Network connectivity is critical to the delivery of core business functions of any company, and is generally considered to be the nervous system of a company; without it, business functions can become crippled and cease to communicate with one another. Therefore, the COT Division of Communications is charged with providing effective, efficient, and secure data, voice, and video communications infrastructure for all of state government. Our goal is to minimize the risk of communications disruptions to business critical data/systems; thus enabling an organization’s workforce to become more productive. The Division of Communications consists of the Network Operations Branch and the Telecommunications Branch.
The Network Operations Branch
The Network Operations Branch is responsible for the design, configuration, implementation, and support of the Commonwealth’s Network Infrastructure; which provides high speed, reliable network connectivity for agencies statewide. In addition to maintaining a scalable network environment that will meet current and future connectivity requirements, the Network Operations Branch also provides Security and Firewall services to protect the state’s network and data assets. As such, this branch consists of the Wide Area Network (WAN) team, Firewall team, and Video Conferencing teams.
The WAN Team
The WAN team manages the Commonwealth’s network core, the Metropolitan Area Network (MAN) sites, all remote WAN sites, as well as the state’s Internet connection. The WAN team also manages the states connection to the Kentucky Department of Education (KDE) and the Kentucky Post-Secondary Education Network (KPEN). WAN services include 24x7 network monitoring, hardware maintenance, network troubleshooting/configuration, and statistical reporting. The WAN team insures the correct configuration of the router and switch ports in terms of speed, duplex, VLAN’s, and routing. Additionally, the WAN team performs network services such as enterprise DHCP, protocol analysis (sniffing), and network performance assessments.
The Network Core is the foundation for all communications services, as it provides redundant connections for the COT Server Farm, MAN, WAN, and Internet. The configuration provides a fully redundant core split geographically between two (2) sites in Frankfort: the Commonwealth Data Center (CDC) and the KEWS (Kentucky Emergency Warning System) Building at the Boone National Guard Center. The two (2) sites are connected via a fiber ring; which consists of three (3) fiber pairs that utilize Coarse Wavelength Division Multiplexing (CWDM) technology to provide multiple Gigabit connections. The network core also provides routing/switching services for the Commonwealth's three (3) security zones: the Extranet / Internet, Enterprise DMZ / E-Gov Zone and Intranet, and is available at least 99.995% of the time in order to efficiently and effectively interconnect the aforementioned network segments. The Network Core Infrastructure is comprised of multiple Enterprise and Carrier class switches that are connected by Gigabit Ethernet.
The MAN provides high speed, high availability connectivity (99.995% uptime) for users in the Frankfort area utilizing a geographically diverse, redundant fiber optic ring technology for the transmission of voice, video and data for mission and business critical systems. Nodes are located at Commonwealth Data Center, KEWS at Boone National Guard Center, Health Resources Building, State Office Building, Transportation Office Building, Capital Plaza Tower, the Capitol Complex, Kentucky State Police Post 12 and Headquarters and approximately 35 additional fiber connected locations in Frankfort.
The WAN (Kentucky Information Highway) is a statewide network developed in partnership with the state's local telephone companies. Today, over 3,000 sites are inter-connected across the state including state agencies, libraries, local government, health departments and one hundred and seventy-four (174) school districts with over 1,243 schools. The WAN provides increased resiliency/fault tolerance, as well as increased security by virtually segmenting the WAN based on Agency/Dept needs. The WAN is comprised of edge routers on frame relay, point to point T1, bonded T1’s, Metro Ethernet, and DSL technologies.
The Firewall Team
The Firewall Team manages all enterprise and agency security platforms including firewalls, VPN, and Intrusion Detection and Prevention Systems. Firewall services include 24x7 network monitoring, log correlation, hardware maintenance, network troubleshooting/configuration, and security alerts/reporting. They work with the agency technical contacts to create rule-based firewall configurations that insure business continuity. Additionally, the Firewall team performs network services such as protocol analysis (sniffing).
The Internet and Intranet Firewalls provide the foundation of the enterprise’s network security model by preventing access to mission/business critical servers/data that don’t meet certain criteria. As such, these devices block attackers outside of the Commonwealth’s private network from maliciously accessing/compromising data and protect all Executive Branch IT resources (such as servers, PCs, Laptops, Printers, etc). Security Monitoring and Reporting provides the Commonwealth with a mechanism to correlate and report on all Firewall and Intrusion Detection System (IDS) system logs. We use this technology to measure the severity and scope of an attack, as well as determine where best to block/mitigate the attack. When a security incident is detected, an automatic alert is sent to IT Security Staff detailing what occurred and where it occurred, so that they can take the appropriate action to mitigate the problem. Since implementing this technology in 2005 we have seen a 90% (weekly) reduction in critical security incidents. Without this technology we would likely see increased incidents and sensitive/confidential information compromised.
Malware Protection protects all agency users who access the World Wide Web from unknowingly becoming infected while browsing legitimate websites. Malware, short for malicious software, is software designed to infiltrate a computer without the owner's informed consent, and includes a variety hostile, intrusive, or annoying software or program code. Preliminary results from Symantec published in 2008 suggested that "the release rate of malicious code and other unwanted programs may be exceeding that of legitimate software applications." According to F-Secure, "As much malware was produced in 2007 as in the previous 20 years altogether." Malware's most common pathway from criminals to users is through the Internet: primarily by e-mail and the World Wide Web.
Additionally, Internet Caching, Content Blocking and Reporting prevents users from accessing websites that are deemed inappropriate to their work. Examples of blocked sites include, but are not limited to, those containing pornography, gambling, etc. Internet Website Caching provides a mechanism to store content from frequently accessed websites, so that users accessing the same content (website) don’t have to consume more Internet bandwidth (resources). As such, they are able to access the content from the “copy” stored on the caching servers; thus preserving Internet bandwidth and reducing cost.
The Video Conferencing Team
The video conference is responsible for the design, configuration, implementation, and support of the Commonwealth’s video conferencing infrastructure. The COT Video Conferencing Team was established in July 2005, and now supports over 700 end users and over 3000 conference hours per month. The COT Video Conferencing Team manages the enterprise video infrastructure, as well as the video end points to insure effective and efficient meetings, training, and collaboration. They also provide scheduling, consulting, and design services.
The Video Conferencing Core provides the necessary infrastructure for multiple video conferencing endpoints to connect to and communicate effectively. This technology facilitates the transmission/reception of voice, video, and document content during a video conference connection. Agencies use this technology frequently to facilitate employee training, project collaboration, management meetings for staff who are geographically dispersed throughout the state. In conclusion, they are able to save money on travel expenses such as mileage, logging, and meals, as well as lost wages/productivity.
The Telecommunications Branch is responsible for the design, configuration, implementation, and support of the Commonwealth’s voice and cabling Infrastructure; which provides various voice services including but not limited to local / long distance calling, voice mail, and desktop faxing. In addition to maintaining an effective and efficient voice communications environment that will meet current and future communications needs, the Telecommunications Branch also provides cabling installation services for any size location that meet current industry specifications. As such, this branch consists of the Voice Communications Team and the Cabling Infrastructure team.
The Voice Communications Team
The Voice Communications Team manages analog, digital and Voice over IP (VoIP) systems for all branches of state government. Most notably, they installed and maintain the Commonwealth of Kentucky’s Enterprise CS2100 Voice over IP (VoIP) phone system scalable to 50,000 users. They have also installed and maintain the Commonwealth’s redundant, centralized Call-Pilot Voice Mail/Auto Attendant system, as well as centralized Call Center Applications. Additionally, the Voice Communications team tests and troubleshoots voice equipment, fax, and modems, and provides conference bridges for large audio conference applications. The Voice Communications team has installed and maintains many (legacy) PBX and key telephone systems for all Executive Branch Agencies. The Telecommunications Voice Section consists of technicians with over 155 yrs of combined experience, and they provide highly skilled technical support and excellent customer service to state agencies. They also serve as the liaison between the Commonwealth of Kentucky and Vendors providing voice support to state agencies. This allows state agencies to reduce their dependency on outside vendors and resources; which will also reduce their expenses.
The Cabling Infrastructure Team
The Cabling Infrastructure Team is responsible for engineering, installing and maintaining cabling and wireless infrastructure for buildings and outside cable plants (buried and aerial). We have technicians with over 100 yrs combined experience, and insure that Industry and Enterprise standards are strictly followed and meet all necessary code restrictions. Additionally, the Cabling Infrastructure team tests and troubleshoots premise and fiber optic cabling for all branches of state government.