Neustar UltraDNS Managed DNS

Transcription

1 Neustar UltraDNS Managed DNS Neustar UltraDNS Service Definition In Accordance with the ITT Open Procedure Crown Commercial Service G-Cloud 6 Submitted by NeuStar, Inc. ( Neustar ) Venture House, London Road Staines Middlesex, TW18 4HF, UK December 17th, 2014

2 Proposal Version: 1.0 Date: December 17 th, 2014 Copyright 2014 Neustar, Inc. All Rights Reserved. Material herein contained may not be duplicated, redistributed, excerpted, sold, or stored in any information retrieval system without prior express written permission of Neustar, Inc. TRADEMARKS Neustar and the Neustar logo are registered trademarks of Neustar, Inc. All other company, brand, and product names are the trademarks or registered trademarks of their respective companies. NEUSTAR CONFIDENTIAL & PROPRIETARY INFORMATION Neustar Proprietary & Confidential ii

3 Table of Contents Compliance Matrix... v 1. Service Overview Neustar UltraDNS Overview Neustar Experience and Expertise UltraDNS Infrastructure UltraDNS Architecture UltraDNS Services Data Model UltraDNS Geo IP Services UltraDNS Services Nodes Anycast Implementation Information Assurance Neustar s Quality Management System Data Restoration/Backup and Disaster Recovery Data Restoration/Backup Disaster Recovery On-boarding and Off-boarding Process On-boarding and Off-boarding Process Service Migration Scope Pricing Overview Service Management DNS Service Details DNS Change Propagation High-Performance DNS Resolver Attack Mitigation Service Constraints Service Constraints Maintenance Windows Neustar Proprietary & Confidential iii

4 8. Service Levels Industry-Leading SLAs Financial Recompense Model Training Neustar Professional Services Order and Invoice process Termination Process Technical Requirements Neustar UltraDNS Technical Requirement Service Dependencies Technical Interface Bandwidth and Latency Requirements Trial Service Availability Supplier Lot(s) Neustar Proprietary & Confidential iv

5 Compliance Matrix The following table highlights Neustar s ability to comply with the Crown Commercial Service G-Cloud 6 Service Definition Requirements Neustar UltraDNS Services Crown Commercial Service G Cloud 6 - Requirements Neustar Compliance (Yes/No/Partial) Requirements S An overview of the G-Cloud Service (functional, no- functional); Yes. Comply. Please refer to Section 1, Service Overview. S Information assurance S Whether you hold a suitably scoped ISO27001 certificate for this G- Cloud Service. S Relevant information surrounding your service in relation to the Government Security Classification (GSC) scheme crd S Details of the level of data restoration/backup/restore and disaster recovery that will be provided; S On-boarding and off-boarding processes/service migration/scope etc.; S A brief overview of pricing (including unit prices, volume discounts (if any), data extraction etc.); S Service management details; S Service constraints (e.g. maintenance windows, level of customisation permitted, schedule for deprecation of functionality/features etc.); S Service levels (e.g. performance, availability, support hours, severity definitions etc.); S Financial recompense model for not meeting service levels; S Training; S Order and Invoice Process S Termination process: S By consumers (i.e. consumption); and S By the Supplier (removal of the G-Cloud Service); Technical requirements (service dependencies and detailed technical interfaces, e.g. client side requirements, bandwidth/latency requirements etc.) and details of any trial service available. No. Please refer to Section 2, Information Assurance. Yes. Comply. Please refer to Section 3, Data Restoration/Backup and Disaster Recovery. Yes. Comply. Please refer to Section 4, Onboarding and Off-boarding Process. Yes. Comply. Please refer to Section 5, Pricing Overview. Yes. Comply. Please refer to Section 6, Service Management Details. Yes. Comply. Please refer to Section 7, Service Constraints. Yes. Comply. Please refer to Section 8, Service Levels. Yes. Comply. Please refer to Section 9, Financial Recompense Model. Yes. Comply. Please refer to Section 10, Training. Yes. Comply. Please refer to Section 11, Order and Invoice Process. Yes. Comply. Please refer to Section 12, Termination Process. Yes. Comply. Please refer to Section 13, Technical Requirements. S1-1.2 The Supplier was successful in Lot(s): Yes. Comply. Please refer to Section 14, Supplier Lot. Neustar Proprietary & Confidential v

6 1. Service Overview Requirement S An overview of the G-Cloud Service (functional, no- functional); 1.1 Neustar UltraDNS Overview Neustar UltraDNS is a leader in the Managed DNS space in performance, security, reliability and manageability. Our global IP Anycast and BGP infrastructure is world class and will provide our Customer with reliable accessibility and proper functioning of its websites, along with control and easy management of its domains. Neustar s philosophy is to deliver best of breed solutions to our customers, to include powering and protecting many of the Fortune 100 companies. UltraDNS maintains the most technically significant distributed database installation, and leverages advanced replication over a wide area network. UltraDNS is one of the world s largest Authoritative DNS networks, answering roughly 18 billion DNS queries every day. UltraDNS has 30+ global nodes, security, advanced load balancing and failover solutions, Geo-IP routing, an industry leading SLA, and is DNSSEC and IPv6 compliant. Additionally, Neustar UltraDNS includes mitigation for DNS level DDoS attacks. DNS based DDoS attacks are the second most common type of DDoS attack and customers can protect themselves from these types of attacks simply by using UltraDNS for Authoritative DNS. Neustar will mitigate any denial of service attack launched against the DNS zones of an UltraDNS customer. This service is included for every UltraDNS client, and acts as a complementary service to SiteProtect, Neustar s cloud DDoS mitigation solution for layer 3, 4 and attacks to include volumetric and application attacks. Blended attacks will employ multiple attack vectors, simultaneously attacking DNS along with WWW or other resources, in an attempt to bring down the most vulnerable service. During such an event, Neustar will isolate the DNS zones of the UltraDNS client and run DNS traffic through the SiteProtect mitigation network (along with WWW or other hosts if being protected by SiteProtect), thereby protecting both DNS and other hosts simultaneously. UltraDNS customers also enjoy an easy-to-use SSL-based interface for managing their UltraDNS zones. This makes changing A Records simple. Changes propagate globally in a matter of minutes. Together, UltraDNS and SiteProtect provide our clients with a comprehensive security solution allowing Neustar a holistic view of the network to monitor and protect our clients business 24x7x365. Service Highlights & Differentiators Fastest DNS propagation, averaging thirty (30) to ninety (90) seconds worldwide The largest globally distributed DNS footprint Proprietary, industry-leading network platform Carrier-class, highly redundant network nodes One of the largest global networks using BGP and IP Anycast 100% uptime, with 100% SLA Nameserver segmentation for greater security and protection from DDoS attack impact across the network Add-on dedicated resolvers and nameserver segmentation for increased performance and security DNSSEC and IPv6 compliant SSAE 16, Type-II compliant Operations Center (NOC) and fully manned Security Operations Center (SOC) Secure web-based DNS management portal and SOAP API Traffic routing capabilities 20+ Million Domains under management 16 Billion DNS resolutions requests per day Neustar Proprietary & Confidential 1

7 1.2 Neustar Experience and Expertise Neustar s end-to-end expertise in both service and product delivery is unparalleled. Behind Neustar the company is a team of innovators developing technologies and processes to ensure that Neustar clients stay at the forefront of their industry. Neustar is committed to working with our Customers by providing a global enhanced DNS infrastructure, in addition to sharing knowledge from the work being done in other fields, including DDoS Mitigation, DNS Security, DNSSEC, Fraud Prevention, and general Cyber Security. Since 1999, UltraDNS Services have played a key role in directing and managing Internet traffic, enabling thousands of customers to intelligently and securely control and distribute that traffic. UltraDNS and DNS Advantage are premier managed DNS services, offering the ultimate in performance and security. Neustar s experience and blend of technologies allow it to provide fast, reliable and secure solutions. This service also features proprietary non-bind based resolvers, advanced replication technology, IP Anycast, BGP routing traffic management tools, nameserver announcement segmentation, dedicated resolvers, and a unique, holistic approach to DDoS protection. Implementing UltraDNS can mean the difference between reaching your site and being denied, between keeping your customers and losing them to the competition. With the UltraDNS Managed DNS Service, Neustar clients have the ability to offload system responsibility for their authoritative DNS, while maintaining control and ensuring consistent, accurate resolution of all their Internet domains. With UltraDNS, our Customer will have the luxury of using a globally distributed DNS network, complete with leading security measures with respect to DDoS mitigation and other vulnerabilities, along with two 24x7x365 Network Operation Centers, and a state-of-the-art Security Operation Center. 1.3 UltraDNS Infrastructure The UltraDNS Managed DNS Service is built on a global Directory Services Platform consisting of strategically placed network nodes spanning five continents. UltraDNS Directory Services Platform requests are routed to the nearest available geographic network node through IP Anycast to a proprietary DNS resolver. This type of geographic routing and redundancy ensures customers receive the fastest, most accurate DNS response all day, every day. Customers need not worry about outage concerns for maintenance windows, resetting DNS during administrative procedures, hardware failures, or any other scenario. Their DNS is always available and always accurate. 1.4 UltraDNS Architecture Neustar Ultras maintains a mesh of thirty globally synchronized DNS server systems with four distinct Class C Anycast prefixes, each announced in a staggered pattern from our thirty locations, via a different set of service providers. These systems are multi-homed at all locations and are publicly and privately peered. Advanced replication ensures that data is replicated between and within all nodes. Neuter s standard deployment leverages multiple Tier 1 network providers and burstable bandwidth circuits within network node locations Ultra DNS Services Architecture The Neustar DNS service is a globally distributed multi-level constellation of DNS appliances that are dynamically updated. It uses a series of hidden masters that are RFC compliant to push changes to a globally diverse robust set of DNS slaves. They have 30 DNS nodes announcing query services over IPv6 and IPV4 using both TCP and UDP in a state-of-the-art Anycast network Network Segmentation In traditional DNS networks, all customers share the same underlying IP address announcements for the DNS traffic. An attack against one = an attack for ALL. To counter this threat, Neustar introduced nameserver segmentation to the UltraDNS network. Neustar Proprietary & Confidential 2

8 Nameserver Segmentation isolates small groups or individual customer authoritative DNS announcements Customer nameserver announcements are insulated from traffic directed at other customer nameservers The separation of announcements enhances Neustar s ability to manage customer traffic and provide the basis for automated DDoS mitigation New network monitors for traffic pattern and volume changes that indicate possible DDoS events Automation provides for transition of traffic from the UltraDNS network into the SiteProtect network within minutes of detection Dedicated Resolvers Dedicated, Virtualized Instances of Resolver resources in Service Nodes (Only Traffic for that customer on Resolver) Customer can opt for higher Regional Density Example: 2 Dedicated Instances in Europe & Asia w/ 1 in West & East US Automated Failover of Dedicated Announcements into Shared Resolver in that node Guaranteed Dedicated Restoral on Failover w/in 4hrs at current or other node in Region SLA s for Availability, Failover and Restoral per Dedicated Resolver Display of Dedicated Instance Locations and Status in UltraDNS Portal Per Dedicated Node Reporting (Activity, Performance, Query Type, Host Response, Response Comparison and Volume Changes) Recursive DNS Recursive is Neustar s Caching DNS Server for Network Operators and the Enterprise. Recursive DNS is delivered through Neustar s global directory platform, providing added security to carriers without any lapse in performance Recursive DNS delivers unsurpassed security, query resolution in conjunction with fastest response times Neustar s proprietary platform helps carriers mitigate against the recent Kaminsky Cache Poisoning vulnerability The Recursive DNS platform can be extended to deliver optional services which enhance and secure the end user experience while introducing carriers to new revenue streams 1.5 UltraDNS Services Data Model The UltraDNS Services node is designed around a data model maintained within a commercial database. The data model contains information about principal objects managed by the system (e.g., users, DNS zones, and resource records) and the additional information required to control the processes operating on the data (e.g., service configuration parameters and ACL info). The various functionalities of the UltraDNS Services system are provided by numerous disparate processes, which primarily serve as a conduit between the database and end user requests. Neustar Proprietary & Confidential 3

9 1.6 UltraDNS Geo IP Services Neustar provides geo-location DNS resolution depending on the requester location. In addition to core authoritative managed external DNS service, Neustar will be providing our Customer, with Geo-IP Directional Services to create business rules of directing end user traffic to specific network assets. Neustar Directional DNS delivers Source IP or Geo-IP global traffic management through our UI and/or API. PricewaterhouseCoopers audit of Neustar IP Intelligence (formerly Quova), confirms year after year that Neustar provides the most accurate IP information in the world. Geo-IP DNS load balancing provides for country-to-country, state-to-state, and province-to-province load balancing by clicking a location in the UltraDNS Management Portal, and then, assigning an associated IP on the Host. 1.7 UltraDNS Services Nodes Each node is designed to provide both security and scalability for the UltraDNS Services network. By utilizing dedicated hardware, UltraDNS Services partitions each major part of the network to function independently, thereby ensuring access control to each point, as well as growth capability. Hardware can be transparently added to an existing node without affecting service to that node. In this case, once a new device is added, it will immediately begin announcing the Anycast addresses and be included in the pool of servers available to answer queries within that node. Likewise, if a server were to fail, it would immediately stop announcing the Anycast addresses and queries would be answered by the next functioning server in that node Software UltraDNS Services has developed a non-bind proprietary code built from the ground up. The proprietary code base is extensively tested by third-party security audits; which have found no vulnerabilities that could be remotely abused to acquire restricted privileges or cause failure of directory resolution capabilities on the UltraDNS Services system. In addition to supporting the standard DNS specifications and RFC s, there are numerous features and enhancements that have been incorporated into the UltraDNS Services system to ensure robustness, security, and redundancy well above the capability of legacy DNS server implementations Border Gateway Protocol (BGP) UltraDNS Services has incorporated BGP announcement generating code directly into UltraDNS Services DNS resolver. This allows for nameservers or complete nodes to be removed from the pool of active systems upon the detection of anomalous data, or the failure of any key element of that nameserver or node. Should the entire node fail, the BGP announcements for that node are withdrawn, and queries are automatically routed only to the operational nodes. The code is fully compliant with the following RFCs: 2453, 2080, 2328, 2460, 2373, 2463, 2464, 2236, 1812 and Anycast Implementation DNS Infrastructure The primary mechanism for addressing and routing announcements pioneered and used by UltraDNS Services is known as Anycast. This technique involves the announcement of the same IP addresses by multiple nodes at the same time. The result is a DNS infrastructure that has the highest level of performance and lowest level of latency and packet loss possible, while providing the ability to increase the number of available nameservers globally during times of need (DDoS attacks, etc.) without the need for modifications by any users or networks external to UltraDNS Services. By injecting a BGP route from each node, the system leverages IP routing to deliver user queries to a topologically nearby node. This results in: A reduction of network latency for DNS transactions, as compared with a standard deployment of DNS services Neustar Proprietary & Confidential 4

10 A reduction in the number of queries that are routed to distant servers, thereby reducing the likelihood of encountering congested routers A resulting reduction in the number of query packets that are dropped and cause DNS timeouts/retries Improved performance and reliability to the end user UltraDNS Services mechanism has been adopted by most major root/tld operators as a Best Current Practice. Diverse network connectivity is deployed within the UltraDNS Services network. Primary connectivity is provided multiple Tier 1 network providers and multi-homed with 100 Mbps base lined (Fast Ethernet) connections which are burstable to 1 Gbps from each provider. However, to ensure robustness and redundancy, a carefully architected matrix of network announcements is utilized to ensure that both minor and catastrophic failures of any elements within the UltraDNS Services network will not result in failures of resolution for end users. UltraDNS Services has also implemented additional connections at most nodes to local public switched peering fabrics Global Anycast Network Added reliability is achieved by announcing up to four global IP addresses from each device in the UltraDNS Services TLD sever network infrastructure. This provides additional redundancy in the face of network routing problems that can be caused by third parties. In the unlikely event that one or more of the IP addresses become unreachable, queries from users fail-over to an alternate global IP address. The fundamental design creates combinations of IP address, network provider, and physical node locations such that even in the event of the catastrophic failure of an entire network backbone provider, an entire physical location, or even an entire region, queries from any location in the world would still have a viable, functional set of address/route/location options. In any region of the Internet, no more than two IP addresses of the six that are announced would result in packets reaching the same node over the same path and no more than three IP addresses of the six that are announced would result in packets reaching the same physical location irrespective of what networks were traversed. Neustar Proprietary & Confidential 5

11 2. Information Assurance Requirement S Information assurance S S Whether you hold a suitably scoped ISO27001 certificate for this G-Cloud Service. Relevant information surrounding your service in relation to the Government Security Classification (GSC) scheme 2.2 Neustar s Quality Management System While Neustar does not currently hold an ISO27001 certificate, our security practices are aligned with ISO27001 standards/policies. Neustar maintains a Quality Management System in compliance with ISO 9001:2008 Quality Standard as the framework for delivery of quality products and services, continuous improvement, and process effectiveness. Neustar s Operational Excellence (OpX) Committee has established the corporate Quality Policy in accordance with ISO 9001 requirements and the needs of the business. It is the responsibility of all employees to promote this policy in all activities that affect the management of product quality, and the delivery of services to Neustar customers. Neustar Proprietary & Confidential 6

12 3. Data Restoration/Backup and Disaster Recovery Requirement S Details of the level of data restoration/backup/restore and disaster recovery that will be provided; 3.1 Data Restoration/Backup Traffic Management Services Failover & monitoring, GSLB, and geographic traffic routing A suite of innovative services that leverage the UltraDNS infrastructure to provide enterprises with advanced web traffic management tools without deploying and managing expensive hardware and software: SiteBacker is a web server failover service that has monitoring agents residing in multiple locations within the Neustar UltraDNS global network. If multiple monitoring agents agree that a predefined test has failed the service initiates a server failover by automatically modifying the DNS response server record for the monitored server. In addition, an alert is sent to a list of predetermined contacts. When the server has been restored to service, SiteBacker automatically recognizes the server s online status and restores it to service by replacing the DNS response record with the original. Traffic Controller is a weighted or percentage-based load balancing service that provides you with the ability to route user traffic based on preset percentages that will define how traffic is dynamically adjusted based on performance and/or availability. Once configured, the service seamlessly routes user traffic to specific servers based on the originating DNS query and routing definitions. The management portal allows administrators to quickly make changes to the service configurations, such as adding new load balancing pools, modifying existing pool resources or deleting load balancing pools altogether. Neustar UltraDNS advanced replication technology ensures that the changes are propagated globally in near-real time. Directional DNS accelerates service and enables localized website content routing by IP, or end-user geo-location. It is a geographic web traffic routing service that allows you to provide DNS responses to users based on their geographic location. Used to guide customers to web servers that will provide the best performance or to deliver them targeted content, this service not only improves site performance, load distribution and the overall customer experience, but also allows a network to function in its most effective capacity. Combine directional DNS with IP geo-location for highly targeted solutions, all without costly equipment purchases and hardware/software maintenance. 3.2 Disaster Recovery Incidents within the Neustar Ultra Services production environment are monitored by the two Neustar Network Operation Centers 7x24x365 based out of Sterling, VA and Louisville, Kentucky, with a corresponding disaster recovery location in Brisbane, CA. The Neustar NOC has a complete escalation and severity matrix that outlines the method of contact and escalation of incidents within Neustar s production environment. Escalation and notification of an incident takes place within 10 minutes of the initial identification of the service error. Communication with the client occurs via phone, , and/or SMS messaging dependent upon the incident severity level. The Neustar NOC will escalate production environment issues to the Neustar Operations group and manages the communication between the business division, customer support departments, and product management. The precise escalation path varies dependent upon the nature of the incident but may include NOC personnel, Systems Administrators, DBA management, Neustar Proprietary & Confidential 7

13 Engineering, Development and Business Division Managers/Directors. Each escalation path includes senior management/executive level staff. If incidents arise within the Neustar Ultra Services environment, the Neustar NOC will alert the Ultra Services Support department of these direct customer affecting issues. As part of Neustar s existing relationship as provider of DNS services, if the incident directly affects the service provided to the Customer, Neustar will contact a designated point of contact(s) at a pre-established phone and contact regarding the issue present within the service infrastructure. UltraDNS uses IP Anycast and diversifies its name server announcements from multiple nodes and multiple providers. This ensures that there is no single point of failure within the UltraDNS network and allows Neustar to offer several layers of redundancy within multiple aspects of the platform. The network is not dependent on one node or even multiple nodes, as other nodes can service queries uninterrupted in the event one node is taken out of service. There are multiple injection points to ensure that all tools used by customers to manage records are always available. This includes the user interface, two APIs, and Sitebacker/Traffic Controller service. Multiple databases are used to ensure data is maintained and replicated across all Data nodes in near real time fashion. As a leading industry provider of mission critical databases and data centers, Neustar will not partner with or rely on subpar providers and facilities. Neustar carefully selects appropriate facilities and ensures that these facilities offer the most advanced systems for mitigating conditions that may cause a complete failure of a node. Minimum requirements for Neustar s hosting sites include: Hardware redundancy (N+1 or better) at the network, DNS server and database server level. Environmental protection equipment including UPS, generator and HVAC systems Fire suppression equipment (pre-action sprinkler and/or gas suppression system) 24x7 security including onsite personnel, biometric access control and CCTV coverage Environmental monitoring system and 7x24 monitoring personnel Smart Hands 7x24 technical support available Diverse physical network paths into the site Multiple Tier-1 Internet Service Providers available with on-net service Neustar prefers hosting sites that also act as Internet Exchange Points Neustar Proprietary & Confidential 8

14 4. On-boarding and Off-boarding Process Requirement S On-boarding and off-boarding processes/service migration/scope etc. 4.1 On-boarding and Off-boarding Process Neustar has a role based permission model. The default permission groups are Reporting (Read-Only), Technical (add / delete / modify records) and Administration (add / delete users). The Customer can create default permission groups down to the record level if required. Additionally, Neustar supports IP Access Control Lists. This will restrict access to the UltraDNS portal to certain IP addresses (e.g., only known Customer IP addresses), and prevent unauthorized access from outside IP addresses. 4.2 Service Migration As standard, Neustar does not provide migration services within the base price. Neustar can provide migration services as part of our professional services offerings, these offerings are an additional cost option. 4.3 Scope As the migration services are offered as professional services the scope can be customized by the customer at contract signing. In general the scope will be restricted to the UltraDNS service. This will include zone file migration and delegation of DNS authority in addition to project management. Neustar Proprietary & Confidential 9

15 5. Pricing Overview Requirement S A brief overview of pricing (including unit prices, volume discounts (if any), data extraction etc.); UltraDNS Managed External DNS Service - Packages starting from Product Quantity Price Notes DNS Queries 1 Million $195USD Per Month 12 Months Additional Features Sitebacker Per Endpoint $125USD Per Month Directional DNS per endpoint Per Endpoint $150USD Per Month Traffic Controller $250USD Per Month Service Features Include Mitigation of Distributed Denial-of-Service (DDOS) attacks directed at the DNS service Globally distributed Anycast cloud network of DNS resolvers Rapid propagation of DNS configuration changes within the network Optional Add-on DNS Service Features Include DNS-based traffic management services Domain Name System Security Extensions (DNSSEC) capabilities, including automated zone and key signing Management User Interface (UI), including: o Management of DNS zone, resource record, and optional DNS-based traffic management service configuration o Multi-user account configuration (unlimited number of user accounts per customer account) o Pre-defined user permissions model o DNS usage reporting Audit logging, including: o DNS & user account configuration changes o User log-in events Optional add-on UI features 2-factor user authentication Customer-defined user permissions model Advanced Reporting service provides additional level of DNS usage reporting SOAP & REST API management interfaces Neustar Proprietary & Confidential 10

16 6. Service Management Requirement S Service management details; 6.1 DNS Service Details The Neustar DNS service is a globally distributed multi-level constellation of DNS appliances that are dynamically updated. It uses a series of hidden masters that are RFC compliant to push changes to a globally diverse robust set of DNS slaves. They have 30 DNS nodes announcing query services over IPv6 and IPV4 using both TCP and UDP in a state-of-the-art Anycast network. The figure below shows the relationship Multi-tier Network Infrastructure Figure 1 highlights Neustar s multi-tier network infrastructure. Figure 1: The DNS service is a globally distributed multi-level constellation 6.2 DNS Change Propagation In addition to core resolution, Neustar currently provides continuous, near-real-time zone modifications, distributed to geographically diverse locations, resulting in up-to-date responses from nameservers. As registrars submit changes in domain records, the system will reflect these in the zone almost immediately. The DNS data is maintained within the registry, pushed into the nameserver infrastructure via a Zone Administrator process, and then across the nameserver infrastructure via zone replication. 6.3 High-Performance DNS Resolver The DNS Resolver is a proprietary Neustar implementation that has been built from the ground up to be a high performance, reliable DNS resolution server. It has been benchmarked to handle over 80,000 requests per second and 500 million records per server. To ensure the data in cache is timely, Neustar has developed its own proprietary data distribution technology. When Record changes occur via the Management Interface, API or data transfer (AXFR) at the Data node network layer, record data is replicated in real-time to all (4) Data nodes worldwide. At the Data nodes, all new / edited / delete record data is then published to a queue which is monitored by the Service nodes every 10 seconds for new information. As soon as the Service node sees the new record data, it writes it to its local cache and begins serving the new information. Neustar s Neustar Proprietary & Confidential 11

17 implemented system is designed to handle 500 million resource records and exceed 80,000 queries per second per resolver. Due to Neustar s database-architecture, Neustar is able to scale its system as required. Neustar has done extensive testing in Neustar s development and QA environments on a continual basis to make sure all new software releases or functionality enhancements do not negatively affect Neustar s performance. A sample of Neustar s current verification tools includes: Live traffic replay using custom developed tools, Neustar can replay live DNS traffic from its production infrastructure at various queries per second levels to determine the peak queries per second Neustar can handle as well as gauge the query loss levels at the value (Neustar targets 80,000 queries per second at 0% query loss level) Data injection tests using custom developed tools, Neustar can simulate massive injection runs against its database infrastructure, and measure and monitor the effect on its query resolution abilities. Then using the tools outlined in number one above, Neustar can test the performance impacts of the system during these injection runs Due to the database-centered design of Neustar s DNS system, the maximum size of a zone is only limited to the underlying physical disk space on Neustar s servers. Neustar currently has zones in excess of 32 million records. Neustar designed its DNS solution to not only be scalable and secure, but also flexible. If the current system reached the maximum numbers detailed above, Neustar has numerous options for scaling its system even further, not limited to but including segmenting its enterprise and TLD customers, etc. 6.4 Attack Mitigation Neustar UltraDNS customers are provided with a network segment for DNS announcements. Each segment is provided with unique nameserver names and nameserver addresses. The segmentation may either be shared with other customers or dedicated to a single customer, depending on a customer s size. Any customer may opt for a dedicated segment for a fee. This segmentation strategy is beneficial to our customers in two ways. If a DDoS attack is aimed at one of our customers, only the customers on that segment are impacted. All other segments will be unaffected. This serves to isolate our customers from each other. Also, if your segment is attacked at the DNS level, we can apply the mitigation techniques described below specifically to the segment under attack. When an attack commences it is detected by Neustar s Security Operations Center. Upon DDoS attack validation by the SOC, the network segments are rerouted using BGP to our SiteProtect scrubbing centers. Various algorithms are then used to separate attack traffic from legitimate DNS queries. These legitimate queries are proxied to and resolved by DNS Resolvers situated locally in the scrubbing centers and the query response is sent back to the recursive server making the query. Once the attack subsides and traffic returns to normal patterns, query resolution is shifted back to the standard DNS Infrastructure. In addition to the ability to fail over the segments under DDoS attack to the SiteProtect infrastructure, smaller attacks can be handled locally by DDoS mitigation appliances that Neustar has in each Service node. Larger or more complex attacks, failover to the completely separate (circuits, hardware) SiteProtect infrastructure to prevent any collateral performance impact on UltraDNS customers and leverage the much higher bandwidth overhead of the SiteProtect platform Monitoring/Logging/Reporting/Alerting Neustar has designed and developed numerous traffic analysis systems for routine as well as ad hoc analysis. Some of the systems include: 1. Query performance monitoring Monitors the real time query statistics of Neustar s system (including response types and various transport mechanisms). Real time performance of Neustar s databases and resolvers both from internal locations as well as from a large amount of remote probes located at various provider and geographic locations. Neustar Proprietary & Confidential 12

18 2. Advanced query deep packet inspection to spot trends in DNS-specific items such as queried for names, types, classes, as well as source locations and destination customers. 3. Arbor Peakflow Neustar has deployed the Arbor Peakflow analysis and mitigation platform. 4. Neustar has high speed network taps deployed with dedicated sniffing/analysis machines. These machines run the tools described above, as well as some off the shelf tools for traffic and DNS query analysis. 5. Routine analysis is performed on items such as: a. Network traffic levels and patterns b. Geographic traffic sources c. DNS query levels and patterns Neustar has tactically developed and deployed systems that provide real time deep packet inspection and analysis of DNS traffic; these systems provide the ability to spot trends in query types, query for records etc. Storage of the data above varies per system, but query performance and statistics log information is stored in an aggregated format for several years. Real time query data is generally stored for a few days for postincident analysis. DDoS signature and other security incident data is archived and stored in a secure location. Logging System and software logs are captured per DNS service system and stored both locally and on a central logging infrastructure. On the local system, the logs are retained on a rolling seven-day basis. The central log server retains logs on a rolling six-month basis. The logs are monitored for various data, including DNS service software warnings and errors, and DNS protocol issues. Data is reviewed and analyzed on a daily basis to spot early indicators of issues, traffic anomalies, etc. System Monitoring Neustar s NOC is responsible for monitoring all Neustar facilities for significant events. The NOC is manned 7x24x365 and uses state-of-the-art network and systems management tools to verify that all systems, network equipment, applications and data center environmental components are functioning at peak performance levels. If problems are detected with any component, standardized troubleshooting, escalation and resolution procedures are immediately called into action to ensure the quickest resolution possible. Monitoring is used as a means of ensuring the health and stability of Neustar s systems, and monitoring tools and alarms are in place to identify potential problems. Historical and real-time information generated by systems monitoring tools are displayed in reports and visual interfaces that provide a concise and complete view of Neustar s services supported by the IT infrastructure. This enables Neustar to proactively increase operational control, maximize uptime, and plan capacity to maintain service availability and performance levels. Performance management practices rely on systems monitoring to ensure monitoring is continuously operational, track systems processes, and support the computing infrastructure. Neustar s System, Network, Security, and Service Management operational teams use the same tools in parallel to monitor the systems and the service for leading indicators of future problems, performance tuning, capacity management and overall system/service performance reporting. System level metrics that help Neustar keep track of system level capacity include: CPU utilization Memory utilization Disk utilization Disk I/O Network I/O Neustar Proprietary & Confidential 13

19 In addition (and more importantly), Neustar monitors application level capacity: QPS per resolver QPS per database Application load is reviewed on a weekly basis to proactively evaluate, plan, and ultimately, strategically execute on capacity needs. Consistent peak loads (normal traffic) above 50% of capacity trigger a build out of additional resolvers and/or databases. All Service/System/Software configurations are inspected no less than annually via formal audits. Each specific system/service is also reviewed by the Neustar Operations Change Management practice at each change event. To enforce configuration management, Neustar utilizes a configuration management monitoring solution to monitor and report on any unauthorized core system changes. All Service/System/Software configurations are inspected no less than annually via formal audits. Additionally, Neustar follows a highly structured Incident Management process for tracking and progressing individual events from identification to closure. This process has been refined over years of experience delivering industry-critical, carrier-grade solutions which enable Neustar to ensure that there is minimal if any service disruption. Neustar s process takes into account a range of service impacting failures that may occur. While these incidents may manifest in different ways (e.g., via proactive performance monitoring or via automated server fault alarming) and different skill sets may need to be brought to bear to resolve the different incidents (data center environmental event, network security events, application equipment event, database event, network equipment event, Telco event, etc.), the Neustar Incident Management practice ensures that each incident is appropriately classified and diagnosed so that it can be put on the right resolve and restore path. Neustar has long been at the forefront of standards development and new DNS technologies. Neustar is very active in several working groups at the IETF, and several Neustar principles have authored RFCs from fields such as number portability, SIP, ENUM and DNS. Neustar Proprietary & Confidential 14

20 7. Service Constraints Requirement S Service constraints (e.g. maintenance windows, level of customisation permitted, schedule for deprecation of functionality/features etc.); 7.1 Service Constraints Neustar does not anticipate any service constraints with our UltraDNS platform. UltraDNS consists of 30 geographically-distributed nodes that are highly redundant and fault tolerant by design. The availability calls for 100% uptime. Ultra s Disaster Recovery Plan documents the Risk Management, Quality Control and Quality Assurance plans/procedures in place, and Neustar maintains an SSAE-16 certification for this service. The UltraDNS Managed DNS Service is built on a global Directory Services Platform consisting of strategically placed network nodes spanning five continents. UltraDNS Directory Services Platform requests are routed to the nearest available geographic network node through IP Anycast to a proprietary DNS resolver. This type of geographic routing and redundancy ensures customers receive the fastest, most accurate DNS response all day, every day. Customers need not worry about outage concerns for maintenance windows, resetting DNS during administrative procedures, hardware failures, or any other scenario. Their DNS is always available and always accurate. 7.2 Maintenance Windows Maintenance performed to any component of the UltraDNS Server Network (a) of which the customer is notified five or more days (5+) in advance, and (b) that is performed during a standard maintenance window on Monday through Thursday from 2:00 a.m. to 6:00 a.m. Eastern Time. Notice of Regularly Scheduled Maintenance will be provided to the customer s designated point of contact electronic mail. Neustar Proprietary & Confidential 15

21 8. Service Levels Requirement S Service levels (e.g. performance, availability, support hours, severity definitions etc.); 8.1 Industry-Leading SLAs Figure 2 below highlights Neustar s network and system availability. We are confident that our service level standards, will meet our Customer s online service requirements. Figure 2: Neustar Service Level Standards Neustar Proprietary & Confidential 16

22 9. Financial Recompense Model Requirement S Financial recompense model for not meeting service levels; As stated within the Neustar DNS Service Level Agreement: Section 4 Remedies for Service Outages: 4.1 If Neustar determines that the Service Outage reported by Customer occurred, Neustar will issue to Customer a Credit, upon Customer s request, as follows: For a Service Outage occurring with respect to the SLA provided in , if the Service Outage is greater than five (5) seconds but less than or equal to five (5) minutes, one (1) Credit shall apply. If the Service Outage is greater than five (5) minutes but less than or equal to four (4) hours, seven (7) Credits shall apply. If the Service Outage lasts more than four (4) hours, thirty (30) Credits shall apply For a Service Outage occurring with respect to the SLAs provided in , , , , and , if the Service Outage causes performance to drop below 99.9% but it remains at or above 98%, five (5) Credits shall apply. If the Service Outage causes performance to drop below 98% but it remains at or above 96%, then (10) Credits shall apply. If the Service Outage causes performance to drop below 96%, fifteen (15) Credits shall apply For any Service Outage occurring with respect to the SLA provided in , then (10) Credits shall apply For a Service Outage occurring with respect to the SLA provided in , if the monthly average is greater than 100ms but less than or equal to 125ms, five (5) Credits shall apply. If the monthly average is greater than 125ms but less than or equal to 175ms, ten (10) Credits shall apply. If the monthly average is greater than 175ms, fifteen (15) Credits shall apply For a Service Outage occurring with respect to the SLA provided in , if the Service Outage causes performance to drop to or below 995 but it remains above 98%, five (5) Credits shall apply. If the Service Outage causes performance to drop to or below 98% but it remains above 96%, ten (10) Credits shall apply. If the Service Outage causes performance to drop to or below 96%, fifteen (15) Credits shall apply. 4.2 Any claims for a Credit must be made by Customer within seven (7) days after the alleged Service Outage and will be made to Neustar s Customer Support organization in writing. Claims made more than seven (7) days after the event will not be eligible for any of the remedies described herein. Customer will provide to Neustar all relevant details and documentation supporting Customer s claims of a Service Outage. Neustar will investigate the claim and will respond back to Customer within then (10) business days of receipt of the notification of a claim from Customer. Customer may not accumulate more than thirty (30) Credits in any calendar month. Credits obtained by Customer shall have no cash value but will apply against Monthly Service Package Fees in future invoices. Neustar will use commercially reasonable efforts to reflect Credits on invoices issued one calendar month after the occurrence of the Service Outage. Credits shall only apply to Services provided pursuant to the Monthly Service Package Fee set forth in the Order Form and will not apply to any Neustar professional services or any other form of custom development services provided by Neustar. Customer s sole and exclusive remedy, and Neustar s sole and exclusive liability, in the event Neustar fails to meet this Service Level Agreement, shall be to receive a Credit in accordance with the terms of this Section 4. Neustar Proprietary & Confidential 17

23 10. Training Requirement S Training; 10.1 Neustar Professional Services Where Experience Meets Innovation The goal of the Neustar Professional Services team is to enable enterprises around the world to optimize the performance, reliability, and security of their Internet applications and infrastructure. Our suite of Professional Services has been developed to ensure that our customers maximize their return from Neustar s managed services, both operationally and financially. Whether you re looking to launch a new Internet application, expand your Internet infrastructure or resolve performance issues with your current operations, Neustar s Professional Services team draws on a wealth of experience and advanced analytical tools to deliver against your IT objectives. Our consultants can help you implement, maintain and improve your IT infrastructure while reducing your total cost of ownership. Key Benefits of Professional Services Consulting from DNS and DHCP experts Consulting from Web performance monitoring and management experts Experienced in developing and deploying 100% uptime architectures Proven delivery approach Customized solutions Pro-active account management to ensure an on-time and seamless transition Neustar Proprietary & Confidential 18

24 11. Order and Invoice process Requirement S Order and Invoice process; Neustar UltraDNS invoices are monthly and net 30. UltraDNS provides a Report Center which includes many graphs and metrics. The Report Center includes the following tabs: Account Summary, Activity, Performance, Query Types, Host Responses, Response Comparisons, Volume Changes, Advanced Response Codes, Advanced NXDomains, Advanced Client IP, and, Advanced Raw Queries. Neustar can provide sample graphs or a manual describing all of these features upon request. Neustar Proprietary & Confidential 19

25 12. Termination Process Requirement S Termination process: S By consumers (i.e. consumption); and S By the Supplier (removal of the G-Cloud Service); According to Section 3 of Neustar s Master Services Agreement (MSA), Neustar presents the following terms and conditions for Termination Process. TERM & TERMINATION. This MSA shall commence on the Effective Date and shall continue until the date on which the term of the last effective Service Order terminates, unless earlier terminated in accordance herewith. Either Party may terminate this MSA or a Service Order by written notice in the event that the other Party breaches this MSA or a Service Order and such breach is not cured within thirty (30) days of written notice thereof. Provided, however, that a breach of the MSA or Service Order with respect to one Service shall not constitute a breach of other Services and the MSA and such other Service Orders shall remain in full force and effect. Neustar may immediately terminate the MSA or a Service Order upon written notice if Customer: (a) becomes or is declared insolvent or bankrupt; (b) is the subject of any proceeding related to voluntarily or involuntarily liquidation or insolvency which is not dismissed within ninety (90) Days; or (c) makes an assignment for the benefit of creditors. Neustar Proprietary & Confidential 20

26 13. Technical Requirements Requirement Technical requirements (service dependencies and detailed technical interfaces, e.g. client side requirements, bandwidth/latency requirements etc.) and details of any trial service available; 13.1 Neustar UltraDNS Technical Requirement Neustar s global UltraDNS network consists of 30+ public nodes with additional private nodes collocated with leading ISPs making UltraDNS one of the largest and most widely distributed DNS infrastructures in the world. The UltraDNS network consists of a unique 3 Tiered architecture, with each network layer providing a specific level of functionality. Service Nodes (Tier III) are the resolution points of the network with 30 resolution locations globally. All internet traffic is directed to these locations for DNS record query resolution. Customer DNS records are stored in cache memory for query response resolution within the individual Resolvers in 1ms or less. Neustar maintains its own proprietary Resolver code base, which is not publicly available, and not vulnerable to the same risks as commonly used, open source resolver software (i.e. Bind). Data Nodes (Tier II) are the data interaction layer of the network with 4 (expanding to 6) redundant network locations globally. The Data nodes house all of the interaction points of the network Mgmt UI, API interfaces (REST & SOAP). The Data nodes form a cross replicating, redundant data store of all DNS records utilizing a highly resilient relational database infrastructure. Data nodes act as the distribution points to all Service nodes for DNS record data through Neustar proprietary data replication process (Feeder-Consumer) to distribute DNS record data worldwide within 90 seconds. Reporting Nodes (Tier I) are the data aggression layer of the network with 2 aggregation centers that collect all statistical query information from the Service nodes for Reporting, billing, etc. All DNS requests are routed to the geographically closest node via IP Anycast, ensuring they are resolved with the very latest data. It is monitored around the clock and backed by a 100% uptime service level agreement. Figure 3 below demonstrates Neustar s ever-expanding global network footprint. Our carrier class network delivers the fastest, most accurate responses, and the fewest dropped queries, all backed by our 100% SLA guarantee. Neustar s geographic diversity promotes high availability and low latency for the Customer s global audience. Neustar Proprietary & Confidential 21

27 Figure 3: Neustar Network Global Footprint 13.2 Service Dependencies UltraDNS is a standalone service and does not have any dependencies either internally or externally. Due to the distributed architecture, 30 nodes worldwide, the network does not have a single point of failure. In addition each node will remain fully operational even in the event of catastrophic failure of Neustar s management network, ensuring 100% uptime Technical Interface UltraDNS customers also enjoy an easy-to-use SSL-based interface for managing their UltraDNS zones. This makes changing A Records simple. Changes propagate globally in a matter of minutes. Together, UltraDNS and SiteProtect provide our clients with a comprehensive security solution allowing Neustar a holistic view of the network to monitor and protect our clients business 24x7x Bandwidth and Latency Requirements The primary mechanism for addressing and routing announcements pioneered and used by UltraDNS Services is known as Anycast. This technique involves the announcement of the same IP addresses by multiple nodes at the same time. The result is a DNS infrastructure that has the highest level of performance and lowest level of latency and packet loss possible, while providing the ability to increase the number of available nameservers globally during times of need (DDoS attacks, etc.) without the need for modifications by any users or networks external to UltraDNS Services. By injecting a BGP route from each node, the system leverages IP routing to deliver user queries to a topologically nearby node. This results in: A reduction of network latency for DNS transactions, as compared with a standard deployment of DNS services Neustar Proprietary & Confidential 22

28 A reduction in the number of queries that are routed to distant servers, thereby reducing the likelihood of encountering congested routers A resulting reduction in the number of query packets that are dropped and cause DNS timeouts/retries Improved performance and reliability to the end user Neustar Bandwidth provider(s) Network layer - network access and authorization is secured by perimeter protection utilizing a combination of network and security technology such as a stateful inspection firewall with IPS and IDS capabilities. The firewall rules are very strict, allowing only essential traffic through. System layer system access and authorization is secured by system hardening as per best practices such as: removal of unnecessary services and files file permission restrictions host based firewall OS integrity checking software - The core systems are protected against tampering by an application that monitors for unauthorized change. Application Layer Application access and authorization is secured with user login IDs, passwords, discrete role based access to information, and encryption (SSL/TLS, etc.). Security Incidents All security impacting incidents including viral attacks or hacking are considered Severity 1 events (the highest category of severity). Standard practice for these events is to open up an internal conference bridge which remains open with all parties engaged until resolution. The conference will be attended by knowledgeable Neustar personnel that are continuously available to aid in investigation. Upon the issuance of a Severity 1 trouble ticket, automatic paging systems summon a multi-disciplinary technical and operations team to the internal conference bridge. Each discipline engages in established troubleshooting protocols towards incident resolution. In the case of a security incident, the InfoSec team would typically take the lead in the identification, containment and eradication phases of the incident management effort with system and network operations personnel providing support and then executing recovery activities. Follow-up analysis and activities are overseen by Neustar s Problem Management process (specifically the Root Cause Analysis practice). It is not typically the case that software repair (vs. system or network isolation and sanitizing) is called for to resolve a security incident. Nonetheless, Neustar s software development organizations are also on call 24x7 to assist in this Incident Management process Trial Service Availability Trial Services are available to Customers on a case by case basis. Service Trials are at Neustar s discretion. Neustar Proprietary & Confidential 23

29 14. Supplier Lot(s) Requirement S1-1.2 The Supplier was successful in Lot(s): The Available Services covered by this Procurement have been sub-divided into 4 Lots, namely: LOT Lot 1 Lot 2 Lot 3 Lot 4 DESCRIPTION Infrastructure as a Service (IaaS) Platform as a Service (PaaS) Software as a Service (SaaS) Specialist Cloud Services (SCS) In accordance with Crown Commercial Service G-Cloud 6 procurement, Neustar is bidding under Lot 1 Infrastructure as a Service (IaaS). Neustar Proprietary & Confidential 24