DFAT demands tough security

The department plans to implement a new SOE for its 5,000 desktops, which are located in 85 countries around the world. Any supplier looking to secure that environment, DFAT said this week in tender documents, must provide a solution capable of stopping all unauthorised applications.

DFAT specified games, malware, unlicensed software, screensavers, scripts and the deadly trio of trojans, worms and viruses as undesirable applications.

However, the department also stipulated that any solution "must have no adverse impact on system performance", shouldn't rely on black and white lists (untrusted and trusted e-mail addresses and servers), and must work on notebooks even when they're not attached to the network.

While the department requires any would-be-vendor to possess a minimum government security clearance level of 'top secret', it apparently does not even trust its users.

The software "must not be able to be disabled by a standard user on a Windows XP workstation," DFAT stipulated.

Finally, a vendor must make available to the department -- preferably online -- the number, type and frequency of any security incidents encountered by DFAT computers.

Each DFAT location is connected by the government's Secure Australian Telecommunications and Information Network (SATIN). At the core of the system is a Windows 2000 and Citrix MetaFrame Terminal Server farm based on Hewlett Packard Proliant servers.

The department has also issued tenders calling for vendors to provide desktop and laptop hardware to its domestic and international locations, as well as IT services management software for the SATIN network and help desk.