To provide a comprehensive user and application aware security solution which can scale to support the needs of a vast array of external users who use the precinct’s facilities, as well as provide network security for the permanent staff.
Melbourne and Olympic Parks deployed two Palo Alto Networks PA-5000 series next-generation firewalls in its two data centres, utilising features such as single pass processing, which provides low-latency performance with all services turned on, even under load.
Melbourne and Olympic Parks www.mopt.com.au is one of the largest and most diverse multi-purpose sporting, entertainment, conference and community precincts in Australia. Home to internationally famous venues such as the Rod Laver Arena where the Australian Open Tennis is staged, the precinct comprises five independent facilities across 40 hectares in central Melbourne. It provides playing and training venues for a vast array of “tenants”, including the Collingwood Australian Rules Football Club, the Melbourne Storm Rugby League club, the Melbourne Rebels Rugby Union club and two A-League soccer teams, Melbourne Victory and Melbourne Heart. In addition to facilities such as the AAMI Park, which holds 30,000 sporting fans, the precinct caters for thousands of concert goers every year, attending events as diverse as heavy metal rock shows, conferences and corporate related activities.
A changing landscape
Since its inception in 1995, Melbourne and Olympic Parks has been required to be profitable by its owner, the Victorian government. It operates in one of the most competitive industries in Australia and increasingly across the Asia Pacific region—and information technology (IT) plays a critical role in keeping the precinct ahead of the game.
The IT team at Melbourne Parks has responsibility for ensuring the fibre optic network, which spans the precinct, delivers always-on connectivity and secure internet access to the diverse range of clients who rent the venue facilities—often concurrently.
The network is also the basis for the 100 corporate staff working for Melbourne and Olympic Parks.
Client demand on the rise
According to Kay Stock, IT Manager at Melbourne and Olympic Parks, the growth of demand for Internet Protocol based at the Park, plus the increase in technology associated with events, has meant the number of nodes or connections to the fibre network has grown from 300 in 2010 to more than 3,000 today.
This growth of reliance on the network and its increased complexity has also created challenges for the IT team around network security. To manage the large number of externally supported systems, the IT team provides Internet and communications via a series of secure virtual local area networks (VLANs).
“These VLANs play a very important role in supporting the varying information technology needs of tenants and their clients,” Stock says.
In the case of the entertainment venues, Rod Laver Arena and Hisense Arena for instance, visiting international music acts often require high bandwidth internet connections on site to allow them to stream a concert live to the U.S., review it overnight and then send any production update cues back over the internet. This is a new development in the way concerts are staged and managed—not only keeps costs down but allows the performers to fine tune their productions. At Melbourne Parks, each promoter uses a different VLAN, set up by the Melbourne Parks IT team.
“But the challenge is that when a promoter sets up his VLAN he needs to be confident that no one else can get into his VLAN and access content,” Stock says. “And we have to make sure that if they have viruses or anything on their gear that they can’t infect the corporate network. If it goes wrong in a concert you don’t have a second chance. We are on a zero downtime key performance indicators for all concerts. We are in a competitive market.”
Eco-friendly water irrigation
Another challenge for Melbourne Parks is to ensure it remains an industry leader in being ecologically responsible and innovative. To support this approach, the IT team has enabled the precinct’s sprinkler systems and irrigation networks for its football fields and other outdoor venues to be operated via the same IP-enabled network which runs across its fibre. This infrastructure is controlled by supervisory control and data acquisition (SCADA) protocols, and is considered mission critical like other nodes on the network.
Stock comments; “Our water harvesting system on the roofs of the stadium enables water to be collected and pushed into a reserve area—and then used to water the football grounds and the parks. It is used to flush the toilets in the main AAMI Park stadium. Additionally, the precinct’s phone system, as well as the video surveillance and its access control, and the car parking system—all sit on the IP network too.”
Thirdly, corporate users increasingly require off-site access to key data and information when they are working at home or otherwise away from the office.
In late 2011, to coincide with a network upgrade, the IT team set out to review their evolving information security needs against the options available in the traditional and next-generation firewall market.
“We talked to the various vendors. It was the next generation firewalls and particularly malware control and application, and device awareness that we liked about the Palo Alto Networks solution,” says Stock.
“Palo Alto Networks enabled us to monitor and control who was accessing the network and also to ensure users could only go to certain areas within the network, due to the capability to segregate users. The Palo Alto Networks technology has some smarts that are not available elsewhere. For our organisation and our requirement they were the best fit.”
By deploying two Palo Alto Networks PA-5000 series next-generation firewalls in its two data centres, Melbourne and Olympic Parks was able to utilise features such as single pass processing, which provides low-latency performance with all services turned on, even under load. This allows massive amounts of data to be scanned for threats at extremely high speeds without slowing the network.
More change to come
For the overall management of the network, including serving the needs of the corporate staff and the various applications from sprinkler systems to phones, the solution has proven successful. The challenge will go on, however, for the IT team. According to the strategic plan for Melbourne and Olympic Parks, to remain internationally competitive, significant site works for redevelopment will go on for many years to come. This will mean the core network will be potentially disrupted at times but the need for information security cannot be compromised.
“While all the construction is going we are still holding events and that means our network security remains paramount,” concludes Stock.