TIC 3.0 Architecture Lab

389 Launches
Solution Overview

The Trusted Internet Connections (TIC) 3.0 Architecture Lab is a capability of the Advanced Technology Center (ATC) designed to provide customers an environment to gain hands-on experience to evaluate new cloud and infrastructure solutions for their respective TIC use cases.  The environment that supports the lab is a blend of physical and virtual infrastructure, creating a realistic environment for evaluating TIC scenarios. 

TIC 3.0 is a response to the need for improved agility, security, connectivity and visibility in federal government networks. This TIC 3.0 Reference Architecture environment is meant to highlight how leading FedRAMP certified solutions can be used to achieve optimized access to critical resources with improved security capabilities. 

Zscaler for Government, Cisco SD-WAN for Government, AWS GovCloud (US) and Equinix demonstrate how cloud-delivered security, SD-WAN, Infrastructure/Platform as a Service, and colocation work together to deliver a cloud smart and TIC 3.0-enabled government network.

In this environment you will gain working knowledge of how TIC 3.0 addresses the following locations:

  • Agency Data Center (Cisco SD-WAN)
  • Agency Branch Office (Cisco SD-WAN)
  • Cloud Service Provider (Zscaler Internet Access)
  • Cloud Service Provider (AWS GovCloud)
  • Carrier Neutral Facility (Equinix Hosting & Fabric)

Goals & Objectives

The purpose of the architecture lab is to help you envision your own flexible perimeter that can protect diverse hosting environments, platforms and services in an environment-agnostic approach. Furthermore, this lab should help you identify how TIC 3.0 can improve network performance and manageability, improve cybersecurity and increase operational effectiveness.

For Cisco SD-WAN, you will learn:

  • How to steer user Internet traffic to Zscaler
  • How to steer traffic to different public cloud destinations
  • Use SD-WAN as additional policy enforcement point
  • Gain visibility into application workloads

For Zscaler, you will learn:

  • How to easily secure and improve O365 applications
  • Apply Web Security controls such as Malware Protection
  • Implement Web Access Controls to inspect SSL traffic
  • Prevent data loss with DLP policies

For AWS, you will learn:

  • Essential cloud networking concepts
  • Segmentation of applications and services
  • Cloud provided visibility

For Equinix, you will learn:

  • Importance of geographic proximity to users
  • Criticality of high speed connectivity to cloud resources

Hardware & Software

Zscaler for Government

  • zScaler Internet Access (ZIA)

Cisco SD-WAN for Government

  • 1x vManage (20.4)
  • 2x vBond (20.4)
  • 2x vSmart (20.4)
  • 2x CSR 1000v (17.4)
  • 2x C8000v (17.4)
  • 2x ISR 1161X-8P (17.4)
  • 2x Catalyst 9300-24T (17.4)

Equinix for Government

  • Equinix Fabric

Public Cloud for Government

  • AWS GovCloud

Windows 10 Clients

  • 1x TIC 3.0 User Client
  • 1x TIC 3.0 Guest Client
  • 1x TIC 2.0 User Client
  • 1x TIC 2.0 Guest Client