Australia’s Government-owned air traffic control provider, Airservices, has put a call out to local IT providers to help it scope out new ways of delivering security monitoring and management operations across its IT systems and networks.
Airservices Australia is the nation’s air navigation service provider, delivering the air navigation and aviation rescue firefighting services to the local aviation industry.
The organisation owns and operates a number of systems and services that are connected both internally and externally.
In a request for information (RFI) issued on 23 November, Airservices said it is considering how it should overhaul the management of its IT security infrastructure.
The organisation is currently in the process of overhauling its core IT systems and services infrastructure from an internally-managed environment to a fully managed services scenario in partnership with third party suppliers.
In its latest RFI, the organisation has flagged that it wants to establish a security operations centre (SOC) services capability using a combined insources/outsourced resourcing model.
With this goal in mind, Airservices said in tender documents that it wants to establish a long-term arrangement that can assist in delivering the specialised skills and toolsets, and then complement this with an internal capability focused on organisational-specific skills.
Airservices’ infrastructure includes 150 physical servers, providing platform services for application hosting as well as a virtualisation platform, approximately 600 virtual machines, and approximately 3100 end-user computing devices (1850 desktops and 1250 laptops) distributed across 50 locations within Australia.
It also has a network with 80 Cisco firewalls, 50 CheckPoint firewalls, eight Infoblox DNS appliances, F5 appliances, four Bluecoat web proxy servers, 365 routers (predominately Cisco), 724 switches (predominately Cisco), and two RSA SecureID servers.
Airservices is looking for an infrastructure-as-a-service offering to support this IT network, along with the combines insourced/outsourced resourcing model for its SOC services.
For Airservices, SOCs enable key capabilities that are paramount to the organisation being able to deliver on its safety and security obligations, according to the RFI documents.
The entity expects the hybrid model will provide the ability to leverage commodity skills and offerings of a managed security service provider (MSSP) to achieve maturity in the tools and process leading to increased capability; and it will allow internal Airservices staff to focus on activities that require organisation-specific knowledge.
According to the requirements cited in the RFI, Airservices wants the SOC to provide visibility of information security events across the organisation, identify and alert on information security events, respond effectively to incidents.
Other requirements include the SOC reporting to Information Security Services (ISS) and the Airservices ITSA on security events, providing information security investigation capabilities, provide appropriate threat intelligence to support a risk based approach to managing information security risks.
The agency is also looking to know the cost of the solution for a six-year period, three year plus a three year option.
The RFI closes on 11 December.
The latest call out to the market over its proposed SOC services approach comes roughly three months after Airservices put out a request for proposal for the provision of infrastructure-as-a-service for its core systems.
It said at the time that it wanted to engage the local IT community to partner with a vendor capable of helping it transform its IT service delivery infrastructure.
In April, the organisation issued an RFI for local suppliers to pitch in on its plan to overhaul its core compute infrastructure, potentially outsourcing its IT services, in a bid to work out the best way to transition from an internally-managed IT environment to a fully managed service scenario in partnership with third party suppliers.