Over the past year or so, the UK’s Ministry of Justice (MoJ) has felt the double whammy of vastly increased workloads and vastly increased cost pressures in the form of budget cuts. To provide a way for all concerned stakeholders to engage better with its services, the MoJ has announced a tender for the provision of wide-area network (WAN) services.
Explaining the background to the tender, the MoJ said that over recent months it had been working hard within its technology services networks team to develop and deliver on strategic objectives that align with the Ministry of Justice digital strategy and the organisational vision.
It added that the project was all about continuous improvements, rather than “big bang changes”, while keeping the live services running to ensure that improving the user experience does not come at the cost of outages and service instability.
Putting the contract into context, the MoJ described its network environment as “large and complex”, consisting of both legacy and current technologies and comprising over 1,100 sites, multiple datacentres and cloud environments, managed by a diverse set of service providers.
It is the MoJ’s ambition to “greatly improve” its networks and their service offering to users by simplifying and modernising environments through innovation and moving on from the existing multi-domain model.
Yet the department stressed that technology was “the easy part”. To achieve its goals and realise the full benefits of the new technologies it wishes to embrace, the MoJ conceded that it needed to create a working environment and culture where people could excel and understand its strategic vision.
One of the projects the MoJ is working on is enabling the Prison Technology Transformation Programme (PTTP) roll-out by updating network connectivity at 92 prison sites, thereby meeting the immediate requirement for increased site bandwidth. It is also exploring potential strategic solutions to give flexibility and visibility. This would allow for faster, more efficient change processes alongside a greatly improved ability to investigate issues around service performance.
The new WAN service will aim to deliver secure connectivity for authorised devices at MoJ’s locations and those of its service recipients. The scope of the service includes WAN connectivity to provide secure access to corporate services; gateway services delivering secure access to other network domains, cross-government services and the internet; and core network services deemed necessary for the delivery of the end-to-end network operations.
The total value of the contract is £100m-165m, dependent on whether any extension options are applied and the extent to which projects are commissioned.
Digging deeper, the tender document published by the MoJ confirmed that the WAN connectivity portion of the contract will comprise the following:
- Software-defined (SD) WAN overlay services, including co-management capability.
- VPN and internet circuits.
- Enterprise-grade broadband.
- Supply and/or maintenance of CPE.
- Optimised cloud access, supporting software-as-a-service (SaaS) peering, edge colocation and direct access models.
- Carrier internet services, supporting resilient access to SaaS and infrastructure-as-a-service (IaaS) services.
- Development and implementation of standardised service offerings.
Gateway services will comprise takeover, transition, management and maintenance of the following:
- Services that encrypt local area network (LAN) traffic between datacentres.
- Load balancers.
- Integration of remote access service (RAS).
- Secure connection of private VPN services to the internet via perimeter networks at a transition/peering facility.
- Provision of a secure, resilient network-to-network interconnect gateway.
Core network services will consist of the following:
- Domain name system (DNS) primarily for network infrastructure that interfaces with MoJ’s DNS.
- Services that interface and make use of MoJ’s PKI service
- Interfacing with the MoJ’s NAC service.
- Secure and authenticated master time reference.
- Gateway services for the MoJ’s non-live environment.
- Integration with MoJ’s IPAM and DHCP services.