TIC from an Industry Perspective Shawn Carroll Qwest

  • Slides: 13
Download presentation
TIC from an Industry Perspective Shawn Carroll Qwest Government Services, Inc. June 15, 2010

TIC from an Industry Perspective Shawn Carroll Qwest Government Services, Inc. June 15, 2010 Government Services Not to be distributed or reproduced by anyone other than Qwest entities. Copyright © 2010 Qwest. All Rights Reserved.

TIC Initiative OMB’s Trusted Internet Connections (TIC) Initiative (M-08 -05) § Reduce Government’s Internet

TIC Initiative OMB’s Trusted Internet Connections (TIC) Initiative (M-08 -05) § Reduce Government’s Internet connections § Improve Government’s security posture § React more effectively to cyber security threats § Improve incident response capability § Reduce malicious penetrations § Reduce theft of critical data § Secure and seamless environment Government Services Not to be distributed or reproduced by anyone other than Qwest entities. Copyright © 2008 Qwest. All Rights Reserved. 2

Managed Trusted Internet Protocol Service 3 Internet Access § Allows agencies to exchange traffic

Managed Trusted Internet Protocol Service 3 Internet Access § Allows agencies to exchange traffic with Internet and external IP networks § Connects via Tier 1 Internet Service Providers (ISPs) EINSTEIN Enclave § Includes Einstein devices with supporting tools and data storage § Furnished, maintained, and operated by US-CERT Security Operations Center (SOC) § Monitors all information exchanged to protect agency IP traffic § Supports TIC Portal authorities/analysts § Identifies security events of interest that may negatively affect portal’s environment and Government security infrastructure MTIPS Transport § MTIPS transport collection network for TIC Portal connectivity § Insulates agency’s internal network from Internet and other external networks Government Services Not to be distributed or reproduced by anyone other than Qwest entities. Copyright © 2008 Qwest. All Rights Reserved.

MTIPS Security Services - Standard § Managed Firewall Service (MFS) § Anti-Virus Management Service

MTIPS Security Services - Standard § Managed Firewall Service (MFS) § Anti-Virus Management Service (AVMS) § Intrusion Detection & Prevention Service (IDPS) § Email Scanning § Service Enabling Devices Government Services Not to be distributed or reproduced by anyone other than Qwest entities. Copyright © 2008 Qwest. All Rights Reserved. 4

Qwest Offering § MTIPS Gateways through two Hosting Centers § Security appliances for event

Qwest Offering § MTIPS Gateways through two Hosting Centers § Security appliances for event generation § Access to NBIP-VPNS based on Multi-Protocol Label Switching (MPLS) to connect to agencies § Internet Access § Connectivity to US-CERT and Qwest SOCs Government Services Not to be distributed or reproduced by anyone other than Qwest entities. Copyright © 2008 Qwest. All Rights Reserved. 5

Architecture Overview Government Services Not to be distributed or reproduced by anyone other than

Architecture Overview Government Services Not to be distributed or reproduced by anyone other than Qwest entities. Copyright © 2008 Qwest. All Rights Reserved. 6

MTIPS Portal Architecture With Failover Between Portals Government Services Not to be distributed or

MTIPS Portal Architecture With Failover Between Portals Government Services Not to be distributed or reproduced by anyone other than Qwest entities. Copyright © 2008 Qwest. All Rights Reserved. 7

Access Methods 8 § Dedicated IP – DS 0, Tiered T 1, Dedicated T

Access Methods 8 § Dedicated IP – DS 0, Tiered T 1, Dedicated T 1, Tiered T 3, OC 12, OC 48 § Ethernet – 1 Mbps, 100 Mbps, 1 Gbps, 10 Gbps § ATM Interconnectivity – T 1, T 3, E 1, E 3 § FRS – 56 Kbps, Tiered T 1, Tiered T 3, E 1, E 3 Government Services Not to be distributed or reproduced by anyone other than Qwest entities. Copyright © 2008 Qwest. All Rights Reserved.

Options § Encryption – ICB MRC § Policy Enforcement – ICB MRC § Forensic

Options § Encryption – ICB MRC § Policy Enforcement – ICB MRC § Forensic Analysis – ICB MRC § Custom Reports – ICB MRC § Agency NOC/SOC Console – ICB NRC § Custom Certification and Accreditation (C&A) Support – ICB NRC § External Network Connection – ICB MRC § Encrypted DMZ – ICB MRC Government Services Not to be distributed or reproduced by anyone other than Qwest entities. Copyright © 2008 Qwest. All Rights Reserved. 9

Qwest Architecture Details FG-5140 Chassis § Maximum Firewall Throughput 182 Gbps § Maximum IPSec

Qwest Architecture Details FG-5140 Chassis § Maximum Firewall Throughput 182 Gbps § Maximum IPSec VPN Throughput 98 Gbps § Maximum Antivirus Throughput 7 Gbps § Maximum IPS Throughput 56 Gbps § Maximum Concurrent Sessions 28 Million § Chassis Slots 14 § Configured for high availability § 10 Gbps capable but not currently deployed § Separation through VDOMs Government Services Not to be distributed or reproduced by anyone other than Qwest entities. Copyright © 2008 Qwest. All Rights Reserved. 10

R&E Community Discussion Items § Large volume traffic flows not specified in GSA Statement

R&E Community Discussion Items § Large volume traffic flows not specified in GSA Statement of Work § 40 Gbps, 100 Gbps § IPv 4 and IPv 6 – Current Einstein deployment IPv 4 § Jumbo Frame Support § Multicast § Experimental Protocols § Lower Layer Interconnects § Policy Change Control Government Services Not to be distributed or reproduced by anyone other than Qwest entities. Copyright © 2008 Qwest. All Rights Reserved. 11

12 Questions / Discussion? Government Services Not to be distributed or reproduced by anyone

12 Questions / Discussion? Government Services Not to be distributed or reproduced by anyone other than Qwest entities. Copyright © 2008 Qwest. All Rights Reserved.

13 Shawn Carroll Director, Engineering Qwest Government Services, Inc. shawn. carroll@qwest. com (703) 363

13 Shawn Carroll Director, Engineering Qwest Government Services, Inc. shawn. carroll@qwest. com (703) 363 -8805 Government Services Not to be distributed or reproduced by anyone other than Qwest entities. Copyright © 2008 Qwest. All Rights Reserved.

TIC chromatograms interpolation TIC chromatograms Retention times TICTIC chromatograms interpolation TIC chromatograms Retention times TIC
Carroll Financial Update Kristopher W Carroll CFA CFPCarroll Financial Update Kristopher W Carroll CFA CFP
Lewis Carroll ALISA U ZEMLJI UDESA Lewis CarrollLewis Carroll ALISA U ZEMLJI UDESA Lewis Carroll
Lewis Carroll ALISA U ZEMLJI UDESA Lewis CarrollLewis Carroll ALISA U ZEMLJI UDESA Lewis Carroll
Lewis Carroll ALISA U ZEMLJI UDESA Lewis CarrollLewis Carroll ALISA U ZEMLJI UDESA Lewis Carroll
Famous Mathematicians Dylan Cimadon Lewis Carroll Lewis CarrollFamous Mathematicians Dylan Cimadon Lewis Carroll Lewis Carroll
Lewis carroll Lewis Carrolls biography Lewis Carroll bornLewis carroll Lewis Carrolls biography Lewis Carroll born
Political Campaigning in Carroll County CARROLL COUNTY DEMOCRATICPolitical Campaigning in Carroll County CARROLL COUNTY DEMOCRATIC
Echo Conceptual Design Review Andrew Berg Shawn CarrollEcho Conceptual Design Review Andrew Berg Shawn Carroll
Echo Final Presentation Andrew Berg Shawn Carroll CodyEcho Final Presentation Andrew Berg Shawn Carroll Cody
Perspective The Trinity Perspective Perspective Masaccio 1427 PerspectivePerspective The Trinity Perspective Perspective Masaccio 1427 Perspective
Beyond 10 Gb E Looking Ahead Qwest CommunicationsBeyond 10 Gb E Looking Ahead Qwest Communications