Ⅰ.

Implementing NIRS & General Information

1. How did the master plan to implement a government data center set up?
NIRS arranged a presidential committee composed of professionals from various
sectors such as professors, IT experts, public officers and more to listen to
different opinions and voices before and while executed the government data
center implementation project. NIRS conducted Business Process Reengineering
(BPR) and Information Strategy Planning (ISP) as projects to systematically
launch and administer the innovation. Well-prepared master plan were usefully
employed in actual implementation stage.

2. How were the matters related to the laws and regulations in regard to
establish a government data center resolved?
Korean Government needed to enact a number of new acts, laws and codes in
related to government data center establishment, operation and management over
pre-existed higher laws such as e-Government Act. It was essential to have
lawful principles ready prior to make people move. If interested, you can visit
www.law.go.kr. as releasable ones are available in English at the site.

3. What was the key to successfully settle conflicts among client agencies?
In Korean case, there were strong sense of commitment and leadership of top
management over government data center establishment project. The presidential
committee was determined to convince the agencies (clients-to-be) with various
data and information. Some key ministries’ active participation in pilot projects
also played as an important role in encouraging others to be positive in
considering to get in as they could experience actual advantages of integration
and showed examples first.

4. What happened to the organizations and human resources in charge of

system operation and management of each agency in the early integration
stages?
They came along with the systems they were responsible for caring to NIRS
together in early stages and naturally had become NIRS’ staff later on. As AP
and new service development and operation are still client agencies’
responsibility, they are still called as ever.
5. How does NIRS manage outsourced personnel who are responsible for system
operation and maintenance secure enough?
Every single staff who works in NIRS is required to get a police background
check and the result has to be clearly reported. The company who gets a project
from NIRS, also the subject of the mutual contract with NIRS, has sole
responsibility of taking care of all security incidents might occur during executing
a project. They need to thoroughly understand all security regulations and
requirements of NIRS and train their staff. All privately hired partners are
restricted to internet access at office and there are certain security systems of
NIRS to comply with such as Mobile Device Management (MDM), access control
and document management system and more.

6. Any reason to set NIRS in Deajeon, not in Seoul?

Yes, there are several. First, we want a place where is secure from natural
disasters by various statistics and figures. Second, we want the place is not in
or near to the capital per Balanced Nation Development Plan. According to the
plan, key national infrastructures are required to be decentralized. Third, the city
of Daejeon is the center of Korean Science and Technology development, is so
called the Silicon Valley of Korea, so we thought there would also be some
benefits to be close to in terms of getting technical consultations from expert
groups nearby or sharing related knowledge.

7. Is there any upper government organization that supervises NIRS?

Yes, there is. It is the Ministry of the Interior and Safety (MoIS). In early stages,
there were two pillars to implement and operate the government data center
which were the Ministry of ICT and the Ministry forementioned. Currently, MoIS
takes sole responsibility to operate it as Korean Government had chosen to put
a slightly heavier dot over ‘government administration’ function than leading ICT
expertise.

8. How are the budget of NIRS secured?

All client agencies prepare and submit demands for new systems and services
planning to launch in next year to Ministry of Economy and Finance (MoEF) a
year ahead. In between, we closely communicate with each agency about new
service implementation. All the MoEF approved budgets are allocated to NIRS
and requested device and solutions are bulk purchased and comprehensively
managed by NIRS.
9. Tell me about the scope of services that NIRS provides except
comprehensively manages information systems of central government agencies.
We also provide comprehensive security management service employing Big Data
and A.I. technologies and government network management service. We have
implemented and operated a government cloud platform ourselves to better serve
our clients. On top of that, we had developed and operated Big Data analysis
platform to work on various kinds of data to be used in public service
improvement and development and shared them not only with client agencies but
also with local government bodies, the division was transferred to MoIS last year
in 2020 though.

10. Did the clients like the idea of integration? any resistance?
Of course not. As you can imagine, they still wanted to take whole control over
their device, man, and money as before. One of the complaints was not being
able to get to know about the incident management status in real time.
Therefore, we had built up the system which could better facilitate the situation
to satisfy their needs. We have tried our bests to resolve issues that clients
brought up as much as we could. As a result, in customer satisfaction survey
had conducted twice a year, we could see the marks had kept going up as time
went by.

11. Please name some issues to be considered in early system migration stage.
OK. There are several stage specific issues to be considered such as issues to
understand actual status of retained resources, operational status, resources to
be transferred, ways to manage heterogeneous types of resources and mock drill
preparation to accommodate stable resource migration and more.

12. Is there any country who adopts Korean government data center model as
theirs?
Yes. Vietnam was one of the determined countries ever tried to adopt Korean
model to their land. Mongolia, Nepal and Thailand were the countries who were
very much interested in specific fields in Korean data center operation so we had
formed business cooperation contracts with each of them. There were also
countries once asked consultation to operate theirs such as Brunei, Uzbekistan
and Tunisia.

13. Could you tell me about the scope of the pilot project carried out before
completely integrate the systems?
Considered as one of the key agencies, 5 including Ministry of ICT, MoEF, and
MoIS proactively participated in the pilot project which was carried out before
fully launching the center. By willingly taking potential risks and showing
examples, the forerunners had contributed the integration project to being able to
make meaningful achievements after all in terms of proving its technical,
managerial and economical excellency.

14. I know there would be 2 more centers ready soon over currently operated 2
ones. Could you explain about the data management plan in brief?
Currently, information systems of 22 institutions where manage public services
closely related to people’s daily life are mainly taken cared by the 1st center in
Daejeon. And the rest of 23, mostly have to do with social order and security
are managed by the 2nd center in Gwangju. Exclusive back-up center in Gongju
expected to be completed by 2022 will mainly host being backed up data
currently managed both in Daejeon and Gwangju and the 3rd center in Daegu, to
be ready by 2021 will control new clients’ data such as public institutions and
affiliated agencies currently not under NIRS’ supervision.
 Ⅱ. Information Resource Operation & Management Projects

1. How does NIRS close deals over information resource operation &
management
projects?
Information resource operation & management projects of NIRS are entrusted to
those companies who participated in and won at the open bid competition
conducted through the national e-procurement system, KONEPS run by Public
Procurement Service (PPS). Mostly, the contracts are valid through 1 to 3 years.
NIRS has found the fittest and they take charge over assigned projects.

2. Does NIRS charge client institutes for its services?

No, NIRS does not charge the customer agencies per its services. NIRS is a
service providing government institution which is a non pro-profit one. However,
NIRS has measured cloud resource usage rate per institution which might be
used as a reference when NIRS decides to run a fare imposing system over
clients in the future.

3. How does NIRS communicate with the clients over information resource
management?
There is a portal for internal use to manage integrated resource operation in
NIRS called nTOPS (national Total Operation Platform System). Most of essential
information such as system operation status, things to notice, knowledge
management, and more are shared with client agencies in real time through the
system. There are staff in charge assigned per each institution to communicate
with as well. Semi-annual or quarter based congregations exclusively for clients
have been arranged so that recent trends or changes in major policies could be
shared in more intimate way.

4. Does NIRS comply with international standards as well?

NIRS has proved its professional and universal capability to operate a data
center by acquiring a number of international standard certifications from the early
stages. NIRS are certified by ISO 9001 in infrastructure operation, ISO20000 in
IT service management, ISO 22301 in business continuity and ISO 27001 in
cyber security management fields. NIRS does not hold the authentications any
more though as it decided to discontinue renewing them couple of years ago due
to internal security issues.
5. Tell us about operating systems of the NIRS’ information resources.
NIRS takes care of almost one of every brands of information assets therefore, it
is so called as ‘a department store’ of them. There are many heterogeneous
types of operating systems supporting them accordingly. NIRS has contracted
with all vendors when required to get professional technical supports. As NIRS is
a government agency, it can’t favor a specific brand.

6. Can foreigners work at NIRS?

As most tasks of NIRS require professional knowledge and smooth
communications based on fluent Korean language and they are important
government duties, normally most associates working in NIRS are Korean
nationals. There are no regulations discriminating nationalities, however, it haven’t
been many foreigners working for NIRS.

7. Does NIRS have any standardized operating platform or system?

It was unavoidable to be able to arrange a smart set of standardized platform or
framework for NIRS who were required to comprehensively operate
heterogeneous types of device and solutions to efficiently manage the data
center. e-Government standard framework, which was tried to be implemented
from the early stage of NIRS, was designed based on IT Service Management
(ITSM) principles, however, it was challenging indeed to put every aspect of
operation into a new standardized arrangement. NIRS applied essential
procedures for sure with necessary modifications.

8. Are all gears or solutions of NIRS house-made?

NIRS has found it quite demanding for a specific solution or device to fully be
able to incorporate the distinctive environment of itself. In many cases, NIRS
needed to house-design and develop required solutions, systems, or platforms for
its own. However, security related gears for major government institutions
including NIRS should be complied with regulations of National Intelligent Service
(NIS) as a matter of duty. At the same time, delivered goods from the public
procurement via open bidding should be accommodating specification that NIRS
present.

9. Let us know about the professional training system of NIRS for the staff.
For the public officers, there are training systems divided into 9 groups per
characteristics of tasks based on NIRS HR Training Program. Various courses
are being provided per group. The courses can be classified as for professional
capability and common one based on nature of contents. For the private
partners, seminars or workshops dealing with new technologies and trends are
constantly presented all year around.

10. Does NIRS have a plan to manage private data as well in the future?
No. The primary objective of establishing NIRS was to exclusively serve the
government agencies as clients. NIRS does not plan to even accommodate
private data yet. Those of private sector such as banks or hospitals are
independently managed by their own they are required to comply with critical
government provisions though.

11. Can client agencies choose whether to entrust their resources to NIRS or
not? Is it optional or compulsory?
It is a 'must' thing to follow, not an option for the clients can choose from.
Before NIRS was established, the resources were individually managed by clients
respectively. However, operation and management of the 45 client agencies'
information resources have been one of the sole responsibilities of NIRS since
2005.

12. How are resources of local governments being managed?

Cities or provinces with scales such as Seoul, Busan, or Kyounggido are
operating their own data centers independently. Whereas the resources of small
and medium scaled cities of local governments are comprehensively managed by
Korea Local Information Research & Development Institute (KLID), which plays a
similar role as NIRS. Both NIRS and KLID are under the Ministry of the Interior
and Safety.

13. Are projects of NIRS only being ordered to big players, I mean to large
enterprises like Samsung or LG?
At early stage of operating NIRS, most of private partners were from big
enterprises as they had a number of reliable experiences dealing with System
Integration (SI). As time goes by, government had tried out new policies
encouraging more of SMEs to participate in NIRS projects to develop the industry
in general, boost up related local economy and invite SMEs to be competitive by
set limits over huge groups. Currently, 100% of NIRS' private partners are local
SMEs.

14. How about new service development? Who is in charge?

Services and applications are directly developed by the clients. They are the one
who know and understand best about the contents they are dealing with better
than NIRS does. All information resources related matter required for creating
new contents are closely discussed with NIRS from the beginning stages of
development till distribution.

15. Who is responsible for taking care of incidents happening over NIRS
managing data?
It depends on the scope of responsibility either of NIRS or clients based on the
nature of data. NIRS takes care of DB security, DB system engine operation and
DB volume management. On the other hand, client agencies deal with DB data
security, private information security, DB access control and more.
 Ⅲ. Cloud

1. What is the ‘Intelligent Cloud Data Center Infra Model’ of NIRS?

Intelligent Cloud Data Center Infra Model is so called as ‘Software Defined Data
Center (SDDC)’ which virtualizes information resources such as computing, networ
ks and storages with software technology to provide digital government services li
ke Government 24 and Hometax and auto-controls the whole center using MClou
d, a comprehensive management environment. ‘Virtualization’ with software power
and ‘Automation’ are considered as core operational technologies.

2. What was the main drive that Korean Government decided to actively
implement the government-only cloud platform?
It is inevitable for amount of information resources to be kept growing as number
of new digital government services for public convenience improvement and gover
nment business innovation are increased or existing services are expanded. Kore
an Government needed to 1) reduce down the excessively spent maintenance co
sts, 2) improve inefficiency due to requiring to operate heterogeneous types of re
sources by standardizing them, 3) set up a smart domestic standards suit for uni
versal environment and 4) improve efficiency by only allocating resources in need
per work load.

3. Tell us about the current status of NIRS’ Cloud projects.

NIRS started to integrate information resources of client institutions since 2009 by
implementing resource bulk purchasing and co-use system. Requested gears
were purchased as high performance and large volume ones so that they could
be shared among the agencies. Cloud-first policy was introduced in 2011 by
introducing Cloud computing technology which can allocate and re-collect
resources in need conveniently and efficiently whenever requested. This year in
2021, advancement job is ongoing by improving the way it is migrated to the
Cloud from ‘when outdated ones required to be replaced’ to ‘business unit’.

4. Could you share the major features of the government cloud that NIRS
operates?
The cloud is to support the digital government services provided by the central
government bodies and is designed by specially taking availability, extendability
and agility into consideration based on the standardized frame. Operating services
in the Cloud are classified into 4 different categories considering significance and
numbers of users of services. Service levels over incident, change and security
management are being managed according to the corresponding classes. On top
of that, NIRS does not save its efforts to lead and support the related industry
by continuously carrying on various policies such as supporting SMEs, boosting
up domestic product consumption and expanding open SW adoption as a
government data center.

5. What could we expect from the exclusive government cloud project as

outcomes ?
First of all, there were significant amount of economical benefits from the cloud
compared to individual small scaled implementations prepared by ministries
respectively which were up to about USD 370 million. We could share essential
resources such as network and security gears via comprehensively built common
infra among the agencies as well. We could improve information resources
efficiency by supporting period-specific services with additionally designated virtual
servers.

6. How does the billing system of the NIRS’ Cloud work?

NIRS does not operate a charging per usage system unlike most of private cloud
service providers. When an institution needs to extend more resources, they are
required to secure the budget from the Ministry of Planning and Finance first and
ask NIRS to build the system for them. NIRS provides required resources based
on the amount of requests filed in.

7. Could you explain about the NIRS Cloud migration plan by stage?
NIRS conducted a pilot test for implementing an intelligent cloud data center in
2019. From the last year in 2020, SDDC based cloud environment has been
successfully prepared at the first center in NIRS Deajeon and the infra is
continuously being expanding and advancing. We are expecting to apply the infra
to NIRS Daegu in next year while information resources of new client agencies
would be migrated. NIRS Gwanju’s infra would finish being transformed till 2022.

8. Have HW procurement costs been considerably reduced after starting the

Cloud migration project?
In Cloud, we can implement and operate more than one virtual machine (VM)s in
a single physical device employing virtualization technology. Through the arts, we
could integrate over 2,000 servers into about 260 high performing ones. HW
introduction costs have been decreased as the numbers of device reduced
accordingly and we could reach at our ultimate goal of introducing the Cloud
project.

9. Doesn’t NIRS hire any private Cloud Service Provider (CSP)?

No, as NIRS is supporting critical government document and security
management services as well, it does not procure any of CSP’s product.
However, in order to proactively cope up with pan-governmental cloud computing
stimulating policies, NIRS is making its best efforts to find some ways to
collaborate with private cloud professionals.

10. Are the Cloud servers in Korean main land only or also in overseas?
NIRS Cloud servers are only in Korean peninsula. NIRS operates disaster
recovery systems between NIRS Daejeon and Gwangju to deal with contingencies
such as unexpected disasters and sudden accidents. NIRS Gongju expected to
be ready in 2022 will be used as an exclusive backup center.

11. What would happen to those APs not ready to be migrated?

When we migrate legacy systems to the Cloud, APs also need to be modified to
be compatible with as operating systems or middlewares are required to be
changed or ungraded. The budget costs for AP modulation are secured by each
institution. From 2021, a new initiative called ‘Unit based Cloud Migration Project’
technically supports those systems doesn’t have migration costs for themselves
through NIRS expert groups who conduct ‘as-is environment analysis’, ‘design’,
‘implement and test’, and more.

12. How did client agencies deal with new movement ? Are they ok about the
new projects without resistance?
Information Resources’ efficiency, resiliency and availability are all to be improved
by implementing a cloud computing infrastructure. Costs required for procurement
and operation has also been reduced down accordingly. Clients in early stages
had expressed their difficulties in migrating the legacies into the Cloud, however,
they are now in pretty much cooperative lines as they have reached an
consensus that the Cloud is competent not only in flexible resource allocation but
also in availability management and more.
13. Tell us about the ‘Cloud First’ policy of the NIRS (Korean Government).

It is the policy when brand new digital government services are to be launched
or outworn device are to be replaced, the Cloud infra need to be considered as
a priority to accomodate them. NIRS started resource integration projects since
2009 and has proactively promoted the Cloud policy, ‘G-cloud 456’ which
introduces more than 40% of open sources compared to existed operating
conditions, aiming to cut off over 50% of operating costs and to migrate over
60% of total government services into the Cloud, to accelerate expansion of the
government cloud services.

14. Does NIRS also have a plan to migrate UNIX based large scaled and critical
systems into the Cloud?
There are some client agencies requesting commercial SWs operating based on
UNIX environment when they are required to exercise high performing resources
such as DBMS from NIRS. As it is quite challenging to operate UNIX based
systems resiliently, NIRS keeps monitoring technological development status of
Cloud and virtualization product so that they could also be relocated to x86
based systems.

15. How about license issues according to expansion of server resources in the
Cloud? What is NIRS’ basic stance over the matter?
In NIRS Cloud system, it is essential to hire domestic and open SWs first. When
a client inevitably needs to practice commercial ones, NIRS reviews the specific
case with the department in charge by considering the features of services and
tries to find ways to settle the problems.
 Ⅳ. Cyber Security Management System

1. Tell us about the cyber security management system of NIRS as a national

IDC.
NIRS was established as the world's first integrated government data center in
order to provide not only integrated information resource operation services, but
also comprehensive security management and additional common services with
proficiently secure and stable environment for central government agencies.

NIRS is equipped with efficient defense systems over various types of cyber
threats. It operates the multi-layered defense system preferentially to manage
various kinds of attacks such as web-hackings and DDoS. In the later stage,
there is a Big Data based security management system which analyzes and
processes all data. Currently, the Big Data one is being transformed into an A.I.
based next generation security architecture.

Through the new innovative systems, number of cyber attacks are being
auto-blocked in real time and thorough analysis conducted with various analyzing
gears, which are far from just simply operating security device. NIRS also carries
out various sorts of mock drills in a regular basis.

2. Could you explain about major responsibilities of NIRS in the national cyber
crisis defense structure.
The Republic of Korea established the National Cyber Security Center (NCSC) in
2013. As it recognizes cyber crisis as one of the serious threats to National
Security, it organizes and operates civilian · government · military joint cyber
threat response group centered on National Cyber Security Secretaries.

The response team consists of national defense, private, administrative, and

financial sectors, and each part operates a security operation center. The head of
NIRS issues warnings per each level as normal, attentive, cautious, alert, and
serious, taking the ramifications and damages of the attacks aiming government
administration into account.

The ‘serious’ level is issued in consultation with the Director of National Cyber
Security Center (NCSC) when critical harms are expected to be unavoidable to
national security. Appropriate measures such as intensive monitoring or
emergency on-call are taken in accordance with warnings of each level.

3. How does NIRS conduct system health checks?

NIRS used to employ commercial S/Ws to monitor system health status,
however, it has been using house-designed Big Data based system monitoring
schemes since 2018.

The Big Data based system status monitoring platforms that NIRS implemented
and is operating are as follows :
- nSIMS (national Security Information Management System) : The Big Data
based log analysis system, collect/analyze system information (down, resource
usage rate, error logs and more), detect events and transfer them to nTEMS
- nTEMS (national Total Event Management System) : Disseminates system status
to staff in charge, manage events by conducting event impact analysis and
assuring system recovery, transfer events to nTOPS
- nTOPS (national Total Operation Platform System) : Analyzes the cause of
events, register results of follow-up measures and more

4. How does NIRS support 45 client institutions when a security infringement

happens?
(Initial Response) When a cyber attack such as a hacking or DDoS happens to a
client agency, the NIRS CERT is called and they do initial responses. The event is
notified to the corresponding institution, and it is reported to higher institutions such
as Presidential Office (BH), National Cyber Security Center (NCSC) and National
Intelligence Service, if it is required, and managed together according to degree of
damage and its influential extent.

(Incident Investigation) The incident is examined through related log collection and
digital forensic to find out root causes, extents of damage, and ways to recover
and prevent for the future.

(Follow-up measures) Follow-up measures are managed by updating and

improving responding procedures, service recovery organization and related
technologies.
5. Is NIRS happened to equip itself with strategies to particularly manage supply
chain attacks?
To manage supply chain attacks, which spread by malicious codes inserted into
a normal SW during SW development and distribution stages, NIRS regulates for
software security patches and related policies not to be updated directly over the
Internet.

NIRS conducts firewall policy usage check and blocks unnecessary ones in a
regular basis. Internet and Intranet are physically separated to inhibit hacking
activities through the Internet.

At the same time, NIRS continues executing client institutions’ homepage

vulnerability check and in the event of an accident, it operates CERT and also
works closely with National Cyber Security Center (NCSC).

6. Share us some ways that NIRS takes to secure internal data safe.
In order to prevent the internal data from leaking, NIRS encrypts all document so
that they could not be used outside even if they are happened to be disclosed.

Basically, most of portable storage device such as USB, laptop and hard drive
as well as paper document are not allowed to be carried in or out physically so
that it can cut off a possible ditch in fundamental basis.

On top of that, account management for access over security equipment has
been reinforced to control unauthorized users’ illegal approach. Retired
employees’ email accounts are being deleted within a week after the day of
official leave.

7. How are newly collected threat information managed?

NIRS collects threat information of home and abroad real time. Compiled
information are classified whether they are harmful or not after being identified
and investigated through comprehensive internal analysis scheme. The approved
responding policies over new risks are applied to internal systems and they are
verified with Big Data and A.I. systems again.

8. Does NIRS operate a Bounty Program?

As the multi-layered defense systems of NIRS hardly allow any external
movement to get in, it is quite challenging to discover any internal vulnerability
from outside in terms of structural senses. NIRS does not operate a Bounty
Program which hires hackers in order to find out internal weaknesses, for it has
a system that preferentially manages vulnerabilities in advance by finding some
for its own.

9. Could you tell us about cooperation state of NIRS in the area of cyber
security management?
NIRS, as a national IDC which hosts a large number of major government information
resources in Korea, conducts intensive joint drills with private ISP companies over
cyber crisis. It also holds nationwide cyber threat information sharing systems to
pro-actively catch signs of new security threats in advance, as well as collaborating
committees to ensure effective coordination for any contingency.

In addition, it has finished implementing an A.I. based external threat collection ·

analysis intelligence system since 2020 which would benefit itself with more precise
and prompt cyber threat analysis capability.

10. Does NIRS have to worry about losing monitoring agents when A.I. technology
is applied to the cyber security management system?
NIRS does not necessarily need to worry about letting them go while considering A.I.
set up to be in place. Those monitoring agents would rather be dealing with more
advanced tasks such as A.I. modelling or new attacking techniques investigation than
current relatively simple responsibilities. Our goal is to reinforce the system to be
impressively epochal in terms of both in processing scope and speed.

The ultimate objective of the A.I. project is not to replace human forces to new
machines, but to support people to work more efficiently and to expand fields where
used to have limitations of time and resources to reach.

11. Would A.I. system of NIRS be only exercised in the security management
area?
NIRS aims for the platform to be universal in its nature so that it processes
many different models in distinctive environment. NIRS still counts cyber security
management with the technology as a priority for consideration to take for now,
however, it expects the system to be able to conduct other assignments by steps
such as forecasting incidents or carrying out simple internal tasks like approving
firewall tickets (about 100 cases per day).

The system aims to be used in variety of objectives in different fields.

12. What sorts of obstacles NIRS can anticipate while applying/operating A.I.
technology to the current systems?
Initial drawbacks NIRS dealt with when implementing the A.I. system was that it
needed to consume more resources to operate, including the legacies at the
same time.

A.I. is very close to a baby requiring learning periods which definitely demands
more resources such as forces to take care of existing systems, conduct
additional studying and analyzing duties. For instance, it is expected to take
about 6 months to create a primary model and 2 years to make it advanced.

13. What benefits NIRS can expect from newly implementing A.I. based security
management system?
First of all, processing scope will be expanded from current about two hundred
thousands events per day to over ten million. Processing speed will also be
improved from 10 minutes per event to 30 seconds. On top of that, responding
capability over unknown attacks will definitely get better through practicing
detecting abnormalities over normal behaviors.

NIRS expects such innovation will bring reduction in risk costs benefiting around
4.5 up to 9 billion US dollars.

14. Any new information security management scheme to prepare for the future?
In the past, the security industry was largely divided into 2 categories, physical
and information security. However, advances of technologies are widening the
points of contact between the two domains. NIRS has created a new information
security management system called ‘nAEGIS’ that comprehensively covers both
terrains.

NIRS is reengineering information security management organizations and

arrangements to best suit the cloud environment. It does not only work to
strengthen endpoint security management scheme from current network-oriented
one to host areas such as servers but also to build an artificial intelligence-based
security system for future environment.

15. Any suggestion or implication to share to effectively manage those increasing

number of attacks and advanced nature of global cyber threats?
Those intelligent and large scale cyber attacks are quite demanding to be
detected or blocked in advance in a personal or a country level.

Therefore, in order to effectively respond to those threats, it is considered

essential and vital to establish international cooperation system. This will help
plan strategies together when infringements happen and it will enable to set out
a mutual information sharing system that catches and blocks new threats across
public-private boundaries.

In order to successfully operate various sets of global cooperation assemblies in

the area of cyber threat management, NIRS supposes that it is also important to
build a reliable governance scheme based on mutual trusts. When conduct
activities, not only the quantity of information shared but also the accuracy and
credibility of data are the significant properties it should take careful consideration
into.

Actual hands-on cooperating activities such as activating mutual exchange

exercises, such as exchanging specialists, expanding numbers of joint new
technology development projects, and holding joint seminars for sharing best
practices and know-hows should not be neglected as some of the constructive
means to improve trust in relations.
 Ⅴ. Disaster Recovery & BCP

1. Tell us about the types of disasters that NIRS takes priorities to look over.
The types of disasters that NIRS takes priorities to look after are about 10
different kinds. Some of the typical ones include 1) fire, 2) earthquake, 3) storm
and flood, 4) power supply error, 5) terrors and more. NIRS equips systematic
Business Continuity Plan (BCP)s per each disaster and in time of emergency, the
organization carries out each duty in charge for the circumstances according to
specific manuals and protocols.

2. How are levels of recovery of tasks assessed?

NIRS has classified all tasks to be managed into 4 grades which are essential
1st, core 2nd and general 3rd and 4th. They are categorized according to the 1)
degree of impact to businesses, 2) number of users and 3) level of influence to
services. Essential and core responsibilities are to be resumed with highest
priority when any interruption in service provision occurs. Maximum tolerance time
over a disaster recovery counts the duration between officially registered time at
nTOPS or service desk right after initially being aware of disaster occurrence
either by NIRS or corresponding institution and the time of final resolution of the
problem. Exclusive guidelines and protocols are required to be complied with per
each level of tasks.

3. Could you let us know about the kinds of regular back-up or dispersion
activities that NIRS practices to secure service continuity?
Regular back-up exercises include daily increment and weekend whole. Irregular
temporary back-ups are conducted in required occasions after being discussed
among people-in-charge. Talking about dispersion, both on-line and off-line
(physical) forms are also taken into consideration. Schedule, method, frequency
and saving period of backing up data are also operated with classes based on
associated rules and regulations.

4. How is the brand new NIRS Disaster Recovery Center like?

NIRS Disaster Recovery Center, currently under construction since 2019, to be
completed by 2022 is designed as earthquake-proof, base-isolated and EMP-proof
to secure continuity of government businesses and data security over unexpected
disasters and accidents. Currently in 2021, NIRS is working on investigating ways
to transfer existing disaster recovery systems in Daejeon and Gwangju and
implement new disaster recovery schemes. Compared to the legacy buildings, this
brand new one would be a underground-bunker shaped.

5. What other protection facilities would be available in new construction except

EMP to protect internal systems ?
There would definitely be CBR facilities first for hundreds of people to be able to
survive for certain period of time based on the to-be-protected classes, gas
interception competency to divide contaminated areas and clean zones and
explosion proof valve to block inflow of any harmful air in the new structure.
Besides, base-isolated design of the whole building to prevent the construction
from earthquake wave would be one of the significant protection schemes of new
edifice.

6. Share us about green practices that NIRS conducts.

To save more of isothermal-isohumidity controlling energies, NIRS introduced
precooling systems through ESCO project as it　 spends quite some money on
that sector. Through the efforts, it could save over USD600,000 for past 5 years.
PUE index also indicates its highest level of 1.592 in 2020. At the same time,
NIRS does not save its efforts to replace outdated device to highly efficient ones,
manage hot and cold isles of computer rooms to economize more of power
energy. It has completed supplying LED lights in offices to keep up energy
efficiency of office space as well. NIRS does not install or operate solar light
facility as it is a leased property currently.

7. Are there duties could be executed remotely from outside?

Some institutions run information systems and data status check via far-off
environment by accessing disaster recovery systems. They technically can also
start and stop services. The systems could be employed from a distance when
conduct drills in particular which definitely requires promptness.

8. How is business continuity secured in the annually renewed contracting

environment over open bidding?
NIRS enters into both a general contract and a service level agreement with
each client agency to secure quality system operation and thorough service
management over business grades, service levels and operation scope.
As mentioned earlier, grades of tasks are designated after considering a number
of factors such as degree of impact to businesses, number of users and level of
influence to services.

Distinctive requirements and demands per each client could be accommodated

through discussion not only along with service levels and scopes but also
assignment and penalties.

9. Briefly tell us about disaster recovery drills of NIRS.

NIRS conducts disaster recovery drills over essential different sectors annually.
The exercises include assorted areas such as information system incident, fire,
earthquake, power supply error (emergency power generators, UPS, etc.), backup
recovery and cyber security incident and more which are obligated to carry out
more than once a year. The drills are to secure business continuity in
contingencies, which require to get to the places where disaster recovery systems
are in placed, drive the systems and need to retrieve emergency services.

10. Is DR of NIRS run Active-Active ?

No, currently it is operated as Active-Standby arrangement. However, once 4
centers would successfully be started to talk to each other in one language when
stable migration of new clients’ systems is completed, Active-Active pattern is
expected to be feasible among all centers in real time. We anticipate the effect
would be maximized as integrating the National Network project is productively
wrapped up which is actively on going currently.
 Ⅵ. K-net & National Integrated Network

1. What is K-net ?
K-net is the nationwide exclusive government information and communication
network used both by central and local government institutions which supports
efficient government businesses and public services. It is the very network that
connects all government information as one.

Managing and operating K-net is one of the important responsibilities of NIRS.

2. Why Korean Government decided to implement K-net ?

As part of the Korean Government’s constant efforts to manage national
information as efficiently as possible started to make since 1990, government’s
main artery for information communication, K-net was implemented in 2009.

Today, K-net is used by about 700 government institutions nationwide which

plays various crucial roles. It is not only responsible for information distribution
among the agencies but also for using external communication services or
connecting data with NIRS.

3. Is K-net implemented physically separated for exclusive government use?

NIRS has taken Government Network Service system in K-net operation.

It is one of the efficient network operation management systems with enhanced

security guaranteed. The corresponding net would be separated as a private one
after negotiating fares, terms and conditions per provided services with ISPs.

NIRS has connected GNS providers and ISPs to the common infrastructure so
that it can serve the user institutions with various and quality services.

4. How is security of K-net being managed?

Based on the network separation policy, internet of K-net are physically separated
from intranet to reinforce security and to provide quality network services.

K-net is securely managed by multi-layered defense systems and a number of

smart analysis systems. Various incidents could be prevented through
uninterrupted 24/7 traffic monitoring system and real-time incident detection
system.
Events generated from security device are collected in nSIMS, the Big Data log
analysis system of NIRS which could be analyzed and responded in real time at
the security Operation Center (SOC).

It is supposed for increasing numbers of cyber threats to be constantly developed

for sure, NIRS has devoted to introducing an A.I.-based security management
system by steps to reinforce the current capability for recent couple of years.

5. What is National Integrated Network (NIN)?

Expanded notion of K-net is the “National Integrated Network (NIN).” NIN
implementation/operation project is to build up the pan-governmental network
platform environment which is to newly configure nets, used to be operated
independently by 48 government agencies.

To improve network survivability, NIRS not only has worked on circuits, nodes
and ISPs redundantly, but also introduced one of the new technologies in the
field such as T-SDN* which could handle a client’s demand like backbone net
extension more flexibly.
(* T-SDN : Transport Software Defined Network)

The project is expected to be wrapped up until the end of next year in 2022.
Private nets re-engineering and constant improvement works would be carried out
with continual operation supports by introducing technologies in the field such as
Quantum Cryptography Communication.

6. Tell us about more about the benefits of National Integrated Network.

First of all, network survivability could be secured by working with more than one
ISP partners for any contingency.

Improvement of national security defense system could be anticipated for

pan-governmental scale of defense scheme over external cyber threats would be
ready to go. Prompt net extension with SDN technology for high volumed data
such as Big Data or Cloud would also be one of the remarkable advantages we
can foresee with completing National Integrated Network.
On top of that, NIRS could save some government funds over network operation
as expenditure have spent for individual nets managed by 48 government
institutions would be cut off from integration efficiency.

7. Could you let us know about the total availability of NIN? How about the
current average traffic of them ?
Total bandwidth of backbone nets of NIN are 860Gbps* for the 1st net and
530Gbps for the 2nd net. Currently, the traffics are not considered as sizable yet
since it is still early stage of conversion, however, it is expected for them to be
getting larger as NIN would be completed by stages.
* Gbps : Giga bit per second

8. How are K-net services being monitored?

Currently, NIRS operates a house-designed Network Management System(NMS).

Core nodes in NIRS Daejeon and Seoul Annex Complex have observed related
circuits of government complexes, local governments and local administrative
complexes and more.

NIRS is conducting compatibility verification for now whether the new monitoring
system implemented for NIN would also work for K-net. Once it would turn out to
be alright, it would also be applied to K-net by steps.

9. How would NIN services be monitored?

Network Operations Center (NOC) for NIN would be placed in new government
complex in Sejong which would provide 24/7 network monitoring services.

The NOC would visualize various network status by getting information from
ISP’s, provide customized monitoring service per each client and support
cross-monitoring among government institutions.

10. Does NIRS employee other communications means other than optical fiber
such as satellites ?
Currently backbone nets’ of K-net are based on optical fiber as well as NIN.

11. Any suggestion or recommendation to those countries who are working on or

planning to proceed or implement ‘National (integrated) network’?
[K-net perspective]
K-net should be able to support government businesses and public services
uninterruptedly.

It is not only required to be device-redundant when implemented to be prepared

for any device failure such as switch or security gadget but also route-redundant
when backbone planning to be able to handle network related incidents.

It has to be seamless-able as it is directly connected to most people’s lives.

Recovery practice should be as prompt as possible if incident happenings are
inevitable.

[National Integrated Net perspective]

You want to organize a finest network professional group who could design a
reliable national network and be responsible for problem solving processes. It is
necessary to form a client board committee in advance to deal with stakeholders’
needs, opinions and interests to work on the project smoothly.

Plus, preparing an exclusive department dealing with policy making, new

technology introduction and securing budget for constant improvement is considered
crucial.
 Ⅶ. Cooperation Activities

1. NIRS offers services only for central government institutions. Does any
government agency support local governments with similar services?
Yes, we have Korea Local Information Research & Development Institute (KLID)
which comprehensibly manages and operates information resources for local
governments. KLID is also an affiliated institution of Ministry of the Interior and
Safety (MoIS) just like NIRS is.

They not only take control over information system incidents and cyber infringement
& threats for local communities but also support research and development
practices for their organized and efficient development.

Some local bodies capable of running their own such as Seoul Metropolitan City or
Gyeong-gi-do have been operating their own data centers independently.

2. How is NIA related to NIRS?

We have got this question quite a lot as two institutions share similar spellings in
their names, however, the corporate identities and responsibilities are quite different
from each other.

NIA takes part in policy or strategy making mostly about digital government and
digital capacity building for the intelligent information society. Those activities could
represent some of its roles as ‘an Head’ of the intelligent information society in a
broad sense.

On other hand, NIRS is an executive institution operating and managing

government information resources, which could be perceived as ‘arms and legs’ of
it. Both organizations are not quite the same in their missions to complete,
however, they do find ways to work together in case necessary to lead Korea
toward an intelligent information society by harnessing digital technologies.
* NIA : National Information Society Agency
3. Does NIRS deal with policy devising affairs as well?
NIRS has been operated under the vision ‘a professional intelligent cloud service
providing institution with quality ICT services toward a digital government’. NIRS
does not directly draft policies however, as an affiliated institution of MoIS, it can
share experiences or make suggestions regarding government data center
operation when its corporate mission/vision-related government policies are
discussed or newly executed.

4. Do future plans of NIRS include facilitating private data as well?

NIRS is the data center exclusively for the government agencies. Future plans
might concern about it, however, currently, NIRS does not plan to accommodate
data from the private sector.

5. Could you name any NIRS support overseas?

Mongolia and Nepal made NIRS their models in building a government data center.
For Indonesia and the philippines, NIRS provided consulting services when they
conducted feasibility studies before implementing ones. Vietnam was approved
EDCF fund of Korea EXIM Bank. Consulting services about digital government and
development-related policies were provided for the government of Brunei.

About 5,000 visitors from around 160 countries have paid visits to NIRS between
2007 to 2021 to participate in the NIRS Study Tour Program to learn about
Korean digital government services and national information resources operation
status.

6. Share us about the ways that NIRS could support foreign countries when they
try to implement a government data center in their own lands.
There are three different technical categories in government data center
implementation domain. First, there is ‘consulting’ realm which deals with national
informatization master plan and basic plan for implementation. Next, we have ‘data
center implementation’ sphere working on building construction and framing
comprehensive environment for operation. Lastly, there we have ‘information
security management’ area caring information security managing system
implementation and building them by steps.
NIRS reviews feasibility, scopes and forms for supports such as holding joint
technical seminars or workshops, looking for applicable training programs or
participating at relevant international functions based on a request. All kinds of
supports are subject to internal circumstances of NIRS.

7. Tell us about some cooperation activities of NIRS.

There are various types of cooperation affairs in NIRS. There are consulting
committees in each professional area consist of groups of experts such as
information security and cloud service. NIRS has also contracted MoU agreements
with a couple of partners for deeper communication and collaboration. NIRS shares
cyber threat information with some intelligent groups such as public institutions
home and abroad, prestigious research institutions and private professional
companies. NIRS used to run an summer internship program for neighboring
university students to let them know about the major businesses of NIRS and
allow them opportunities to work in site as interns, it is now provisionally halted
though. NIRS was happy to hire them as its own staff later as well based on their
performances.

8. Could you let us know about instances of efforts that NIRS has made to
co-prosper with partners and communities?
SMEs are more than welcomed in NIRS as favorable and reliable partners. NIRS
has pro-actively participated in government’s ‘Cultivating & improving environment
for SMEs’ initiatives for years. Most of the big players which are early-stage
partners have been successfully displaced with capable SMEs in the field.

NIRS also supports partners, whose capability, performance and security have
been verified while carrying out implementation or operation projects of NIRS, to be
able to outreach its stage overseas by co-hosting or participating in a number of
functions or events overseas together and introducing them to foreign countries
asking for technical consulting.

NIRS does not save efforts and supports to care for partners in the field to be
able to grow and develop together as long as it can afford opportunities and
environments.