New Zealand Government Can Use the Catalyst Cloud

Discussions between Catalyst and the DIA have clarified that the NZ Government can use the Catalyst Cloud.

The all-of-government Infrastructure as a Service (IaaS) mandate often causes confusion about what cloud services government agencies are allowed to procure and use. To provide clarity and assurance to agencies, Catalyst contacted DIA to delineate the scope of the mandate and its exceptions.

New Zealand government agencies are allowed to procure and use platform and software as a service solutions from Catalyst IT, or any other cloud service provider they deem fit for purpose. 

The NIST definition of cloud computing [PDF] is a vendor neutral and widely accepted definition of Platform as a Service (PaaS) and Software as a Service (SaaS):

  • PaaS: “The capability provided to the consumer is to deploy onto the cloud infrastructure consumer-created  or  acquired  applications  created  using  programming  languages,  libraries, services, and  tools  supported  by  the  provider. ...”
  • SaaS: “The  capability  provided  to  the  consumer  is  to  use  the  provider’s applications running  on  a  cloud  infrastructure...”

For avoidance of doubt, many of services provided by Catalyst IT and the Catalyst Cloud fall within the definition of PaaS and are beyond the scope of the IaaS mandate. These include:

  • Cloud Orchestration: allows for application stacks to be deployed and orchestrated on the cloud.
  • Genie: a platform to run LAMP based content management systems, such as the Drupal and Silverstripe.
  • Kubernetes and Docker Swarm: container orchestration platforms that make it easy to deploy and manage container based applications on the cloud.
  • OpenShift and Cloud Foundry: application life cycle management platforms that allows customers to deploy applications to the cloud.
  • Learning and development SaaS - Catalyst has a standard Moodle and Totara LMS cloud offerings for New Zealand government agencies

To make it easier for government agencies to adopt these services on the Catalyst Cloud, Catalyst has published ready to use documents that address the security and privacy risks outlined by GCIO (also known as “the 105 questions”). These documents can be found at https://catalyst.net.nz/catalyst-cloud/compliance#nz-government.

Government PaaS customers will still benefit from Catalyst's recently announced “All of Government” pricing.

Catalyst consulted DIA’s General Manager for Commercial Strategy & Delivery  to clarify the scope of the IaaS mandate in drafting this release. As described on ICT.govt.nz, the IaaS panel mandate only applies to some public agencies and is limited to the direct procurement of four core infrastructure services:

  • Data centre housing: collocation or leasing of hardware in data centres owned by the the IaaS panel members;
  • Utility compute: the direct consumption of hypervisors (eg: Vmware, Hyper-V, Oracle) or virtual machines provisioned by the IaaS panel members;
  • Storage: storage of data, archival of data and data replication services.
  • Backup: backup of the data stored on any of the services described above.