My WebLink
|
Help
|
About
|
Sign Out
Home
Browse
Search
2006-421
CBCC
>
Official Documents
>
2000's
>
2006
>
2006-421
Metadata
Thumbnails
Annotations
Entry Properties
Last modified
9/1/2016 4:37:29 PM
Creation date
9/30/2015 10:25:50 PM
Metadata
Fields
Template:
Official Documents
Official Document Type
Agreement
Approved Date
12/14/2006
Control Number
2006-421
Agenda Item Number
Executed by Administrator
Entity Name
Bell South Master Agreement
Subject
Indian River County Library
Supplemental fields
SmeadsoftID
5996
There are no annotations on this page.
Document management portal powered by Laserfiche WebLink 9 © 1998-2015
Laserfiche.
All rights reserved.
/
60
PDF
Print
Pages to print
Enter page numbers and/or page ranges separated by commas. For example, 1,3,5-12.
After downloading, print the document using a PDF reader (e.g. Adobe Reader).
View images
View plain text
• Providing some additional security by limiting internal address exposure to the global Internet (specifically, user PCs will not be reachable <br /> inbound from the Internet, only statically NATed hosts will be reachable from the Internet). <br /> • Allowing for addressing efficiencies and, <br /> • Conserving IP addresses <br /> Two NAT Models are offered: <br /> • Static Address Translation - Customer may establish a many-to-one mapping between local and global address, or Customer may configure <br /> Static address translations to the port level, using remaining IP addresses for other translations. In this scenario, only the customers Hosts <br /> are mapped and "reachable" from the Internet; the Hosts then communicate with the customer's internal network (PCs). <br /> • Port Address Translation (PAT) - (also known as "overload") Customer may map several internal addresses to one. When using PAT, traffic <br /> will attempt to engage the original source port; if the source port is fully utilized, PAT will cause the traffic to find the first available port. <br /> (same <br /> as above) <br /> Customers will be limited to the number of IP address on their LAN with NAT translation to a /24 block (254 usable addresses). A customer may request <br /> additional IP addresses with NAT translation. <br /> Note: The Network Address Translation feature is not supported for DIA Diversity Solutions. Cisco IDS NAT cannot be used with Hot Standby Routing <br /> Protocol (HSRP). In DIA Diversity Solutions, HSRP is used in the Customer Premises Equipment (CPE) to allow a fail-over to the secondary CPE router <br /> in the event the primary router fails. <br /> Packet Filtering <br /> With Packet Filtering, BellSouth provides an optional router filter service to all DIA customers. These router filters are configured on the <br /> termination <br /> router and are generally used to help prevent unwanted traffic from entering or leaving the customers private network. <br /> DIA IDS Firewall <br /> Dedicated Internet Access Firewall Service (DIA Firewall) is a security-specific offer providing new and eAsting "Port+Access+CPE" DIA Service <br /> customers an option to outsource managed security services for network protection and defense against attacks. Security is enabled through <br /> an <br /> advanced firewall engine with state-of-the-art security features including packet inspection, application-based filtering (conte)d-based access control), <br /> per user authentication and authorization, and real-time alerts. For Port+Access DIA customers, the DIA Firewall service is provided through <br /> the <br /> installation of a certified firewall platform at the customers premise(s) with remote configuration, management, monitoring, and maintenance <br /> from <br /> BellSouth's Security Operations Center (SOC). <br /> DIA Firewall includes: <br /> • Provisioning of a certified firewall platform <br /> • Installation and configuration (remote) of the firewall platform <br /> • 24X7 management and monitoring <br /> • Firewall administration and maintenance <br /> 24X7 help desk support <br /> • Outbound, Inbound/Outbound, a Inbound/Outbound with DMZ directional traffic protection <br /> • Implementation of firewall rules-base changes (per level of service) requested by customer <br /> There are three DIA Firewall levels of service available to customers. <br /> 1 . Basic Firewall <br /> a. Internet protection <br /> b. Supports Fractional T1 up to DS3 access speeds <br /> C. Chace of 0, 1 , 2, 3, 4, or 5 rule-base change requests per year <br /> 2. Advanced Firewall <br /> a. Bi-Directional protection <br /> b. Supports Fractional T1 up to DS3 access speeds <br /> C. Choice of 3, 6, 9, 12, 15, or 25 rule-base change requests per year (customer rule-base change requests greater than 25 requires <br /> an SRF) <br /> d. Choice of up to 10 IF Addresses assigned for hosted servers per year (customer requests for IP Addresses greater than 10 requires <br /> an SRF) <br /> The diagram below represents the conceptual overview for Basic and Advanced DIA Firewall: <br /> u <br /> Transport BRIG Global <br /> Service Internet <br /> Customer <br /> Premises BellSouth <br /> Equipment Managed <br /> Facility <br /> 3. Premium Firewall <br /> a. Bi-Directional protection, with DMZ <br /> b. Supports Fractional T1 up to DS3 access speeds <br /> C. Choice of 3, 6, 9, 12, 15, or 25 rule-base change requests per year (customer rule-base change requests greater than 25 requires <br /> an SRF) <br /> d. Choice of up to 10 IP Addresses assigned for hosted servers per year (customer requests for IP Addresses greater than 10 requires <br /> an SRF) <br /> CONFIDENTIAL/PROPRIETARY — NOT FOR DISCLOSURE WITHOUT WRITTEN PERMISSION <br /> Version: 08/2005 Page 12 of 19 <br /> Created On : June 28, 2006 CCP-12457 <br />
The URL can be used to link to this page
Your browser does not support the video tag.