The future of Network Procurement
In this guest blog Mike Thomas, Managing Director at Innopsis, discusses what the future holds for Network Procurement.
For more information on Innopsis, you can visit their website here.
To evaluate the likely changes to Network Procurement over the medium term, between three and five years, we need to consider two main aspects; what customers will want to procure and the vehicles available for procurement.
What services are going to be bought?
Firstly, I would like to consider the services that Customers will want to procure. To clarify, these will be the services to provide connectivity and ancillary services across the Public Sector.
The Covid-19 lock-down is causing a massive change in the way we are working. Social Distancing and restricting the spread of the virus means that millions of Britain’s are working from home. How many will still be able to still work in the same fashion after the lockdown will remain to be seen. Certainly, from an environmental and efficiency view, continuing as much home working as possible will be desirable. However, this will have a major impact on the networking requirements for the Public Sector.
Pre-virus, the Government was prioritising Local Full Fibre and 5G roll out to enable the UK to have high speed and resilient internet capability across the whole country. Continuation of these programmes will help facilitate the continuing trend for homeworking.
In November 2019, NHS-Digital made a commitment to deliver Matt Hancock’s vision of Internet First for the NHS. Innopsis have been involved in helping to prepare the programme for further discussion across Industry later in 2020. The provision of Fibre and 5G makes it more feasible for small offices and surgeries to run services over the Internet. However, having the connectivity in place is only half of the story, as Internet working means that the applications being used need to be compatible to be used over the public internet. Whilst there are great strides being made in this area, there is a significant number of applications that will need upgrades. This means that there will quite a time lapse before all applications will be internet enabled. Early estimates put it at 20 years, but a more realistic 6 years is expected, although a number of applications will be available in 2021.
Whilst NHS-S Digital are leading with Internet First, it is likely that the rest of the Public Sector will follow. In fact, some departments and some Councils have already made significant moves in this direction. The introduction of Software Defined Networks has meant that the transport medium is less important and thus allowing Internet bearers or multi provider bearers be used within a WAN environment.
Many Public Sector and Enterprise have tended to buy MLPS based WANs for performance and security. With the introduction of Zero Trust and Software Defined Security, the cost is being moved from the network service provider to Customer Premise Equipment provider but allows internet connectivity to gain the privacy offered by the traditional service. In addition, the growth of providers that are adhering to the MANRS routing commitments, it will be possible to ensure that procured Internet Connectivity will keep all data within the UK and less likely to be hijacked by a third party with either a criminal or political agenda. With the increased bandwidth offered by Full Fibre, the argument for staying with just MPLS as a service, decreases.
Balanced against the Internet First direction, it will make sense for some time that large sites and campuses are served by a traditional MPLS IPVPN connection. This will include connectivity to Data Centres, Cloud Providers and the usual Hyperscalers. The availability and scalability of an MPLS IPVPN is still far better, in terms of cost and performance, than an alternative. However, it will make sense to include smaller satellite sites and homeworkers, whether part time or full time, via Internet connections. Thus, a Hybrid model is being scoped for customers that fit this description.
For organisations that consist of smaller sites, or indeed just one small site, then using Internet only to connect, subject to the availability of suitable bandwidth at site, will become the choice.
There is also be a group of workers that will use any connectivity, such as occasional home workers, nomadic workers, mobile workers etc. These may use any connectivity ranging from mobile data, domestic third-party connections or even public Wi-Fi from coffee shops and train companies. To limit the risk of these users being compromised, I recommended that access to data be restricted to single transactions, similar to the way internet banking works, rather than replicating office or procured access.
We can see that there will be a mixture of technologies that are likely to be used in the near future. The question is how will they be purchased? SD-WAN and Zero Trust services are tending to be purchased via the G-Cloud framework. Internet and MPLS networks are tending to be purchased from Network Services. Neither CCS Framework can claim to be the logical provider of all Networking elements. With the coronavirus activity and Brexit, it is unlikely that CCS will be able to focus resources to introduce a new framework until the replacement of Network Services 2 in 2022, or more likely, after the framework extension to 2023.
How will services be bought?
The G-Cloud Framework represents itself as being the logical route to buy cloud based, commodity items quickly and easily. Network Services represents itself to be the best framework to procure more complicated services. This is exactly the opposite of the way that customers are procuring at the moment. SD-WAN and Zero Trust are the more complicated services that the customer will buy, whilst the connectivity, can be procured as a commodity. It appears that the frameworks are not designed to represent the requirements. Network Services 2 runs until 2022, as a minimum, although each preceding network framework has been extended, we should expect the same, whilst the latest version of G-Cloud, G-Cloud 12 will run from September 2020 to 2021, therefore there will not be a quick solution to the issue. In the medium term, we must assume that the current frameworks will remain as the main procurement routes, recognising that there are other procurement bodies outside Crown Commercial Service, such as Yorkshire Procurement Organisation (YPO) amongst others.
So how should the Supplier be positioning themselves for the next few years? If you are one of the 38 suppliers for connectivity on Network Services, then ensuring that your SD-WAN and Zero Trust services are represented on the Basware catalogue should be an important step. In addition, marketing the combined connectivity and control plane as a total solution should play to the customer requirements.
If you are not one of the 38, then G-Cloud is the obvious route. Whilst not expressly featured, IPVPNs and connectivity are allowed to be posted under Lot 1 – Hosting Services. Lot 2 provides the platform for SD-WAN and SD-Security, and so a multi-Lot contract for an end to end service can be provided. I would recommend that each service description for each sub-service refer to each other to guide buyers along the path, plus marketing collateral refers to the whole service and itemises the sub-services to provide the top down view.
Looking at the options from the Customer, firstly I suggest that the organisation’s capability for managing a potential service is evaluated. If the capability exists to manage and specify in-house a service, then commodity procurement via G-Cloud could be the best route. This is the route being taken by several large Central Government departments. These procurements are centred around using the search facility in the Digital Marketplace to select potential suppliers and then using the MEAT principle to down select the potential Suppliers following dialogue. It is typical, in these procurements, for the customer to have a very good idea of what they want to buy before going to market. They will have reviewed potential solutions and therefore the service wrap and commercial offer of potential suppliers is the element they are evaluating. As they are self-managing the service, the service cost is the key differentiator.
If the Customer does not have the capability to manage a service in-house or does not wish to manage a service, then following the Further Competition path of Network Services 2 would be a sensible route. The time scale for procurement and the procurement costs will be higher, there will be less focus on how the requirements are met and more around what is being delivered and the service surround that supports it. The recent HSCN procurements were procured in this fashion and resulted in a benchmarked outcome that averaged out at 15% less than if Internet connectivity had been used. Clearly, this route may be preferred by many.
There have been many calls from Industry for CCS to release a Dynamic Procurement System (DPS) for Network Connectivity to include the ancillary services such as SD-WAN and Zero Trust. The attraction being that the Suppliers on the Framework may join and leave during the term of the Framework to reflect the marketplace. To facilitate this and to ensure that the number of Suppliers were not so numerous so that inviting them all to bid did not risk an unwieldly procurement, there must be a threshold that Suppliers must meet in order to gain a place. Work continues to try an establish a set of standards that suitable Suppliers should meet that does not constrain the market too strictly, but also does not allow too many Suppliers to meet.
To summarise, the recent pandemic will have caused disruption in the topology of networks used in the Public Sector. Should this disruption be continued, in a fashion, the landscape for future procurements will be accelerated along the trajectory that it had started in 2019 at a rate. The main procurement vehicles are not focused on the same projection and as such the utilisation by Customers and Suppliers alike will remain best served by duplicating services on both G-Cloud and Network Services 2.