SCHEDULE 2C-2 CONVERGED NETWORK MANAGEMENT SERVICES (FUTURE STATE SERVICES) for. Date TBD
|
|
- Barry Chandler
- 8 years ago
- Views:
Transcription
1 Schedule 2C-2 Converged Network Management Services (Future State SCHEDULE 2C-2 CONVERGED NETWORK MANAGEMENT SERVICES (FUTURE STATE SERVICES) for COUNTY OF ORANGE, CA Date TBD
2 Table of Contents 1.0 Converged Network Management Services Overview and Objectives Converged Network Management Services Overview Service Objectives Converged Network Management Services Requirements Converged Network Service Area Components Service Descriptions and Roles & Responsibilities Service Environment Scope of Infrastructure to be Supported Baseline Information Service Level Requirements Objectives Service Level Requirements Reports Referenced Appendices, Schedules and Attachments List of Tables Table 1. General Roles and Responsibilities...7 Table 2. Design and Engineering Services Roles and Responsibilities...8 Table 3. Network Provisioning Services Roles and Responsibilities...9 Table 4. Network Operations and Administration Services Roles and Responsibilities...10 Table 5. Network Monitoring and Reporting Services Roles and Responsibilities...12 Table 6. Circuit Support Services Roles and Responsibilities...13 Table 7. Network Documentation Services Roles and Responsibilities...14 Table 8. Network Security Services Roles and Responsibilities...14 Table 9. Firewall Management, DMZ and Internet Infrastructure Services Roles and Responsibilities...18 Table 10. Security Intrusion Prevention and Detection Services Roles and Responsibilities...19 Table 11. Security Monitoring and Incident Management Services Roles and Responsibilities...20 Table 12. Network Availability SLRs...23 Table 13. Network Performance SLRs...24 Table 14. Network Administration Services SLRs...25 Table 15. Gateway Content Filtering of SLRs...26 Table 16. Security Intrusion Detection SLRs...26 Date TBD Page i
3 Table 17. Network Services Reports...28 Date TBD Page ii
4 This is Schedule 2C-2 (Converged Network Management to the Agreement between the County of Orange, CA ( County or the County ) and the Vendor ( Vendor ). Unless otherwise expressly defined herein, the capitalized terms used herein shall have the meaning assigned to them in Attachment A (SOW Definitions). This statement of work shall be in effect following the implementation of the Vendor provided/implemented converged network environment. 1.0 Converged Network Management Services Overview and Objectives 1.1 Converged Network Management Services Overview This Schedule 2C-2 (Converged Network Management is the statement of work that sets forth the roles and responsibilities of the Parties for the Converged Network Management Services provided under the Agreement as part of the Services. Converged Network Management Services are the end-to-end Services and activities required to provide and support the County s converged network environment that transports data traffic related to County and Third Party applications including but not limited to financial and business applications (e.g., CAPS+, PTMS), web applications, video and associated video applications (e.g., future video conferencing, weekly Board meetings) and IP/VOIP telephony system traffic. Vendor s end-to-end responsibilities include life cycle management (e.g., requirements, engineering, design, implementation, testing), service provisioning, security, administration, troubleshooting, and proactive service management (e.g., Availability and Capacity Management, Performance Management, Incident and Problem Management) of the County s converged network environment and services, including but not limited to: Wide area network (WAN) (including metropolitan area network (MAN), circuit and conduit management) Third Party connectivity (e.g., state consortium systems and exchanges) Wired and wireless local area networks (LANs) IP management services Quality of service (QoS) and class of service (CoS) management Network operations, management and monitoring Support of network test environments for all network services Internet connectivity services (e.g., provisioning, monitoring and reporting) gateway services Network security services Vendor s solution for Converged Network Management Services shall provide multiple levels of secure and permission-based logical network connectivity through the enterprise network to County End Users including the following: Enterprise level connectivity Agency to agency connectivity Multiple agency to agency connectivity Date TBD Page 1
5 Agency to business partners (e.g., state, federal, other counties and cities) connectivity County connectivity to the internet via the enterprise data center Throughout the Term of the Agreement, Vendor Converged Network Management Services shall support changing County business, regulatory and technical requirements and Vendor services shall incorporate new technical and services solutions that meet County requirements and business objectives. 1.2 Service Objectives The following are the key high-level Service objectives the County expects to achieve through Vendor s Converged Network Management Services: Achieve the Service Level Requirements (SLRs) specified in Section 4 of this SOW Design, implement and maintain a reliable, scalable and secure high-speed converged network infrastructure, that meets the County s ongoing and changing business and technical requirements and service level requirements (SLRs) End to end converged network monitoring and management including management of Third Party providers (e.g., Third Party coordination, carrier coordination, Problem and Incident management) Maintain and deliver Converged Network Services in a cost effective manner Timely delivery of Converged Network solutions to support County project implementations, and related coordination with the County and Third Parties Date TBD Page 2
6 2.0 Converged Network Management Services Requirements 2.1 Converged Network Service Area Components Converged Network Management Services and network components include, but are not limited to the following Wide Area Network (WAN) (including Metropolitan Area Network (MAN)) Services WAN Services include the monitoring and management of networking equipment and Software that interconnect two or more separate facilities. WAN Services include acting as the prime Vendor or as an agent for trouble management for Third Party carrier services such as ATM, MPLS, point-to-point, frame relay circuits, Countyowned circuits, dedicated Internet connections and broadband circuits. Specific WAN Services include: Design of WAN connectivity solutions that will meet the County s business and technical requirements (e.g., performance, availability, reliability, capacity) WAN equipment provisioning and management (e.g., routers, CSUs/DSUs) Management of WAN circuit provisioning Management of circuit billing, invoicing and reconciliation Installation and decommissioning of WAN equipment (e.g., routers, gateways) Implementation of WAN connections and circuits Testing of WAN infrastructure (e.g., stress testing, regression testing, failover testing) changes in a non-production environment, prior to introduction into the County production environment Wiring and cabling (e.g., extended demarcation cabling) Password reset services per established security standards Optimization of WAN Services and circuits Management of end-to-end WAN connectivity and performance Internet connectivity and access Management of network QoS and CoS for all IP-based services Monitoring of all managed network devices (e.g., via SNMP) Monitoring performance and usage parameters of WAN circuits (e.g., Availability, peak utilization, average utilization, latency per QoS/class of service level, error levels, forward and backward explicit congestion notifications (FECNs/BECNs), application breakdown) Management of all WAN equipment (e.g., Routers, CSU/DSUs) Compliance with security policies and best practices Asset and configuration management Date TBD Page 3
7 Maintenance of hardware and Software (e.g., routers, switches, system upgrades) Regular and ad-hoc reporting per County formatting requirements Development and maintenance of WAN documentation and diagrams Testing and implementation of network disaster recovery in accordance with the County Disaster Recovery Plan Wired and Wireless Local Area Network (LAN) Services LAN Services include the provision and monitoring and management of networks that are usually confined to a single facility or portion of a facility. LAN components include Dynamic Host Configuration Protocol (DHCP) and wireless LANs supporting all network traffic originating from computing devices (e.g., desktop devices, local file and print servers, application servers, database servers, peripherals and other network devices and other End User devices). This Service does not include the LAN-attached Network Interface Card (NIC) at the desktop. Specific Wired and Wireless LAN Services include: Review existing LANs and recommend improvements Design of LAN solutions which will meet County requirements LAN equipment provisioning and management Installation and decommissioning of LAN equipment (e.g., switches, hubs) Testing of LAN infrastructure (e.g., stress testing, regression testing, failover testing) changes in a non-production environment, prior to introduction into County s production environment Management of LAN connectivity and performance, including wired and wireless LANs Management of Layer 2 through 7 switching devices and network appliances (e.g., load balancers) Monitoring all managed network devices (e.g., via SNMP) Monitoring LAN ports switches for Servers and interconnectivity between the switches and other network devices (e.g., IP/VOIP telephony devices) ; LAN ports shall be monitored for peak utilization, average utilization, latency, jitter, error levels unless otherwise agreed upon by County Wiring and cabling Regular and ad-hoc reporting per County requirements Compliance with security policies and best practices Asset Management and Configuration Management Support and administration of Third Party maintenance agreements and relationships Development and maintenance of LAN documentation and diagrams LAN administration services during County-defined windows (e.g., DNS changes, AD replication, virus definitions) Testing and implementation of network disaster recovery in accordance with the County Disaster Recovery Plan Date TBD Page 4
8 Monitor remote equipment closets IP Management Services COUNTY OF ORANGE, CA IP Management Services include both Domain Name Services (DNS) and Dynamic Host Configuration Protocol (DHCP), including administration and management of Domain Name Services. Vendor shall be responsible for managing DNS Services within the LAN and also on the Internet for all County application and service web sites. Vendor will also be responsible for providing DHCP services in support of all network traffic. Specific DNS services include: IP address management DHCP Service for Service Area hardware Internal and External DNS Service for Service Area hardware Internal and External DNS/DHCP Services for County sites Static IP addressing Provision and maintenance of central, real time logs that are to be kept in via Vendor-provided portal/integrated ITSM suite per County information security policies Provision and support of a DNS/DHCP tool that provides the following capabilities, including but not limited to: Combines data from all DHCP servers on the reports Logs all devices that provide IP addresses via DHCP in the County s environment including remote access devices Supports real-time reporting formatted to the County s standards Provides capability to search for information from either the IP address, MAC address, hostname, or Active Directory End User ID Ability to generate alerts when a specific IP address, MAC address, hostname, or Active Directory End User ID is used Remote Access Remote Access Services include the provision and management of solutions (e.g., virtual private network (VPN)) that allows remote End Users and business partners to securely connect to the network and County Application Services and/or County IT resources over the public Internet or private intranet. It requires industry/internetbased standards for security to create and preserve privacy, data integrity, and authenticity. The Remote Access Service will be highly scalable (e.g., client and siteto-site) and support will be provided for County sites, designated home offices, wireless access points, and other locations as required. All Remote Access Services provided hereunder will be provided in compliance with the County s security policies Network Security Services Network Security Services include the provision and support of methods that provide security to wired and wireless physical and logical network devices connected to the network and for security to IP traffic on the network. All Network Security Services Date TBD Page 5
9 provided hereunder will be provided in tiered administration in compliance with the County s security policies. Network Security Services include, but are not limited to: Firewall management (e.g. DMZ, Internet, Third Party connections) Provision and management of multi-factor authentication (e.g., token, certificate) Malicious code detection and prevention, and Internet monitoring (e.g. IDS/IPS, anti-virus, anti-malware) gateway and SPAM filtering per County requirements Security policy verification Tiered web filtering (e.g., URL filtering, malicious sites, spyware, advertisements, instant messaging, free software downloads) Internet usage reporting Tiered antivirus Data leak monitoring Data Leak Prevention services Provision, installation, configuration, management, and maintenance of network intrusion detection and prevention sensors at specified network entry points Intrusion incident reporting Ongoing vulnerability assessment and remediation Support of Third Party security assessment, scanning and penetration testing Design, implementation, management and maintenance of encryption solutions Management of County-owned security certificates, SSLs and domain names Incident and Problem Resolution Password Reset services per established security standards Logging, tracking and management of security risks and issues to Resolution and closure Network security services reporting per County requirements Physical and logical access control (e.g., End User, administrative, card access) Remediation of discovered security risks from any security audit findings Management and Administration Services Management and Administration Services include system and component management and monitoring, information protection, component addressing, and IT Service management activities such as patch management, version control, access control, and Change control for all in scope network components including IP telephony/voip components. Management Services include: Date TBD Page 6
10 Network systems management and troubleshooting (e.g., performance, Problem, Change and capacity monitoring) Bandwidth, capacity, availability and performance management and reporting Application usage statistics (e.g., identify top talkers by application via Layer 7 monitoring) Coordinating with public carriers and other circuit providers to perform operations activities, support SLRs and to manage reporting of Third Party SLRs to the County QoS and CoS management Physical and logical network segmentation Administration Services include: Managing network devices, configurations, ACLs, firewalls, Internet Protocol (IP) addresses and related Services (e.g., DNS/DHCP) as specified by the County Asset management and configuration management, including hardware and Software Logical (e.g., IP address change) IMACs for network components Physical equipment and site IMACs Firewall Management, DMZ and Internet Infrastructure Services Firewall Management, DMZ and Internet Infrastructure Services are the activities associated with Managing and supporting County Internet and Third Party connections and associated firewalls, DMZ infrastructures, proxies, content filters and other Services necessary for secure Internet access from and to the County network. Internet/Web Services. The following Services and roles and responsibilities shall apply to all in scope County network components described above (e.g., WAN, MAN, LAN, VPN). 2.2 Service Descriptions and Roles & Responsibilities General Responsibilities The following table identifies general roles and responsibilities associated with this SOW. An is placed in the column under the party that will be responsible for performing the task. Vendor responsibilities are indicated in the column labeled Vendor. Table 1. General Roles and Responsibilities General Roles and Responsibilities Vendor County 1. Develop, document and maintain the physical and logical network design/architecture plan and inventory (e.g., circuit inventory, conduit mapping, and IP address schema, as built) to meet County requirements 2. Review and approve the plan for network design/architecture 3. Provide and manage 24x7x365 network Availability 4. Provision network components as required 5. Provision circuits per County s instructions and approvals Date TBD Page 7
11 General Roles and Responsibilities Vendor County 6. Dispose of decommissioned network equipment in accordance with County policies 7. Develop business and functional requirements for network projects 8. Provide technical and functional requirements for Vendor-proposed network support and upgrade projects 9. Manage and perform firmware/software upgrades for all in-scope network devices 10. Review and approve firmware/software upgrade maintenance costs and schedule for network devices 11. Identify, test, and Resolve compatibility issues between firmware/software versions 12. Perform proactive network optimization and tuning 13. Coordinate with County entities and Third Parties (e.g., hardware/software Vendors, carriers, service providers) as required 14. Provide ad-hoc network reports when requested by the County 15. Coordinate with County Third Party WAN/LAN network providers for Incident Resolution and to collect and report on network Availability and performance to the End User 16. Support audit activities by providing necessary resource, reports and data Design and Engineering Services Design and Engineering Services are those activities associated with the design and engineering of the technical infrastructure, and providing and managing tools and utilities to support the network environment. The following table identifies the Design and Engineering Services roles and responsibilities that Vendor and the County shall perform. Table 2. Design and Engineering Services Roles and Responsibilities Design and Engineering Services Roles and Responsibilities Vendor County 1. Recommend Vendor s standard Network Design and Engineering Services procedures 2. Develop, document and maintain in the Policies, Standards and Procedures Manual Network Design and Engineering Services procedures that meet County requirements and adhere to County policies 3. Review and provide input and/or additional procedures as required and approve Network Design and Engineering Services procedures 4. Prepare and provide network design, engineering, security plans and schedules (e.g., service design package (SDP)) to support new and enhanced applications, architectures and standards based on established procedures as needed or requested by the County 5. Review and approve network design, engineering, security plans, and schedules 6. Provide recommendations for optimizing network design Date TBD Page 8
12 Design and Engineering Services Roles and Responsibilities Vendor County 7. Review and approve recommendations for optimizing network design 8. Coordinate with County and Third Parties as required to meet service requirements and SLRs 9. Review and approve Changes to the network environment in accordance with Change Management policies and procedures 10. Develop scheduling of all Changes to the network environment 11. Review and approve the scheduling of Changes to the network environment in accordance with Change Management policies and procedures 12. Provide technical advice to the County regarding application development to optimize utilization of data and applications over the network Network Provisioning Services Network Provisioning Services are those activities associated with the pricing, evaluation, selection, acquisition, installation, ongoing management and disposition of new and upgraded network components (e.g., circuits, equipment). The following table identifies the Network Provisioning Services roles and responsibilities that Vendor and the County shall perform. Table 3. Network Provisioning Services Roles and Responsibilities Network Provisioning Services Roles and Responsibilities Vendor County 1. Recommend Vendor s standard Network Provisioning Services procedures 2. Develop, document and maintain in the Policies, Standards and Procedures Manual Network Provisioning Services procedures that meet County requirements and adhere to County policies 3. Review and provide input and/or additional procedures as required and approve Network Provisioning Services procedures 4. Manage circuit provisioning for new WAN connectivity, including obtaining favorable circuit pricing 5. Review carrier options and provide the County with recommendations regarding most favorable options 6. Review and approve Vendor s carrier recommendations regarding most favorable options 7. Maintain financial responsibility for County specified data circuits and other connectivity methods 8. Maintain financial responsibility for County specified data circuits and other connectivity methods 9. Specify network provisioning physical requirements (e.g., power, floor space) 10. Install equipment and establish connectivity as required 11. Document router configuration files and IP addressing schemas 12. Provide capacity planning, incorporating County-provided business requirements Date TBD Page 9
13 Network Provisioning Services Roles and Responsibilities Vendor County 13. Manage and coordinate the performance of public carriers (and other Third Parties) to meet County requirements (e.g., schedules, project plans, SLRs) 14. Ensure that all new circuits, devices and Software provisioned are included in all IT Service Management and Life Cycle Services related documentation (e.g., Asset and Configuration Management) 15. Upgrade/remove/decommission network equipment and connectivity from County sites as required per agreed schedules and in accordance with County policies and procedures 16. Manage and provide WAN connectivity installs, moves, adds and changes (IMACs) 17. Minimize disruptions in Services during Changes 18. Review and approve installation, connectivity and removal activities 19. Acquire and manage domain name entries on behalf of the County (e.g., web URL and SSL certificates) 20. Maintain financial responsibility and ownership of domain name entries Converged Network Operations and Administration Data Network Operations and Administration Services are those activities associated with the provisioning and day-to-day management of the network environment. The following table identifies the Network Operations and Administration Services roles and responsibilities that Vendor and the County shall perform. Table 4. Network Operations and Administration Services Roles and Responsibilities Network Operations and Administration Services Roles and Responsibilities 1. Recommend Vendor s standard Network Operations and Administration Services procedures 2. Develop, document and maintain in the Policies, Standards and Procedures Manual Network Operations and Administration Services procedures that meet County requirements and adhere to County policies 3. Review and provide input and/or additional procedures as required, and approve Network Operations and Administration Services procedures 4. Perform day-to-day Network Operations and Administration Services activities 5. Develop, manage and maintain inventory of Network traffic (e.g., types, sources, services) 6. Manage network Assets in accordance with the County s policies, standards and procedures (including security oversight and Change Management policies and procedures) 7. Recommend QoS and CoS for QoS/CoS sensitive applications including IP/VOIP based telephony systems 8. Review and approve QoS and CoS requirements for QoS/CoS sensitive applications and IP/VOIP based telephony systems Vendor County Date TBD Page 10
14 Network Operations and Administration Services Roles and Responsibilities 9. Implement and manage QoS and CoS for QoS/CoS sensitive applications and IP/VOIP based telephony systems 10. Recommend IP addressing, directory and configuration information and requirements 11. Review and approve IP addressing, directory and configuration information and requirements 12. Develop and maintain IP addressing schemes, router configurations and routing tables that meet County s requirements Vendor 13. Manage and maintain DNS/DHCP Services 14. Provide requirements (e.g., security, performance) for physical and logical network traffic segmentation 15. Recommend approaches, technologies and network management techniques for physical and logical network traffic segmentation 16. Review and approve Vendor recommend approaches, technologies and network management techniques for physical and logical network traffic segmentation 17. Implement, manage and maintain physical and logical network traffic segmentation to meet County requirements and SLRs (e.g., security, performance) 18. Manage County Third Party contracts for facility cable management (e.g., physical wiring between servers and wiring closet and between wiring closet and desktop) Services at specified County sites 19. Manage and maintain current inventory of cable plant 20. Manage and provide proactive and reactive maintenance on network Assets 21. Manage and respond to Services Requests and provide IMACs for network components and sites 22. Maintain and provide security information in an agreed upon format, including access, general logs, application logs in accordance with the County s security policies and procedures 23. Coordinate network administration activities through defined Change Management processes 24. Support provisioning and de-provisioning account activities (e.g., administrative accounts, End User accounts) and maintain associated history logs as required 25. Support activities related to County- or Third Party-planned and unplanned Outages (e.g., post-power outage startup activities, County preparedness emergency exercises or Incidents, recovery) County Network Monitoring and Reporting Network Monitoring and Reporting are those activities associated with the proactive monitoring and reporting of network performance and management information (e.g., performance metrics, Incidents) for in-scope network components (e.g., routers, switches, and network appliances, IP /VOIP telephony system components). The following table identifies the Network Monitoring and Reporting Services roles and responsibilities that Vendor and the County shall perform. Date TBD Page 11
15 Table 5. Network Monitoring and Reporting Services Roles and Responsibilities Network Monitoring and Reporting Services Roles and Responsibilities 1. Recommend Vendor s standard Network Monitoring Services and Incident and Problem Resolution procedures 2. Develop, document and maintain in the Policies, Standards and Procedures Manual Network Monitoring Services procedures that meet County requirements and adhere to County policies 3. Review and provide input and/or additional procedures as required and approve Network Monitoring Services procedures 4. Manage current or provide and manage new automated tools for monitoring network circuits, devices and traffic from a Vendor provided Network Operations Center (NOC) 5. Implement measures and provide proactive analysis of network data and reports to limit network Outages and optimize the County s bandwidth utilization 6. Proactively monitor current network utilization and provide information to the County for use in determining future capacity requirements 7. Monitor, operate, perform Problem determination, alert, and repair for all network environments on a 24x7x365 basis, including for Service Outage, loss of connection and specific performance indices 8. Monitor LAN ports for all servers and uplinks; LAN ports should be monitored for peak utilization, average utilization, latency, and error levels unless otherwise agreed upon by the County. Vendor should also have the capability to turn on monitoring for individual regular desktop ports for troubleshooting Vendor 9. Perform remote LAN analysis diagnostics and on-site troubleshooting 10. Manage Service Requests and dispatch process as directed by the County 11. Dispatch pre-approved Vendor on-site support personnel and/or Third Parties as appropriate 12. Manage network performance or Availability issues resulting from a fault or impairment in network circuits or devices 13. Provide reporting (e.g., availability, utilization, latency, capacity) on network components providing connectivity to County applications 14. Collect data and reports from Third Parties and provide consolidated reporting (e.g., availability, utilization, latency, capacity) on out-ofscope network components (e.g., Third Party circuits, Third Party WAN/LAN network circuits and components, Third Party partner and service provider connections) providing connectivity to County applications 15. Review and approve network performance reporting Circuit Support County Circuit Support Services are those activities associated with providing 24x7x365 support of the network to ensure continuous operation. This support includes Problem isolation and Date TBD Page 12
16 determination to the network device port level. The following table identifies the Circuit Support Services roles and responsibilities that Vendor and the County shall perform. Table 6. Circuit Support Services Roles and Responsibilities Circuit Support Services Roles and Responsibilities Vendor County 1. Recommend Vendor s standard Circuit Support Services procedures 2. Develop, document and maintain in the Policies, Standards and Procedures Manual those Circuit Support Services procedures that meet County requirements and adhere to County policies 3. Review and provide input and/or additional procedures as required and approve Circuit Support Services procedures 4. Isolate Problems to the circuit, port or device level 5. For circuit Incidents and Problems, contact carrier to determine the cause of the Outage, notify the County, and work on the Incident/Problem with carrier until Resolved 6. Track Incidents and Problems, follow up on status, escalate when required and report status to the appropriate Party including when Incidents/Problems are Resolved 7. Provide any possible Workarounds to help maintain production until a permanent fix can be achieved during network Problems/Outages 8. Provide Third Party SLR reporting in accordance with County requirements 9. Support Disaster Recovery testing per the DR Plan (e.g., conduct failover testing) 10. Conduct Disaster recovery activities required to recover Services per the DR plan Network Documentation Services Network Documentation Services are those activities associated with continually developing, revising, maintaining, reproducing, and making secure network infrastructure information securely accessible on an as needed basis. Documentation shall be formally provided to the County in electronic form quarterly and shall be stored and maintained in the integrated IT Service Management suite. Some of the document types specific to this Schedule include: Network system specifications and topologies (e.g., router configurations, firewall policies, routing diagrams/ip addressing tables, hardware/software listings) Detailed circuit location information (e.g., circuit ID including LEC access ID, location, speed) Firewall policies, group and object information As-built documentation for all network devices (including firewalls) that are deployed in development, test, QA, production and other technical environments Maintain the network topology in a geospatial map The following table identifies the Network Documentation Services roles and responsibilities that Vendor and the County shall perform. Date TBD Page 13
17 Table 7. Network Documentation Services Roles and Responsibilities Network Documentation Services Roles and Responsibilities Vendor County 1. Recommend Vendor s standard network documentation types and content 2. Develop and maintain network documentation that meets County requirements 3. Review and approve network documentation Network Security Services All Network Security Services provided hereunder will be provided in tiered administration in compliance with the County s security policies Network Security Planning and Operations Services Network Security Planning and Operations Services are those activities associated with maintaining physical and logical security of all Network Management Services components (e.g., hardware, Software) and data, Malware protection, access protection and other Network Security Services in compliance with County security requirements and all applicable regulatory requirements. The following table identifies the Network Security Services roles and responsibilities that Vendor and the County shall perform. Table 8. Network Security Services Roles and Responsibilities Network Security Services Roles and Responsibilities Vendor County General 1. Implement physical and logical security plans that comply with County security policies; develop and provide documentation demonstrating adherence to the plans, processes and procedures 2. Maintain a secure network environment, including compliance with County policies 3. Perform information security compliance, auditing, and reporting per County-defined requirements 4. Design, implement and maintain Vendor security services and technical solutions that protect data logically and physically, in storage and during wired and wireless transmission, against unauthorized or accidental access, modification or disclosures (e.g., encryption, network segmentation, monitoring tools) 5. Review and approve Vendor security solutions 6. Develop, document and maintain in the Policies, Standards and Procedures Manual Security Services standards and procedures that meet County requirements, regulatory requirements, and adhere to County policies 7. Review and approve Network Security Services standards and procedures 8. Execute security policies and provide and operate security monitoring tools including documentation demonstrating consistent adherence to the process 9. Provide, implement and manage security analysis and monitoring tools into the County s network environment 10. Provide tiered and role-based access to Vendor s security analyses and monitoring tools Date TBD Page 14
18 Network Security Services Roles and Responsibilities Vendor County 11. Review and approve security analysis and monitoring tools Security Policy and Controls 12. Provide County security strategy, policies and requirements 13. Recommend Vendor s standard best practice security policies, services and procedures 14. Review and provide input and/or additional procedures as required and approve Vendor recommended standard/best practice security policies, services and procedures 15. Ensure compliance with patch management and Change Management policy 16. Proactively monitor current IT security trends, threats, exploits and security best practices and notify the County of same 17. Provide a County security liaison that works with Vendor for security requirements related to the scope of this Schedule 18. Implement a Network Security Incident Response Team (NSIRT) program to resolve security incidents 19. Participate in Computer Incident Response Team (CIRT) as required by the County or Third Parties 20. Review and approve all security plans, security remediation plans, programs, and security infrastructure Physical Security Control 21. Develop and maintain network environment access control lists and provide reporting on which individuals have accessed locations and resources 22. Review and approve network environment access control list 23. Conduct a quarterly review of the list of authorized people to computing/network equipment areas 24. Adhere to established access control policies and procedures System Administrative Privileges 25. Establish access profiles and policies for adding, changing, enabling/disabling and deleting log-on access for County and Third Parties 26. Investigate attacks (e.g., attempts to logon) 27. Provide logs of network security events containing data to support comprehensive audits of the effectiveness of, and compliance with security measures in accordance with County policies (e.g., audit trail) System Administrative Privileges 28. Establish access profiles and policies for adding, changing, enabling/disabling and deleting log-on access for County and Third Parties 29. Investigate systematic attacks (e.g., attempts to logon) 30. Provide logs of network security relevant events containing sufficient data to support comprehensive audits of the effectiveness of, and compliance with security measures (audit tracking) Date TBD Page 15
19 Network Security Services Roles and Responsibilities Vendor County Security Integrity Advisory 31. Provide security advisory information to the County in a mutually agreed manner 32. Evaluate security advisories, assign a risk value and communicate recommended action plan to the County Security Status Checking and Validation 33. Provide security assessment audit single point of contact to define audit controls and coordinate audit activities 34. Provide support for audit activities, public requests for information (PRIs) per the Public Information Act, e-discovery, legal hold, and forensic audits as required by the County (e.g., data collection, audit tool installation, report generation) 35. Develop plans to remediate audit findings that do not comply with the established County security policies and standards 36. Review and approve audit findings and remediation plans 37. Implement remediation plans and report on progress of associated implementation 38. Support audit activities by providing a security assessment audit coordinator 39. Maintain all documentation required for security assessments, Audits and internal control and control testing 40. Perform semi-annual security assessments, or ad hoc assessments as required, to identify control or security gaps and provide trending problem reports to the County, and recommend remediation plan(s) 41. Conduct security planning and review sessions to review results of security assessments and Vendor remediation plans 42. Review all findings and identified risks and approve remediation plans 43. Implement County-approved remediation plans Content Filtering for Malware 44. Review and approve Malware Prevention policies and services 45. Adhere to County-approved Malware Prevention policies and services 46. Monitor supplier information and manage up-to-date information on malicious code outbreaks and deploy the appropriate signature files to protect against the malicious code in accordance with established County Change Management procedures 47. Deploy anti-malware updates and patches following a Malware Incident per the County Change Management procedures 48. Immediately notify the County on detection of malicious code within the infrastructure 49. Implement the established action plan (e.g., quarantine of malicious code or network segment) and escalation procedures for a malicious code event beyond what is automatically fixed by the anti-malware software 50. Filter outbound URLs to enforce compliance with County policies 51. Filter both inbound/outbound multiple Web protocols, including deep inspection of encrypted traffic Date TBD Page 16
20 Network Security Services Roles and Responsibilities Vendor County 52. Filter inbound URLs real-time threat protection, block access to sites harboring harmful code, Malware - spyware, phishing, virus, worms and Trojan horse software. Provide for continuous scanning, eradication and reporting of detected harmful code as listed and Incident Resolution 53. Scan user-generated content per County policies 54. Provide seamless user/ip integration to County multi-agency for authentication, tracking, reporting 55. Integrate fully with End User browsers (e.g., MS I/E, foxfire, chrome) with IP and user identification tracking, reporting 56. Provide reporting and audit capabilities, including user activity as required by County polices 57. Provide for Agency tiered management 58. Manage user/groups URL filters and reporting as required Content Filtering of 59. Recommend Gateway and inbound and outbound Filtering policies, services and procedures 60. Review and approve Gateway and Filtering policies, services and procedures 61. Manage gateway SPAM, filters and queues, and process quarantined items to ensure that County services are not adversely affected by either inbound threats or outbound broadcast violations. Provide management of tiered quarantined items 62. Notify the County and provide remediation of any blacklist events, in accordance with County policies and procedures 63. Identify and block incoming spam while protecting against other threats (e.g., viruses, malware, phishing, directory harvest, denial of service, bounce back attacks, zero-hour threats, and spam surges) 64. Provide seamless user/ip integration to County multi-agency for authentication, tracking, reporting 65. Provide encryption 66. Provide flexible policy creation and enforcement, and logging and reporting 67. Manage process for misidentified legitimate messages as spam (false positives) and allowing legitimate traffic to flow in. 68. Provide spam-domain name reputation, IP reputation, sender authentication, grey listing, image filtering, integrity analysis, heuristic detection, blacklists, and white lists 69. Process requests for new County-owned URL, DNS and address formats per County Change Management processes Firewall Management, DMZ and Internet Infrastructure Services Firewall Management, DMZ and Internet Infrastructure Services are those activities associated with Managing and supporting all of County s firewalls, DMZ infrastructures, Internet connections and Third Party connections, proxies, content filters and other Services necessary for secure Internet access from and to the County network. Vendor shall provide these Services in compliance with the County s policies. Vendor will maintain and operate the firewall/dmz/internet infrastructure in such a way that Services are secure and reliable and Date TBD Page 17
21 perform according to requirements and SLRs. Vendor will also make recommendations on design Changes to improve Services as well as implementing the Change per established Change Management procedures. Vendor will act as an agency to contact ISPs and/or other Third Parties to setup connectivity and/or troubleshoot connections and other support questions. The following table identifies the Firewall Management, DMZ and Internet Infrastructure Services roles and responsibilities that Vendor and County shall perform. Table 9. Firewall Management, DMZ and Internet Infrastructure Services Roles and Responsibilities Firewall Management, DMZ and Internet Infrastructure Services Roles and Responsibilities 1. Recommend Vendor s standard Firewall Management, DMZ and Internet Infrastructure Services, procedures and best practices 2. Provide Firewall Management, DMZ and Internet Infrastructure requirements and policies (including segregation requirements and policies) 3. Develop, document and maintain in the Policies, Standards and Procedures Manual Firewall Management, DMZ and Internet Infrastructure Services procedures that meet requirements and adhere to defined policies 4. Review and provide input and/or additional procedures as required and approve Firewall Management, DMZ and Internet Infrastructure Services procedures 5. Perform Firewall Management, DMZ and Internet Infrastructure engineering and related security design including methods for secure network access and authentication in accordance with County policy 6. Review and approve Firewall Management, DMZ and Internet Infrastructure Services architecture and security designs 7. Perform Firewall Management, DMZ and Internet Infrastructure Services in accordance with architecture and security designs a County policies 8. Implement defined access requirements and standards via firewall rule sets 9. Ensure compliance to defined security and configuration standards including Internet content filtering 10. Assist with the definition of Intranet/Internet boundaries within the County Vendor 11. Maintain Intranet/Internet boundaries within the County 12. Define Third Party connectivity requirements and policies 13. Assist with the definition of Third Party connectivity strategy 14. Review and approve Third Party connectivity strategy 15. Implement and support County-approved Third Party connectivity strategy 16. Support and manage content compression devices, load balancing devices, and SSL acceleration 17. Notify the County and provide remediation of any blacklist events, in accordance with County policies and procedures County Date TBD Page 18
22 Firewall Management, DMZ and Internet Infrastructure Services Roles and Responsibilities 18. Monitor performance levels of the firewall/dmz/internet infrastructure through setting of thresholds, provide reporting, and take proactive and/or reactive steps to Resolve any performance issues Vendor 19. Provide proxy and content filter services based on approved policies 20. Provide County and user-specific internet usage reports County Security Intrusion Prevention and Detection Services Security Intrusion Prevention and Detection Services are those activities associated with managing and supporting the IPS/IDS infrastructure and providing quick follow up on security events. Vendor shall communicate any new security vulnerabilities and provide recommendations to remediate these vulnerabilities and implement County approved recommendations. Vendor shall provide NIDS (network-based intrusion detection service). Vendor shall restore offline security event data as follows: up to 30 days of consecutive event data restored within two (2) Business Days; up to six (6) months of consecutive event data within five Business Days; and for more than six (6) months of event data each request will be individually evaluated by Vendor and an estimated time to restore will be provided. Such data must be restorable for at least 365 contiguous days. The following table identifies the Security Intrusion Prevention and Detection Services roles and responsibilities that Vendor and the County shall perform. Table 10. Security Intrusion Prevention and Detection Services Roles and Responsibilities Security Intrusion Prevention and Detection Services Roles and Responsibilities 1. Recommend industry best practice Intrusion Prevention and Detection Services policies 2. Develop, document and maintain in the Policies, Standards and Procedures Manual the Intrusion Prevention and Detection Services procedures that meet requirements and adhere to County defined policies 3. Review and provide input and/or additional procedures as required and approve Intrusion Prevention and Detection Services procedures 4. Provide Security Intrusion Prevention and Detection Services and reporting in accordance with established policies and procedures 5. Provide, install, configure, and manage intrusion detection/prevention sensors at specific network entry points and all Third Party connection and wireless network entry points 6. Recommend risk ratings and remediation actions for security events in accordance with County policies and procedures Vendor 7. Review and approve the risk ratings and remediation plans and actions 8. Provide daily and monthly reports indicating number of detected intrusions. Reports should include the top ten (10) exploits (and their sources) and top ten (10) devices registering detected intrusion 9. Coordinate with independent Third Party security provider(s) to capture and provide reports and analysis (e.g., trending) of security events within the local network, as required 10. Provide capability for the County to run ad-hoc intrusion detection reports via Vendor-provided portal/integrated ITSM suite County Date TBD Page 19
23 Security Intrusion Prevention and Detection Services Roles and Responsibilities COUNTY OF ORANGE, CA 11. Notify the County of malicious activity and intrusions in accordance with County-defined policies 12. Provide alerts of malicious activity and intrusions according to risk rating of the signatures, in accordance with County-approved policies and procedures 13. Respond to and remediate the effects of malicious activity and intrusions as defined in the Incident Management process, as required to meet County policies and requirements Vendor 14. Continually develop recommendations for improved security 15. Provide recommendations for improved security on a quarterly basis or as required based on new security threats 16. Review and approve recommendations for improved security 17. Implement approved recommendations 18. Notify Vendor s security monitoring centers of scheduled Changes to the environment to ensure that the County does not receive security alerts when planned Changes are made Security Monitoring and Incident Management Services County Security Monitoring and Incident Management Services are those activities associated with security monitoring, Incident response and escalation, including ensuring that all necessary traffic and activities are logged in accordance with County policies. The following table identifies the Security Monitoring and Incident Management Services roles and responsibilities that Vendor and the County shall perform. Table 11. Security Monitoring and Incident Management Services Roles and Responsibilities Security Monitoring and Incident Management Services Roles and Responsibilities 1. Recommend industry best practice Security Monitoring and Incident Management Services policies Vendor 2. Establish Security Monitoring and Incident Management Services policies 3. Provide Security Monitoring and Incident Management Services in accordance with established policies 4. Provide initial review of security Incidents and escalate to the County s security function, in accordance with the County s policies and procedures 5. Identify, quarantine and/or remove from the network any malicious code (e.g., virus/worm infected system and/or rogue device) 6. Identify and provide countermeasures for attacks (e.g., hacker, malicious code, virus/worm, trojan) 7. Proactively and routinely evaluate internal security vulnerabilities and recommend mitigation plans 8. Collect,review and analyze all Incidents reported by all other security Services (e.g., NIDS, penetration testing, firewall) 9. Maintain log files in accordance with County policies County Date TBD Page 20
SCHEDULE 2B CONVERGED NETWORK MANAGEMENT SERVICES. for COUNTY. Xerox County of Orange MSA for IT Services Schedule 2B Converged Network Services SOW
SCHEDULE 2B CONVERGED NETWORK MANAGEMENT SERVICES for COUNTY erox County of Orange MSA for IT Services Table of Contents 1.0 Converged Network Management Services Overview and Objectives... 1 1.1 Converged
More informationSCHEDULE 2C DATA NETWORK MANAGEMENT SERVICES (INTERIM STATE SERVICES) for. Date TBD
SCHEDULE 2C DATA NETWORK MANAGEMENT SERVICES (INTERIM STATE SERVICES) for COUNTY OF ORANGE, CA Date TBD Table of Contents 1.0 Data Network Management Services Overview and Objectives... 1 1.1 Data Network
More informationAPPENDIX 8 TO SCHEDULE 3.3
EHIBIT Q to Amendment No. 60 - APPENDI 8 TO SCHEDULE 3.3 TO THE COMPREHENSIVE INFRASTRUCTURE AGREEMENT APPENDI 8 TO SCHEDULE 3.3 TO THE COMPREHENSIVE INFRASTRUCTURE AGREEMENT EHIBIT Q to Amendment No.
More informationAPPENDIX 8 TO SCHEDULE 3.3
APPENDI 8 TO SCHEDULE 3.3 TO THE COMPREHENSIVE INFRASTRUCTURE AGREEMENT APPENDI 8 TO SCHEDULE 3.3 TO THE COMPREHENSIVE INFRASTRUCTURE AGREEMENT APPENDI 8 TO SCHEDULE 3.3 TO THE COMPREHENSIVE INFRASTRUCTURE
More informationHow To Ensure The C.E.A.S.A
APPENDI 3 TO SCHEDULE 3.3 TO THE COMPREHENSIVE INFRASTRUCTURE AGREEMENT APPENDI 3 TO SCHEDULE 3.3 TO THE COMPREHENSIVE INFRASTRUCTURE AGREEMENT TUGeneral TUSecurity TURequirements TUDesign TUIntegration
More informationAPPENDIX 3 TO SCHEDULE 3.3 SECURITY SERVICES SOW
EHIBIT H to Amendment No. 60 APPENDI 3 TO SCHEDULE 3.3 TO THE COMPREHENSIVE INFRASTRUCTURE AGREEMENT SECURITY SERVICES SOW EHIBIT H to Amendment No. 60 Table of Contents 1.0 Security Services Overview
More informationOracle Maps Cloud Service Enterprise Hosting and Delivery Policies Effective Date: October 1, 2015 Version 1.0
Oracle Maps Cloud Service Enterprise Hosting and Delivery Policies Effective Date: October 1, 2015 Version 1.0 Unless otherwise stated, these Oracle Maps Cloud Service Enterprise Hosting and Delivery Policies
More informationCOUNTY OF ORANGE, CA SCHEDULE 2B DATA CENTER SERVICES SOW SCHEDULE 2B DATA CENTER SERVICES SOW. for. Date TBD
SCHEDULE 2B DATA CENTER SERVICES SOW SCHEDULE 2B DATA CENTER SERVICES SOW for COUNTY OF ORANGE, CA Date TBD Table of Contents 1.0 Services Overview and Objectives... 1 1.1 Data Center Services Overview...1
More informationCOUNTY OF ORANGE, CA Schedule 2D Service Desk Services SOW SCHEDULE 2D SERVICE DESK SERVICES SOW. for. Date TBD
SCHEDULE 2D SERVICE DESK SERVICES SOW for COUNTY OF ORANGE, CA Date TBD Schedule 2D Service Desk Services SOW Table of Contents 1.0 Service Desk Services Overview and Service Objectives... 1 1.1 Service
More informationSection 12 MUST BE COMPLETED BY: 4/22
Test Out Online Lesson 12 Schedule Section 12 MUST BE COMPLETED BY: 4/22 Section 12.1: Best Practices This section discusses the following security best practices: Implement the Principle of Least Privilege
More informationGuideline on Auditing and Log Management
CMSGu2012-05 Mauritian Computer Emergency Response Team CERT-MU SECURITY GUIDELINE 2011-02 Enhancing Cyber Security in Mauritius Guideline on Auditing and Log Management National Computer Board Mauritius
More informationensure prompt restart of critical applications and business activities in a timely manner following an emergency or disaster
Security Standards Symantec shall maintain administrative, technical, and physical safeguards for the Symantec Network designed to (i) protect the security and integrity of the Symantec Network, and (ii)
More informationMSP Service Matrix. Servers
Servers MSP Service Matrix Microsoft Windows O/S Patching - Patches automatically updated on a regular basis to the customer's servers and desktops. MS Baseline Analyzer and MS WSUS Server used Server
More informationIT Best Practices Audit TCS offers a wide range of IT Best Practices Audit content covering 15 subjects and over 2200 topics, including:
IT Best Practices Audit TCS offers a wide range of IT Best Practices Audit content covering 15 subjects and over 2200 topics, including: 1. IT Cost Containment 84 topics 2. Cloud Computing Readiness 225
More informationState of New Mexico Statewide Architectural Configuration Requirements. Title: Network Security Standard S-STD005.001. Effective Date: April 7, 2005
State of New Mexico Statewide Architectural Configuration Requirements Title: Network Security Standard S-STD005.001 Effective Date: April 7, 2005 1. Authority The Department of Information Technology
More information2. From a control perspective, the PRIMARY objective of classifying information assets is to:
MIS5206 Week 13 Your Name Date 1. When conducting a penetration test of an organization's internal network, which of the following approaches would BEST enable the conductor of the test to remain undetected
More informationCOUNTY OF ORANGE, CA Schedule 2G Desktop Support SOW SCHEDULE 2G DESKTOP SUPPORT SOW. for. Date TBD
COUNTY OF ORANGE, CA Schedule 2G Desktop Support SOW SCHEDULE 2G DESKTOP SUPPORT SOW for COUNTY OF ORANGE, CA Date TBD COUNTY OF ORANGE, CA Schedule 2G Desktop Support SOW Table of Contents 1.0 Desktop
More informationFIREWALL CHECKLIST. Pre Audit Checklist. 2. Obtain the Internet Policy, Standards, and Procedures relevant to the firewall review.
1. Obtain previous workpapers/audit reports. FIREWALL CHECKLIST Pre Audit Checklist 2. Obtain the Internet Policy, Standards, and Procedures relevant to the firewall review. 3. Obtain current network diagrams
More informationSupplier Information Security Addendum for GE Restricted Data
Supplier Information Security Addendum for GE Restricted Data This Supplier Information Security Addendum lists the security controls that GE Suppliers are required to adopt when accessing, processing,
More informationADDENDUM 9 TO APPENDIX 8 TO SCHEDULE 3.3 TO THE
ADDENDUM 9 TO APPENDIX 8 TO SCHEDULE 3.3 TO THE COMPREHENSIVE INFRASTRUCTURE AGREEMENT 1 1 OVERVIEW Managed Network Services may be provided for customers requiring WAN bandwidth with Managed Router or
More informationSUPPLIER SECURITY STANDARD
SUPPLIER SECURITY STANDARD OWNER: LEVEL 3 COMMUNICATIONS AUTHOR: LEVEL 3 GLOBAL SECURITY AUTHORIZER: DALE DREW, CSO CURRENT RELEASE: 12/09/2014 Purpose: The purpose of this Level 3 Supplier Security Standard
More informationSecurity Frameworks. An Enterprise Approach to Security. Robert Belka Frazier, CISSP belka@att.net
Security Frameworks An Enterprise Approach to Security Robert Belka Frazier, CISSP belka@att.net Security Security is recognized as essential to protect vital processes and the systems that provide those
More informationLarry Wilson Version 1.0 November, 2013. University Cyber-security Program Critical Asset Mapping
Larry Wilson Version 1.0 November, 2013 University Cyber-security Program Critical Asset Mapping Part 3 - Cyber-Security Controls Mapping Cyber-security Controls mapped to Critical Asset Groups CSC Control
More informationManaged Services Agreement. Hilliard Office Solutions, Ltd. PO Box 52510 Phone: 432-617-4677 Midland, Texas 79710 Fax: 432-617-3043
Managed Services Agreement Hilliard Office Solutions, Ltd. PO Box 52510 Phone: 432-617-4677 Midland, Texas 79710 Fax: 432-617-3043 SERVICE DESCRIPTIONS By purchasing these Services from Hilliard Office
More informationRecommended IP Telephony Architecture
Report Number: I332-009R-2006 Recommended IP Telephony Architecture Systems and Network Attack Center (SNAC) Updated: 1 May 2006 Version 1.0 SNAC.Guides@nsa.gov This Page Intentionally Left Blank ii Warnings
More informationEnterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006
Enterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006 April 2013 Hologic and the Hologic Logo are trademarks or registered trademarks of Hologic, Inc. Microsoft, Active Directory,
More informationExhibit to Data Center Services Service Component Provider Master Services Agreement
Exhibit to Data Center Services Service Component Provider Master Services Agreement DIR Contract No. DIR-DCS-SCP-MSA-002 Between The State of Texas, acting by and through the Texas Department of Information
More informationAutomate PCI Compliance Monitoring, Investigation & Reporting
Automate PCI Compliance Monitoring, Investigation & Reporting Reducing Business Risk Standards and compliance are all about implementing procedures and technologies that reduce business risk and efficiently
More informationAchieving PCI-Compliance through Cyberoam
White paper Achieving PCI-Compliance through Cyberoam The Payment Card Industry (PCI) Data Security Standard (DSS) aims to assure cardholders that their card details are safe and secure when their debit
More informationFRANKFORT PLANT BOARD CABLE MODEM INTERNET BROADBAND INTERNET SERVICE DISCLOSURES
FRANKFORT PLANT BOARD CABLE MODEM INTERNET BROADBAND INTERNET SERVICE DISCLOSURES Consistent with FCC 1 regulations, Frankfort Plant Board (FPB) provides this information about our broadband Internet access
More informationINFORMATION TECHNOLOGY ENGINEER V
1464 INFORMATION TECHNOLOGY ENGINEER V NATURE AND VARIETY OF WORK This is senior level lead administrative, professional and technical engineering work creating, implementing, and maintaining the County
More informationOvation Security Center Data Sheet
Features Scans for vulnerabilities Discovers assets Deploys security patches transparently Allows only white-listed applications to run in workstations Provides virus protection for Ovation Windows workstations
More informationCentral Agency for Information Technology
Central Agency for Information Technology Kuwait National IT Governance Framework Information Security Agenda 1 Manage security policy 2 Information security management system procedure Agenda 3 Manage
More informationLAMAR STATE COLLEGE - ORANGE INFORMATION RESOURCES SECURITY MANUAL. for INFORMATION RESOURCES
LAMAR STATE COLLEGE - ORANGE INFORMATION RESOURCES SECURITY MANUAL for INFORMATION RESOURCES Updated: June 2007 Information Resources Security Manual 1. Purpose of Security Manual 2. Audience 3. Acceptable
More informationChapter 9 Firewalls and Intrusion Prevention Systems
Chapter 9 Firewalls and Intrusion Prevention Systems connectivity is essential However it creates a threat Effective means of protecting LANs Inserted between the premises network and the to establish
More informationIntroduction. PCI DSS Overview
Introduction Manage Engine Desktop Central is part of ManageEngine family that represents entire IT infrastructure with products such as Network monitoring, Helpdesk management, Application management,
More informationIT Networking and Security
elearning Course Outlines IT Networking and Security powered by Calibrate elearning Course Outline CompTIA A+ 801: Fundamentals of Computer Hardware/Software www.medallionlearning.com Fundamentals of Computer
More informationSANS Top 20 Critical Controls for Effective Cyber Defense
WHITEPAPER SANS Top 20 Critical Controls for Cyber Defense SANS Top 20 Critical Controls for Effective Cyber Defense JANUARY 2014 SANS Top 20 Critical Controls for Effective Cyber Defense Summary In a
More informationBuilding A Secure Microsoft Exchange Continuity Appliance
Building A Secure Microsoft Exchange Continuity Appliance Teneros, Inc. 215 Castro Street, 3rd Floor Mountain View, California 94041-1203 USA p 650.641.7400 f 650.641.7401 ON AVAILABLE ACCESSIBLE Building
More informationIP Telephony Management
IP Telephony Management How Cisco IT Manages Global IP Telephony A Cisco on Cisco Case Study: Inside Cisco IT 1 Overview Challenge Design, implement, and maintain a highly available, reliable, and resilient
More informationNOS for Network Support (903)
NOS for Network Support (903) November 2014 V1.1 NOS Reference ESKITP903301 ESKITP903401 ESKITP903501 ESKITP903601 NOS Title Assist with Installation, Implementation and Handover of Network Infrastructure
More informationSTRATEGIC POLICY. Information Security Policy Documentation. Network Management Policy. 1. Introduction
Policy: Title: Status: 1. Introduction ISP-S12 Network Management Policy Revised Information Security Policy Documentation STRATEGIC POLICY 1.1. This information security policy document covers management,
More informationSolution Brief. Secure and Assured Networking for Financial Services
Solution Brief Secure and Assured Networking for Financial Services Financial Services Solutions Page Introduction To increase competitiveness, financial institutions rely heavily on their networks to
More informationCOUNTY OF ORANGE, CA ATTACHMENT A STATEMENT OF WORK DEFINITIONS ATTACHMENT A STATEMENT OF WORK DEFINITIONS. for. Date TBD
ATTACHMENT A STATEMENT OF WORK DEFINITIONS for COUNTY OF ORANGE, CA Date TBD This is Attachment A (Statement of Work Definitions) to the Agreement between the County of Orange, CA ( County ) and Vendor.
More informationEnterprise K12 Network Security Policy
Enterprise K12 Network Security Policy I. Introduction The K12 State Wide Network was established by MDE and ITS to provide a private network infrastructure for the public K12 educational community. Therefore,
More informationGFI White Paper PCI-DSS compliance and GFI Software products
White Paper PCI-DSS compliance and Software products The Payment Card Industry Data Standard () compliance is a set of specific security standards developed by the payment brands* to help promote the adoption
More informationMarch 2012 www.tufin.com
SecureTrack Supporting Compliance with PCI DSS 2.0 March 2012 www.tufin.com Table of Contents Introduction... 3 The Importance of Network Security Operations... 3 Supporting PCI DSS with Automated Solutions...
More informationINCIDENT RESPONSE CHECKLIST
INCIDENT RESPONSE CHECKLIST The purpose of this checklist is to provide clients of Kivu Consulting, Inc. with guidance in the initial stages of an actual or possible data breach. Clients are encouraged
More informationEmpowering the Enterprise Through Unified Communications & Managed Services Solutions
Continuant Managed Services Empowering the Enterprise Through Unified Communications & Managed Services Solutions Making the transition from a legacy system to a Unified Communications environment can
More information74% 96 Action Items. Compliance
Compliance Report PCI DSS 2.0 Generated by Check Point Compliance Blade, on July 02, 2013 11:12 AM 1 74% Compliance 96 Action Items Upcoming 0 items About PCI DSS 2.0 PCI-DSS is a legal obligation mandated
More informationExhibit to Data Center Services Service Component Provider Master Services Agreement
Exhibit to Data Center Services Service Component Provider Master Services Agreement DIR Contract No. DIR-DCS-SCP-MSA-002 Between The State of Texas, acting by and through the Texas Department of Information
More informationNetwork Service, Systems and Data Communications Monitoring Policy
Network Service, Systems and Data Communications Monitoring Policy Purpose This Policy defines the environment and circumstances under which Network Service, Systems and Data Communications Monitoring
More informationNetwork Virtualization Network Admission Control Deployment Guide
Network Virtualization Network Admission Control Deployment Guide This document provides guidance for enterprises that want to deploy the Cisco Network Admission Control (NAC) Appliance for their campus
More informationAdvantages of Managed Security Services
Advantages of Managed Security Services Cloud services via MPLS networks for high security at low cost Get Started Now: 877.611.6342 to learn more. www.megapath.com Executive Summary Protecting Your Network
More informationHow NETGEAR ProSecure UTM Helps Small Businesses Meet PCI Requirements
How NETGEAR ProSecure UTM Helps Small Businesses Meet PCI Requirements I n t r o d u c t i o n The Payment Card Industry Data Security Standard (PCI DSS) was developed in 2004 by the PCI Security Standards
More informationHoneywell Industrial Cyber Security Overview and Managed Industrial Cyber Security Services Honeywell Process Solutions (HPS) June 4, 2014
Industrial Cyber Security Overview and Managed Industrial Cyber Security Services Process Solutions (HPS) June 4, Industrial Cyber Security Industrial Cyber Security is the leading provider of cyber security
More informationJK0 015 CompTIA E2C Security+ (2008 Edition) Exam
JK0 015 CompTIA E2C Security+ (2008 Edition) Exam Version 4.1 QUESTION NO: 1 Which of the following devices would be used to gain access to a secure network without affecting network connectivity? A. Router
More informationCisco Advanced Services for Network Security
Data Sheet Cisco Advanced Services for Network Security IP Communications networking the convergence of data, voice, and video onto a single network offers opportunities for reducing communication costs
More informationOvation Security Center Data Sheet
Features Scans for vulnerabilities Discovers assets Deploys security patches easily Allows only white-listed applications in workstations to run Provides virus protection for Ovation Windows stations Aggregates,
More informationOSU INSTITUTE OF TECHNOLOGY POLICY & PROCEDURES
Network Security 6-005 INFORMATION TECHNOLOGIES July 2013 INTRODUCTION 1.01 OSU Institute of Technology (OSUIT) s network exists to facilitate the education, research, administration, communication, and
More informationRetention & Destruction
Last Updated: March 28, 2014 This document sets forth the security policies and procedures for WealthEngine, Inc. ( WealthEngine or the Company ). A. Retention & Destruction Retention & Destruction of
More informationThe Protection Mission a constant endeavor
a constant endeavor The IT Protection Mission a constant endeavor As businesses become more and more dependent on IT, IT must face a higher bar for preparedness Cyber preparedness is the process of ensuring
More informationNetwork Management and Monitoring Software
Page 1 of 7 Network Management and Monitoring Software Many products on the market today provide analytical information to those who are responsible for the management of networked systems or what the
More informationDid you know your security solution can help with PCI compliance too?
Did you know your security solution can help with PCI compliance too? High-profile data losses have led to increasingly complex and evolving regulations. Any organization or retailer that accepts payment
More informationAlcatel-Lucent Services
SOLUTION DESCRIPTION Alcatel-Lucent Services Security Introduction Security is a sophisticated business and technical challenge, and it plays an important role in the success of any network, service or
More informationCompTIA Security+ (Exam SY0-410)
CompTIA Security+ (Exam SY0-410) Length: Location: Language(s): Audience(s): Level: Vendor: Type: Delivery Method: 5 Days 182, Broadway, Newmarket, Auckland English, Entry Level IT Professionals Intermediate
More informationData Management Policies. Sage ERP Online
Sage ERP Online Sage ERP Online Table of Contents 1.0 Server Backup and Restore Policy... 3 1.1 Objectives... 3 1.2 Scope... 3 1.3 Responsibilities... 3 1.4 Policy... 4 1.5 Policy Violation... 5 1.6 Communication...
More informationCompany Co. Inc. LLC. LAN Domain Network Security Best Practices. An integrated approach to securing Company Co. Inc.
Company Co. Inc. LLC Multiple Minds, Singular Results LAN Domain Network Security Best Practices An integrated approach to securing Company Co. Inc. LLC s network Written and Approved By: Geoff Lacy, Tim
More informationPCI Requirements Coverage Summary Table
StillSecure PCI Complete Managed PCI Compliance Solution PCI Requirements Coverage Summary Table January 2013 Table of Contents Introduction... 2 Coverage assumptions for PCI Complete deployments... 2
More informationehealth Ontario EMR Connectivity Guidelines
ehealth Ontario EMR Connectivity Guidelines Version 1.3 Revised March 3, 2010 Introduction Ontario s new ehealth strategy includes the use of commercially-available high-speed Internet to meet Electronic
More informationOverview. Summary of Key Findings. Tech Note PCI Wireless Guideline
Overview The following note covers information published in the PCI-DSS Wireless Guideline in July of 2009 by the PCI Wireless Special Interest Group Implementation Team and addresses version 1.2 of the
More informationNetwork Security Guidelines. e-governance
Network Security Guidelines for e-governance Draft DEPARTMENT OF ELECTRONICS AND INFORMATION TECHNOLOGY Ministry of Communication and Information Technology, Government of India. Document Control S/L Type
More informationPierianDx - Clinical Genomicist Workstation Software as a Service FAQ s
PierianDx - Clinical Genomicist Workstation Software as a Service FAQ s Network Security Please describe the preferred connection method(s) between the PierianDx network and a healthcare organization s
More informationUnified Threat Management, Managed Security, and the Cloud Services Model
Unified Threat Management, Managed Security, and the Cloud Services Model Kurtis E. Minder CISSP Global Account Manager - Service Provider Group Fortinet, Inc. Introduction Kurtis E. Minder, Technical
More informationSecure Remote Access Solutions Balancing security and remote access Bob Hicks, Rockwell Automation
Secure Remote Access Solutions Balancing security and remote access Bob Hicks, Rockwell Automation Rev 5058-CO900C Agenda Control System Network Security Defence in Depth Secure Remote Access Examples
More informationSecurity+ Guide to Network Security Fundamentals, Fourth Edition. Chapter 6 Network Security
Security+ Guide to Network Security Fundamentals, Fourth Edition Chapter 6 Network Security Objectives List the different types of network security devices and explain how they can be used Define network
More informationHow To Control Vcloud Air From A Microsoft Vcloud 1.1.1 (Vcloud)
SOC 1 Control Objectives/Activities Matrix goes to great lengths to ensure the security and availability of vcloud Air services. In this effort, we have undergone a variety of industry standard audits,
More informationNetwork Security Administrator
Network Security Administrator Course ID ECC600 Course Description This course looks at the network security in defensive view. The ENSA program is designed to provide fundamental skills needed to analyze
More informationNextiraOne, LLC d/b/a Black Box Network Services
NextiraOne, LLC d/b/a Black Box Network Services Black Box Network Services Additional Terms and Conditions Managed Services ( Additional Terms ) applicable to furnishing of equipment and services within
More informationApproved 12/14/11. FIREWALL POLICY INTERNAL USE ONLY Page 2
Texas Wesleyan Firewall Policy Purpose... 1 Scope... 1 Specific Requirements... 1 PURPOSE Firewalls are an essential component of the Texas Wesleyan information systems security infrastructure. Firewalls
More informationHow To Manage Security On A Networked Computer System
Unified Security Reduce the Cost of Compliance Introduction In an effort to achieve a consistent and reliable security program, many organizations have adopted the standard as a key compliance strategy
More informationMITEL. NetSolutions. Flat Rate MPLS VPN
MITEL NetSolutions Flat Rate MPLS VPN A Comprehensive, Intelligent Network-based Solution Businesses today demand an ever-evolving list of requirements of their networks. From connecting branch locations
More informationSecurity Controls for the Autodesk 360 Managed Services
Autodesk Trust Center Security Controls for the Autodesk 360 Managed Services Autodesk strives to apply the operational best practices of leading cloud-computing providers around the world. Sound practices
More informationINTRUSION DETECTION SYSTEMS and Network Security
INTRUSION DETECTION SYSTEMS and Network Security Intrusion Detection System IDS A layered network security approach starts with : A well secured system which starts with: Up-to-date application and OS
More informationRule 4-004M Payment Card Industry (PCI) Monitoring, Logging and Audit (proposed)
Version: Modified By: Date: Approved By: Date: 1.0 Michael Hawkins October 29, 2013 Dan Bowden November 2013 Rule 4-004M Payment Card Industry (PCI) Monitoring, Logging and Audit (proposed) 01.1 Purpose
More informationPART D NETWORK SERVICES
CONTENTS 1 ABOUT THIS PART... 2 2 PUBLIC NETWORK... 2 Internet... 2 3 PRIVATE NETWORK... 3 Global WAN services... 3 4 SECURITY SERVICES... 3 Firewall... 4 Intrusion Prevention (Network)... 5 SSL/IPSEC
More informationIBM Managed Security Services (Cloud Computing) hosted e-mail and Web security - express managed Web security
IBM Managed Security Services (Cloud Computing) hosted e-mail and Web security - express managed Web security INTC-8608-01 CE 12-2010 Page 1 of 8 Table of Contents 1. Scope of Services...3 2. Definitions...3
More informationa) Encryption is enabled on the access point. b) The conference room network is on a separate virtual local area network (VLAN)
MIS5206 Week 12 Your Name Date 1. Which significant risk is introduced by running the file transfer protocol (FTP) service on a server in a demilitarized zone (DMZ)? a) User from within could send a file
More informationInformation Security Risk Assessment Checklist. A High-Level Tool to Assist USG Institutions with Risk Analysis
Information Security Risk Assessment Checklist A High-Level Tool to Assist USG Institutions with Risk Analysis Updated Oct 2008 Introduction Information security is an important issue for the University
More informationDefending Against Data Beaches: Internal Controls for Cybersecurity
Defending Against Data Beaches: Internal Controls for Cybersecurity Presented by: Michael Walter, Managing Director and Chris Manning, Associate Director Protiviti Atlanta Office Agenda Defining Cybersecurity
More informationHow To Protect Your Network From Attack From A Virus And Attack From Your Network (D-Link)
NetDefend Firewall UTM Services Unified Threat Management D-Link NetDefend UTM firewalls (DFL-260/860) integrate an Intrusion Prevention System (IPS), gateway AntiVirus (AV), and Web Content Filtering
More information---Information Technology (IT) Specialist (GS-2210) IT Security Competency Model---
---Information Technology (IT) Specialist (GS-2210) IT Security Model--- TECHNICAL COMPETENCIES Computer Forensics Knowledge of tools and techniques pertaining to legal evidence used in the analysis of
More informationNETWORK SERVICES FOR NON-STATE AGENCIES
PRODUCT DESCRIPTION Product Number: 2382.05.15 NETWORK SERVICES FOR NON-STATE AGENCIES Effective Date: July 1, 2008 (Reviewed January 2014) Revision Date: January 2015 Version: 001.7 Product Manager: Brett
More informationBest Practices for PCI DSS V3.0 Network Security Compliance
Best Practices for PCI DSS V3.0 Network Security Compliance January 2015 www.tufin.com Table of Contents Preparing for PCI DSS V3.0 Audit... 3 Protecting Cardholder Data with PCI DSS... 3 Complying with
More informationRequest for Proposal Technology Services Maintenance and Support
Request for Proposal Technology Services Maintenance and Support Maintenance and Support July 19, 2014 Celerity Educational Group is seeking an IT consulting firm to manage Maintenance of our Network Systems
More informationBAE Systems PCI Essentail. PCI Requirements Coverage Summary Table
BAE Systems PCI Essentail PCI Requirements Coverage Summary Table Introduction BAE Systems PCI Essential solution can help your company significantly reduce the costs and complexity of meeting PCI compliance
More informationSPRINT PCS DATA LINK - WIRELESS WAN PRODUCT ANNEX
SPRINT PCS DATA LINK - WIRELESS WAN PRODUCT ANNEX The following terms and conditions in this Sprint PCS Data Link Wireless WAN Product Annex ( Annex ), together with the Sprint Standard Terms and Conditions
More informationSecurity Policy JUNE 1, 2012. SalesNOW. Security Policy v.1.4 2012-06-01. v.1.4 2012-06-01 1
JUNE 1, 2012 SalesNOW Security Policy v.1.4 2012-06-01 v.1.4 2012-06-01 1 Overview Interchange Solutions Inc. (Interchange) is the proud maker of SalesNOW. Interchange understands that your trust in us
More informationFundamentals of a Windows Server Infrastructure MOC 10967
Fundamentals of a Windows Server Infrastructure MOC 10967 Course Outline Module 1: Installing and Configuring Windows Server 2012 This module explains how the Windows Server 2012 editions, installation
More informationNetwork Security. Protective and Dependable. 52 Network Security. UTM Content Security Gateway CS-2000
Network Security Protective and Dependable With the growth of the Internet threats, network security becomes the fundamental concerns of family network and enterprise network. To enhance your business
More information