4 - Sprint
International Carriers and Service Providers Performance Standards (L.38.1.1(l))
(L.38.1.1(l)) Discussion of the performance standards associated with the international carriers and service providers the offeror proposes to use.)
Performance standards are continuing to evolve for both global and domestic Internet services. Sprint is a leader in providing Service Level Agreements for customers, including commitments for availability, busy-free access, and latency.
The Global IP service will provide high quality, public internet access for FTS2001 users. Global IP currently provides customers and peer networks throughout the world a variety of services. For example, Global IP provides transit to other peer networks and access to other Global IP customers.
Global IP is a premium global Internet service, offering worldwide Internet routes with high performance and minimal delay. Through peering relationships, the Global IP network efficiently exchanges traffic with other major networks at Internet exchange points around the world. Global One’s customer service and network management centers, staffed by Internet and IP experts, address the full support requirements of Internet providers and users.
X Backbone capacity (link and router) is continuously monitored and capacity is added as necessary. XGlobal IP routers are co-located at Global One Operation Centers—environmentally protected switch sites strategically situated throughout the world. Arranging the routers in this method enables Global One to take full advantage of local access to provisioned fiber optic transport facilities, which can be private leased line, International Private Lines (IPLs), or frame relay nodes, and accommodates local technical support from Global One engineering staff.
The overall design goals of the Global IP service include minimizing delay via the shortest path and minimizing the number of router hops. The Global IP network is designed so that customer traffic traverses an average of only two IP node sites before reaching potential interconnect sites.
Optimizing the Government’s Switched Data Cost Effectiveness (L.38.1.1(m))
(L.38.1.1(m))Network evolution approach to optimizing the Government’s switched data cost-effectiveness (e.g., by extending network concentration and switching points).
Sprint has both a near term and long term technological solutions to minimize access costs by provisioning Switched Data Services. Our plan is to utilize Switched Data Services to provide remote concentration XX
XXXX
XXXX The Sprint Government Services Division sales and engineering teams will develop customized solutions that exceed the Governments performance requirements and also minimize the Governments costs. Every solution will be evaluated based upon traffic pattern, traffic volume, as well as usage duration. Sprint will
minimize the Governments costs by conducting engineering trade-off studies to determine how to minimize access charges.
Approach to Achieve IPS Interoperability (L.38.1.1(o))
(L.38.1.1(n)) Approach to achieve IPS interoperability (see Section L.38.1.3.4)
Sprint will provide interoperability of IPS with Internet and the Federal Government IP networks through existing connectivity with every Network Access Point (NAP) for Internet and with both Federal Internet Exchange (FIX) points for the Federal Government IP networks. These FIXes are located at Moffit Field, CA and College Park, MD. After contract award, Sprint will coordinate with the Federal Networking Council for interconnection standards.
XThe Internet is essentially multiple networks that are linked. The links between networks are called interconnect points and are gateways between networks, (like Sprint Internet Access Service), to other National Service Providers (NSPs). The network of internetworked Internet Service Providers (ISPs), through high-speed interconnect points, forms the backbone of the Internet. Sprint Internet Access Service continues to maintain as many Internet Service Provider interconnect points as are reasonably required. Table 1.B.3-26 identifies Sprint’s Internet Access interconnect points and the speeds of the connections:
|Table 1.B.3-26 Sprint’s Internet Interoperability |
|Interconnect Points |State |Speed |
|Commercial Internet Exchange (CIX) |CA |X |
|Federal Internet Exchange (FIX)-East (through |MD |X |
|ICMNet) | | |
|Federal Internet Exchange (FIX)-West (through |CA |X |
|ICMNet) | | |
|Metropolitan Area Exchange (MAE) - East |DC |X |
|MAE - West |CA |X |
|Pennsauken NAP |NY |X |
|Chicago NAP |IL |X |
|Stockton NAP |CA |X |
Sprint privately peers with several National ISPs, offering connection to the global Internet.
As a current operator of significant portions of the global Internet, Sprint achieves IPS interoperability continuously around the globe. Sprint engineers work closely with other NSP technical resources to ensure seamless routing, even distribution of traffic, and equitable allocation of capacity to all users. Using a variety of public and private peering arrangements, and the latest and most advanced routing and switching equipment, Sprint is already delivering complete IPS interoperability today to millions of Internet users. The Government will receive this proven, reliable IP service through our FTS2001 IP service.
3.3.1 Internet Protocol Internetworking Service Access Requirements (C.2.3.3.1)
3.3.1.1 Basic Service Description (C.2.3.3.1.1)
IPS shall support connectionless service between users (i.e., IP hosts) for execution of applications based on protocols, such as File Transfer Protocol (FTP), SMTP, Hyper-Text Transfer Protocol (HTTP), and connection to remote hosts (TELNET).
SprintIP will provide connectionless service between users (i.e., IP hosts) for execution of applications based on protocols, such as File Transfer Protocol (FTP), SMTP, Hyper-Text Transfer Protocol (HTTP), and connection to remote hosts (TELNET). Sprint IPS is comprised of a suite of Internet Protocol (IP) based services which will provide the Government global connectivity of LANs, hosts, and remote users. These services will support dedicated and modem dial-in access to the global internet, Virtual Private Networks (VPN) or Extranets, and firewall security services. Sprint’s suite of IP Services is comprised of:
• Internet Service – Provides access to the global Internet
• Intranet Service – Establishes Virtual Private Networks (VPNs) or Extranets
• Security Services – Provides comprehensive firewall security services
Sprint’s Intranet/Internet Service will provide connectionless data transmission based on the TCP/IP protocol. The Government’s LANs, hosts, and terminals can use the full suite of native TCP/IP services when communicating through Sprint’s Intranet/Internet Services. These services include:
• File Transfer Protocol (FTP): Intranet will support the use of FTP to send character or binary files between network destinations. FTP lets users specify on the command line the host with which the file transfer will be initiated and the options for transferring the file. X• Simple Mail Transfer Protocol (SMTP): SMTP uses a client/server relationship similar to FTP to move readable text between Internet mailboxes. Similar to most mail services, the source sends the data using the Internet format and it is routed by Intranet to the local mail server at the target destination. Intranet/Internet routes E-mail datagrams to requested destinations. If the recipient is not logged onto the system, the datagram will be stored by the appropriate host mail server.
• HyperText Transfer Protocol Daemon (HTTPD): HTTPD is the protocol that specifies the communication rules for the World-Wide Web (W3). Web pages are developed using hypertext markup language (HTML). HTML is an ASCII based language that is used to describe what the web page will look like. With the use of a
web browser a user may transfer these HTML files from a server, through our intranet network, to their workstation for viewing
• Telnet: Intranet/Internet offers will provide Telnet server functionality to allow terminal-oriented processes to communicate. Intranet Telnet service includes a user interface and command set through which a dial or dedicated terminal can open communications with a host, and send information character-by-character or line-by-line.
• Domain Name Server (DNS): Intranet/Internet will support the automated mapping of machine-readable names to Internet addresses represented by the TCP/IP DNS service.
• Internet News: A USENET newsfeed service will be offered to Sprint’s Dedicated Internet customers. Sprint employs a nationwide network of news servers to optimize new availability and delivery performance. Users have the option of receiving a full or partial newsfeed from Sprint. Customers interested in receiving wire stories, syndicated newspaper columns, financial information, stock quotes and other professional news in the USENET news format may also subscribe to ClariNet e.News through Sprint via this service offering.
• Multicasting: To further improve Sprint’s Dedicated Internet service quality and performance, customers can more efficiently distribute their electronic content (e.g. new software, database updates, web mirroring, ticket-tape feeds, etc.) by utilizing Sprint’s Multicasting service. Multicasting allows customers to send only a single copy of their electronic content regardless of the number of recipients. Sprint’s Internet Network, not the customer, then multiplies the single copy for distribution to all the intended recipients. This service is only available within CONUS.
An IP version 4 (v4) or optional version 6 (v6) host could be stand-alone or router connected to a LAN or in the Internet. The Government intends to use this service as a Government-wide intranet, and for access to extranets and to the global Internet.
SprintIP will support IPv4 stand-alone or router-connected hosts. Sprint’s Intranet/Internet Service provides global connectivity between hosts throughout the world and secure extranet services for the Government. These services support IP version 4 (IPv4) standards. X
The IPS shall conform to all RFCs cited as required or recommended by the Internet Architecture Board (IAB), as documented in the current version of RFC 2200 (Internet Official Protocol Standards).
Sprint is an active member of several standards organizations and is dedicated to adhering to industry standards. FTS2001 IPS will fully conform to all RFCs required or recommended by the Internet Architecture Board (IAB), as documented in RFC-2200 Internal Protocol Standards.
Pursuant to Section C.2.1.16, the contractor shall provide dedicated, and optionally internetworked originating and/or terminating access connections for IPS packets. Originating access arrangements shall connect IPS on-net originating locations with the associated POP. Terminating access arrangements shall connect the terminating POP with IPS on-net terminating locations.
Sprint will provide access to the Intranet/Internet Service network by dedicated and internetworked access connections, as described in Section C.2.1.16. On-net origination
locations are connected to originating Sprint IPS POPs that provide connectivity to all other Sprint IPS POPs supporting terminating on-net locations connected to the terminating POP.
IPS access shall be delivered directly to IP-terminals (e.g., router, computer) operating under IP protocol standard, as well as to LANs operating under LAN protocol standards, such as IEEE 802.3 Ethernet, 802.5 Token Ring, Fiber Distributed Data Interface (FDDI), through an IP-router operating under IP protocol standard. The interfaces to the equipment are defined in Section C.2.3.3.1.4.1.
IPS access will be delivered directly to IP-terminals, such as a router or computer, operating under the IP protocol standard and LAN protocol standards. Devices operating under LAN protocol standards, including IEEE 802.3 Ethernet, 802.5 Token Ring, Fiber Distributed Data Interface (FDDI), are supported through the an IP-router operating under the IP standard.
Sprint’s IPS will provide connectivity of Local Area Networks (LANs), access to the Internet, and dial-in access to LANs and/or Hosts for remote and mobile users. Under the umbrella of Sprint’s IP Services are included Internet Services for accessing the global Internet, Intranet Services for establishing Virtual Private Networks (VPNs), and Security Services for securing all WAN services.
The contractor may exceed the basic requirements by providing the following:
(a) IPS access would additionally be delivered directly to terminals operating under IBM SNA/SDLC, Data Link Switching (DLS), NetBIOS/NetBEUI, Switched Ethernet (up to 100 Mb/s), Switched FDDI, Fiber channel, and High Performance Parallel Interface (HPPI) protocols.
(b) When IPS is provided via internetworked access arrangement (see Section C.2.1.16), the following additional capabilities would be supported:
(1) The IPS would support outgoing connections to IP-hosts in the FTS2001 networks and the Internet.
(2) The contractor would provide an addressing plan for the IPS that is based on the standard for IPv4 and IPv6 addressing.
XX
X
X
X
X
MPLS VPN Service
At a high level, this solution provides the Agencies with an IP VPN solution with any-to-any intranet connectivity that is highly secure and provides a private means by which to connect their Agency sites. In addition Sprint offers Value Added Services (VAS), such as Secure Internet Access with Network-based Firewall, all on the same underlying network infrastructure. This solution is network-based meaning that the Agency outsources the management of their Agency inter-sites routing to Sprint. The Government’s routing information is maintained and processed on Sprint’s network edge routers versus on the Agency’s CPE.
MPLS Basic Components and Fundamentals
Sprint’s MPLS VPN solution combines the richness and redundancy of IP routing and the simplicity and security of Layer 2 technology (i.e. Frame Relay, ATM, etc) to provide the customer with a solution that is highly secure, extremely flexible, scalable, and very cost-effective. The following sections discuss the network components and MPLS-specific elements that come together to form Sprint’s MPLS VPN solution.
Network Components
At a high level, the MPLS VPN technical architecture consists of the following network components:
1) Customer Edge (CE) Router – is also called the Customer Premise Equipment (CPE) and denotes the customer’s physical premise router. This router can be customer provided or Sprint provided. The CE connects the customer to Sprint’s Provider Edge (PE) router via a routing protocol. No additional MPLS-specific configuration is needed on the CE devices. The CEs peer only with their connected PE router (not other CEs). Additionally, this service does not require Cisco CPE nor are there any incremental requirements placed on the CE. The CE is simply functioning as an IP router – it is not “MPLS-aware.”
2) Provider Edge (PE) Router – refers to Sprint’s edge router to which the CE connects. The PE is typically a Cisco 7500 router or a Cisco GSR router. The PE routers use a modified IP forwarding paradigm; a distinct IP routing and forwarding table (called virtual routing and forwarding table, or VRF) is created for each customer that is homed to the PE router. VRF’s are discussed in more detail later in this section.
3) Provider (P) Router – refers to Sprint’s core routers. These routers are located in Sprint’s network and only focus on transmitting traffic between the PEs. These routers do not connect directly to CE routers. P routers have no knowledge of customer’s VPN routes or topology; they only maintain routes to the PE routers (e.g. PE loopback addresses). The P routers are not MPLS enabled/aware, which means that the core is native IP and the edge is MPLS.
4)
For reference on the network components, the Figure 1.B.3-38 depicts where each router sits on the network.
[pic]
Figure 1.B.3-38 MPLS Network Components
MPLS Features and Protocols
The router/network components utilize features and protocols to exchange control information and to transmit customer data securely over a shared IP network. Listed below are the key features and protocols that are used to create a MPLS VPN followed by an illustration in Figure 1.B.3-39:
1) Virtual Routing and Forwarding (VRF) Table – is an essential element to the MPLS VPN solution. The VRF is located on the PE router and can be thought of as a logical “container” in which routes for a specific VPN are housed. The VRF is tightly associated to a Label Forwarding Information Base (LFIB) that is also located on the PE router. These two tables cross-index each other by using IP addresses (with specific Route Distinguishers for uniqueness) when assigning inner and outer labels. Each VRF instance on a PE is mapped to one or more customer ports (or port sub-interfaces). Each VRF instance will contain all the routes for their specific VPN. These routes can be separated into local and remote routes. Local routes are routes that originate on CEs that are directly connected to the PE on which the VRF instance is located. Each VRF instance is mapped to one or more ports on the PE and any routes learned over these ports are automatically installed. Each VRF instance learns the routes from remote CEs (those connected to other PEs) via Multi-Protocol BGP sessions. Each VRF will have its own Route Target (RT) policy that determines which remote routes advertised via the Multi-protocol BGP session, it will install. Consequently, a specific VPN’s VRF instance will exist on a PE router only if one of its sites are directly connected to that PE. Each PE router only stores routes for the VPNs of which its directly-connected CEs are a member.
2) Route Distinguishers (RDs) – are prefixes that are assigned to all addresses/routes within a VRF. The customer’s addresses are extended with 64 bit route distinguishers to make non-unique RFC 1918 32-bit IP addresses globally unique within Sprint’s backbone. Route distinguishers allow for RFC 1918 private address space to be used, by ensuring that potential customer overlaps are prevented. Route distinguishers are automatically created for each address/route in all VRFs during the provisioning process.
3) CE-PE Routing Protocol - runs between the CE and PE for all customer VPNs. The routing protocol provides the means by which the CE and the PE’s VRF share routes. The routing protocol can be static or one of several supported dynamic routing protocols.
4) Multi-protocol BGP (MBGP) – is the routing protocol that is used to distribute routes to other PEs and their VRF instances. MBGP ensures that each VRF instance (that is a member of specific VPN) has all the routes that are associated with the VPN. As new routes are added or deleted within a single VRF, MBGP updates all other associated VRFs according to the route target that is specified for each VRF. This protocol is isolated to the Sprint backbone and is completely transparent to customers.
5) Route Targets (RT) – are the means by which a VPN topology is established/enforced. Each VRF has its own RT policy which includes at least one import statement (RT_Import) and at least one export statement (RT_Export).
➢ Route Import statements identify what attributes must exist on remote routes that are advertised via multi-protocol BGP (MBGP) in order for that route to be accepted by and installed in the VRF. If a remote route’s RT attribute (which was defined by the local VRF’s RT_Export statements) match the VRF’s RT_Import statement, it will be installed in the VRF as an available route.
➢ Route Export statements defines the RT attributes assigned to each local VRF’s routes when they are distributed (via MBGP) to its companion VRF instances located on remote PEs.
6) Inner Label – is a unique label that is assigned to Route Distinguishers (RDs) that are installed in a customer’s virtual routing and forwarding (VRF) table. At the ingress PE router, the customer’s VPN traffic is encapsulated into a unique label. These inner labels represent the edge-to-edge Label Switched Path (LSP) that extends from the customer’s ingress PE’s VRF to the customer’s egress PE’s VRF. When the customer’s traffic reaches the egress PE, the egress PE inspects the Inner Label and forwards the traffic to the appropriate VRF instance to determine the final forwarding decision to the customer’s CE. Sprint’s PE router is responsible for mapping each Inner Label to a specific VRF instance. It is important to note that the edge-to-edge LSP is isolated to the Sprint PE router and is transparent to the customer.
7) Outer Label – is an authenticated tunnel that establishes secure, bi-directional “highways” over the backbone that connects PE routers together. All of Sprint’s PE routers are connected via a full-mesh of Outer Label tunnels. These tunnels are not customer-specific, thus it is possible that multiple edge-to-edge LSPs are encapsulated within and traverse the network via a single Outer Label tunnel. The Outer Label provides additional layers of security and segmentation (via authentication keys) for VPN traffic traversing across the backbone. The outer label consists of 3 sub-components which are layered in the following order: (a) an 8-byte authentication key; (b) a 4-byte Outer Label Identifier and; (c) an IP header in which the destination address is the loopback interface of the remote PE router. The Outer Label tunnel is transparent to the customer as it seamlessly runs on the Sprint backbone.
[pic]
Figure 1.B.3-39 MPLS Features and Protocols
Traffic Flow
Within an MPLS VPN, there are two fundamental and interrelated traffic flows: the Control Flow and the Data Flow.
Control Flow
The Control Flow securely propagates the customer’s routing information between their VPN sites. Specifically, the Control Flow performs two key functions:
1) Distributes and exchanges customer routes amongst all of their VRF instances across all of Sprint’s PE routers.
2) Provides forwarding information for each route. This function determines the Data Flow path that each site/subnet/host will use within the VPN.
Control Flow Detail:
➢ STEP ONE: Distribution of new routes from customer’s CE router to Sprint’s PE router.
1) The customer defines a new route on their premise.
2) New route is distributed to Sprint’s PE router via the CE-PE routing protocol (if dynamic routing protocol is used).
3) The route is automatically installed in the customer’s VRF with appropriate forwarding information (i.e. identifies local interface as the next hop from the PE router). This information is copied into the PE’s global LFIB.
➢ STEP TWO: Distribution of new routes to remote VRFs within customer’s VPN.
1) Route is distributed, via Multi-protocol BGP (MBGP) to all other VRF instances on remote PEs that belong to same customer VPN.
2) MBGP carries the routes across the network and installs them with the appropriate next hop, inner label/LSP, and route target information.
3) The VRFs determine whether to accept installation of remote route by evaluating the route’s RT_Export attribute against its own RT_Import policy.
➢ STEP THREE: Distribution of the customer’s new routes from remote VRFs to associated CEs.
1) New routes in the VRF are distributed down to the CE via the PE-CE routing protocol (if dynamic) and is installed on the attached CE devices’ routing table.
2 Data Flow
The Data Flow is the actual step-by-step forwarding of the customer’s data set across the network. The Data Flow follows the path that was established or set by the Control Flow.
Data Flow Detail:
➢ STEP ONE: CE-PE, Ingress Data Flow.
1) Host on site A sends a packet destined for host on site B.
2) CE on site A performs a longest-match lookup in its routing table for route to host on site B and sees the next hop as the directly-connected Sprint PE router.
3) Packet is forwarded over the local loop interface to Sprint’s PE router.
➢ STEP TWO: Ingress PE to Egress PE Data Flow.
1) Customer’s VRF instance (that is mapped to their port) is consulted and a longest match lookup is performed on the destination IP address.
2) Route for host on site B is found along with associated Inner Label and Outer Label in which the data must be encapsulated in.
3) Inner Label encapsulation occurs. IP packet is encapsulated in appropriate edge LSP.
4) Outer Label encapsulation occurs. IP/MPLS packet is encapsulated in authenticated tunnel.
5) Packet is tunneled over Sprint’s backbone towards the PE router to which site B is directly connected.
➢ STEP THREE: PE to CE, Egress Data Flow.
1) Upon reaching site B’s PE router, the Outer Label authentication is performed. Upon successful authentication, Outer Label is removed/popped/de-capsulated exposing the Inner Label.
2) Inner Label is inspected and removed/popped/de-capsulated exposing the original IP payload.
3) Lookup on packet’s Inner Label is conducted in the LFIB and packet is forwarded out the appropriate local interface.
Link Addressing
By default, Sprint will assign private address space (RFC 1918) for the customer’s link address. This is automatically assigned and provisioned using Sprint’s provisioning system. The link addresses that the provisioning system will automatically assign consist of a /32 which is pulled from the range: 172.20.0.0 – 172.31.255.255.
➢ Given that Sprint is assigning the link addressing from RFC1918 space, it is possible for there to be contention with the customer’s internal addressing scheme.
➢ If the customer has already deployed IP addresses from the specified range of 172.20.0.0 – 172.31.255.255, then the account team must perform the following:
1) If an overlap exists with the IP addressing, then the Sprint team will work with the customer to identify non-conflicting, RFC1918 /30s for each link. If a conflict arises, Sprint will have to manually assign and provision the link addresses which may require additional provisioning time.
2) The Design Document (DD) contains a flag which serves as an indicator to Sprint that the customer’s internal addressing scheme conflicts with the Sprint’s pre-established range. This flag must be checked when a conflict exists.
CIDR Addressing
Given that MPLS VPNs provide customers with their own dedicated routing domains, there is no need for customer’s to request CIDR allocations from Sprint. As previously outlined, the customer is free to use their existing enterprise addressing scheme, there is no need for the customer to re-number using globally unique (i.e. public) addresses.
MPLS VPN over Peerless IP (PIP)
Sprint offers the Government an MPLS (RFC 2547) Network-based IP VPN solution over Sprint’s Peerless IP (PIP) backbone. This solution targets the needs of customer segments that not only require privacy and segmentation within the backbone, but also require a backbone/underlying transport which are not part of the public Internet. The Sprint Peerless IP network offers physically and logically segregated underlying transport from the public Internet. As a non-peered, private IP network, our Peerless IP was purposely designed to provide both high-security AND high-performance multi-service IP networking. Sprint offers this choice where security concerns about operating in conjunction with publicly routable Internet services dictate the use of transport where no core Layer 2 or Layer 3 switching elements ever peer with public Internet services. This option offers the unmatched combination of physical network separation (physically distinct edge and core routers), logical network segregation (via MPLS VPN), and IPSec overlay (for data encryption). Figure 1.B.3-40 illustrates the Sprint MPLS VPN over PIP solution.
[pic]
Figure 1.B.3-40 Sprint MPLS VPN over PIP Solution
Sprint Peerless IP Backbone
The Sprint Peerless IP (PIP) Network is a native IP backbone developed to address the specific needs of Federal Government Agencies. The key advantages of the Sprint Peerless IP network are that it has no connectivity to the public Internet (potentially serious network security and performance vulnerability) and the ability to support class-of-service (CoS). Unlike many other service provider networks, the separation from the Internet is not only logical, but also physical down to the routers used. This separation ensures that no common infrastructure is used between the Internet and PIP – mitigating any chance of an Internet worm or denial-of-service attack on a PIP subscriber network.
The standalone PIP network is wholly-owned by Sprint and is generally available in the continental U.S. from fractional T1 up to OC-12 speeds. Each PIP access node is serviced by the existing Sprint nationwide footprint of Points of Presence (POPs). Within each backbone node, a complement of Cisco multi-service Gigabit Switched Router (GSR) and 7500 series switch-routers are deployed to create access and backbone node layers. There are at least two connections from any switch-router within a node to another within the site. In addition, each node as a whole has at least three connections to other geographically diverse node locations in the U.S. Due to the advanced design and quality-of-service attributes of the PIP network, Cisco has awarded Sprint the Multi-service Network (MSN) certification.
Sprint MPLS VPN over PIP – Policies and Restrictions
The Peerless IP network is a completely isolated backbone. The following restrictions exist for any VPN solution offered on the Peerless IP network. These include:
1) NO INTERNET ACCESS.
2) No DSL, Remote or Wireless Access.
3) No integration with sites on any of Sprint’s Partners networks (i.e. Equant, etc).
Access to the Public Internet: Sprint will prohibit customers from providing access to Sprint’s Peerless IP (“PIP”) network via the public Internet. For example, a customer establishing and/or hosting a “gateway” which would allow access to the network via a public Internet connection from the customer’s own internal network is prohibited.
All use of the Sprint PIP network and services must comply with Sprint’s Acceptable Use Policy (“AUP” or “Policy”) as defined herein. The AUP is as follows:
Prohibited uses of Sprint’s IP Products, Systems, and Services are as follows:
1. Transmission, distribution or storage of any material in violation of any applicable law or regulation is prohibited. This includes, without limitation, material protected by copyright, trademark, trade secret or other intellectual property right used without proper authorization, and material that is obscene, defamatory, constitutes an illegal threat, or violates export control laws.
2. Sending unsolicited mail messages, including the sending of "junk mail" or other advertising material to individuals who did not specifically request such material ("e-mail spam"). This includes, but is not limited to, bulk-mailing of commercial advertising, informational announcements, and political tracts. It also includes posting the same or similar message to one or more newsgroups (excessive cross-posting or multiple-posting). Sprint accounts or services may not be used to solicit customers from, or collect replies to, messages sent from another Internet Service Provider where those messages violate this Policy or that of the other provider.
3. Unauthorized use, or forging, of mail header information (e.g. "spoofing").
4. Unauthorized attempts by a user to gain access to any account or computer resource not belonging to that user (e.g., "cracking").
5. Obtaining or attempting to obtain service by any means or device with intent to avoid payment.
6. Unauthorized access, alteration, destruction, or any attempt thereof, of any information of any Sprint customers or end-users by any means or device.
7. Knowingly engage in any activities that will cause a denial-of-service (e.g., synchronized number sequence attacks) to any Sprint customers or end-users whether on the Sprint network or on another provider's network.
8. Advertising, transmitting, or otherwise making available any software, program, product, or service that is designed to violate this AUP or the AUP of any other Internet Service Provider, which includes, but is not limited to, the facilitation of the means to send e-mail spam, initiation of pinging, flooding, mail-bombing, denial of service attacks, and piracy of software.
9. Using Sprint's Services to interfere with the use of the Sprint network by other customers or authorized users.
Each Sprint IP customer is responsible for the activities of its customer base/representatives or end-users and, by accepting service from Sprint, is agreeing to ensure that its customers/representatives or end-users abide by this Policy. If there is a material violation of the AUP, Sprint shall notify the Customer and the Contracting Officer in an attempt to resolve the issue. For all but the most egregious of these violations, Sprint shall provide two additional escalation notices before taking unilateral action. In the event these steps are not successful, Sprint may, only to the extent necessary to prevent further violations of the AUP, suspend the service or amend or terminate this Agreement effective upon five (5) days written notice to the Customer and the Contracting Officer. However, Sprint reserves the right to immediately and without prior notice suspend service, if Sprint reasonably determines that the integrity or normal operation of the Sprint PIP network is in imminent danger. If after such a suspension of Service, Sprint and the Customer can not resolve the AUP violation, Sprint may, only to the extent necessary to prevent further violations of the AUP, amend or terminate this Agreement effective upon five (5) days written notice to the Contracting Officer and the Customer. In the event of a termination of this Agreement, Sprint reserves the right to submit a Termination for Convenience claim under the Termination provision of the prime contract.
Sprint reserves the right to seek an equitable adjustment under the Changes provision if Sprint experiences any increase in the cost of performance arising out of any corrective actions required as a result of the Customer’s violation of the AUP
Sprint otherwise reserves the right to amend the AUP from time to time, effective upon written notice to, and prior written approval by the GSA Contracting Officer. Said approval will not be unreasonably withheld. In the event a material change to the Policy is objectionable to the Government, the Government may terminate service for convenience without penalty with thirty (30) days following notice of such change.
Sprint reserves the right to suspend Services without notice (a) in response to a court or Government demand (in its sovereign capacity), or (b) if Sprint reasonably determines the integrity or normal operation of the Sprint network is in imminent risk.
In the event that Sprint suspends service, Sprint will do so only as reasonably necessary to prevent further similar violations of the AUP, comply with a court or government demand, or protect the Network (e.g., in appropriate cases, Sprint will suspend service to the offering node only). Furthermore, Sprint will reinstate service once the violation or demand is resolved upon receiving assurances from the Customer that the Customer has taken remedial measures to ensure that the violation or risk to the Network will not reoccur.
The Government is considered a Sprint Peerless IP customer if their services are provided over Sprint’s Peerless IP Network (private Autonomous System # 65534 which is the IP designation for PIP).
1. Connection Equipment: This item refers to the customer’s premise router that is connected (via a local loop or cross connect) to the PIP network. Sprint will prohibit the Government from implementing connectivity to the public Internet on the same customer premise device (i.e. router) that is used to connect to the PIP network.
2. CPE Route Announcements: Sprint will prohibit the Government from establishing a default IP route to the network. Instead, Sprint will require the Government to define each static route within their CPE’s routing table.
3. Access to the Public Internet: Sprint will prohibit the Government from providing access to the network via the public Internet. As example; the Government establishing and/or hosting a “gateway” which would allow access to the PIP network via a public Internet connection from the Government’s own internal network.
3.3.1.2 Features (C.2.3.3.1.2)
The following access features shall be supported.
Optional Value Added Features for MPLS PIP:
1) Web-Based Network Manager (Description of Sprint Provided WBNM services are described in Section 20.0 of Volume 1)
2) Managed Network Services (Description of Sprint MNS is described in section 13.0 of Volume 1)
3) Managed Security Services (Description of Sprint-provided MSS devices and management is described in section 16.0 Managed Security Services of Volume 1)
3.3.1.2.1 Mandatory (C.2.3.3.1.2.1)
None.
3.3.1.3 Performance (C.2.3.3.1.3)
The access performance parameters for originating or terminating access connection between a POP and an SDP shall meet the following:
(a) Transmission Performance
(1) For dedicated access arrangements, the IPS access delay shall not exceed the delay caused by the access line speed.
The delay on dedicated access for IPS will not exceed the delay caused by the access line speed. Access performance parameters on Sprint’s IPS for originating and terminating access connections between a POP and an SDP will meet or exceed all performance requirements.
Sprint’s IPS dedicated access implementation utilizes standard transmission framing formats, such as channelized T1 with ESF framing, and does not add overhead information at the physical layer that can potentially add transmission delay at the access.
Sprint MPLS VPN over PIP - SLAs
1. POLICY.
Sprint is committed to providing reliable, high-quality VPN services on its world-wide networks. As one indicator of Sprint’s service commitment, Sprint provides Service Level Agreements covering these services and performs ongoing measurement of its service metrics. If the Government experiences performance that does not meet the applicable metric set forth in this SLA, then Sprint will issue a service credit to the Government. All defined terms are set forth in section 8.
2. SERVICE DELIVERY COMMITMENTS
Sprint realizes that business depends on effective communications, and that’s why Sprint provides SLAs for service installation and port availability with every contract on key data products. If for any reason Sprint misses these metrics, the Government will receive credits to compensate for the delay in service availability. The Government is entitled to service installation credits against amounts previously invoiced the Government for service installation requests.
2.A PORT INSTALLATION INTERVAL.
2.A.1. Port Installation Interval Commitment.
If the actual Port Installation Interval for an MPLS VPN over Peerless IP Port order exceeds the commitment set forth in Table 1, then Sprint will provide a Service Credit to the Government.
2.A.2. Port Installation Interval Credit. If Sprint fails to meet its Port Installation Interval Commitment, then the Agency DAR must contact his or her Sprint Representative in writing (e:mail is acceptable) within 15 business days after the installation in order to be eligible for the credit. Upon Sprint’s verification that the actual Port Installation Interval is more than the Committed Port Installation Interval, Sprint will issue a Service Credit to the Government. The Service Credit will equal the applicable percentage set forth in Table 1.B.3-34 of the non-recurring Port Installation charge set forth in the Government’s FTS2001 service order, not to exceed limits in Section 7. Approved Service Credit(s) will be applied to the Government’s invoice during the next billing cycle.
TABLE 1.B.3-34 – MPLS VPN over Peerless IP Port Installation Interval
|Circuit Type |Commitment |Service Credit |
| | | |
|Continental United States Fractional T1-NxT1 |40 calendar days |50% of the Port Installation NRC |
| | | |
|Continental United States Fractional DS3-Full DS3 |60 calendar days |100% of the Port Installation NRC |
| | | |
|Continental United States OC-n |Customer Commit Date |150% of the Port Installation NRC |
2.B. PORT AVAILABILITY.
2.B.1. Port Availability Commitment.
If the percentage of Port Availability is less than the applicable amount set forth in Table 1.B.3-35, then Sprint will provide a Service Credit to the Government.
2.B.2 Port Availability Credit.
If Sprint fails to meet its Port Availability Commitment, the Agency DAR must contact his or her Sprint representative in writing (e:mail is acceptable) within 15 business days of such failure. Upon Sprint’s verification that the actual Port Availability over the Measurement Period was less than the Committed Port Availability, Sprint will issue a Service Credit to the Government. The Service Credit will equal the applicable amount from Table 1.B.3-35 for the monthly recurring charges for the affected Port in the applicable month, not to exceed the limits in Section 7. Approved Service Credit(s) will be applied to the Government’s invoice during the next billing cycle.
TABLE 1.B.3-35: Committed Port Availability by Access Type
|Access Type | |Committed Metric |Outage Time | |Service Credit |
| | | | | | |
|Sprint MAN | |100.00% |Between 1 minute and 60 minutes | |3-Days Service Credit – Port and Local Loop |
| | | |Each additional whole hour over 1 hour | |Additional 1-Day Service Credit – Port and |
| | | | | |Local Loop |
| | | | | | |
|Customer Provided | |99.90% |Between 44 minutes and 60 minutes | |3-Days Service Credit – Port only |
|Access | | | | | |
| | | |Each additional whole hour over 1 hour | |Additional 1-Day Service Credit – Port Only |
| | | | | | |
|*Sprint-Provided | |99.90% |Between 44 minutes and 60 minutes | |3-Days Service Credit – Port and Local Loop |
|Access - Continental| | | | | |
|United States | | | | | |
| | | |Each additional whole hour over 1 hour | |Additional 1-Day Service Credit – Port and |
| | | | | |Local Loop |
*These SLAs only apply if the local access is leased line, local access.
3. NETWORK PERFORMANCE COMMITMENTS.
Network Performance is the measure of how data travels through the network. Sprint’s Network Performance SLAs are measured across specific Sprint network nodes. The network statistics are available for viewing monthly on Sprint provided web sites. In addition to the Service Delivery Commitments set forth in Section 2, all Government agency customers are eligible for the Network Performance Commitments detailed in this Section 3.
3.A. NETWORK DELAY.
3.A.1. Network Delay Commitment.
If the average roundtrip IP Network Delay in a Measurement Period exceeds the applicable time set forth in Table 1.B.3.36, then Sprint will provide a Service Credit to the Government.
Access Type Committed
3.A.2. Network Delay Validation.
Each month's measurements will be posted to and .
3.A.3. Network Delay Credit.
If Sprint fails to meet the Committed Network Delay set forth in Table 1.B.3.36, the Agency DAR must contact his or her Sprint representative in writing (e:mail is acceptable) within 15 business days of the Network Delay metrics being posted for the current Measurement Period. Upon Sprint’s verification that the actual Network Delay over the Measurement Period was greater than the Committed Network Delay specified for that region, Sprint will issue a Service Credit to the Government equal to 100% of the monthly recurring charges for all affected Ports, not to exceed the limits in Section 7. Approved Service Credit(s) will be applied to the Government’s invoice during the next billing cycle.
3.B. NETWORK PACKET LOSS
3.B.1. Packet Loss Commitment.
If the average roundtrip Packet Loss in a Measurement Period exceeds the applicable percentage set forth in Table 1.B.3-36, then Sprint will provide a Service Credit to the Government.
3.B.2. Packet Loss Validation.
Each month's measurements will be posted to and .
3.B.3. Packet Loss Credit.
If Sprint fails to meet its Committed Packet Loss commitment as set forth in Appendix A, Table 1.B.3-36, the Agency DAR must contact his or her Sprint representative in writing (e:mail is acceptable) within 15 business days of the Packet Loss metrics being posted for the current Measurement Period. Upon Sprint’s verification that the actual Packet Loss over the Measurement Period was greater than the Committed Packet Loss specified for that region in Table 1.B.3-36, Sprint will issue a Service Credit to the Government equal to 100% of the monthly recurring charges for all affected Ports, not to exceed the limits in Section 7. Approved Service Credit(s) will be applied to the Government’s invoice during the next billing cycle.
3.C. NETWORK JITTER
3.C.1. Network Jitter Commitment.
If the average roundtrip Network Jitter in a Measurement Period exceeds the applicable percentage set forth in Table 1.B.3-36, then Sprint will provide a Service Credit to the Government.
3.C.2. Network Jitter Validation.
Each month's measurements will be posted to and .
3.C.3. Network Jitter Credit.
If Sprint has fails to meet its Network Jitter commitment as set forth in Table 1.B.3-36, the Agency DAR must contact his or her Sprint representative in writing (e:mail is acceptable) within 15 business days of the Network Jitter metrics being posted for the current Measurement Period. Upon Sprint’s verification that the actual Network Jitter over the Measurement Period was greater than the Committed Network Jitter specified for the Government in Table 1.B.3-36, Sprint will issue a Service Credit to the Government equal to 100% of the monthly recurring charges for all affected Ports, not to exceed the limits in Section 7. Approved Service Credit(s) will be applied to the Government’s invoice during the next billing cycle.
TABLE 1.B.3-36: Network Performance Commitments
|Measurement Region |
| | | | |
|1 | All FDDI cable and | Up to 43.008 Mb/s (Note 1) |FDDI IPv4 |
| |connector types | | |
|2 | All Fast Ethernet cable | Up to 43.008 Mb/s (Note 1) | IEEE 802.3u IPv4 |
| |and connector types | | |
|3 | All IEEE 802.5 cable and | Up to 43.008 Mb/s (Note 1) |IEEE 802.5 IPv4/IPX |
| |connector types | | |
|4 | All IEEE 802.3 cable and | Up to 1.536 Mb/s (Note 1) |IEEE 802 IPv4/IPX |
| |connector types | | |
|5 | EIA RS-232 | Up to 19.2 kb/s | IPv4 |
|6 | EIA RS-449 | Up to 1.536 Mb/s | IPv4 |
|7 | EIA RS-530 | Up to 1.536 Mb/s | IPv4 |
|8 | ITU-TSS V.35 | Up to 1.536 Mb/s | IPv4 |
| | | | |
|9 | ISDN PRI | Up to 1.536 Mb/s | IPv4 |
|10 | T1 | Up to 1.536 Mb/s | IPv4 |
|11 | E1 (non Domestic) | Up to 1.92 Mb/s | IPv4 |
Note 1: Output data rate of a contractor-provided bridge or router connecting to a LAN.
SprintIP will support the following UNI types as given in Table C.2.3.3.1.4.1.1-1.
UNI # 1
Government furnished IP devices will connect to a router through an FDDI Network Processing Module. The traffic will be delivered to Sprint’s IP network through the router’s high speed serial interface (HSSI). The router’s HSSI port will interface with the Sprint network through a T3 CSU/DSU. Data rates up to 43.008 Mbps will be supported under this configuration.
UNI # 2
Government furnished IP devices will connect to a router through a Fast Ethernet Network Processing Module. The IPv4 over IEEE 802.3 traffic will be delivered to Sprint’s IP network through the router’s high speed serial interface (HSSI). The router’s HSSI port will interface with the Sprint network through a T3 CSU/DSU. Data rates up to 43.008 Mbps will be supported under this configuration.
UNI # 3
Government furnished IP devices will connect to a router through an IEEE 802.5 interface. The IPv4 and IPX over IEEE 802.5 traffic will be delivered to Sprint’s IP network through the router’s high speed serial interface (HSSI). The router’s HSSI port will interface with the Sprint network through a T3 CSU/DSU. Data rates up to 43.008 Mbps will be supported under this configuration.
UNI # 4
Government furnished IP devices will connect to a router through an IEEE 802.3 interface. The IPv4 and IPX traffic over IEEE 802.3 will be delivered to Sprint’s IP network through the router’s V.35 serial interface. The router’s V.35 port will interface with the Sprint network through a T1 V.35 compliant CSU/DSU. IP services data rates up to 1.536 Mbps will be supported under this configuration.
UNI # 5
Government furnished IP terminals will connect via an RS-232 interface to a router at data rates up to 19.2 Kbps. The IPv4 traffic will be delivered to Sprint’s IP network through the router’s V.35 serial interface. The router will interface with the Sprint network through a V.35 compliant CSU/DSU.
UNI # 6
A router will deliver GFE generated IPv4 traffic to Sprint’s IP network through an RS-449 serial port. An interface converter will convert the RS-449 port into a V.35 port. The newly converted port will interface with the Sprint network through a V.35 compliant CSU/DSU. IP services data rates up to 1.536 Mbps will be supported under this configuration.
UNI # 7
A router will deliver GFE generated IPv4 traffic to Sprint’s IP network through an RS-530 serial port. The router will interface with the Sprint network through an RS-530 compliant CSU/DSU. IP services data rates up to 1.536 Mbps will be supported under this configuration.
UNI # 8
A router will deliver GFE generated IPv4 traffic to Sprint’s IP network through a V.35 serial port. The router will interface with the Sprint network through a V.35 compliant CSU/ DSU. IP services data rates up to 1.536 Mbps will be supported under this configuration.
UNI # 9
A router ISDN PRI interface will support multiple ISDN data calls from Government Furnished IP devices at an aggregate data rate of up to 1.536 Mbps. The router will deliver the IPv4 traffic to Sprint’s IP network through a V.35 serial interface. The router will interface with the Sprint network through a V.35 compliant CSU/DSU.
UNI # 10
A router will deliver GFE generated IPv4 traffic to Sprint’s IP network through a T1 interface. The router will interface with the Sprint network through a T1 CSU/DSU. Data rates up to 1.536 Mbps will be supported under this configuration.
UNI # 11
A router will deliver GFE generated IPv4 traffic to Sprint’s IP network through a E1 interface. The router will interface with the Sprint network through an E1 CSU/DSU. This service is not available domestically.
3.3.1.4.1.2 User-to-Network Access Interfaces for High Speed IPS - (C.2.3.3.1.4.1.2)
Sprint will provide UNIs for High Speed IPS at speeds above DS1. X
1. X
2. X
3. X
4. X
5. Gigabit Ethernet Access – Available under ICB conditions only. Sprint will conduct and assessment of the Sprint network and LEC facility availability to provide this service. After obtaining Firm Order Confirmation (FOC) dates from the involved LEC, Sprint will deliver availability and interval information to the customer.
Sprint’s IP Service supports high-speed interface standards including the following interfaces:
6. ITU-TSS V.35: Government Furnished Equipment (GFE) generated IP Traffic will be transmitted on a V.35 serial port. The V.35 port will interface with the Sprint network through a Sprint provided V.35 compliant device. X
7. EIA RS-449: Government Furnished Equipment (GFE) generated IP Traffic will be transmitted on an RS-449 serial port. The RS-449 port will interface with the Sprint network through a Sprint provided RS-449 compliant device. X.
8. COAX: Government Furnished Equipment (GFE) generated IP Traffic will be transmitted on a coaxial interface. Sprint will not provide any equipment at the Government’s location. IP rates of up to 45 Mb/s (43.008 Mb/s) will be supported under this configuration. X
9. 802.3: Government Furnished Equipment (GFE) generated IP Traffic will be transmitted on an RJ-45 Ethernet connection. The RJ-45 will interface with the Sprint network through a Sprint provided router. X
10. 802.3u: Government Furnished Equipment (GFE) generated IP Traffic will be transmitted on an RJ-45 Fast Ethernet connection. The RJ-45 will interface with the Sprint network through a Sprint provided router. X
11. 802.5: Government Furnished Equipment (GFE) generated IP Traffic will be transmitted on a DB-9 Token Ring connection. The DB-9 will interface with the Sprint network through a Sprint provided router. X
12. FDDI: Government Furnished Equipment (GFE) generated IP Traffic will be transmitted on a fiber FDDI connection. The fiber will interface with the Sprint network through a Sprint provided router. X
13. HSSI: Government Furnished Equipment (GFE) generated IP Traffic will be transmitted on a HSSI interface. The HSSI port will interface with the Sprint network through a Sprint provided device. X
14. X
15. X
16. Gigabit Ethernet Access: Government Furnished Equipment (GFE) generated IP traffic will be transmitted on a fiber interface. Sprint will not provide any equipment at the Government’s location. An IP rate of 1000 Mb/s will be supported under this configuration.
Sprint will provide the following interfaces:
|Table 1.B.3-26-1 High Speed UNI Table |
|UNI Type |Interface Type |Payload Data Rate |Protocol Type |
|12* |V.35/RS-449 |X |IPv4 |
|13* |HSSI |X |IPv4 |
|14* |COAX |X |IPv4 |
|15* |HSSI |X |IPv4 |
|16* |COAX |X |IPv4 |
|17* |HSSI |X |IPv4 |
|18* |COAX |X |IPv4 |
|19* |HSSI |X |IPv4 |
|20* |COAX |X |IPv4 |
|21* |HSSI |X |IPv4 |
|22* |COAX |X |IPv4 |
|23* |HSSI |X |IPv4 |
|24* |COAX |X |IPv4 |
|25* |HSSI |X |IPv4 |
|26* |COAX |X |IPv4 |
|27* |HSSI |X |IPv4 |
|28* |COAX |X |IPv4 |
|29* |HSSI |X |IPv4 |
|30* |COAX |X |IPv4 |
|31* |HSSI |X |IPv4 |
|32* |COAX |X |IPv4 |
|33* |HSSI |X |IPv4 |
|34* |802.3 Ethernet |X |IPv4 |
|35 |802.3u Fast Ethernet |X |IPv4 |
|36 |802.5 Token Ring |X |IPv4 |
|37 |FDDI |X |IPv4 |
|38* |COAX |X |IPv4 |
|39* |Fiber |X |IPv4 |
|40* |Fiber |X |IPv4 |
|41 |Fiber |1000 Mp/s (GigE) |IPv4 |
*denotes new UNIs in Modification PS12.
Only IPv4 will be supported under these UNIs. Payload data rate includes IPv4 generated overhead. (DS3) indicates the UNI must be delivered on an unchannelized DS3 access.
3.3.1.4.1.3 MultipleT1 Load Sharing Service
X
X
X
1. X
2. X
3. X X
Customer router configuration
X
X
Figure 1.B.3-29.a X
X
X
X
Figure 1.B.3-29.b X
X
|Table 1.B.3-26-2 Router Configurations |
|X Router |Minimum IOS version |
|X |X |
|X |X |
|X |X |
|X |X |
|X |X |
|X |X |
|X |X |
X
|Table 1.B.3-26-3 Minimum Router Chassis |
|Number of T1s |Minimum Router Chassis |
|X |X |
|X |X |
|X |X |
|X |X |
|X |X |
3.3.1.4.1.4 Additional GFE Necessary for High Speed IPS
The Government must furnish a business line for remote modem access to the Sprint equipment for configuration and trouble isolation. The business line must be located adjacent (within 1 meter) of the Sprint equipment. Sprint will connect the modem to the business line. A business line is not necessary if Sprint furnishes a X
3.3.1.4.2 Local Access to Network Interface (C.2.3.3.1.4.2)
Pursuant to Section C.2.1.16, the contractor shall support/provide the following interfaces to connect to a POP for the provision of IPS access.
Sprint’s IPS will support and provide all mandatory local access to network interfaces including dedicated, circuit switched, and internetworked access interfaces required to connect to a POP.
3.3.1.4.2.1 Dedicated Access (C.2.3.3.1.4.2.1)
(a) Mandatory
(1) T1 and Fractional T1with ESF (Standard: Bellcore Pub: SR-TSV-002275; ANSI T1.102/107/403)
(2) ISDN PRI (Standard: ANSI T1.607 and 610)
(3) T3 and Fractional T3 (Standard: Bellcore Pub: GR-499-CORE)
(4) E1 for Non-Domestic use (Standard: ITU-TSS G.702)
(5) DS0 (Bellcore Pub: SR-TSV-002275)
The following Mandatory dedicated access standards for local access to network interface will be supported and provided by Sprint’s IPS:
• Sprint’s dedicated access will provide support for T1 and Fractional T1 with ESF as specified in the Bellcore Pub: SR-TSV-002275; ANSI T1.102/107/403 standards.
• Sprint IPS dedicated access will provide and support the LANI interface for the ISDN PRI standard ANSI T1.607 and 610.
• Sprint IPS dedicated access will provide and support the LANI interface for the T3 and Fractional T3 (Standard: Bellcore Pub: GR-499-CORE).
• Sprint IPS dedicated access will provide and support the LANI interface for the E1 for Non-Domestic use (Standard: ITU-TSS G.702).
• A router will deliver GFE generated IP traffic to Sprint’s IP network through a V.35 serial port. The router will interface with the Sprint network through a Sprint Certified DSU. IP services data rates of 56/64 kbps will be supported under this configuration. The dedicated facilities use DS0 signaling and formatting as specified by the Bellcore Pub: SR-TSV-002275 standards.
3.3.1.4.2.2 Local Access to Network Interface - Dedicated Access
Sprint will provide the Government with an OC3 IPS interface at the Sprint POP. Under this offering, the Government’s access provider will connect to Sprint’s IP network through a SONET OC3 interface. Data rates up to 155.5 Mb/s will be supported under this configuration. IPv4 will be the only protocol supported for this LANI.
3.3.1.4.2.3 Internetworked Access (C.2.3.3.1.4.2.3)
(a) Mandatory
(1) None
3.3.2 Internet Protocol Internetworking Service Transport Requirements (C.2.3.3.2)
3.3.2.1 Basic Service Description (C.2.3.3.2.1)
IPS shall support connectionless service between users (i.e., IP hosts) for execution of user applications based on protocols, such FTP, SMTP, HTTP, and connection to remote hosts (TELNET).
Sprint offers IPS port speeds as listed in Table 1.B.3-26-4.
|Table 1.B.3-26-4 IPS Dedicated Access Port Speeds |
|Port Speed |Availability* |
|X |X |
|X |X |
|X |X |
|X |X |
|X |X |
|X |X |
|X |X |
|X |X |
|X |X |
|X |X |
|X |X |
|X |X |
|X |X |
|X |X |
|X |X |
|X |X |
|X |X |
|X |X |
|X |X |
|X |X |
|X |X |
|X |X |
|X |X |
|1000 Mb/s |Domestic Only** |
* Additional port speeds offered under Modification PS12.
** Not all port speeds are available in all countries
** SCA required for capacity. May not be available in all locations.
Sprint will support connectionless service between users (i.e., IP hosts) for execution of user applications based on protocols, such as File Transfer Protocol (FTP), SMTP, Hyper Text Transfer Protocol (HTTP), and connection to remote hosts (TELNET). Sprint IPS is comprised of a suite of Internet Protocol (IP) based services providing the Government global connectivity of LANs, hosts, and remote users. These services will support dedicated and modem dial-in access to the global internet, Virtual Private Networks (VPN) or Extranets, and firewall security services. Sprint’s suite of IP Services is comprised of:
• Internet Service – Provides access the global Internet
• Intranet Service – Establishes Virtual Private Networks (VPNs) or Extranets
• Security Services – Provides comprehensive firewall security services
Sprint’s Intranet/Internet Service will provide connectionless data transmission based on the TCP/IP protocol. The Government’s LANs, hosts, and terminals can use the full suite of native TCP/IP services when communicating through Sprint’s Intranet/Internet Services. These services will include:
• File Transfer Protocol (FTP): Intranet supports the use of FTP to send character or binary files between network destinations. FTP lets users specify on the command line the host with which the file transfer will be initiated and the options for transferring the file. Full host-to-host FTP capabilities are also supported. When the additional overhead of FTP is not required to complete a file transfer, Intranet supports the use of the Trivial File Transfer Protocol (TFTP).
• Simple Mail Transfer Protocol (SMTP): SMTP uses a client/server relationship similar to FTP to move readable text between Internet mailboxes. Similar to most mail services, the source sends the data using the Internet format and it is routed by Intranet to the local mail server at the target destination. Intranet routes E-mail datagrams to requested destinations. If the recipient is not logged onto the system, the datagram is stored by the appropriate host mail server.
• HyperText Transfer Protocol Daemon (HTTPD): HTTPD is the protocol that specifies the communication rules for the World-Wide Web (W3). Web pages are developed using hypertext markup language (HTML). HTML is an ASCII based language that is used to describe what the web page will look like. With the use of a web browser a user may transfer these HTML files from a server, through our intranet network, to their workstation for viewing.
• Telnet: Intranet offers Telnet server functionality to allow terminal-oriented processes to communicate. Intranet Telnet service includes a user interface and command set through which a dial or dedicated terminal can open communications with a host, and send information character-by-character or line-by-line.
• Domain Name Server (DNS): Intranet supports the automated mapping of machine-readable names to Internet addresses represented by the TCP/IP DNS service.
An IP v4 or optional v6 host could be stand-alone or router connected to a LAN or in the Internet. The Government intends to use this service as a Government-wide intranet, and for access to extranets and to the global Internet.
Sprint will support IPv4 stand-alone hosts or routers connected to a LAN or in the Internet. Sprint’s Intranet/Internet Service provides global connectivity between hosts throughout the world and secure extranet services for the Government. These services support IP version 4 (IPv4) standards. X
The IPS shall conform to all RFCs cited as required or recommended by the IAB, as documented in the current version of RFC 2200 (Internet Official Protocol Standards).
Sprint is an active member of several standards organizations and is dedicated to adhering to industry standards. FTS2001 IPS will fully conform to all RCFs required or recommended by the Internet Architecture Board (IAB), as documented in RFC-2200 Internal Protocol Standards.
Pursuant to Section C.2.1.16, the contractor shall provide interconnections between the contractor’s listed POPs. The contractor shall accept at any of its listed POPs which support the appropriate on-net service, originating IPS packets via dedicated, and internetworked access arrangement from the associated access providers. The contractor shall hand off terminating IPS packets via dedicated, and internetworked access arrangements from any of its listed POPs which support the appropriate on-net service to the associated access providers
Sprint will provide interconnections between the listed POPs, per Section C.2.1.16. Access to the Intranet/Internet Service network is provided by dedicated and internetworked access connections. On-net origination locations are connected to originating Sprint POPs that provide connectivity to all other Sprint POPs supporting terminating on-net locations
connected to the terminating POP. Sprint will accept at any of Sprint’s POPs which support the appropriate on-net service, originating IPS packets via dedicated and internetworked access arrangement from the associated access providers. Sprint will hand off terminating IPS packets via dedicated and internetworked access arrangements from any of its listed POPs which support the appropriate on-net service to the associated access providers.
The contractor shall support dial-in capability to IPS. Authorized users will access this capability through the appropriate CSS (options include SVS, Toll Free Service, or CSDS [see Section C.2.2]). The dial-in location(s) for IPS shall be within the transport network. The IPS shall support both on-net FTS2001 phone numbers and toll free phone numbers for dial-in access to IPS through asynchronous access and through synchronous access using the point-to-point protocol. Access to the network shall be provided only after verification of the authorization code entered by the user. If toll free phone numbers are utilized ,the contractor shall bill the CSS charges to the appropriate user organization. The contractor shall support the following data rates:
(a) Point-to-point protocol up to 28.8 kb/s using analog facilities
(b) Point-to-point protocol at 56/64/128 kb/s using digital facilities
The contractor may exceed the basic requirement by providing local telephone numbers for dial-in users.
Sprint will support dial-in capability to IPS. Authorized users will access this capability through the appropriate CSS (options include SVS, Toll Free Service, or CSDS [see RFP Section C.2.2]). The dial-in location(s) for IPS will be within the transport network. The IPS will support both on-net FTS2001 phone numbers and toll free phone numbers for dial-in access to IPS through asynchronous access and through synchronous access using the point-to-point protocol. Access to the network will be provided only after verification of the authorization code entered by the user. If toll free phone numbers are utilized, Sprint will bill the CSS charges to the appropriate user organization. Sprint will support the following data rates:
(a) Point-to-point protocol up to 28.8 kb/s using analog facilities
(b) Point-to-point protocol at 56/64/128 kb/s using digital facilities
X
| |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
The IPS shall support outgoing connections to IP-hosts in the FTS2001 networks and in the Internet. Incoming connections to FTS2001 users (IP-hosts) shall only be allowed from authorized users in FTS2001 networks and in the Internet.
Since Sprint is an integral part of the global Internet any outgoing connections to IP hosts in the FTS2001 networks and the internet will be fully supported. Incoming access to the FTS2001 network will be secured through the use of firewalls and user authentication.
X
X
X
X
X
XXXXThe contractor shall provide an addressing plan for the IPS that is based on the standard for IPv4 addressing
Sprint will provide an addressing plan that is based on the standard for IPV4 addressing. SprintIP will use only valid IPv4 InterNIC-registered addressing.
The following additional capabilities shall be supported:
ca) The contractor shall administer a DNS for Class C address. It shall be possible to assign a unique domain name to a stand alone host, a host attached to a LAN, or to the Internet. If a host has a unique domain name assigned to it, then it shall be possible to address the host by its domain name instead of its numeric IP address. The contractor shall accommodate all
existing Government IP addresses. . In addition, the contractor shall provide permanent (static) and temporary (dynamic) assigned IP addresses for circuit switched users.
• Domain Name Service: Sprint will offer Domain Name Service (DNS) for all IPS customers. Sprint’s DNS looks up customers’ mnemonic names and finds the associated numerical IP addresses – a mandatory step within the Internet’s addressing system. Sprint will provide redundant DNS services, called “Primary DNS” and “Secondary DNS.” Redundant services avoid a single point-of-failure. Sprint’s redundant DNS services run on independent systems. Sprint will support all Class C addresses allocated to Government users on Sprint’s IP Service. Primary and/or secondary domain name servers will be administered by Sprint.
Sprint currently provides DNS for the Government and will continue to support DNS after contract award. Sprint will accommodate all existing Government IP addresses. Sprint will provide either static or dynamic addresses for circuit switched users. User must specify dynamic or static IP address at time of order.
The contractor may exceed the basic requirements by providing the following:
(d) For circuit switched calls the contractor would support dynamically allocated IP address, and dynamically updating the DNS with the domain name and assigned IP address.
Sprint’s Dial-in Facilities for Intranet/Internet dynamically allocate IP addresses to the switched access user. DNS service will provide the domain name to IP address pairing. It is assumed that the domain name associated with an address has already been created through standard InterNIC procedures. X
(e) The contractor would provide an addressing plan for the IPS that is based on the standard for IPv6 addressing as stated in IETF RFC 2200.
Sprint’s Intranet/Internet Service will provide an addressing plan based on IP version 4 (IPv4) standardsX
X
(f) The contractor would support dial-in capability using asynchronous access. The contractor shall provide shell accounts for ASCII text based terminals. These shell accounts shall provide for a command line interface and shall support all TCP/IP command line commands. The contractor shall support access for these asynchronous terminals operating at the following data rates:
(1) Asynchronous up to 28.8 kb/s
Sprint will support dial-in capability using asynchronous access. Sprint will provide shell accounts for ASCII text based terminals. These shell accounts will provide for a command line interface and will support all TCP/IP command line commands. Sprint will support access for these asynchronous terminals operating at the following data rates:
(1) Asynchronous up to 28.8 kb/s.
3.3.2.2 Features (C.2.3.3.2.2)
The following IPS transport features shall be provided.
3.3.2.2.1 Mandatory (C.2.3.3.2.2.1)
(a) The contractor shall provide as a minimum, the following IP firewall capabilities:
(1) A filter definition language, a set of logging and reporting tools for per-port and per socket management and administration
(2) The ability to filter both incoming and outgoing traffic
(3) Provision of preconfigured checks for known methods of attack
(4) Application specific forwarding capability (e.g., Telnet/FTP only)
(5) Support of encrypted tunneling
Sprint will provide, at a minimum, the following IP firewall capabilities:
• A filter definition language, a set of logging and reporting tools for per-port and per socket management and administration
• The ability to filter both incoming and outgoing traffic
• Provision of preconfigured checks for known methods of attack
• Application specific forwarding capability (e.g., Telnet/FTP only)
• Support of encrypted tunneling
Sprint will provide the Government the ability to ensure the integrity of data and information on the FTS2001 network through a comprehensive security support program.
Government users of Intranet/Internet will receive ongoing protection of their computer systems and are able to minimize their vulnerability to unauthorized use.
The Intranet/Internet Security Services will include firewall implementation, configuration, and management. Sprint’s technical Security staff will assist the Government perform the Xfirewall administrationXXXXXXXXXX
XXX
3.3.2.3 Performance (C.2.3.3.2.3)
The network transport performance parameters for POP-to-POP connection shall meet the following:
(a) Transmission Performance
IPS transport shall meet the following performance parameters:
(1) One-Way Packet Delay (Limits: less than 200 milliseconds on the average)
IPS transport will support a one-way, POP-to-POP, delay of less than 200 milliseconds (on average) for both the Sprint Intranet and Internet Service networks across Sprint’s backbone facilities.
(b) Availability of Service
(1) The availability of the IPS transport shall be at least 99.8 percent
The Sprint Intranet/Internet service will maintain an average POP-to-POP network availability of at least 99.8 percent.
3.3.2.4 Interfaces (C.2.3.3.2.4)
3.3.2.4.1 Local Access to Network Interfaces (C.2.3.3.2.4.1)
Pursuant to Section C.2.1.16, the contractor shall support/provide the following interfaces (i.e., LANI) at each POP listed for the provision of IPS transport.
Sprint will support/provide the required interfaces (i.e., LANI) at each POP listed for the provision of IPS transport.
3.3.2.4.1.1 Dedicated Access (C.2.3.3.2.4.1.1)
(a) Mandatory
(1) T1 and Fractional T1 with ESF (Standard: Bellcore Pub: SR-TSV-002275; ANSI T1.102/107/403)
(2) ISDN PRI (Standard: ANSI T1.607 and 610)
(3) T3 and Fractional T3 (Standard: Bellcore Pub: GR-499-CORE)
(4) E1 for Non-Domestic use (Standard: ITU-TSS G.702)
(5) DS0 (Bellcore Pub: SR-TSV-002275)
Sprint will support mandatory Dedicated Access requirements on the Intranet/Internet service as follows:
• T1 and Fractional T1 with ESF: Sprint will provide interface (i.e., LANI) for the T1 and Fractional T1 with ESF (Standard: Bellcore Pub: SR-TSV-002275; ANSI T1.102/107/403) for dedicated access to connect at each POP for provision of IPS transport.
• ISDN PRI: Sprint IP Service will provide interface (i.e., LANI) for ISDN PRI (Standard: ANSI T1.607 and 610) for dedicated access to connect at each POP for provision of IPS transport.
• T3 and Fractional T3: Sprint IP service will provide a LANI for T3 and Fractional T3 per Bellcore Pub: GR-499-CORE standards.
• E1: Sprint IP Service will provide the interface (i.e., LANI) for E1 for Non-Domestic use (Standard: ITU-TSS G.702) for dedicated access to connect at each POP for provision of IPS transport.
• DS0: A router will deliver GFE generated IP traffic to Sprint’s IP network through a LANI. The router will interface with the Sprint network at a Sprint POP. IP services data rates of 56/64 kbps will be supported under this configuration. The dedicated access circuit use DS0 signaling and formatting as specified by the Bellcore Pub: SR-TSV-002275 standards.
3.3.2.4.1.2 Reserved (C.2.3.3.2.4.1.2)
3.3.2.4.1.3 Internetworked Access (C.2.3.3.2.4.1.3)
(a) Mandatory
IP v4
Sprint’s FTS2001 Intranet/Internet will provide internetworked networking based on the TCP/IP protocol. These services will provide IP version 4 (IPv4) standards.
................
................
In order to avoid copyright disputes, this page is only a partial summary.
To fulfill the demand for quickly locating and searching documents.
It is intelligent file search solution for home and business.