1 Secure Gateway Firewall Secure Gateway Firewall provided by Verizon Business Services. All services may not be available in all areas Verizon. All Rights Reserved.
2 PROPRIETARY STATEMENT This document and any attached materials are the sole property of Verizon and are not to be used by you other than to evaluate Verizon s service. This document and any attached materials are not to be disseminated, distributed, or otherwise conveyed throughout your organization to employees without a need for this information or to any third parties without the express written permission of Verizon. 2 The Verizon names and logos and all other names, logos, and slogans identifying Verizon s products and services are trademarks and service marks or registered trademarks and service marks of Verizon Trademark Services LLC or its affiliates in the United States and/or other countries. All other trademarks and service marks are the property of their respective owners.
3 Agenda The customer environment: Business objectives Business challenges Verizon solution: Secure Gateway Firewall The Verizon difference Summary and next steps 3
4 Section 1 The Customer Environment Secure Gateway Firewall provided by Verizon Business Services. All services may not be available in all areas Verizon. All Rights Reserved.
5 Business Objectives Reduce operating expenses Increase operational efficiency Establish a flexible, scalable, and robust Internet service Implement an integrated private and public network Ensure network stability and predictability 5
6 Business Challenges Minimal technical expertise at remote locations Lack of standardized public network access Absent or minimal centralized protection against security threats 6
7 Section 2 Verizon Solution: Secure Gateway Firewall Secure Gateway Firewall provided by Verizon Business Services. All services may not be available in all areas Verizon. All Rights Reserved.
8 Overcoming Challenges to Meet Objectives Challenges Minimal technical expertise at remote locations Lack of standardized network access Absent or minimal centralized protection against security threats Verizon Secure Gateway Firewall Objectives Help reduce operating expenses Increase operational efficiency Establish a flexible, scalable, and robust Internet service Implement an integrated private and public network Help ensure network stability and predictability 8
9 Secure Gateway Firewall NBFW PVC Protected Path Through Secure Gateway Trunks to UUNET Customer Network 1 Verizon Frame Relay/ ATM/Private IP NBFW Verizon IP Network Internet Secure Gateway HR Routers Customer Network 2 9 Customer Network 3
10 Secure Gateway Firewall U.S. Pricing One Component + Private Network Secure Gateway Port: NRC/MRC 64K to 3 MB standard (ICB above 3 MB) Dual Secure Gateway port/gateway provisioned (network service redundancy) for additional charge Private Network: NRC/MRC Standard rates for Private IP, Frame Relay, and ATM apply 10
11 Section 3 The Verizon Difference Secure Gateway Firewall provided by Verizon Business Services. All services may not be available in all areas Verizon. All Rights Reserved.
12 Secure Gateway Firewall Overcoming Challenges to Meet Objectives Benefit Feature Challenge Addressed Objective Met Centralizes network- based firewall service Provides Verizon Frame Relay, Private IP, and ATM customers with the ability to securely access the public network (Internet) Lack of standardized network access Bring stability and predictability to the corporate network (WAN) environment Utilizes firewall located in the Verizon network Low-cost firewall option Absent or minimal centralized protection against security threats Absent or minimal centralized protection against security threats Verizon monitors, maintains, and manages the network-based firewall platform (not rule-sets) Verizon NOC provides 24x7 management, monitoring, and support for HWC and VPN Minimal technical expertise at remote locations Can help reduce expenses and ensure network stability and predictability Provides protection from many types of network threats Helps protect network from common attacks Absent or minimal centralized protection against security threats Can help ensure network stability and predictability Internet Access for Verizon Private Network customers Can help eliminate costly redundant circuits Lack of standardized network access Provides an integrated solution for private and public network connectivity, can help reduce expenses, and establish a flexible, scalable, and robust Internet service Network-based service No on-site technical resources needed Minimal technical expertise at remote locations Can help reduce expenses and increase operational efficiency 12
13 How Is Secure Gateway Firewall Different From CPE-Based Firewall Service? Cost CPE Management Reporting Intrusion detection ICMP attacks IP-spoofing attacks Fragmentation attacks UDP flooding TCP-based attacks Verizon Secure Gateway Firewall Secure Gateway port (cost determined by bandwidth) None Required Centralized No No Yes Yes Yes Yes Yes Verizon CPE-Based Firewall Requires individual firewalls at each remote location or centralized firewall Firewall at central site or local firewalls at remote sites Centralized or distributed Varies Varies Yes Yes Yes Yes Yes 13
14 Secure Gateway Firewall Case Study: Seafood Processor/Distributor Customer requirements: Network standardization Prioritize traffic for a future implementation of VoIP Obtain secure centralized Internet access to a specified subset of their end-users Eliminate circuit and service redundancy Verizon solution: Private IP network Secure Gateway Firewall 14
15 Summary: Secure Gateway Firewall Solves Business Challenges Secure access to the Internet Centralized protection against security threats Reduced network costs
16 Section 4 The Verizon Difference Secure Gateway Firewall provided by Verizon Business Services. All services may not be available in all areas Verizon. All Rights Reserved.
17 Section 5 Appendix Pricing Firewall Configurations Details on Firewall Rules Details on NAT Functionality With SIG Details on DDoS Policy Secure Gateway Firewall provided by Verizon Business Services. All services may not be available in all areas Verizon. All Rights Reserved.
18 Secure Gateway Firewall Secure Gateway Port Pricing U.S. Secure Gateway Port Pricing (MBS II, MBS I, and Pre-MBS) Port Speed (KB) ,024 1,536 2,048 3,072 Secure Gateway port NRC MRC $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ NA NA $ $1, Note: 4680 Kbps to 15,360 Kbps Secure Gateway ports are available after obtaining an approval from Capacity Planning. Minimum one-year term required. Early termination fee applies. Please see your Verizon account manager for complete details. Pricing was effective July 2005 and subject to change without notice. Excludes taxes and surcharges. 18
19 Secure Gateway Firewall Standard Configuration NBFW PVC Trunks to UUNET Verizon Frame Relay/ ATM/Private IP NBFW Verizon IP Network Internet Customer Network Frame Relay or ATM Link HR Routers Customer s PVC to Private IP Trunks to UUNET Verizon Frame Relay/ ATM/Private IP NBFW Verizon IP Network Internet Customer Network Link to Private IP HR Routers 19
20 Secure Gateway Firewall Redundancy Configuration Verizon Frame Relay/ ATM/Private IP NBFW 1 Verizon IP Network Internet NBFW 2 Customer Network Verizon Frame Relay/ ATM/Private IP NBFW 1 Verizon IP Network Internet NBFW 2 Customer Network 20
21 Secure Gateway Firewall Redundancy Configuration (cont d) Trunks to UUNET Verizon Frame Relay/ ATM/Private IP NBFW 1 Verizon IP Network Internet NBFW 2 Customer Network Frame Relay or ATM Link HR Routers Trunks to UUNET Verizon Frame Relay/ ATM/Private IP NBFW 1 Verizon IP Network Internet Customer Network NBFW 2 HR Routers 21
22 22 Details on Basic Stateful Firewall Rules
23 23 Details on Anti-Spoofing Rules
24 24 Details on Ingress Anti-Spoofing Rules
25 Details on Network Address Translation (NAT) Services 25
26 Details on NAT/PAT Translations and Mapping Features NBFW/NAT PC translated to WWW PC PC with any x.23 SMTP Server or Public Address Assigned to Customer Previously Verizon Frame Relay/ ATM Private Addresses translated to x.23 translated to x mapped to Internet FTP SMTP Servers 26
27 27 Details on DDoS Policy
28 For More Information To speak to a Verizon Representative about whether Secure Gateway - Firewall is right for your business: Fill out a consultation form at: Or Call , press 2 28
WHITE PAPER Mobility Services Platform (MSP) Using MSP in Wide Area Networks (Carriers) Table of Contents About This Document... 1 Chapter 1 Wireless Data Technologies... 2 Wireless Data Technology Overview...
Configuration Example Use NAT for Public Access to Servers with Private IP Addresses on the Private Network Example configuration files created with WSM v11.7.2 Revised 5/10/2013 Use Case In this use case,
FortiVoice Version 7.00 VoIP Configuration Guide FortiVoice Version 7.00 VoIP Configuration Guide Revision 2 14 October 2011 Copyright 2011 Fortinet, Inc. All rights reserved. Contents and terms are subject
Connecting Remote Offices by Setting Up VPN Tunnels Cisco RV0xx Series Routers Overview As your business expands to additional sites, you need to ensure that all employees have access to the network resources
Small Logo Estimating Trunk Channel Requirements for VoIP Gateways in Unified Communications Executive Summary Unified Communications (UC) solutions typically use VoIP to deliver phone calls and are connected
The owner friendly phone system for small business VoIP Network Configuration Guide Release 7.10 Copyright 2011 Fortinet, Inc. All rights reserved. Fortinet, FortiGate, FortiGuard, FortiCare, FortiManager,
VoIP Impairment, Failure, and Restrictions A BROADBAND INTERNET TECHNICAL ADVISORY GROUP TECHNICAL WORKING GROUP REPORT A Uniform Agreement Report Issued: May 2014 Copyright / Legal Notice Copyright Broadband
Common VoIP Architecture Executive Summary This white paper describes the architecture of AT&T s common infrastructure for real-time communications services over Internet protocol, commonly referred to
ZyWALL 5 Internet Security Appliance Support Notes Version 4.02 Dec. 2006 INDEX Application Notes...12 Seamless Incorporation into your network...12 Using Transparent (Bridge Mode) Firewall...12 Internet
Copyright 2007 Pirelli Broadband Solutions S.p.A. All rights reserved. This document contains Pirelli proprietary and confidential information. No part of this document may be copied, reprinted or reproduced
M86 MailMarshal Exchange USER GUIDE Software Version: 7.1 M86 MAILMARSHAL EXCHANGE USER GUIDE 2011 M86 Security All rights reserved. Published November 2011 for software release 7.1 No part of this Documentation
Using Avaya one-x Agent Release 2.0 November 2009 2009 Avaya Inc. All Rights Reserved. Notice While reasonable efforts were made to ensure that the information in this document was complete and accurate
Report Number: I332-016R-2005 Security Guidance for Deploying IP Telephony Systems Systems and Network Attack Center (SNAC) Released: 14 February 2006 Version 1.01 SNAC.Guides@nsa.gov ii This Page Intentionally
This design guide provides guidelines and best practices for customer deployments of IP Security (IPsec) direct encapsulation VPNs. It is assumed that the reader has a basic understanding of IPsec. Contents
vshield Manager 5.0.1 vshield App 5.0.1 vshield Edge 5.0.1 vshield Endpoint 5.0.1 This document supports the version of each product listed and supports all subsequent versions until the document is replaced
Mediacom Online Internet Access Service Customer and User Agreement The following are terms and conditions for use of Internet access and related services offered to residential, business and other subscribers
White Paper Application Visibility and Monitoring > An integrated approach to application delivery Application performance drives business performance Every business today depends on secure, reliable information
WHITEPAPER February 2014 3725-77704-001A RealPresence One Product Definition and Licensing Polycom, Inc. 0 Copyright 2014, Polycom, Inc. All rights reserved. No part of this document may be reproduced,
Communication is an important part of business enterprises, and many are adopting Unified Communications (UC) solutions to improve business processes and enhance communications. These UC solutions typically
IP Office H323 Telephone Installation Notes 15-601046 Issue 20d - (18 May 2015) 2015 AVAYA All Rights Reserved. Notice While reasonable efforts have been made to ensure that the information in this document
VODAFONE G-CLOUD SMS-SERVICE Version Content Owner Date 1.1 Robert Hotchkiss 27 August 2013 Page 1 of 13 TABLE OF CONTENTS 1. The G-Cloud SMS-Service... 3 1.1 Overview of the G-Cloud SMS-Service... 3 1.2
Application Performance Monitoring/Management (APM) Request for Information (RFI) 28198-CH Issued: March 30, 2015 Responses Due: May 12, 2015 This is not a bid or proposal. This Request for Information
: Ensuring End-to-End Service Quality and Performance in a Multi-Vendor Environment A Executive Summary Creating Business-Class VoIP Traditional voice services have always been reliable, available, and