BUDGET PROGRAM: EXECUTIVE DIRECTION/OFFICE OF CHIEF INFORMATION OFFICER/ MANAGED TRUSTED INTERNET PROTOCOL SERVICE (MTIPS)

For FY 2015, the Office of Chief Information Officer (OCIO) requests a total of $454,000 and 0 FTE for Managed Trusted Internet Protocol Service (MTIPS) which will provide an enhanced security posture for Departmental networks.

PROGRAM JUSTIFICATION:

Managed Trusted Internet Protocol Service (MTIPS) Overview

The Office of the Secretary/Office of Chief Information Officer (OS/OCIO) has migrated from the legacy Internet connections to the Managed Trusted Internet Protocol Service (MTIPS). MTIPS facilitates the reduction of the number of internet connections in government networks and provides enhanced security posture by monitoring and analyzing Internet traffic coming in and out of government networks.

The OS/OCIO operates and manages the network backbone (HCHBNet) that supports voice, video and data for the Herbert C. Hoover Building (HCHB). With exception to the International Trade Administration, all DOC bureaus located in the HCHB subscribe to the HCHBNet

standard network service offering. Internet connection is a component of the HCHBNet standard network service offering. In addition to the enhanced security posture that MTIPS provides with a managed security operations center that is 24/7, migrating from legacy Internet connection to MTIPS offers increased bandwidth (an upgrade from 90 mbps to 600 mbps) to meet emerging requirements. The increase in bandwidth is necessary to support key

Departmental Strategic Initiatives such as the IT Shared Services, Unified

Communication/Collaboration services such as Video Teleconferencing (VTC), Cloud (Email and Web Hosting) and Telework Enhancement. As applications are migrated locally to the Cloud it is imperative that enough bandwidth is available to minimize disruption in service.

PROGRAM CHANGE(S):

Managed Trusted Internet Protocol Service (MTIPS) ($454,000)

With the enhanced security monitoring, MTIPS offering is significantly more expensive than the legacy Internet connection. The monthly Internet connection cost has increased from $11,000 to $48,800 per month. As such, OCIO is requesting an annual increase of $454,000 to sustain the MTIPS cost.

MTIPS provides enhanced security posture for Departmental networks. Migrating from legacy Internet connection to MTIPS offers increased bandwidth that has become necessary to support key Departmental Strategic Initiatives.

Statement of Need and Economic Benefits – Cost Benefit Analysis

To comply with the OMB mandate, OS/OCIO has subscribed to MTIPS for Internet connection. MTIPS provides monitoring visibility of Internet traffic coming in and out of the HCHB. MTIPS

MTIPS connection (gateway). This "cloud-based" security is configured by the MTIPS vendor to ensure consistent, up-to-date Internet security without forcing the Department to maintain Internet security hardware and software on its premises. As Internet traffic passes through the gateway, MTIPS vendor’s suite of security appliances performs all of the following: Firewall policy enforcement; Intrusion Detection Prevention Services; Anti-virus/Anti-spam Management; and E-mail scanning. This means that Agency information will remain on a private network and not enter a public network, thus providing enhanced security protection to the Department data. MTIPS architecture also provides diverse route and point of presence access to the MTIPS vendor’s network, virtually eliminating single points-of-failure between the HCHB and the MTIPS gateway. MTIPS provides another layer of protection whereby all inbound Internet traffic is inspected by the monitoring/prevention security tools located at the MTIPS gateway prior to entering the HCHB network where another layer of internal protection also inspects the traffic for malicious payload. Through MTIPS monitoring, malicious activities are being monitored by sensors managed by Department of Homeland Security/United States Computer Emergency Readiness Team (US-CERT).

Although internal/local security tools are still required, by leveraging security capabilities that are in place at the MTIPS layer, some security in-house security tools can be eliminated such as

gateway anti-virus scanning and protection. Through such tool decommissioning, funding previously allocated to support such activities can be re-prioritize to meet other emerging requirements.

Schedule and Milestones:

OS/OCIO already subscribes to MTIPS service; however, the existing bandwidth is only 300 mbps. To increase the bandwidth to 600 mbps, a service order is required to be submitted to the existing MTIPS vendor.

Deliverables:

MTIPS service is offered under the GSA Networx contract. The deliverables such as bandwidth reports, traffic monitoring, etc. are already available through the MTIPS web portal.

PROGRAM CHANGE DETAIL BY OBJECT CLASS

(Dollars in thousands)

Budget Program: Executive Direction/Office of Chief Information Officer Program Change: Managed Trusted Internet Protocol Services (MTIPS)

FY 2015

Object Class Increase

11 Personnel compensation

11.1 Full-time permanent $0

11.3 Other than full-time permanent 0

11.5 Other personnel compensation 0

11.8 Special personnel services payments 0

11.9 Total personnel compensation 0

12 Civilian personnel benefits 0

13 Benefits for former personnel 0

21 Travel and transportation of persons 0

22 Transportation of things 0

23.1 Rental payments to GSA 0

23.2 Rental Payments to others 0

23.3 Communications, utilities and miscellaneous charges 0

24 Printing and reproduction 0

25.1 Advisory and assistance services 0

25.2 Other services 454

25.3 Purchases of goods & services from Gov't accounts 0

25.4 Operation and maintenance of facilities 0

25.5 Research and development contracts 0

25.6 Medical care 0

25.7 Operation and maintenance of equipment 0

25.8 Subsistence and support of persons 0

26 Supplies and materials 0

31 Equipment 0

32 Lands and structures 0

33 Investments and loans 0

41 Grants, subsidies and contributions 0

42 Insurance claims and indemnities 0

43 Interest and dividends 0

44 Refunds 0

Exhibit 12 – 15 ACCOUNT: WORKING CAPITAL FUND

BUDGET PROGRAM: DEPARTMENTAL STAFF SERVICES/OFFICE OF FINANCIAL