1) Will 911 funds pay for the internet connection needed to provide access to ECaTS?



Similar documents
The Bomgar Appliance in the Network

Emergency Call Tracking System

Optimize your network for voice.

Meraki MX50 Hardware Installation Guide

Barracuda Link Balancer

Barracuda Link Balancer Administrator s Guide

VPN Only Connection Information and Sign up

ECaTS Emergency Call Tracking System

Installation of the On Site Server (OSS)

Yealink VC Series Video Conferencing System Quick Start Guide(V10.5)

CompTIA Network+ (Exam N10-005)

Chapter 6 Configuring the SSL VPN Tunnel Client and Port Forwarding

Firewalls and VPNs. Principles of Information Security, 5th Edition 1

Teleworker User Guide

Apache CloudStack 4.x (incubating) Network Setup: excerpt from Installation Guide. Revised February 28, :32 pm Pacific

Scenario 1: One-pair VPN Trunk

Using IPsec VPN to provide communication between offices

Understand Wide Area Networks (WANs)

3.1 RS-232/422/485 Pinout:PORT1-4(RJ-45) RJ-45 RS-232 RS-422 RS-485 PIN1 TXD PIN2 RXD PIN3 GND PIN4 PIN5 T PIN6 T PIN7 R+ PIN8 R-

Yealink VC400 Video Conferencing System Quick Start Guide

AVer EVC. Quick Installation Guide. Package Contents. 8. Mini Din 8 pin MIC Cable. 1. Main System. 9. HDMI Cable. 2. Camera. 10.

Opengear Technical Note

Barracuda IM Firewall Administrator s Guide

Broadband Bonding Network Appliance TRUFFLE BBNA6401

WAN Failover Scenarios Using Digi Wireless WAN Routers

Chapter 9 Firewalls and Intrusion Prevention Systems

Yealink VCS Network Deployment Solution

Digi Connect WAN Application Helper NAT, GRE, ESP and TCP/UPD Forwarding and IP Filtering

VoIP CONFIGURATION GUIDE FOR MULTI-LOCATION NETWORKS

DEPLOYMENT OF I M INTOUCH (IIT) IN TYPICAL NETWORK ENVIRONMENTS. Single Computer running I m InTouch with a DSL or Cable Modem Internet Connection

BR-800. ProHD Broadcaster. Easy Set-Up Guide V 1.01

Using a VPN with Niagara Systems. v0.3 6, July 2013

QUICK START GUIDE. Cisco S170 Web Security Appliance. Web Security Appliance

How To Load balance traffic of Mail server hosted in the Internal network and redirect traffic over preferred Interface

Smart Tips. Enabling WAN Load Balancing. Key Features. Network Diagram. Overview. Featured Products. WAN Failover. Enabling WAN Load Balancing Page 1

A typical router setup between WebSAMS and ITEd network is shown below for reference. DSU. Router

User s Manual TCP/IP TO RS-232/422/485 CONVERTER. 1.1 Introduction. 1.2 Main features. Dynamic DNS

DEPLOYMENT GUIDE. This document gives a brief overview of deployment preparation, installation and configuration of a Vectra X-series platform.

VDSL Hospitality Setup Guide. For 100+ Rooms

Appendix A: Configuring Firewalls for a VPN Server Running Windows Server 2003

Multi-Homing Security Gateway

Polycom. RealPresence Ready Firewall Traversal Tips

Securely manage data center and network equipment from anywhere in the world.

Load Balancing ContentKeeper With RadWare

DOORKING SYSTEMS 1830 SERIES NETWORK WORKSHOP LAN APPLICATIONS ACCESS CONTROL SOLUTIONS LOCAL AREA NETWORK (LAN) CONNECTION REV 04.

Hosted Voice. Best Practice Recommendations for VoIP Deployments

Hosting more than one FortiOS instance on. VLANs. 1. Network topology

Firewalls. Chapter 3

QUICK START GUIDE. Cisco C170 Security Appliance

Connecting the DG-102S VoIP Gateway to your network

To Configure Network Connect, We need to follow the steps below:

ADTRAN 3120 / 3130 Internet Configuration Guide

Broadband Bonding Network Appliance TRUFFLE BBNA6401

Personal Telepresence. Place the VidyoPortal/VidyoRouter on a public Static IP address

FSM73xx GSM73xx GMS72xxR Shared access to the Internet across Multiple routing VLANs using a Prosafe Firewall

Peer-to-Peer SIP Mode with FXS and FXO Gateways

Unpacking the Product. Rack Installation. Then, use the screws provided with the equipment rack to mount the firewall in the rack.

Jive Core: Platform, Infrastructure, and Installation

IOS NAT Load Balancing for Two ISP Connections

Cisco S380 and Cisco S680 Web Security Appliance

Edgewater Routers User Guide

Dominion KX II-101-V2

SIP Trunking with Microsoft Office Communication Server 2007 R2

EXINDA NETWORKS. Deployment Topologies

EarthLink Business SIP Trunking. Shoretel IP PBX Customer Configuration Guide

ICE 008 IP PBX. 1. Product Information New Mini PBX Features System Features

HOSTED VOICE Bring Your Own Bandwidth & Remote Worker. Install and Best Practices Guide

How to Remotely View Security Cameras Using the Internet

NeoGate TA Series Quick Installation Guide

DSX Master Communications

Source-Connect Network Configuration Last updated May 2009

CounterACT 7.0 Single CounterACT Appliance

Guideline for setting up a functional VPN

Chapter 12 Supporting Network Address Translation (NAT)

nexvortex Setup Template

nexvortex Setup Guide

OpenScape Business V2

Chapter 2 - The TCP/IP and OSI Networking Models

MAX T1/E1. Quick Start Guide. VoIP Gateway. Version 1.0

COMPLEX SYSTEMS ONE SOLUTION

Firewalls CSCI 454/554

CS 356 Lecture 19 and 20 Firewalls and Intrusion Prevention. Spring 2013

Using a VPN with CentraLine AX Systems

COMPUTER NETWORK TECHNOLOGY (300)

Firewall VPN Router. Quick Installation Guide M73-APO09-380

Best Practices: Pass-Through w/bypass (Bridge Mode)

Barracuda Web Filter Administrator s Guide

A host-based firewall can be used in addition to a network-based firewall to provide multiple layers of protection.

Firewall Architecture

How To - Configure Virtual Host using FQDN How To Configure Virtual Host using FQDN

Data Sheet. V-Net Link 700 C Series Link Load Balancer. V-NetLink:Link Load Balancing Solution from VIAEDGE

Cisco Which VPN Solution is Right for You?

Citrix EasyCall Gateway Pre-Installation Checklist

Multi-Homing Dual WAN Firewall Router

Securing Networks with PIX and ASA

F-SECURE MESSAGING SECURITY GATEWAY

Frequently Asked Questions about Integrated Access

VPN Solution Guide Peplink Balance Series. Peplink Balance. VPN Solution Guide Copyright 2015 Peplink

Computer Security CS 426 Lecture 36. CS426 Fall 2010/Lecture 36 1

Designing Multi-Tenant and Multi-Home Developments with Enphase Microinverters

Transcription:

ECaTS Connection Discussion Excerpt from FAQ Posted on www.nc911.nc.gov 1) Will 911 funds pay for the internet connection needed to provide access to ECaTS? ECaTS will use an existing internet connection. The Direct Technology Project Manager will work closely with all the required parties to ensure appropriate support from Telecommunication Vendors, CPE Support Vendors, NC 911 Board and the PSAPs in the scheduling and installation of each visit. Direct Technology will be responsible for scheduling and deploying a team of Field Engineers using a multi-site deployment technique. Field Engineers will arrive at each site on the pre-determined date as agreed by each affected PSAP and will perform, at a minimum, the following tasks: Install the RDDM buffer box in brackets for rack mount or in brackets for wall mount; Install power cord to buffer box; Validate circuit, CPE inventory and trunk grouping information with preliminary data; Connect laptop to the buffer box and validate configuration of circuits, CPE and trunk group information; Install new or remove existing Y or straight serial cable from the router and connect to buffer box; Begin CDR capturing test using local laptop connected to the RDDM box: o Analyze incoming data stream for validity (baud rate, parity bit, etc.) o Validate expected parsing format o Validate circuit display information o Validate compression utility o Validate encryption utility Install network connection or dial up line to the RDDM buffer box: o If network connection, then validate IP address and ability to get to the using the laptop connected to the RDDM buffer box o If a non network connection then: Validate connectivity from the PSAP to the Data Center Validate Access to Data Center Regional Collectors Network Access Test Response Times Network Routing Tests Hang up Configure Automated Dial up Routines

1 Requirements 1. One (1) RDDM (Remote Data Distribution Module) 2. An active and available CDR port on the CPE equipment which will provide the call data 3. One (1) Y cable if data feed needs to be split. 4. If required, an escort for the ECaTS Field Engineer to install and configure the RDDM 5. Rack space for a 1U 19 inch device 6. If a modem is used, will need a shelf in the rack for the modem. 2 Preparation 1. Data a. CDR Port should be actively sending data, this can be tested with a serial printer b. Control Leads on the CDR port should be active and the pin out configuration should be provided either before the tech arrives or on site. 2. Connectivity a. For DSL: i. Modem and router have been put in place ii. Port forwarding for inbound requests has been configured 1. Port 22 (TCP) 2. If an enhanced RDDM* is in place port 3389 as well (TCP/UDP) iii. LAN side IP has been set as static IP which will be assigned to the RDDM b. For LAN sharing (ECaTS shares the existing network) i. Identify the switch the RDDM will connect to ii. Identify the switch port the RDDM will plug into iii. Ensure network routes between the switch and gateway are in place iv. See the security section for ports and IP s to allow. 3 Network Configuration This section is only required for an ECaTS deployment that does not use a dial-up connection. In those instances, either a DSL line will be used, or the PSAP/ILEC will enable ECaTS to share the existing network. The information contained below describes a DSL deployment, however, the same configuration requirements exist for share LAN deployments as well the only difference is there is no DSL connect rather the PSAP uses their existing routers to move traffic. How ECaTS Works ECaTS connects to the CPE (Customer Premise Equipment) via a RS232 port. This port supplies our RDDM or buffer box with all of the CDR (Call Detail Records). Once

the RDDM receives a call it is then encrypted and compressed and sent to our data center in Sacramento, CA via sftp. The Figures below represent the three types of connectivity configuration available for the RDDM to uplink to the internet in order to deliver the data payloads. PSAP Phone Room ECaTS approved users access CDR data via the web 911 Equipment (ex: Vesta, Sentinel, Viper, etc) ACCREDITATION BOUNDARY External RS232 CDR Printer Port interface Serial Interface (RS-232) Firewall DSL Modem RDDM Remote Data Distribution Module buffers each 911 Call Detail Record (ANI, ALI, Timestamp) over DSL out modem ECaTS Data Center Provides secure, web based E911 call reporting capabilities to PSAP s. Herakles Data Center - Sacramento, CA FIGURE 1 RDDM DSL NETWORK TOPOGRAPHY

PSAP Phone Room ECaTS approved users access CDR data via the web 911 Equipment (ex: Vesta, Sentinel, Viper, etc) ACCREDITATION BOUNDARY External RS232 CDR Printer Port interface Serial Interface (RS-232) Secure VPN Connection Over PSAP Switch PSAP (connects RDDM to network) Firewall/Router RDDM Remote Data Distribution Module buffers each 911 Call Detail Record (ANI, ALI, Timestamp) over shared network with VPN connectivity. ECaTS Data Center Provides secure, web based E911 call reporting capabilities to PSAP s. Herakles Data Center - Sacramento, CA *Each PSAP will be configured a little differently depending on local environmental constraints. FIGURE 2 RDDM SHARED NETWORK/VPN TOPOGRAPHY

PSAP Phone Room ECaTS approved users access CDR data via the web 911 Equipment (ex: Vesta, Sentinel, Viper, etc) ACCREDITATION BOUNDARY External RS232 CDR Printer Port interface Serial Interface (RS-232) USR 56K Modem RDDM Remote Data Distribution Module buffers each 911 Call Detail Record (ANI, ALI, Timestamp) over dial out modem ECaTS Data Center Provides secure, web based E911 call reporting capabilities to PSAP s. Herakles Data Center - Sacramento, CA FIGURE 3 RDDM DIAL UP MODEM TOPOGRAPHY Connection Information Requirements to set up ECaTS for a DSL or a Shared Network connection: 1. The IP address must be made public ECaTS manages the RDDM (Remote Data Distribution Module) or buffer box remotely. There may be an internal and external IP address depending on your network configuration, please send both. Supply Subnet, Gateway & DNS information Please send this IP address to dhammond@directapps.com. 2. Allow bidirectional traffic between the RDDM and our Data center for the addresses below: 65.74.135.38 65.74.135.164 65.74.135.126 64.55.108.10 64.55.108.11

4 Security Considerations Security considerations vary depending on the type of connectivity that is used for the RDDM. 1. Security Considerations for Dial Up Modems are directly connected to the RDDM and do not present a new network, there are no real considerations with this configuration as the RDDM is completely isolated from the CPE equipment with exception of the serial feed from the CDR port, which itself is one way. 2. Security Considerations for DSL DSL router/modem will need to connect to RDDM device Firewall/router configurations for DSL line must have the proper ports open, see section 4 below. If DSL router/modem is plugged into a switch, ideally a VLAN should be established between the RDDM and DSL router/modem to isolate the traffic within the switch. 3. Security Considerations for LAN RDDM is likely sharing a segment with current PSAP traffic If needed, create VLAN s to segment ECaTS traffic from the rest of the network Firewall/router configurations need to have the proper ports open, see section 4 below. 4. Port forwarding for DSL/Shared LAN installation: Port 22 (SSH / sftp) o TCP in and out traffic Port 123 (NTP) o UDP/ outbound traffic only Port 53 (DNS) o UDP out traffic. Port 443 (HTTPS) o TCP outgoing

From: Tina Bone [mailto:tina.bone@rockymountnc.gov] Sent: Tuesday, August 07, 2012 1:52 PM To: Dodd, David D Cc: Doug Hammond; Pair, Donna L; Allen Moore; Linda Jones; Leigh Parker Subject: Re: question David, Thank you so much for your timely response regarding ECATS. We have 2 issues regarding ECATS: connectivity and the security/integrity of our 911 system. At this time, the city's Information Systems team will not allow a connection from Direct Technology for ECATS, and I have recommended to the command staff to not allow a modem to be connected to an administrative line. There are too many "if's" in both scenarios. However; I would like to explore the option of having a DSL or cable connection for ECATS, but it would have to be fully funded by 911 funds and meet certain security criteria. Even though we will not be implementing ECATS at this time, we would still like to be informed of its progress with other agencies and kept up to date of the 911 boards decisions regarding "standalone", if you will, service for ECATS. Thanks again for all that you do! Tina Bone Here is the email I got from Jeff Wilson at Holly Springs, which came from Doug Hammond at Direct Technologies. His concerns are (1) allowing Direct Technologies access to their network, and (20 tying up a very limited number of admin phone lines on a dial up connection for them to manage and maintain the RDDM.

Jeff Wilson IT Director Town of Holly Springs PO Box 8 128 South Main St Holly Springs, NC 27540 919-567-4013

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information