9.0National Security and Emergency Preparedness (C.5)

Contract No. GS00T99NRD2001

Modification Number: PS41

Effective Date: 12/18/02

9.0National Security and Emergency Preparedness (C.5)

9.1Introduction (C.5.1)

Telecommunications requirements for NS/EP are based on a set of telecommunications policies and procedures established by the National Communications System (NCS) in accordance with Executive Order 12472, developed to ensure critical Government and industry needs are met when an actual or potential emergency threatens the security or socio-economic structure of the U.S.

A national emergency is any circumstance or crisis (local, national, or international) that causes, or could cause, injury or harm to the population, damage to or loss of property, or that degrades or threatens the NS/EP posture of the U.S. under conditions of natural and man-made disasters and emergencies. Within the context of telecommunications services, emergency preparedness is the maintenance of a telecommunications capability that is in a state of readiness to meet the needs of Government (state, local, tribal, and Federal) during national emergencies. To meet these NS/EP telecommunications requirements the NCS has implemented the Government Emergency Telecommunications Service (GETS). As an extremely important telecommunications asset of the Government, FTS2001 is required to support GETS. Furthermore, because FTS2001 service extends into thousands of Government offices throughout the country, the FTS2001 networks represent a key resource for coping with emergency and disaster situations, and the FTS2001 networks are required to be maintained in a state of readiness for any emergencies. Detailed requirements are given in the following sections. .

Service capabilities specified here are not intended to replace capabilities provided under GETS or any other Government contracts but rather to assure that FTS2001 contract services, as a result of the networks’ characteristics and the use of prudent emergency contingency planning, provide FTS2001 users availability and reliability during emergencies that is comparable to the service provided during normal conditions.

The following definitions are used in this section:

• The term contractor’s FTS2001 network includes all infrastructure, SDP to SDP, used by the contractor to provide FTS2001 services, whether or not that infrastructure is owned by the contractor, but excluding the access portions of an end-to-end circuit when circuit-switched access is used.

• Critical users of telecommunications are key Government officials whose position requires special access and network treatment to assure telecommunications services during emergencies. During an emergency, critical users at Federal agencies generally interact with the management of critical industries, other Federal agencies, and state, local, and tribal Governments, on both an individual and regional basis, for developing emergency response options. It is estimated that the number of FTS2001 critical users will not exceed 10,000, and for the purposes of traffic analyses it may be assumed that they are distributed uniformly among the population that utilizes SVS.

The list of FTS2001 critical users is independent of the list of GETS users, which is maintained by the NCS, although the lists may overlap. Services provided to GETS users will have priority over all other FTS2001 services.

Sprint PCS can be used to access GETS and is compatible with GETS. GETS is not a part of FTS2001 and PCS is not a part of GETS.

For more than four years, Sprint has been a provider of the GETS service to the NCS, serving a community of Government callers who perform the exact functions defined by the term “critical users”. GETS was developed because the needs of critical emergency users and priority users could not be met by the feature sets and capabilities offered by standard commercial services. Similarly, in the implementation of FTS2000 Network B, Sprint created a separate VPN just for critical users to deliver their NS/EP requirements apart from the rest of the FTS2000 users. For FTS2001 Sprint will again implement the critical user SVS capability as a separate VPN meeting the NS/EP requirements in RFP Section C.5.2. This FTS2001 NS/EP VPN will not replace GETS but will mirror many of the attributes of the GETS VPN.

9.2NS/EP Capabilities for Voice Services (C.5.2)

The contractor shall support the following FTS2001 NS/EP capabilities for providing SVS (see Section C.2.2.1) during emergencies:

(a)Authorized access

(b)Priority treatment

(c)Enhanced routing

(d)Non-domestic connectivity

(e)Interoperability with other networks

(f)Switching and Signaling augmentation and restoration

(g)Protection of classified and sensitive information

(h)Assured service

(i)Readiness

The requirements for these NS/EP capabilities are described in more detail below.

Sprint will provide an FTS2001 NS/EP voice and voice-band data telecommunications service accessible from dedicated and switched access facilities in the 50 United States and the District of Columbia. International access and egress through the PSN international gateways will also be provided. The service will be constrained for use exclusively by authorized callers with NS/EP missions. XXX
XXXXXXX
XXXXX

XXXXXXX
XXXXX

9.2.1Authorized Access (C.5.2.1)

The contractor shall provide capability that will allow FTS2001 critical users priority access to services. Each critical user, or a group of users, shall be provided with a unique authorization code (Section C.2.2.1.2.1) that can be used to access the services.

An FTS2001 critical user shall have the capability of automatic authorization by assigned COS (derived, for example, from access-circuit line-marking, traveling class-mark, ANI or other means). The FTS2001 critical users shall be provided an authorization code that shall override an existing station/ line authorization (i.e., COS). The services shall be provided to critical users after proper authorization. The same procedure shall also be used to allow critical users to gain access from stations that are not pre-subscribed to FTS2001 by SVS switched access capability.

Once the authorization code is validated, the call shall be processed. If the authorization code is not valid (for example, if entered incorrectly), the caller shall be prompted to reenter the authorization code. If the authorization code, after three attempts, is again determined to be invalid, the call shall be disconnected.

If the automated access authorization system fails, the call shall be processed through a network operator and shall be allowed to complete with proper authorization.

Sprint will provide the capability to allow FTS2001 critical users priority access to services. This capability is described in detail below.

Sprint will authorize access for voice service via authorization code access. A critical user will have the capability of automatic authorization by assigned COS (derived, for example, from access-circuit line-marking, traveling class-mark, ANI or other means). The critical users will be provided an authorization code that will override an existing station/line authorization (i.e., COS). The services will be provided to critical users after proper authorization. The same procedure will also be used to allow critical users to gain access

from stations that are not pre-subscribed to FTS2001 by utilizing the service’s switched access capability. Sprint’s proposed implementation of these capabilities is described below.

X

X

X

X

X

X

XXXXXXX

XXXX9.2.2Priority Treatment (C.5.2.2)

FTS2001 critical users’ origination and termination traffic shall receive priority treatment over normal traffic through the use of:

(a)Control mechanisms, such as trunk queuing, trunk subgrouping, or trunk reservation

Sprint will provide NS/EP originating and terminating traffic priority treatment to FTS2001 critical users through the use of truck queuing. Trunk queuing (TQ) will be provided on all trunks egressing the Sprint network. TQ allows critical user calls to wait in a queue in the event all terminating route choices are in use at the time the call is processed. If no terminating trunks are available, the destination DMS250 switch will place the call into a

queue and initiate a timer for the call. The switch continually scans all trunks for a change in status (idle, originating, busy, etc.). When the switch detects a trunk change back to an idle state, it will check for any calls that may be queued for that route choice, in which case it will seize the trunk and process the queued call. If no calls are queued for that route choice, the trunk will become available for non-queued traffic.

Switch processing of queued calls is accomplished in the following manner:

• Queued calls terminate to a trunk group ahead of any new originating traffic.

• Queued calls are served on a first-in-first-out basis.

• Newly arriving critical user calls will be placed in queue behind existing queued calls for the same terminating trunk group.

• PSN traffic will be blocked if any critical user calls are in queue for the same terminating route.

(b)Exemption from restrictive network management controls that are used to reduce network congestion

The exemption of critical user traffic from restrictive network management controls (NMCs) (e.g., call gapping or code blocking) will be provided as a function of the unique NS/EP VPN setup.

(c)Operator assistance to achieve preferential treatment, such as interrupting an ongoing call)

Sprint will provide operator assistance for preferential NS/EP treatment, including the interruption of an on-going call.

9.2.3Enhanced Routing (C.5.2.3)

Enhanced routing for FTS2001 critical users (e.g., routing calls around congestion or around failure of switching or transmission element(s) in the contractor’s network) shall be used to improve performance and the capability of the contractor’s FTS2001 network to meet NS/EP objectives.

Enhanced routing is a standard feature of the Sprint intelligent network. Enhance routing is the ability to alternate traffic routes on a dynamic basis within Sprint’s flat network architecture in which every switch is directly connected to every other switch.X

XX9.2.4Non-Domestic Connectivity (C.5.2.4)

Non-domestic outgoing calling capability during an emergency shall be provided for FTS2001 critical users after proper authorization (as specified in Section C.5.2.1). Non-domestic incoming calls from FTS2001 critical users (as identified either from traveling class-mark or from authorization code) shall be routed to the access authorization system for proper authorization (as specified in Section C.5.2.1) and then to the destination. The contractor shall additionally provide operator assistance for priority call handling.

Critical users will be able to originate calls from any non-domestic location that supports either international toll free service (ITFS) or Sprint calling card service. A caller dialing an ITFS NS/EP access number will be routed through the foreign carrier to CONUS. A Sprint international gateway switch will route the call to a DMS250 switch which in turn will connect the critical user to the access authorization system for proper authorization (as specified in RFP Section C.5.2.1 and discussed in proposal paragraph B.9.2.1) and connection to the user’s destination. From non-domestic locations supporting only calling card services or for operator assistance for priority call handling, the critical user will dial for

connection to a Sprint operator. The Sprint operator will accept the NS/EP service 800 number from the caller. The operator will then connect the critical user to the access authorization system for proper authorization (as specified in RFP Section C.5.2.1 and discussed in proposal paragraph B.9.2.1) and connection to the user’s destination.

9.2.5Interoperability With Other Networks (C.5.2.5)

FTS2001 shall recognize the GETS Universal Access Number, 710-NCS-GETS (710-627-4387), and shall pass GETS calls to the Public Switched Network for subsequent priority call processing. After contract award, the FTS2001 contractors shall participate, upon Government request and on an individual case basis, in studies to determine appropriate ways in which FTS2001 network assets, and especially the many FTS2001 dedicated access lines, may be used to support GETS.

When FTS2001 critical users’ calls can not be completed using the contractor’s FTS2001 network, whether because of equipment outages or traffic congestion, the contractor shall support such calls using other networks as follows:

(a)If there is a second FTS2001 contractor, critical users’ calls shall be routed to its network. This requirement is expected to necessitate post-award study and agreements for special arrangements.

(b)Critical users’ calls that do not complete using any FTS2001 contractor’s network shall be routed to the PSN at an appropriate point. When becomes possible to do so without causing GETS interference, functionality such as that provided by High Probability of Completion (HPC) shall be utilized. (HPC is defined in ANSI Standard T1.631, SS7-HPC Network Capability, and is being further developed in ongoing Bellcore activities.)

If requested, the contractor shall support interoperability with other Government networks on an individual case basis.

Sprint’s switching platforms with logical service partitioning and the associated common network facilities are ideal to support much of the interoperability required for FTS2001. Today, GETS calls can be initiated from FTS2000 Network B on-net locations using the GETS Universal Access Number (UAN), 710-NCS-GETS. In addition, these calls are made across the FTS2000 dedicated access lines being placed in the GETS VPN at the originating Sprint switch. For FTS2001, Sprint will maintain the GETS UAN dialing capability and can either direct the GETS call to the PSN or use FTS2001 dedicated lines to bypass potential local congestion.

Sprint will provide interoperability with other networks as required to bypass potential network problems. If there is a second FTS2001 contractor, Sprint will route critical user calls to this network as necessary first.

Pending authorization by the NCS, Sprint will provide a High Probability of Completion (HPC) capability for originating and terminating traffic in accordance with ANSI T1.631, SS7-HPC Network Capability; and on-going Bellcore activities on HPC-code implementation for LEC and IEC. Currently, however, the NCS reseves the ANSI Standard HPC features solely for GETS.

Sprint recognizes two principal components of HPC functionality. The first of these is the SS7 HPC NS/EP Codepoint in the Calling Party's Category (CPC) field. This is set for GETS calls to the value “11100010”. Sprint can receive the HPC Codepoint from an originating LEC, carry it in signaling messages across our network and deliver it to an SS7 capable destination LEC. The HPC parameter ensures that appropriate treatment over PSN traffic is afforded the NS/EP calls in the LEC access and egress connection segments. The HPC parameter has no impact on how Sprint provides priority treatment. Critical user calls in the Sprint network will receive their special privileges based upon priority capabilities and routing options in the unique NS/EP VPN established for the service.

The second component, the prioritization bits of the SS7 Initial Address Message (IAM) call setup message itself will be recognized at the level provided by an originating LEC and treated accordingly in the Sprint SS7 system.

As required, Sprint will support interoperability with other Government networks on a case by case basis. Sprint will work closely with the Government to coordinate necessary connections and establish protocols for interoperability, as well as determine appropriate ways in which FTS2001 network assets and dedicated access may be used to support GETS.

9.2.6Reserved

9.2.6.1Reserved

9.2.6.2Reserved

9.2.7Reserved

9.3NS/EP Capabilities for Data Services (C.5.3)

9.3.1NS/EP Capabilities for Circuit Switched Data Service (C.5.3.1)

Sprint will provide most of the NS/EP capabilities required for SVS in CSDS as well. The Sprint switched network architecture is a true all digital network. Analog voice traffic is handled as data traffic in our network. Both SVS and CSDS traffic is treated virtually alike in terms of access, routing and transport across the Sprint network.

C.5.3.1 The following capabilities shall be supported for CSDS (i.e., CSDS at DS0 and N x DS0 (where N = 2/6/12) data rates [see Section C.2.2.2]) during emergency conditions for FTS2001critical users:

(a)Interoperability

(1)Interoperate with domestic and non-domestic public switched networks to the extent possible.

CSDS will offer interoperability with a comparable LEC service offering. Thus, calls originating on your dedicated or switched access can terminate to any LEC switched local line anywhere—regardless of the carrier identified as the primary interexchange carrier (PIC) on the terminating end. Your dedicated access and switched access locations with the PIC identified as Sprint will be able to terminate calls to most Sprint dedicated access locations.

International CSDS calls require the call to route on facilities with no echo cancellation equipment and no compression equipment. Sprint’s switched digital network supports call under these conditions both domestically and internationally.

Table1.B.9-1 is a list of the international countries which are available to FTS2001 for CSDS calls.

X

X

C.5.3.1 (b) Security

(1)Support “denial-of-service” protection for domestic and non-domestic traffic as specified in Section C.2.1.12.2 consistent with best commercial practices.

Sprint will support “denial-of-service” protection for domestic and non-domestic traffic as specified in RFP Section C.2.1.12.2 consistent with best commercial practices

Sprint has taken every possible measure to protect physical and proprietary corporate resources from any threat that might impact the reliability/availability of Sprint network services to our customers. These measures address threats from both within and external to Sprint. Much of Sprint’s network is intrinsically secure from denial-of-service concerns because of the robust routing capabilities of switched network components and survivability features employed for both switching and transmission facilities.

Physical security measures are instituted throughout Sprint. Sprint buildings housing critical network equipment or administrative/management support functions are universally protected by security guards and/or electronic key access. Sensitive control equipment access is protected in accordance with C2 guidelines and Sprint personnel are thoroughly evaluated for trusted access positions.

XC.5.3.1(b) Security

(2)Ensure authorized access (as specified in Section C.5.2.1).

Sprint will provide the same access authorization options to NS/EP critical users of CSDS as were described previously for SVS in Section 9.2.1.

(3)Transport Government encrypted traffic of various security classifications.

Sprint’s CSDS will support data encryption accomplished by GFE provided encryptors approved for various classification levels. To ensure network compatibility and interoperability, encryption equipment will be interfaced at FTS2001 sites to a Sprint furnished Telecommunications Interface Equipment (TIE) unit or an inverse multiplexer able to dial into the CSDS and link with similar equipment at the distant end.