Officially opened in 1991, the Museum of Contemporary Art (MCA) in Sydney is the only museum in Australia dedicated to exhibiting, interpreting and collecting contemporary art from across Australia and around the world. More than 580,000 people visit the MCA annually, a figure that has increased five-fold in the last decade. In addition, 45,000 school children each year enter its doors for a unique learning experience.
Following a major AUD$53 million redevelopment, the MCA will reopen in March 2012 as a bold, new and significantly expanded museum. The new venue promises to be a highlight on the international art calendar, as the MCA is transformed into a major cultural centre for contemporary art and education.
The redevelopment will create an additional 4,500 square metres of space increasing the MCA's total size by almost 50 percent. In addition to building three spacious new galleries, the building program will involve a complete refurbishment of existing facilities.
At the same time, securely protecting the MCA's IT infrastructure will become an ever more complicated task in an environment where new visual technologies will be deployed for the benefit of artists, visitors and employees.
"Although a private organisation, we have a need to protect our reputation and this requires the highest levels of IP and IT security. As a business, we don't function without IT and IT security is a business imperative. We can't afford to suffer hack attacks and this will become even more evident in our new space next year when network availability will become even more apparent," says Evan Upston, chief operating officer at MCA.
Back in 2008, the MCA decided that its previously deployed Microsoft Internet Security and Acceleration firewall was unable to scale with the growth of the museum's "business".
The MCA had increasing and multiple requirements for secure network connectivity from widely disparate groups of users.
"We had the usual corporate security requirements for finance and management users, as well as remote access to systems and email. At the same time, we had additional dynamic requirements from users of the MCA's venues where we might run VoIP and web access for an auction for Sotheby's, full streaming video for a conference or software launch, or just plain Internet or video conferencing for a meeting or seminar. In addition, for the kind of protection you might expect a museum to apply to its physical assets, we needed to apply to our digital assets of more than 11,000 works of art," says Upston.
Tasked with a review of MCA's future plans for growth, Nexus, a leading IT services company, recommended the deployment of a unified threat management security solution.
Importantly, MCA wanted an appliance that offered full threat management capability, failover features and a very flexible and configurable platform in support of a high level of security.
Following an extensive market review, Nexus selected the WatchGuard Firebox X 700 with Unified Threat Management. The appliance provides Layer 7 firewalling capability with deep packet inspection enabling it to look at more than just the traffic component of the packet coming through the firewall. A key feature is that WatchGuard can strip the packet down to understand the intent of the content and determine whether or not it might be malicious and, therefore dropped or allowed through. The firewall is capable of determining many forms of malicious attacks which means it can reduce the number of scans required by the security services and this reduces the load on the processor and improves performance.
"WatchGuard's flexibility, interoperability with other brands and protocols, and extensive feature set were compelling. At the same time, we had a clear understanding and sense of reassurance that WatchGuard would be able to scale for the security needs of the organisation, the artist community and the general public. In addition, the quality of local technical support and a clear product roadmap also figured highly in our decision. From a technical point of view, we needed a platform which would be open to deal with range of protocols and capacity to handle what may come in the future.
"Once the decision to deploy WatchGuard was made, the new security appliance was rapidly and seamlessly deployed," says Upston.
Today, the initial WatchGuard appliance has been joined by a second WatchGuard appliance. These operate in a Citrix virtualised environment and enable the MCA to slice and dice an individual's authority and access.
Over the course of the past three years, WatchGuard has been able to handle the MCA's ongoing dynamic requirements, whether in support of frequent special requests for specific access types, virtual local area networks and other technical requirements from artists and venue teams representing patrons.
These dynamic requirements are delivered by WatchGuard while maintaining MCA's ongoing security policies, which protect the business-as-usual operations within the gallery and administra-tive offices.
"For example, we have had access requests for requirements ranging from monitoring the position of the sun live for the Korean Biennale through to accessing a web server for live updates on a work of art where interactive wireless helmets were used in helmets on bicycles and where the experience involved riding around The Rocks precinct and engaging with the exhibit depending on location and GPS coordinates," says Upston.
WatchGuard allows MCA to relegate edge security to a simple ongoing process that is able to evolve with the changing requirements of the organisation. For example, WatchGuard has been able to handle the flexibility requested by artists who may want to create exhibits on the fly.
With the new building extension underway, the MCA's role as a locally loved and internationally renowned contemporary art museum supporting and promoting Australian artists alongside their international peers will be reinforced.
During the renovation, WatchGuard's ability to service displaced staff at certain points in the construction process has enabled employees to access the corporate server and work securely from home. This in turn has boosted workplace productivity, reinforced business continuity and supported the organisation's green credentials.
At the same time, the network security infrastructure has continued to provide a safe policy gateway to the MCA's art storage space in Leichardt, enabling staff located in this offsite location to work safely and securely within the confines of a virtual private network.
In 2012, WatchGuard will assist in securing The National Centre for Creative Learning (NCCL), one of the most significant highlights of the construction upgrade, created to complement the MCA's commitment to innovation and its role as a leader in art education.
The NCCL will feature a dedicated multimedia room and digital classroom, two practical studios, a 120-seat lecture theatre and a room for the MCA's Bella program for children with special needs. Using unique learning programs and the latest technology, WatchGuard will help the Centre to connect securely with classrooms across Australia and the world to engage people with art through seamless accessibility.
"In short, the WatchGuard appliances have proven their worth in maintaining a secure network over the past three years and in helping us to enjoy a fixed cost managed service. Security will play an ongoing integral role in helping us to handle our growth in exhibitions, managing the digitisation of content, and providing staff with a great workplace environment. Ultimately, though, it is visitors who will be benefit. Members of the public will enjoy a world-class museum experience using IT that is protected by WatchGuard security technology and that has been tried and tested at the MCA for more than three years. During this time, we've not suffered one IT security incident," says Upston.
For more information on WatchGuard's powerful network security solutions, visit www.watchguard.com.