyright Capgemini 2011 All Rights ReservedIn collaboration with

Infrastructure Baseline – Details (Current State Observations)

We are observing disparate technology within and across State agencies as evident by the following facts:● Multiple vendor equipment for network, network services, security, and telecommunications (traditional and VoIP).● One Net adoption is limited to internet connectivity for larger agencies. There is no shared WAN/extranet in place.● Network services like print/fax/scan is not well-established. Local printers are prevalent across agencies.

We found no cohesive lifecycle management across the technology landscapes, evident by the following facts:● Lack of tools to manage network upgrade cycles.● Lack of compliance and lifecycle management tools.● Critical network equipment that is out of support from vendors.

No central governance model for the technology portfolio (lies within the agencies), as evident by the following facts:● Very limited statewide support contracts for network and security devices. ● OSF has a very good security control tools in place but other agencies have largely voluntary compliance reporting.● Network monitoring, change control and service control policies are largely controlled, if at all, by various agencies.

No State-wide shared services, as evident by the following facts:● Even common services like WAN/extranet, telecommunications, or VoIP are operated and maintained by all large

agencies.● Limited central and shared security services for things like remote access and DMZ.

3

© Copyright Capgemini 2011 All Rights ReservedIn collaboration with

Infrastructure Baseline – Details (Future State Objectives)

We seek an infrastructure environment that will enable centralized governance and shared services as supported by the following trends:● Shared WAN via MPLS backbone and or extranet.● Consolidate end connectivity (circuits/VPN) to a local MPLS PoP via VRF virtualization to remote State

offices.● Centralize remote access service and DMZ firewalls and IDS/IPS.● Implement State-wide lifecycle and inventory management.● Implement a common statewide compliance monitoring tools.

Infrastructure standardization, rationalization and consolidation is required to achieve the future state vision of centralized technology as supported by the following trends:

● Limit network, security, and telecommunications vendors to one or most at two.● State-wide support contracts.● Standardize print/scan/fax and telephony. Make print/scan/fax as a network based services and limit local

print/scan/fax.

Future vision includes centralized and common/shared business services used by multiple agencies as supported by the following trends:

● Move small and medium agency datacenter into a central location.● Create or designate single entities for security services and telephony.

*Services requiring agency-specific competencies will remain at the agency. This has to be defined and well understood

4

© Copyright Capgemini 2011 All Rights ReservedIn collaboration with

Investment

Investment Category 2012 2013 2014

Transformational Costs $6,000,000 3000000 2000000

Cost Avoidance

Hard Dollar Savings$7,638,993

$4,583,395 $3,895,886.

● ISD● OneNet

State-wide Optical and MPLS Backbone

Benefit Theme(s) Supported

● Establish a single, State-wide optical backbone using State-owned fiber.● Deploy WAN virtualization technologies to allow for traffic engineering.● The MPLS backbone can be designed to be virtualized via VRF for each State entity. ● Establish major PoPs for the backbone and consolidate connectivity to the nearest PoP.● Consolidation of last mile circuits for remote locations having multi-agency presence.● Leverage local telcos for last mile connectivity for best price/performance.

Description

● Leverage existing, State-owned fiber.● Investments reflect network equipment and labor

only and exclude facilities.

Assumptions

● Q2Q3 2011– Q4 2012

Timelines

● Strategy established and agreed upon.● A state entity identified.● Design and deployment of the core completed.● Agencies successfully migrated.● Cost savings/ added b/w after migration.

Metrics to measure achievement

● Document WAN connectivity for all the agencies – Leverage ATT study.● Assess environment with regard to existing infrastructure, components and costs.● Identify a single state entity that would operate the MPLS networks.● The entity will establish baseline architecture based on requirements from all the agencies.● Define service parameters and support model.● Define rollout and agency-level migration plan.● Design, procure equipment and deploy the MPLS backbone.● Conduct change management (training on new technology and processes).● Monitor KPIs and adjust process as needed.

Activities

Stakeholders

● Fiber availability for major PoPs that make the MPLS Backbone.● Establish a single entity that controls and manages the WAN for agencies via MPLS.

Dependencies

● Other agencies (TBD)

M

NetworkNetwork

Centralize Standardize Simplify Optimize

5

Risk Assessment

© Copyright Capgemini 2011 All Rights ReservedIn collaboration with

● Establish a State-wide VOIP SIP telephony network leverage CapEX and OpEX savings.● Distributed infrastructure, platforms, and applications as shared services. ● Curb the exponential growth of energy consumption and energy cost which are trending at

9% and 4% annually respectively.● Ability to scale up and down as business demands changes and maximize efficiency.● Services delivered based on standardized SLA’s.● Integrate wireless, CDMA /GSM/LTE services, SIP trunking via Session Border Controller.● State-wide Optical and MPLS Backbone

VOIP

66

Investment

Investment Category 2011 2012 2013

Transformational Costs $4,437,000 $3,786,852 $2,761,956

Cost Avoidance

Hard Dollar Savings $7,659,615 $$6,537,261 $4,767,978

● ISD/OneNet

Benefit Theme(s) SupportedDescription

● Leverage existing, State-owned facilities

Assumptions

● Q1 – Q4 2013

Timelines

● Strategy established and agreed to● A state entity identified ● Design and deployment of the core completed● Agencies successfully migrated● Cost savings/ added b/w after migration● Agency satisfaction with cloud services

Metrics to measure achievement

● Remove class 5 switch and Consolidation telephone service across the State footprint.● Optimize the use of power, connectivity, space and cooling requirements.● Define service parameters and support model. (Real estate consolidation, Reduce energy

consumption, Improve facilities efficiency, Integration of wire line and wireless telephony facilities and management.

● Distribute platform capabilities throughout the network, Class 4 and5 features, signaling, 800 service RTP for VOIP/SIP services using soft switch technology into an IP network.

● Develop a RFP process to Design, Procure equipment and deploy the new network.● Conduct change management (training on new technology and processes).● Optimization of work load.

Activities

Stakeholders

Fiber availability for major PoPs that make the MPLS Backbone. Establish a single entity that controls and manages the WAN for the cloud.

Dependencies

● All agency IT departments including Support, Administration, Operations, Architecture, Engineering, etc.

MRisk Assessment

TelephonyTelephony

Centralize Standardize Simplify Optimize

© Copyright Capgemini 2011 All Rights ReservedIn collaboration with

Centralize Internet Access and IDS/IPS

77

Investment

Investment Category 2011 2012 2013

Transformational Costs $1,000,000 $500,000 .

Cost Avoidance Built into MPLS

Hard Dollar Savings

● ISD/OneNet/Outsourced

Benefit Theme(s) Supported

● Establish a State-wide redundant Internet gateway.● Consolidate all internet access from multiple agencies.● Deploy/extend IDS/IPS to central internet access.● Deploy/extend webfilter for central access.● Deploy/extend a single pair of high throughput firewall(s).

Description

● Leverage current Internet access.

Assumptions

● Q1 – Q4 2011, Q1-4 2012, Q1-2 2013

Timelines

● Strategy established and agreed upon.● A central access point identified.● Design and deployment completed.● Agencies successfully migrated.

Metrics to measure achievement

● Document all internet access points for the State and the b/w.● Determine if the internet access is exclusively for remote site-site VPN to connect to central

office and exclude them consolidation.● Formulate migration plan to shutdown local internet access and migrate to central access.● Design and deploy central internet access with a minimum of 25% b/w headroom.● Execute the migration plan.

Activities

Stakeholders

● MPLS or single backbone network.● Shared services.

Dependencies

● All Agency IT departments● Support, Administration, Operations,

Architecture, Engineering, etc.

MRisk Assessment

SecuritySecurity

Centralize Standardize Simplify Optimize

© Copyright Capgemini 2011 All Rights ReservedIn collaboration with

Centralize Security Operations Center

88

Investment

Investment Category 2011 2012 2013

Transformational Costs $2,000,000 $1,500,000 .

Cost Avoidance

Hard Dollar Savings

● ISD/Outsourced

Benefit Theme(s) Supported● Establish a State-wide security operations center.● Consolidate agency-specific security.● Standardize security infrastructure to two vendors at most.● Identify tools for security monitoring.● Identify a state-wide authority for security console and reporting.● Strongly consider outsourcing security console to a 3rd party reporting directly to the State

Security Officer.

Description

● Leverage existing tools.

Assumptions

● Q1 – Q4 2011, Q-4 2012

Timelines

● Strategy established and agreed upon.● Standardization adopted.● SIEM solution deployed.● Agencies successfully migrated to SIEM.

Metrics to measure achievement

● Document all security devices and tools in current use at all agencies.● Formulate a standardization plan for security devices.● Formulate a consolidation plan for security in conjunction with shared services.● Establish a common SIEM solution.● Execute the consolidation plan.● Deploy the central console or identify a outsourcer and finalize security event s escalation

plan.● Establish event correlation and alerting criterion and process.

Activities

Stakeholders

● Shared services.● MPLS backbone.

Dependencies

● All agency security

MRisk Assessment

SecuritySecurity

Centralize Standardize Simplify Optimize