Next Generation Firewall Implementation Project

WaTech is continuing to make great strides in the implementation of the Next Generation Firewalls. The foundation to support the migration of the Edge and IPS was completed. The project is beginning to analyze the existing and future options for UTM features. Customer outreach will begin in May 2024.

 

Roadmap image

 

Project Overview

WaTech has initiated a Next Generation Firewall Implementation project to replace the core and edge firewalls that protect the State Government Network, which have reached the end of their useful life.

The state’s current firewalls were installed in 2017. WaTech is replacing the hardware and upgrading licensing to deploy a Next Generation Firewall (NGFW) platform. NGFWs have security features not available in our current firewalls, including advanced features that provide malware and intrusion prevention and the ability to analyze and filter large amounts of data. These new firewalls will ensure the network has dynamic security features that protect state IT assets.
 
One of the project’s goals is to keep you informed, and involved, throughout migrations and the analysis of additional features offered. Updates are being provided to the Enterprise Security Governance, Technology Management Council, and the Network Services Division Customer Engagement meetings.

Benefits:

  • Improved performance of Security Operations Center (SOC) Edge security capabilities.
  • Expanding WaTech Firewall service to include Unified Threat Management (UTM) capabilities.
  • Access to UTM firewall feature sets on agency firewalls.
  • Consistent and equitable heightened security postures within agencies.
  • Cost savings and reduction in complexity. No need to purchase your own firewalls.
  • Stay tuned for more!

When is this happening?

WaTech plans to manage the NextGen Firewall Implementation project in two phases.

During Phase 1, from Feb. 2023 to Sept. 2024, WaTech will:

  • Refresh core and edge firewall hardware and migrate all existing production traffic to the new hardware.
  • Consolidate equipment and migrate existing edge Intrusion Prevention (IPS) functionality to the new edge firewalls.
  • Plan for the deployment of a new agency IPS service offering. The offering will be made available as part of Phase 2 of the deployment.
  • Engage with customer agencies to gain a better understanding of their security needs.
  • Conduct a full evaluation of Unified Threat Management (UTM) features and functionalities to identify what additional Next Generation capabilities should be expanded or implemented.

During Phase 2, from Sept. 2024 to July 2025, WaTech will:

  • Follow-up actions on recommendations made from evaluation of UTM functionality.
  • Enable and onboard IPS functionality on core agency firewalls.
  • Enable approved UTM features identified in Phase 1 on edge and/or core agency firewalls.
  • Deploy new service to agencies allowing them to manage components of IPS.
Phase 1 and Phase 2 Outline

Project Schedule

Next Generation Project Schedule

Questions?

Please contact Stephanie Ison at stephanie.ison@watech.wa.gov.