1 © 2005 Cisco Systems, Inc. All rights reserved. Session Number Presentation_ID Cisco Public Cisco Connected Government Technical Overview October 2005

1© 2005 Cisco Systems, Inc. All rights reserved.Session NumberPresentation_ID Cisco Public

Cisco Connected Government

Technical Overview

October 2005


Agenda

• Connected Government Overview

• Overview of Cisco® Connected Government—Intra-agency Roadmap

• Overview of Cisco Connected Government—Interagency Roadmap

• Applying Cisco Connected Government to Public Safety Agencies

• Mapping Case Studies to the Phases of Cisco Connected Government

• Why Cisco?

• Discussion


Connected Government Overview


Government Agency Challenges

• Improve operational efficiencies with proactive strategic planning, policy development, resource allocation, and administrative and financial planning

• Increase reach and responsiveness of constituent services

• Reduce operational costs

• Enhance quality and flow of information across chain of command

• Establish resilient network infrastructure that supports interagency collaboration


Source: “Forecast: State and Local Government, North America, 2004–2007” (Gartner; 2004)

Current Trends in Public Safety Agencies—Investments to Improve Information Flow

• Investments in last-mile wireless and communication technologies

• Investments in new business processes

• Investments in critical public safety applications

Computer-aided dispatch (CAD)

Records management system (RMS)

Multijurisdictional communication networks

Mobile data terminals

Biometrics

Auto vehicle locator

Mug shots and digitized images

Crime analysis


Agency Drivers for Change

Intra-agency/Interagency Collaboration

• Enable interoperable communications to support constituent services, agency collaboration, and joint operations

• Consolidate common government services to enhance operational efficiency

Shared Services

Information Sharing

• Improve operational efficiency by providing equal interagency access to critical information

• Foster sharing of physical resources and equipment (e.g., incident command vehicles, aircraft, etc.) across agencies to reduce costs

Infrastructure Sharing


What Is a Connected Government?

• All branches of government support the controlled flow of information

• Services reach constituents when they need them, where they need them, and in the way they need them

• Services reach more constituents with less cost

• Government is engaged with constituents


Overview of Cisco Connected Government

• Reference network and application architectures with a corresponding roadmap

Uses government and private-sector best practices to enable improved information sharing across organizational boundaries

• Roadmap transitions governments through a multiphase approach, synchronized with process change

Yields realistic near-term benefits while making progress toward long-term objectives

• Network Assessment tool

Compares department mission with IT capability


How to enable and control information flow across application and organization boundaries and services?

How to consolidate and manage the network, computer and storage needs acrossapplication and organization boundaries?

How to collaborate with public and private sectorconstituents, partners, and suppliers across application and organizational boundaries?

Data CenterData CenterBranchBranchCampusCampus TeleworkerTeleworkerMAN / WANMAN / WAN

Server

Network Virtualization Services

Places in the Network

Storage Clients

Infrastructure Sharing

Application Services Voice & Collaboration Services

Computer Services

Identity Services

Security Services

Mobility Services

Storage Services

InfrastructureServices

Information Sharing

IPC/IPCC Security Wireless

Collaboration

Ser

vice

s

Services that Can Be Easily Modified, Distributed, Scaled,and Maintained and that Integrate Legacy Systems Cost-Effectively

Goal: Moving to

a More Connected

Government

Goal: Moving to

a More Connected

Government

Addressing the Government Challenge: Improve Service Without Increased Budgets


Cisco Connected Government Roadmap

• Sections illustrate common application of roadmap, but there are exceptions

For some agencies, sharing across groups within one agency is as complex as sharing between agencies

For these agencies, all six phases can be applied within the same agency before branching out between agencies

Intra-agency FocusEnhances agency’s ability to serve constituents wherever they are and whenever they need assistance

Phases 1 to 3

Interagency FocusEnables connectivity, communication, and collaboration between agencies

Increases service effectiveness and public safety

Phases 3 to 6

1 2

Work from inside out


Overview of Cisco Connected Government—

Intra-agency Roadmap


1Phase 1: “Siloed” Information and Communications Systems

• Redundant systems, resources, information, and processes designed for independent operation within each department

• Prerequisites to enter next phase

Ensure quality of service (QoS)

Achieve high network availability

Establish robust, integrated network security


Phase 1: “Siloed” Information and Communications Systems—Cont’d

Limited Network Redundancy

Data Center Headquarters

Branch

No Integrated Security

Separate Voice and Data Network

Limited Connectivity to the Data Center

Mobile Network

Limited Mobile Data Access

Connectivity to Data Center Is Potential Single Point of Failure

Lack of Any-to-Any Voice, Video, or Data Real-Time

Communication

DMZ

Increased Cost and Complexity

Network Downtime Network at Risk

SiSi

Public Switched

Telephone Network (PSTN)

Leased Lines

Internet


High AvailabilityHigh AvailabilityQoS and Convergent

CommunicationsQoS and Convergent

Communications

CollaborationApplicationsCollaborationApplications

Integrated SecurityIntegrated Security

Getting Out of the Silos


High Availability: Resilient Network Design

• AutoSecure, Warm Reload, Control Plane Policing, Nonstop Forwarding/Stateful Switchover (NSF/SSO), Switch Cluster, Configuration Rollback, Fault Containment, and Generic Online Diagnostics

• Routing Protocol and Spanning-Tree Enhancements, Cisco EtherChannel® Technology, Multiprotocol Label Switching (MPLS) Traffic Engineering, Gateway Load Balancing Protocol (GLBP)/Hot Standby Routing Protocol, Multilink Point-to-Point Protocol, Dial-On-Demand Routing, and Resilient Packet Ring

• Survivable Remote Site Telephony (SRST), CO-Based Gateways, Teleworker, Advanced Worm Mitigation, Call Center Resiliency, and User Mobility

Device-LevelResilience

Network-LevelResilience

Systems-LevelResilience

In Case OfEmergency


Core Distribution Access

• Protect bandwidth and priority traffic

• Protect switch CPUs

• Enforce access control policies

• Secure access for authorized users and “safe systems”

• Secure “hot ports” and protect switch CPUs

• Mitigate man-in-the-middle attacks

• Protect links proactively

Integrated Security

Protect core as high-speed interconnect to rest of the network

Ensure authorized user access, protect links and switches, and defend against malicious attacks

Protect links to distribution and core from attacks that interrupt control traffic and device manageability

Advanced Integrated Security


Quality of Service

GW

Access DistributionVoice

Data

Core

Scavenger

Voice

Data

Scavenger

QoS Is Integral to the Converged Campus Network

• Guaranteed, predictable behavior for unmatched control over network traffic

• Greater adaptability to future needs

• Protects against network security threats by guaranteeing bandwidth


Cisco Convergent Communications

• Workplace services

• Voice mailand unified messaging

• Emergency responder

• Customer contact• Rich-media

conferencing

Applications Endpoints Call Control Infrastructure

• IP phones• Wireless phones• Cisco IP

Communicator• Cisco VT

Advantage

• Hosted call control• Cisco CallManager• Cisco CallManager

Express• Integrated services

routers

• Intelligent network infrastructure

SecurityQoSAvailabilityManagementAdministration

A Completely Flexible, Resilient, and Secure Suite of Communications Applications that Scale and Adapt to the Needs of Any Organization


Converged Communications for Distributed Branches

Headquarters

100–200 Employees

Regional Headquarters

25–75 Employees

Branch

10–20 Employees

Cisco Integrated Services Router with Cisco

CallManager Express, Cisco Unity Express, and Cisco IOS

FirewallCisco Integrated Services

Router with Cisco CallManager Express, Cisco Unity Express,

and Cisco IOS Firewall

Cisco Integrated Services Router with Cisco CallManager Express, Cisco Unity™ Express, and Cisco

IOS Firewall

Public Internet, VPN, or Private WAN with Voice

over IP

PSTN


Headquarters

A

PSTN

WAN

Cisco Integrated Services Router with SRST

Cisco 7200

ApplicationsServer

• WAN link fails—IP phones lose contact with CCM

• IP phones exchange Keep Alive messages and Call Processing messages with Campus-Located CallManager (CCM)

• IP phones register with local router as router of last resort

• Router queries phones for configuration and auto-configures itself

• Router provides call processing for duration of failure via PSTN

• Upon restoration of WAN, IP phones revert back to CCM

Police Station

SRST—How It Works

Cisco CallManager

Cluster X


Voice

Video

IM

Web

Integrated Rich-Media Conferencing

Voice Conferencing

• Scalable IP and TDM platform

• IP integration to backbone, platform, and desktop

Web Conferencing

• Tightly integrated fourth-generation solution

• Complete meeting management and control

Videoconferencing

• Integrated multipoint videoconferencing

• Broad endpoint support


Rich-Media Conferencing Experience

Who’s SharingWho’s Speaking

Who’s AttendingHow Attending

2004 Results

Movable, Sizable Video Window

As Natural and Effective As Face-to-Face Meetings

Complete Voice, Video, and Web Conferencing Capabilities and Control


List of Relevant Resources

• IP Communications

http://www.cisco.com/go/voice/

• Routing and Switching

http://www.cisco.com/go/routers

http://www.cisco.com/en/US/products/hw/switches/index.html


Branch

Branch

Campus

Data Center

SRST

Cisco Unity Messaging

Integrated Router Security

Centralized Management and Call Control

SiSi SiSi

Cisco MeetingPlace

DMZ Internet

IP WAN

IP WAN

Delivers Secure Communication and Collaboration Through a Complete Suite of Applications Integrated with the Infrastructure

Phase 2: Intra-agency Collaboration


Still Unable to Integrate Remote and Field Workers

Remaining Challenge:

Phase 2: Intra-agency Collaboration


VPNsVPNs Enterprise MobilityEnterprise Mobility

Network Capacity Design

Network Capacity Design

Network IdentityNetwork Identity

Integrating Remote Resources


VPNs: Advanced Secure Access for Remote Sites

Internet

= DMVPN Tunnel

2800

Customer B

Customer C

Provider EdgeRouter

Customer A

www.cisco.com/go/ipsec

Branches and Field Networks Are Protected by an Underlying Self-Defending Network

IP Security (IPSec) Dynamic Multipoint VPN (DMVPN)

Zero-Touch Provisioning, Dynamic Mesh VPN Tunnels

Generic Routing Encapsulation (GRE) and

IPSec with Dynamic Routing

Use the Best Routing in the Business for Maximum Control

and Flexibility

Voice and Video Enabled VPN (V3PN)

Best-in-Class QoS with IPSec VPNs for Multiservice, High-

Quality, Jitter-Free Voice, Video, and High-Priority Data

IPSec Easy VPN

Remote-Access Hub and Spoke VPNs Using Centralized Policy

Push


User Identity-BasedNetwork Access

User-Based Policies Applied(Bandwidth, QoS, etc.)

HQ or Branch

AuthorizedUsers and Devices

UnauthorizedUsers and Devices

Identity-Based Network Access Determines Who Gets Access and What They Can Do

• Equivalent to placing a security guard at each switch port

• Only authorized users can get network access

• Unauthorized users can be placed into “guest” VLANs

• Prevents unauthorized access points (APs)


Access Control,Packet Inspection

Firewall Services

Application Intelligence, Content Inspection, Virus Mitigation Intrusion Prevention

System (IPS) and Networking Audio and

Video Services

Identity, Virtualization, QoS Segmentation, Traffic Visibility

Network Intelligence

CiscoPIX

CSA

NAC

Quarantine VLAN

Cisco Router

CSA

VPN Access

VPN

Cisco DDoS

CSA

Cisco ® Router Cisco

Catalyst ®

Cisco Catalyst

Identity-BasedNetworking

Cisco IPS

Application Inspection, Use Enforcement, Web Control

Application Security

Malware and Content Defense, Anomaly Detection

Anti-X Defenses

Traffic and Admission Control, Proactive ResponseContainment and Control

SiSi SiSi

Extending Security to Remote Users:Security Across the Infrastructure


Privacy Control Management

Enterprise-Class Encryption

WPA—Temporal Key Integrity Protocol

WPA2—AES

Secure Connectivity

for Wireless LANs (WLANs)

WLANWLAN

WLAN

Management for WLANs

Centralized Configuration, Monitoring, and Analysis

Single Management Console

Automation of Repetitive Time-Consuming Tasks

Trust and Identity Solutions for

WLANs

Robust Per-User Authentication

802.1X and Extensible Authentication Protocol Types

Identity-Based Networking

Threat Defense for WLANs

WLAN Threat Defense Solution

Rogue AP Detection and Suppression

Protection from Network Attacks

Rogue APMalicious

Hacker

Enterprisewide Mobility:Wireless LAN Security Across HQ

Protection

Cisco Wireless Security Suite

Cisco Wireless Security Suite

Cisco SWANCisco Structured Wireless-Aware Network (SWAN)


2. Identify Location and Early Evidence

2. Identify Location and Early Evidence

3. Identify Resources3. Identify Resources

Message: Suspected Card Poster at Dean St. and Soho Sq. Proceed To Area with Caution.

1. Identify Potential Situation

1. Identify Potential Situation

5. Collate Evidence5. Collate Evidence

Enterprisewide Mobility:Connecting the Mobile Vehicle and Worker

Headquarters Branch

Applications

Database

Police Station

Police Station

Mobile vehicles connected to the headquarters via IP to enable applications (e.g., filing, fingerprints, geographic information systems, photos, database queries, video)

Street officers connected to the headquarters via wireless with PDAs

Nearest Responding Officer ID: #234Dept: Street MaintenanceLocation: Dean St.Distance: 28 yards

4. Deploy Resources4. Deploy Resources

Police IntranetIP Is the Connecting Glue of

Wireless and Wire Line

Police IntranetIP Is the Connecting Glue of

Wireless and Wire Line


WLANHotspot

s

WLANHotspot

s

General Packet Radio

Service (GPRS)Fallback

General Packet Radio

Service (GPRS)Fallback

GPRS Wireless

Cisco Mobile Access Router

Local WLA

N

Local WLA

N

InternetInternet

Mobile Access Router, WLAN, and General Packet Radio Service Fallback


Source of Relevant Resources

• Security

http://www.cisco.com/en/US/products/hw/vpndevc/index.html

• Mobility

http://www.cisco.com/en/US/products/hw/wireless/index.html


Phase 3: Integrated Remote Resources

Remote Workers

Partners/SuppliersBranch

Headquarters

Data Center

SiSi SiSi

Cisco Secure Access Control Server

WirelessLAN Solution

Engine

WirelessLAN Services

Module

Cisco APsCisco

Compatible Clients

Cisco Compatible Clients

Cisco APs

Cisco Compatible Clients

Cisco APs

Identity based networking

Media Encryption

Enables Worker Mobility and Secure, Real-Time Access to All Agency Resources Regardless of Location

DMZ

VPN

VPN

WAN

Internet

WAN


Phase 3: Integrated Remote Resources

Lack of Communication Between Agencies



Resilient WAN and Metropolitan-Area Network (MAN)

Resilient WAN and Metropolitan-Area Network (MAN)

Enabling Interagency Collaboration

Network ScalabilityNetwork Scalability


High Availability

Security Scalability

QoS Management

The Enterprise WAN and MAN: The Glue that Binds

Headquarters 2

BranchMobile Workers

Headquarters 1

Headquarters 1 Data Center

Internet

EnterpriseIntranet


The Organization’s WAN and MAN:Flexibility and Deployment Choices

• Choose from a variety of scalable technologies to connect your whole organization

• Manage as much or as little of your WAN as you require

• Migrate to new WAN technologies by using your existing Cisco investment

• Five architecture alternatives:

Encrypted Layer 2 connectivity (frame relay, ATM, etc.)

IP VPN (Service Provider [SP]–managed MPLS)

IPSec VPN (Internet)

Multi-VPN routing and forwarding (VRF) segmentation (per VRF

tunneling)

Self-deployed MPLS VPN segmentation


Reduces Overall Administration and Management Costs by Providing

Automated Resource Management, Rapid Profile-Based Provisioning, and

Audit and Monitoring Capabilities

IP Solution Centerfor MPLS VPN and QoS

Northbound Interface

Layer 3 VPN Layer 2 VPN

QoSMPLS Traffic Engineering

Trouble- Shooting

Cisco IP Solution Center

Network-Intelligent Element Manager for MPLS and Metro Ethernet Networks

Planning Provisioning

Cisco MPLS VPN Simplifies, Integrates, and Automates VPN and QoS Management

Customer Operations

SupportSystem

GUI

MPLS Core



• Next-Generation WAN and MAN Design Guidelines

http://www.cisco.com/en/US/netsol/ns483/networking_solutions_packages_list.html


Overview of Cisco Connected Government—

Interagency Roadmap


WAN

Phase 4: Interagency Collaboration

Remove Workers

Branch

Headquarters 1

Data Center

SiSi SiSi

Headquarters 2

SiSi SiSi

Self- Deployed

MPLS

Encrypted Layer 2

Connectivity

IPSec VPN

SP-Managed MPLS VPN

Implements Agencies’ Access Policies and Enables Interagency Communication and Collaboration

VPN

ISP, Broadband,

etc.

IP VPN(MPLS,

V3PN, etc.)


Phase 4: Interagency Collaboration

No Data Center Continuity or Consolidation



Enabling Interagency Infrastructure Sharing

Data-Center ConsolidationData-Center Consolidation

Network AutomationNetwork Automation


Evolution of the Data Center

Automation

Storage

Network

Compute

Dynamic Provisioning and Autonomic Information

Lifecycle Management to Enable Business Agility

Business PoliciesOn Demand

Service-Oriented Virtualization

StorageNetworkCompute

EnterpriseApplications

Management of Resources Independent of Underlying Physical Infrastructure to

Increase Utilization, Efficiency, and Flexibility

Data Network

Server Fabric

Network

Centralization and Standardization to

Lower Costs, Improve Efficiency, and Uptime

Consolidation

LANWANMAN

SAN

Storage Network

Intelligent Information

Network

HPCClusterGRID


Shared Pools of Storage Resources

Shared Pools of Storage Resources

Shared Pools of Compute Resources

Shared Pools of Compute Resources

Application Message ServicesMessage Translation and Transformation, Application Authentication and Authorization, and

Business Event Visibility

Intra-data Center Extra-data Center

Storage Network

Fiber ChanneliSCSIFICON

Server Farm

Gig and 10GB EthernetBlade Switch

Server Fabric

Infiniband10GB EthernetBlade Switch

DCInterconnect

DWDM, SONET and SDHWAN, FCIP

DC Access

Internet MPLS, IPSEC, SSLVPN, DNS Optimization

Intelligent Information

MA

NA

GE

ME

NT

Services Integration

Network Integration

Applications

Storage Fabric ApplicationsReplicationServer-less BackupPoint in Time CopyContinuous Data ProtectionVolume Management

AdaptiveThreat DefenseVirtual Firewall ServicesVirtual Intrusion PreventionDenial-of-Service GuardNetwork AntivirusHost Protection

ApplicationOptimizationVirtual Server BalancingWeb, Video, and File CachingWide Area OptimizationSSL OffloadTCP Offload

Application Integration

Mu

lti-

De

vic

e V

irtu

al

Co

nte

xt

Ma

na

gem

en

t

API

Po

lic

y-b

as

ed

M

an

ag

eme

nt

API

Ser

vic

e

Op

tim

iza

tio

n

Ma

na

gem

en

t

Andiamo

Topspin

FineGround

Actona

Riverhead

The Cisco Commitment to the Data Center



• Storage and Data Center Design Guidelines

http://www.cisco.com/en/US/products/hw/ps4159/index.html

http://www.cisco.com/en/US/netsol/ns340/ns394/ns224/networking_solutions_packages_list.html


Phase 5: Interagency Infrastructure Sharing

Remote Worker

Branch

Data Center

Comprehensive Continuity

Dense Wavelength-

Division Multiplexing

(DWDM)Network

WANIP WAN

Data Center

Web Servers

Web Servers

Storage Consolidation

Application Optimization

Adaptive Threat

Defensive

Server Consolidation

Enabling a Virtualized, Consolidated, and Automated Data Center

VPN

Headquarters

SiSi SiSi


Phase 5: Interagency Infrastructure Sharing

Sharing Infrastructure and Applications



Enabling Information and Services Sharing

Network Virtualization• Creates a private, secure, and independent network over a

shared physical infrastructure that is transparent to the end user, increasing utilization, efficiency, and flexibility of the network and the applications


• Virtualized services

• Centralized policies and services

• Shared infrastructure

Employee Servers

Employee Contractor Guest

Internet

Network Virtualization Drivers

• Closed user groups

Private

Secure

Independent policies (e.g., guests, Network Admission Control [NAC] quarantine)

Remediation Servers


Network Virtualization Requirements

• Create segments for guest access and NAC quarantine

• IT department as a “Network Service Provider”

Provide a private network per group

Use a shared infrastructure

Scalability and simplicity

Minimize operational overhead

Centralize network security policies and access to shared services

Closed user groups extensible over the WAN

• IT departments: From cost centers to revenue centers?

Potential to enhance enterprise business processes


Current Campus Design Recommendation

Modular, hierarchical, and scalable yet not virtualized

Internet

L2

Lay

er 3

L2

Access

Distribution

Core


A Virtual Network per Group

• Virtualized devices

• Virtualized services

• Virtualized data paths


Global

VRF

VRF

Virtualized Network Devices

• Switch Virtualization—VLANs

• Router Virtualization—VRFs

Logical or physical interface (Layer 3)

Logical or physical interface (Layer 3)

802.1q or others802.1q, GRE, line-statepacket, physical interface, etc.


Partners

Contractors

Resources

Guests and NAC quarantine

Campus Core

Contractor10.2/16

Resource10.2/16

Contractor10.3/16

Partner10.2/16

• Services not duplicated per group

• Economical

Internet Gateway

IPSec Gateway

DHCP

Video Server

Firewall and NAT

Hosted Content

Shared for all groups:

…With Centralized Services and Policies

• Efficient and manageable• Policies centrally

deployed

Internet / Shared


6Phase 6: Interagency Information-Sharing and Shared Services

• Objective

Final step of the Interagency Roadmap, with network helping connected government agencies extract full value in sharing human resources, information, and services (e.g., payroll, IT, and budgeting)


Police Officer

Police Station

Data CenterWAN

DWDMNetwork

IP WAN

Data Center

Web Servers

Web Servers

Server Consolidation

Phase 6: Interagency Information-Sharing and Shared Services—Cont’d

Sharing Applications and Infrastructure Across Agency Boundaries

VPN

Police HQ 1

SiSi SiSi

Justice

Justice

Constituents

Constituents

Police

Police


Connected Government Is Based on Three Key Tenets of an Intelligent Information Network

Providing resilience to maintain continuity and performance

Adapting to changing needs of government programs

Integrating network with applications and network components

Connected Government

The Cisco Approach for Connected Government


Applying Cisco Connected Government to Public Safety Agencies


Public Safety Agency Challenges

• Improve responsiveness and situational awareness

• Improve public safety

• Reduce administrative overhead

• Improve security of data systems

• Increase government agility by connecting all agencies

• Improve ability and capacity to deliver services through increased efficiency and effectiveness

• Protect investment

• Future-proof network


Cisco Connected Government Benefits Public Safety Agencies

• Cisco helps public safety agencies

Expand visibility, reach, and capabilities

• Cisco Connected Government

Enhances operational efficiencies

Improves response to emergency situations

Provides greater control in safeguarding communities

Increases safety and productivity in emergency and non-emergency situations

Creates greater agility for information-sharing initiatives within and across organizations


Putting Cisco Connected Government to Work

Suspect in a stolen vehicle abducts a child

Witnesses notify 999, providing a description of the vehicle

Mobile command post established on scene

Detectives obtain a photograph of the stolen vehicle from the owner; they also are able to identify the suspect and obtain a picture of the victim

Pictures of the vehicle, suspect, and victim are shared with all local law- enforcement agencies

Community alert system electronically distributes the information throughout the city and county

Virtual command post uses videoconferencing and collaboration between emergency call taker, incident commander, and surrounding agencies to rapidly share information

Suspect is located and the child is safely returned home


Suspect and witness interviews received and correlated with crime databases—match with stolen vehicle and suspect

Mobile operations at crime scene streams video and photo of suspect

Detailed situation video, voice, and data distributed to local and regional responders, and alerts distributed to the public

Local/Reg Police Stations

Police Headquarters

Data Center

Mobile Command Center

Cisco Connected Government: Public Safety Networking


Local/Reg Police Stations

Police Headquarters

WAN WAN

Prevent intrusion of secure wireless network (eg, rogue APs, war driving, and sniffing)

Integrate wireless network into enterprise LAN management and control

Maintain wireless connectivity during roaming, supporting delay-sensitive applications (e.g., RMS, CAD)

WAN optimizes and secures traffic flow of applications

Data Center

Automatic network configuration that supports new and mobile offices

Consistent security and segmentation that secures records, applies access policies, and meets regulatory requirements

Collaboration InfrastructureSharing

Information Sharing

Mobile Command Center

Cisco Connected Government: Public Safety Networking


Mapping Case Studies to the Phases of Cisco Connected Government


Summary of Connected Government Case Studies

Phase 1 Phase 2 Phase 3 Phase 4 Phase 5 Phase 6

Kent Police X

Humberside Police X

Polish Border Guard X

Upper Merion Police Department X

State of Schleswig-Holstein X

Dutch Victim Tracking System X

izn in Lower Saxony, Germany X

Austrian Federal Data Center X


Kent Police—Phase 2

The Challenge

• Increase quality and speed of communications with community

• Modernize archaic, inefficient telephony system

• Meet pressures to deliver against Best Value performance targets

The Solution

• Cisco IP WAN linking 50 locations around Kent

• Cisco IP telephony solution across the data network

The Benefits

• Return on investment expected within four years

• Cost savings increased by more than 30 percent

• Improved communications with community

• Easier, efficient telephony use among staff


Cisco Solutions are Priced for Success

“As well as savings of more than 30 percent a year, the Cisco solution also gives us a more cost-effective and simpler way for us to expand our communications infrastructure to additional sites….Before, we would have been looking at an investment of around £30,000 to provide the necessary technology. With the Cisco IPT solution, it now costs us only a few thousand pounds.”

Andy BarkerActing Head of Information Services DirectorateKent Police


Humberside Police—Phase 2

The Challenge

• Deliver live video footage to specialist control center to provide complete picture of incidents

• Distribute video signal to several geographically-dispersed specialists

The Solution

• Cisco IP/TV 3400 Series broadcast server to multicast

live video images over Humberside Police’s intranet The Benefits

• Cost-effectively raised quality and quantity of information for improved incident evaluation and decision-making

• Already exceeded number of target users—with users being very satisfied

• Met scalability and flexibility requirements without bandwidth implications


Polish Border Guard—Phase 2

The Challenge• Enable secure database access to Shengen

Information System

• Enable reliable telephone access across the organization

• Ensure voice and data access on top of telephone-cabling infrastructure

The Solution• Single, converged network infrastructure run as a

managed service by Telekomunikacja Polska S.A.

• Cisco IP telephony solution across 300 sites with Cisco’s SRST

• Long-Range Ethernet to create high data rates across old cabling infrastructure

The Benefits• Significant savings on telephone expenses and

administrative costs

• Reallocation of 800 people in support staff to core competency


Upper Merion Police Department—Phase 3

The Challenge• Replace antiquated records-management system with state-of-

the-art system

• Deploy wireless network that enables officers to access new system directly from patrol cars

The Solution• Cisco Aironet wireless bridges and access points

• Video surveillance from Coban Technologies, a Cisco partner

The Benefits• Enabled field access to Internet, new RMS, mobile and field

reporting system, and state’s online accident reporting system

• Streamlined administration

• Maximized situational awareness, visibility, and officer safety


“With the Cisco IP-based LMR interoperability solution, a dispatcher can patch two different departments together with a couple of keystrokes….It’s an incredible breakthrough.”

Lieutenant Thomas Nolan of Upper Merion Police Department


State of Schleswig-Holstein—Phase 4

The Challenge

• Implement seven independent data networks with data ranges of up to 128k

• Deploy one outsourced (Deutsche Telekom) voice network operated as leased-line interconnection to connect 300 private branch exchanges (PBXs)

• Create more bandwidth to support Service Advertising Protocol implementation and police-tracing applications

The Solution

• Outsourced voice-over-IP-trunking MPLS network on existing 2-Mbps access-leased lines of PBXs

• Cisco Core (7500, 7200), each access consisting of three routers, one managed MPLS-CE, one managed voice gateway, and one departmental data gateway with encryption

The Benefits

• 30 times more bandwidth

• Centralized management of security and all data and voice operations

• Transfer of operational staff into core business


Dutch Victim Tracking System—Phase 4

The Challenge• Reduce unnecessary suffering of relatives

• Improve process of victim identification

• Improve reach and productivity of first-responders, city councils, and dispatch centers

• Improve resource-allocation (e.g., ambulances, hospitals, etc.) based on plans

• Improve process management based on real-time information available for all relevant organizations

The Solution• Cisco Intelligent Information Network with intelligent network services,

including encryption, availability, and roaming

• WLAN

• Cisco 3200 Series mobile access router

The Benefits• Multiple applications and devices work together to enable greater first-

responder productivity

• Standards-based, future-proof network lowers operational costs and improves administration efficiency

• Vehicles act as mobile hotspots to facilitate decision-making during emergencies

• Public and private networks combine to optimize availability and bandwidth


izn in Lower Saxony, Germany—Phase 5

The Challenge• Increase data-storage facilities

• Decrease operating costs and standardize operations by consolidating multiple standalone storage networks with a single vendor

• Use IP-based technologies within the storage-area network (SAN) environment to offer more cost-effective services to government customers

The Solution• Cisco Business-Ready Data Center deployed across two

separate data centers for resilience; each center has dualled Cisco MDS 9509 Multilayer Director SAN switches using virtual SAN technology for customer data separation

• Data center is accessible via WAN MPLS backbone known as iznNet, which connects 2200 locations across Lower Saxony

The Benefits• Reduced overhead costs through virtualization of SAN

facilities and single platform management

• Optimized availability of network, resulting in improved service effectiveness

• IP-based protocols allow lower-cost service options, enabling introduction of price-differentiated services to match different classes of data


“The Cisco Business-Ready Data Center model provides a high level of robustness which other suppliers still have to achieve.”

Herr Erik Krex, Operations and Planning for izn Data Center


Austrian Federal Data Center—Phase 5

The Challenge• Implement ELAK, an electronic filing system, to ensure

a secure, resilient network for Austrian ministries and federal administration

The Solution• Cisco Catalyst 6500 Series switches provide resilience

and security while supporting network core

• Cisco Catalyst 3550 Series switch and Cisco 7200 Series core router connected to all ministries

• Cisco VPN 3000 Series concentrators

• Cisco PIX 525 security appliances

• Dualled Cisco 7200 Series routers linked to data center

The Benefits• Secure, high-performance network expedites access to

data and enables cooperative electronic workflows—improving efficiency by 10 to 15 percent

• 99.7-percent network availability helps move agency toward paperless government system


Cisco Prowess Means Project Progress

“Cisco has performed very well, particularly in areas of critical importance to the project, such as the design and implementation of the metropolitan-area network, the data center, and redundancy, as well as firewalls and content switching.”

Herr Kurt FleckProject Leader of ELAKAustrian Federal Data Center


Why Cisco?


Setting Cisco Apart from the Rest

• Unmatched technical expertise

• Unrivaled partnerships

• Industry-leading, interoperable, standards-based solutions

• Enabler of responsive environment that outpaces changing demands

• Cisco Capital finance programs


Cisco Connected Government—a Networking Approach Built to Last

Modular Network Deployment Based on Integrated Components

Cisco Provides a Highly Adaptable Network Architecture that Allows Public Administrators to Meet Current and Future Needs

Highly Customized Design Based on Proven Best Practices

Optimal Performance

Continuously Expanding Functionality

Future-proofed Roadmap


How Cisco Helps Your Agency Become a Connected Government

• Cisco solutions demonstrate how to apply previous success in a connected government through:

Assessment tools to create Connected Government network roadmap

Reference architectures that represent Cisco best practices developed from real-world deployments

• Cisco and partner services that coordinate government processes to coincide with technical capabilities

Align incentives, policy, performance management, rewards, and funding to encourage services sharing


First Assess, Then Progress—The Connected Government Network Assessment Tool

Translates into

Possible resiliency issues in the network may be compromising important capabilities:

• Public notice for emergencies

• Internal workflow management

• Budget management

• Geographic information systems (GIS)

• Dispatch systems

• Field worker communication

• Internal communications

Tells You


City of Bremen—How Assessments Help

The Challenge• Adopt governance initiatives that help provide service-

level agreements across multigovernmental departments

• Deliver multimedia services to public body’s surrounding communities

• Reduce IT operating costs

The Solution• Cisco and Brekom assessment—IPT Readiness

Foundation Review

• Multiservice IP Campus Backbone (WAN and LAN)

The Benefits• Significant savings on service platforms through

standardized LAN and recentralizing of consolidated LAN structure

• 20-percent savings in network operations

• 38-percent savings in IT headcount

• Increased focus on government affairs


Cisco Provides Clear Path to Goals

“Cisco presented us with a very clear and solid solution….The very strong relationship we had with Cisco was key, in particular with obtaining WAN/LAN. Cisco clearly stood out above the other 10 providers for the new campus solution. We could never have envisaged all these core benefits which have alleviated the strain on IT resources, so we can now become more focused on developing additional services for the City of Bremen.”Dr. Norbert SchulzCEOBrekom


Government Leasing

• Single monthly payment

• Single financing contract

• Ease of administration

• Bundled products and services

• Below commercial-market rates

• Cost-effective, comprehensive solution


Government Leasing Products

• Lease to Ownership Plan

Installment purchase plan—uses capital funds

Purchase title passes upon final payment

• Lease With Option to Own

Operating lease with option to own—leasepayments with fixed purchase option buyout, or fair market value

• Uses operations and maintenance funds annually

End-of-term options—return, renew, buyout, upgrade

Technology-refresh upgrade before or at end of term


The Road Forward

• Compare department mission and strategy with IT capabilities

• Baseline current IT capabilities

• Define IT capabilities and mission objectives gap

• Develop phased IT roadmap that includes network and application capabilities to close the gap

• Coordinate process and policy change with IT investment plan to match technical, political, and organizational capability


Discussion


Documents

1 © 2005 Cisco Systems, Inc. All rights reserved. Session Number Presentation_ID Cisco Public Cisco Connected Government Technical Overview October 2005