F5 Networks Inc. has inked its biggest deal to date with the Australian Taxation Office (ATO) on the back of a security infrastructure replacement program the agency is undertaking which includes standardizing its networking technology.
The ATO is installing 60, F5 Big-IP systems which is one of the largest implementations of traffic management systems in the Asia-Pacific region.
F5 managing director Les Howarth said the systems are being installed at the ATO"s public Internet interfaces, its private interfaces with other agencies and businesses as well as internal data centers.
He said the IP systems are like a personal assistant for the firewall.
"They manage the flow of traffic going to the firewalls so they are not overwhelmed by congestion and can do their job efficiently," Howarth said.
Because the ATO experiences huge peaks in demand at certain times of the year, its telecommunications trunks have not always been able to cope with the influx of traffic.
Howarth said the installation has allowed the agency to double the capacity of the trunk network so the internal systems can process more transactions and meet client demand.
He said the agency has an extremely complex firewall design which needs sophisticated traffic management.
"In the past that meant the ATO had to handcraft firewall rules to meet special security needs. However, this implementation has improved functionality to the point where the ATO will be able to de-commission many of the handcrafted configurations and so make better use of the network," he said.
Bill Gibson, CIO at the Tax Office, said the goal was to reduce complexity because there were 1000 rules in each firewall covering every business application. The ATO had introduced firewalls on an incremental basis resulting in different hardware and software versions of myriad products.
"It became a costly maintenance item and a major risk. Any change had to be applied differently. Clearly, the technical and business risks with such complexity needed to be mitigated," Gibson said.
"We have decommissioned a number of load balancers with new generation devices and are also replacing obsolescent Sun hardware and software.
"We haven"t [terminated] any contracts but we have novated contracts as the security industry rationalizes the number of players in operation."
EDS is the ATO"s principal supplier through its outsourcing contract. Vendor products supplied via EDS include F5 load balancers, Sun servers, Check Point firewalls, Secure Computing Sidewinder devices; Cybertrust is the prime supplier of security services.