Perimeter Security (Firewall)

Overview

Perimeter Security Section serves all State of Maine Wide Area Network (WAN) users in the Executive and Judicial branches and numerous private and quasi-government partners.  Services include:

  • Security functions supporting publicly accessible applications and facilitating secure integration of cloud services
  • Enterprise grade Firewall/router security for Internet and specific secure network/server enclaves
  • Services ensure data integrity and restrict data access on encryption and “need to know” levels established by business owners

Included

  • Basic Firewall services (CheckPoint Product)
    • Enterprise grade Internet firewall services for employees and other WAN users
    • Network Address Translation (NAT) services for public Internet use.
    • Security logging
    • Monitoring
    • Incident response
    • Standard Management Reports
  • Advanced Firewall services(CheckPoint Product)
    • Intrusion Detection and Prevention features
    • Anti-malware and Anti-bot features
    • Security threat analytics
    • Human Resources and Law Enforcement assistance
  • Internet
    • Internet routing (on CheckPoint products)
    • Domain name space administration
      • Registration services
      • Domain name based Abuse report distribution and response
    • Public IP space administration
      • Registration services
      • IP space based Abuse report distribution and response
    • Autonomous System Number (ASN) dministration
      • Registration services
    • Internet tapping for Authorized Consumers (Gigamon product)

Service Level Targets & Agreements

The standard production published service level agreement can be viewed at the following link: Standard_SLA_CTS_Production Services.

  • Firewall services run 24 hours a day, 365 days a year except for maintenance periods
  • Normal, default staffing coverage is 8AM-5:30PM, Monday to Friday
  • 24 hour on call coverage for life and property safety units

Service Rates: Please see the MaineIT Rate Table 

Optional Services Available for Additional Charge

  • Enterprise Internet firewall services for state hosted and housed servers
  • Security design review and consulting for custom business projects
  • Custom Agency Reports
  • OpenDNS management
  • Agency audit compliance and assistance
  • Custom security zones (DMZs)
  • Foreign Network connectivity to Perimeter Firewalls
    • IP space administration and coordination
    • Vendor and carrier coordination
    • Vendor and carrier escorting
    • Routing (exceptions to Internet routing)
  • Premium Services (not in the Network Access Rate: see rates charged below)
    • Custom Firewall Policy Rules
    • Corporate site-to-site Virtual Private Network (VPN) Tunnel services
    • Investigatory and Forensic Reporting (FY20-21)
    • Custom IP and ASN services
    • Datacenter firewalls
    • Legacy/Agency firewalls
  • Manage Agency/CheckPoint connectivity accounts
    • Assistance with requirements specification
    • Security design
    • Business request ordering and budgeting
    • Coordination and liaison with vendors
    • Coordination and liaison with other OIT units

Customer Expectations

  • Submit service request for Optional Services
  • Provide billing codes for Premium Services
  • Provide project-specific requirements

To Request Help or Order Services

  • Base Service Components are already included in the OIT Network Access Rate.
  • Call OIT Service Center at 624-7700