Cloud Based Network Security Services Technical Details

Technical Details

Service implementation and support includes

  • Consultation regarding service options and security configurations
  • All required activities to complete service installation
  • Fully Managed Service
  • DIT configured and supported security solution installed at the statewide data centers
  • 24 x 7 centralized monitoring and management via our Network-Security Operations and Service Desk

Service components include

  • All hardware and software components required to deliver the cloud security solution.

Service features include

Firewall/VPN

 

Shared Infrastructure

Dedicated Infrastructure

 

 

 

 

 

Provides access control to/from customer specific networks

 

 

 

Features and Options

 

 

 

Customer specified security policy

Included

Included

Data Encryption

Included

Included

Real-time view of security policy

Optional

Optional

Real-time view of firewall log data

Optional

Optional

Log retention at customer location

Optional

Optional

IPS

 

Shared Infrastructure

Dedicated Infrastructure

 

 

 

 

 

Monitors network activities for malicious behavior and can block or prevent those activities

 

 

 

 

Features and Options

 

 

 

Customer specified intrusion prevention policy

Best practice

Included

Continual tuning of security policies

Included

Included

Customer notification of pre-identified critical events

 

Best practice

Included

Real-time view of events

 

Not available

Included

Real-time signature updates to address emerging threats

 

Best practice

Optional

 

 

 

 

Remote Access VPN

 

 

 

 

 

 

 

 

Provides secure encrypted remote access for remote or travelling users and business partners

 

 

 

Features and Options

 

 

 

Named SSL/VPN Users

As requested

Scalable to meet customer requirements

User Authentication

Integration with NC Identity Management (NCID)

Integration with NC Identity Management (NCID)

Authorization

NCID groups (5 included)

NCID groups (5 included)

Additional Authorization Groups

Optional

Optional

Sufficient capacity to accommodate large volumes of new telecommuters due to emergencies like pandemic or natural disasters

Included

Optional

 

 

 

 

Common features and options

 

 

 

 

 

 

State Network Connectivity

Included

Included

Throughput

Scalable to accommodate required bandwidth

Scalable to accommodate required bandwidth

High-Availability (HA)

Included

Included

Global Availability (Eastern & Western Data Centers)

Included

Included

24x7 device monitoring

Yes

Yes

24x7 support

Yes

Yes

Design and planning

Yes

Yes

Configuration backup

Yes

Yes

Maintenance -

Patches and upgrades

Yes

Yes

Log retention at DIT

1 month

1 month

See a Logical View of This Service

Service options include

  • Additional VPN groups (5 VPN groups included with service) for more granular authorization

Customer Responsibilities

  • Perform a security vulnerability assessment and a risk analysis of own environment, prior to the initial consulting meeting
  • Provide a 24 x 7 point of contact (POC) for us to contact for reporting and coordinating outages or emergency maintenance
    • This POC list will include the only authorized contacts for security related issues, including the approval of the initial security policy and requesting policy changes
  • The POC will provide us with VPN group administrators, who are responsible for assigning group membership to users
  • Implement remote access security policies that enforce the use of sound security practices to keep VPN client system(s) secure against unauthorized access and other security threats and that comply with the statewide information security standards.
  • Contact our Service Desk to report problems or request assistance
  • Work with us on a mutually agreed schedule to allow required maintenance services to be performed in a timely manner

Hours of Availability

This service is available 24/7, excluding planned outages, maintenance windows, and unavoidable events. Maintenance windows are used only when needed for planned changes that have gone through our Change Management Process. In addition to our Standard Maintenance Windows, site-specific and service-specific changes may be coordinated with customers at non-standard times.

Standard maintenance windows are defined as:

  • 4:00 a.m. to 7:00 a.m. each Thursday
  • 4:00 a.m. to 12:00 p.m. each Sunday