Federal Police to refresh Cisco network


The Australian Federal Police has commenced its second major telecommunications hardware purchasing initiative in six months, going to market this week for suppliers to maintain and gradually replace its Cisco-dominated core networking environment.

In a request for tender document issued this week, the organisation sought responses from suppliers who could provide core switching, wide area network routing, encryption and firewall equipment, as well as being able to maintain its existing networking environment, which features a great deal of Cisco equipment, particularly the US vendor’s Catalyst switch line.

“The AFP will be replacing its existing equipment on an ‘as needed’ basis,” the organisation wrote, noting that it required “the provision of replacement equipment, and associated maintenance and support services, as the existing environment is progressively decommissioned”.

The force will hold an industry briefing on its requirements next week, and is planning to sign a contract with one or more successful suppliers by the end of August this year.

According to the AFP’s documentation, it runs a fully private MPLS backbone, carrying traffic from a number of sub-networks, as well as Ethernet, ATM and frame relay entry points. The organisation is seeking to eventually be completely layer 2-independent from a carrier service point of view – allowing the AFP backbone to “transition between carrier technologies as they are brought to market, with little or no change required on the AFP backbone”.

Consequently, in its tendering initiatives, the organisation is seeking to buy products which have the widest selection of layer 2 network interface technologies.

Another aspect of the AFP’s network is that it uses encryption devices to bulk encrypt traffic from its routing devices when carried over service provider networks – ensuring it would be very hard for external parties to snoop on the organisation’s internal network traffic.

The news comes several months after the AFP flagged plans to progressively decommission its Avaya-based internal IP telephony network. In both approaches to market, the organisation went to lengths to illustrate how critical its network infrastructure was.

“For AFP-controlled infrastructure, the availability requirement is 100 percent — that is, to be always available,” the AFP’s documents stated. “The AFP goes through a careful design process to ensure there are no single points of failure.”

In addition, the AFP stated that it requires all superuser/root/administrator access to any systems it buys to be disclosed so that it can undertake troubleshooting internally — “even if the supplier claims the server is an appliance”. “This is crucial when the organisation goes into a full response mode,” it wrote, “where it may not be possible for the service provider to assist the AFP.”

Image credit: Adrian van Leen, royalty free