NATIONAL SECURITY ASSESSMENT - U.S. Information Network

SCOPE OF ASSESSMENT

The U.S. Department of Commerce, Bureau of Industry and Security (BIS), Office of Technology Evaluation (OTE), in coordination with the U.S. Department of Defense, Office of the Assistant Secretary for Defense Networks and Information Integration, is conducting a national security assessment regarding the U.S. telecommunications infrastructure and its supply chains. The principal goal of this data collection is to quantify replacement cycles for information network equipment; document network maintenance and procurement practices, and understand issues affecting network reliability and integrity. This effort will also identify best practices to help ensure the operational reliability of critical national information network infrastructure.

RESPONSE TO THIS SURVEY IS REQUIRED BY LAW

A response to this survey is required by law (50 U.S.C. app. Sec. 2155). Failure to respond can result in a maximum fine of $10,000, imprisonment of up to one year, or both. Information furnished herewith is deemed confidential and will not be published or disclosed except in accordance with Section 705 of the Defense Production Act of 1950, as amended (50 U.S.C App. Sec. 2155). Section 705 prohibits the publication or disclosure of this information unless the President determines that its withholding is contrary to the national defense. Information will not be shared with any non-government entity, other than in aggregate form. The information will be protected pursuant to the appropriate exemptions from disclosure under the Freedom of Information Act (FOIA), should it be the subject of a FOIA request.

Not withstanding any other provision of law, no person is required to respond to nor shall a person be subject to a penalty for failure to comply with a collection of information subject to the requirements of the Paperwork Reduction Act unless that collection of information displays a currently valid OMB Control Number.

BURDEN ESTIMATE AND REQUEST FOR COMMENT

Public reporting burden for this collection of information is estimated to average 14 hours per response, including the time for reviewing instructions, searching existing data sources, gathering and maintaining the data needed, and completing and reviewing the collection of information. Send comments regarding this burden estimate or any other aspect of this collection of information to BIS Information Collection Officer, Room 6883, Bureau of Industry and Security, U.S. Department of Commerce, Washington, D.C. 20230, and to the Office of Management and Budget, Paperwork Reduction Project (OMB Control No.---- - ----), Washington, D.C. 20503.

BUSINESS CONFIDENTIAL - Per Section 705(d) of the Defense Production Act

Section II WHO MUST RESPOND TO THIS SURVEY

Select the description that most closely reflects your company’s operations from 2006–2010.

1.

My company operates in the following ways, as a:

[Check all that apply]

Note: If your company only engages in reselling information network capacity, you may be exempt from having to complete this survey. See BIS staff contact information above.

Facility-based carrier

Capacity reseller

Managed Services Provider

Other [Describe in space below]

Comments:

2.

My company owns and/or operates in the United States the following types of data and communications network facilities:

[Check all that apply]

Owns

Operates

Owns

Operates

Terrestrial wired networks

Satellite ground stations

Cellular wireless networks

Undersea cable landing stations

Cable Information/ Television Networks

Other [Describe in space below]

Comments:

Please select the description that most closely reflects your company’s operations from 2006–2010.

3.

My company operates as a:

[Check all that apply]

Local exchange carrier

Inter-Exchange carrier

Wholesale transport carrier

Cable TV provider

“Triple-Play” service provider (Cable TV, Telephone, Internet)

Other (Explain below)

Lessor of Information Infrastructure (e.g. dark fiber)

Internet service provider

None of the Above

Comments:

EXEMPTION FROM SURVEY

If you selected “No” for questions 1-3, you may be exempt from completing this U.S. Government survey. Please call one of the BIS contacts listed in “General Instructions” to verify your status. Then, complete, print out, and send a signed copy of the “Certification” page in PDF format [only after your BIS point-of-contact confirms your company’s or organization’s exemption] to our office via e-mail at: infonetwork[email protected].

BUSINESS CONFIDENTIAL - Per Section 705(d) of the Defense Production Act

U.S. Information Network Infrastructure Survey

Table of Contents

Section #

Section Name

Page #

I

Scope of Assessment

1

II

Who Must Respond to this Survey

2

III

Table of Contents

3

IV

General Instructions

4

IV

Definitions

5

1a

Network Systems – Corporate Profile: Company Information

13

1b

Network Systems – Corporate Profile: Facility & Service Information

14

1c

Network Systems – Corporate Profile: Equipment & Software Procurement

17

1d

Network Systems – Corporate Profile: Business & Operational Practices

21

1e

Network Systems – Corporate Profile: Equipment Acquisition Finance

28

1f

Network Systems – Corporate Profile: Wireless Network Equipment

30

2a

Network Systems – Facility Profile: Management & Capability

32

2b

Network Systems – Facility Profile: Types of Organizations Served

36

3a

Network Systems – Facility Profile: Current Types of Installed Equipment

37

3b

Network Systems – Facility Profile: Current Modes for Updating Equipment Software

50

4

Network Systems – Facility Profile: Counterfeit Network Systems, Subsystems, and Components

53

5

Network Systems – Facility Profile: Security Assurance – Network Operations & Anomalies

54

6

Certification

55

7

Comments on Survey

55

8

Transmission Instructions For Completed Survey

55

BUSINESS CONFIDENTIAL - Per Section 705(d) of the Defense Production Act

Section III GENERAL INSTRUCTIONS

A.

Your company is required to complete this survey using the Excel-based survey template, which must be downloaded from the BIS website. At your request, BIS staff will e-mail the Excel survey template directly to your company. For your convenience, a PDF version of the survey is available on the BIS website to aid internal data collection. DO NOT use the PDF to submit your company’s response to BIS.

B.

If information is not available from your records in the form requested, you may furnish estimates.

C.

General Instructions: Please respond to every question. Surveys that are not fully completed will be returned for completion. Use comment boxes to provide information to supplement responses provided in the survey form.

Under no circumstances may data or information be pasted, or otherwise electronically transferred, into survey answer boxes. All responses must be keyboarded in answer boxes or selected from the survey document’s drop-down menus. Surveys containing pasted responses can not be scored in BIS compilers and will be returned to respondents for proper completion.

For assistance regarding the survey, contact any of the Office of Technology staff members listed below.

Important: This survey may not be submitted in paper form. Please submit the completed survey document in Microsoft Excel 1997-2002 format at www.infonetwork[email protected]. If you can not upload the survey document, contact Office of Technology Evaluation staff

D.

Points of Contact for Questions Regarding This Survey:

Erika Maynard, Trade and Industry Analyst – 202-482-5572; [email protected]

Anna Bruse, Trade and Industry Analyst - 202-482-7418; [email protected]

Michael Caughey, Trade and Industry Analyst – 202-482-5415; [email protected]

Michael Finucane, Trade and Industry Analyst - 202-482-3893; [email protected]

Woodrow McClure, Trade and Industry Analyst – 202-482-2081; [email protected]

Mark Crawford, Senior Trade and Industry Analyst - 202-482-8239; [email protected]

C.

For letter correspondence to the Office of Technology Evaluation, please write to:

Brad Botwin, Director, Industrial Studies

Office of Technology Evaluation, Room 1093

U.S. Department of Commerce

1401 Constitution Avenue, NW

Washington, DC 20230

[email protected]

Please do not mail or e-mail completed surveys to our office; all surveys must be submitted electronically to our secure website.

BUSINESS CONFIDENTIAL – Per Section 705(d) of the Defense Production Act

Section IV- a

Definitions – Wired Network Systems

Term

Add/Drop

Allows optical wavelengths to be added or dropped at any line amplifier location.

Add-Drop Multiplexer (ADM)

A device that enables data to enter and leave a SONET bit stream without having to de-multiplex the stream. An Add/Drop Multiplexer (ADM) is an example of Line-Terminating Equipment (LTE) that originates or terminates one or more sections of a line signal.

Aggregation Routers

A router that enables service providers and enterprise edge networks to combine lower rate services (such as simultaneously host resource-intensive integrated data, voice and video business and consumer services) into a higher rater communications path. Also known as aggregation service routers, these devices may incorporate platform software virtualization to enable "instant-on" provisioning and simultaneous use of a wide range of service functionality, including firewall, Internet protocol security (IPSec), virtual private networks, deep-packet inspection (DPI), and session border control activities.

Anti-Virus Systems

Products and technology used to detect, protect and remove malicious code from infected systems. Antivirus product vendors share information and resources to ensure rapid response to malicious code outbreaks. Most antivirus vendors participate in independent testing that certifies their products to detect and/or disinfect viruses.

Asynchronous Transfer Mode (ATM)

A cell-based transmission and switching technique employing asynchronous time division multiplexing. It encodes data into small fixed-sized cells (cell relay) and provides data link layer services that run over Open Systems Interconnection (OSI) model Layer 1 physical links. ATM is a core protocol used over the SONET/SDH backbone of the Integrated Services Digital Network.

Asynchronous Transfer Mode (ATM) Core Switch

A switch device whose primary purpose is to switch fixed ATM cells based on information carried in the ATM cell header (a specialized region where the address information is stored for the source and destination). A core ATM switch grooms traffic for port capacities greater than or equal to 622 megabits per second.

Authorized Distributors

Companies that are contractually authorized by original component manufacturers (OCMs) and original equipment manufacturers (OEMs) to market and sell their products.

Automated Optical Patch Panel

An automated system for engaging and disengaging optical patch cords through a mechanical, optical mechanical, or other robotic mechanisms.

Backbone

The primary network path for transporting traffic between network segments; also defined as a high-speed line, or a series of connections that form major pathways within a network.

Business Support System (BSS)

Business support systems typically refer to "business systems" for dealing with customers, supporting processes such as taking orders, processing bills, and collecting payments.

Capacity Reseller

Local exchange carriers and independent operators of fiber optic networks that possess surplus, unutilized “lit” fiber capacity, or inactive “dark” fiber capacity, for lease a short-term or long-term basis to carriers in need of additional capacity.

Carrier Ethernet Services Router

Carrier-class Ethernet router devices that support standardized services, including native Ethernet, Ethernet private line, Ethernet virtual private line, Ethernet private LAN, and Ethernet virtual private LAN, and Ethernet private tree.

Cellular Networks

Analog or digital systems that facilitate communications between mobile devices such as telephone handsets that operate in the 800-900, or 1,800-1,900 mega hertz frequency ranges. This encompasses the Personal Communications Services (PCS) standard. These systems support time division multiple access (TDMA), code division multiple access (CDMA), global system for communications (GSM) access methods.

Central Office

The location where common carriers, or service providers, terminate customer lines and locate the switching equipment that interconnects those lines. A centralized location for the Switching, Transmission and Power equipment that provide telephone service.

Class 5 Telephony Switch

A telephone switch or telephone exchange in the Public Switched Telephone Network (PSTN) located at the local telephone company's central office, directly serving subscribers. Class 5 switch services include basic dial-tone, calling features, and additional digital and data services to subscribers using the local loop. Class 5 switches were slower to convert from circuit switching technologies to time division multiplexing than the other switch classes.

Competitive Local Exchange Carrier (CLEC)

A telecommunications provider company or carrier that competes with established carriers (e.g., incumbent local exchange carriers (ILECs).

Core Ethernet Aggregation and Switching

Core ethernet switches supporting ports where band-width is greater than or equal to 10 gigabits per second. Based on Ethernet protocol as the primary switching mechanism, and may also incorporate for the purposes of quality of service Multi-Protocol Label Switching (MPLS) and VLAN switching techniques.

Coarse Wave Division Multiplexer (CWDM)

Coarse wavelength division multiplexing (CWDM) is a method of combining several wave lengths widely spaced (greater than or equal 5 nm ) on a single fiber. CWDM systems typically do not support inline optical amplification.

Core

The highest capacity equipment (routers, switches, optical transports, fiber, etc.) and links in a network.

Core Internet Protocol/Multi-Protocol Label Switching

Core Internet Protocol/Multi-Protocol Label Switch typically have port speeds of greater than or equal to 10 gigabits per second.

Data Center

A facility housing computer systems, information network switches, information network servers, data storage systems, and associated components. These facilities generally provide redundant power supplies, redundant data communications connections, environmental controls (e.g., air conditioning, fire suppression) and security devices. Such facilities are also called a server farm.

Digital Cross Connect System (DCS)

A network device used by telecom carriers and large enterprises to switch and multiplex low-speed data signals onto high-speed lines. Digital cross-connects (DCSs) are widely used in conjunction with central office switches and may be installed both before and/or after the switch. Cross-connections are established via an administrative process and are semi-permanent. DCS systems typically operate on digital containers in time division multiplex protocols and rates.

Dense Wave Division Multiplexer (DWDM)

A device that channels data from different sources together on an optical fiber, with each signal carried at the same time on its own separate light wavelength. DWDM systems typically supporter greater than 16 wave lenghts per fiber but may scale to 80 wavelengths or more.

EFIT

Equipment and engineering, furnish, install, and test (EFIT)

Ethernet

A link layer protocol (Layer 2) based on the suite of standards defined by the IEEE 802.3 committee.

Ethernet switch

A system that switches Ethernet frames based on medial access control (MAC) addresses and/or virtual local area networks (VLAN) IDs.

Facility-Based Carrier

A long-distance service provider that owns its own physical facilities.

Fixed Add-Drop Multiplexer (FOADM)

FOADMs are optical multiplexers based on simple static filters that permit add/drop of predefined wavelength traffic along fiber optidc networks.

Frame Relay (FR)

Frame Relay is a wide area network (WAN) protocol that operates at the physical and data link layers of the Open Systems Interconnection (OSI) reference model. Originally designed for use across Integrated Services Digital Network (ISDN) interfaces, frame relay puts data in a variable-size unit called a frame and leaves any necessary error correction (retransmission of data) up to the end-points. Based on older X.25 packet-switching technology designed for transmitting analog data (such as voice conversations), frame relay uses two packet techniques: a) variable-length packets and b) statistical multiplexing. Although generally reliable, the protocol does not guarantee data integrity and discards packets when there is network congestion.

Frame Relay Switch

Frame relay switches process and route data frames.

Free-Space Optical Transmission (FSO)

This technology transmits invisible, eye-safe light beams from one "telescope" to another using lasers in the infrared spectrum (700-1600 nm) where capacity can reach 10 gigabits per second (Gb/s). The light beam carries whatever optical transmission signal (layer 2 or MAC) and protocol framing a manufacturer chooses to support, typically SONET, ATM, 10/100/1000 Ethernet, or other voice, data, or video protocols.

Gateway GPRS Support Node (GGSN)

Organizes the inter-workings between the general packet radio services (GPRS) network and external packet switched networks to which the mobile systems may connect, including Internet and X.25 networks. The GGSN is a combination of a gateway, router, and firewall as it hides the internal network configuration from those outside. The GGSN receives data addressed to a specific user, checks if the user is active, and then forwards the data. In the opposite direction, the GGSN routes packet data from the mobile system to the destination network.

Gateway GPRS Support Node (GGSN)

The interface between the GPRS wireless data network and other networks such as the Internet or private networks.

High-bandwidth Microwave Backhaul

The use of wireless communications systems to send data from an end user to a node in a major network such as the Internet or an organization’s proprietary network usually at data rates of 200–300 Kbps and higher.

Host-based Firewall

Host-based firewalls reside on individual devices like desktop workstations or servers and are concerned with protecting only that particular computer. Host-based firewalls are also typically software-based rather than a hardware device, involving a firewall program that runs in the background while computer users work.

Hub

A communications infrastructure device to which nodes on a multi-point bus or loop are physically connected. Commonly used in Ethernet and Fiber Channel networks to improve the manageability of physical cables. Hubs maintain the logical loop topology of the network of which they are a part, while creating a "hub and spoke" physical star layout. Unlike switches, hubs do not aggregate bandwidth. Hubs typically support the addition or removal of nodes from the bus while it is operating.

Hybrid DWDM Transport-Optical Cross Connect System

A hybrid DWDM Transport and Optical Cross Connect System (e.g. Infinera).

In-Band

Refers to management channels and mechanism inherently provided by telecommunications elements to facilitate remote management and configuration. Examples of in-band management, include, but are not limited to, overhead bytes in physical layer containers such as SONET/SDH DCC, or OTN GCC, optical supervisory channel, or other facility provided by the equipment for management purposes.

Information Assurance Products

Devices (hardware and/or software) whose sole function is to provide network security such as firewall protection, intrusion detection systems, deep packet inspection, network or link encryptors, etc.

Information Technology (IT)

All aspects of information creation, access, use, storage, transport and management. The term 'information technology' addresses all aspects of computer and storage systems, networks, users and software in an enterprise.

Intelligent Optical Switch (IOS)

"Intelligent" refers to optical switches using dynamic routing and signaling software and protocols (e.g. GMPLS, G.ASON) to create and manage a flexible mesh infrastructure to deliver services in real time. These optical switches employ routing and management software to automate provisioning, routing, and restoration of light paths along with integrated SONET/SDH, OTN, and wavelength functions.

Intelligent Photonic Cross Connect System (PXC)

An intelligent photonic cross-connect is a switch that connects optical signals arriving at a location to other optical facilities (fibers) to enable optical signals to travel to various destinations. The photonic designation means that these are optical connections (no optical to electrical-to-optical (OEO) conversion takes place). The optical signals connected can be either individual wavelengths or the entire contents of a fiber facility, depending on the application or the type of switch. The "intelligent" designation indicates that the switch has knowledge of the facilities to which it is connected, and can make switching decisions based on that knowledge. Generally, this knowledge is obtained by communicating with other switches in the network via a control plane.

Inter-Exchange Carrier (IXCs)

Inter-exchange carriers provide inter-LATA service (basically, long-distance service). In some instances they co-locate equipment at LEC facilities and tap into the LECs switching equipment so that LEC customers can make long-distance calls across the IXCs network. All LECs must provide inter-exchange carriers with access locations called a point-of-presence (PoP).

Internet Protocol (IP)

A Layer 3 networking protocol first defined fully in RFC 791 and later refined in RFC 2460. The first RFC is IPV4 and the second is IPV6.

Layer 1

Open systems interconnect OSI physical layer, which defines communications characteristics such as property of the physical medium, data rates, modulation format, and coding and framing.

Legacy Dense Wave Division Multiplexing Systems

Older dense wave division multiplexing (DWDM) systems operating at less than or equal to 16 wave lengths that do not have reconfigurable add/drop capability, and that have no real traffic management capability (e.g.: those without switching or aggregation of end user traffic.) These systems were first deployed in the mid 1990s.

Link-Layer Transmission/Switching Aggregation Systems

Layer two, the second lowest layer in the Open Systems Interconnection (OSI) seven-layer model. The data link layer splits data into frames to transmit on the physical layer and receives acknowledgement frames. These systems (ATM, Ethernet, MPLS, Frame Relay, etc.) switch and aggregate traffic based on link-layer protocols/

Local Exchange Carrier (LEC)

Local exchange carrier (LEC) describes a public telephone company in the U.S. that provides local service. Local exchanges connect to other local exchanges within a local access and transport area (LATA) or to inter-exchange carriers (IXCs) such as long-distance carriers AT&T, CenturyLink, Sprint, and Verizon.

Local Area Network (LAN)

An information network connecting computers and devices in a home, business, school, office building (or cluster of closely positioned buildings) across a limited geographical area.

Local Tandem Switch

A high capacity backbone switch or core switch positioned in the physical core, or backbone, of a Public Switched Telephone Network (PSTN). This device interconnects edge switches, or Central Office (CO) switches. Local tandem switch ties two local central offices together.

Long Distance Tandem Switch

Long-distance tandem switch ties a central office or a local tandem switch to a long-distance network.

Long-Haul Dense Wave Division Multiplexing Terminal

A system that multiplexes more than one wavelength on to an optical fiber for transmission over a distance greater than or equalt to 250 kilometers.

Malware

Malicious software installed without permission that does harm to computer equipment, data repositories, and network information systems. Malware includes: viruses, worms, trojan horses, crimeware, logic bombs, backdoors, and spyware. Malware is not be confused with defective software – software intended for a legitimate purposes that contains errors or bugs.

Managed Services Provider

A network operator, or contractor, that optimizes the quality of services and delivering of application layer traffic (e.g., voice, data, video).

Metro Core

Metro core networks are required to efficiently aggregate multiple service types including legacy SONET/SDH and packet-based growth services in networks surrounding large metropolitan areas.

Microwave Transmission

Radio transmission using very short wavelengths with extremely high frequency bands.

Multiplexing

In data transmission, a function that permits two or more data sources to share a common transmission medium such that each data source has its own channel. Methods of multiplexing include time division multiplexing, and wavelength division multiplexing.

Multi-Protocol Label Switching (MPLS)

A means for switching data traffic using a label in the header of a variable length IP packet.

Multi-service provisioning platform (MSPP)

Transport technology known collectively as the multi-service provisioning platform (MSPP), which supports SONET/SDH and Ethernet over SONET services. TDM-based MSPPs replace traditional ADM metro area equipment.

Network Management Routers

Routers that exclusively support communications associated with the management of network operations.

Network Operations Center (NOC)

One or more locations from which control is exercised over a telecommunications, computer, or television broadcast network. NOCs monitor networks for alarms or certain conditions that may require special attention to avoid impact on the network's performance. For example, in a telecommunications environment, NOCs monitor for power failures, communication line alarms (such as bit errors, framing errors, line coding errors, and circuits down) and other performance issues.

Network Time Protocol (NTP)

A protocol for synchronizing the clocks of computer systems over packet-switched, variable-latency data networks. It is designed particularly to resist the effects of variable latency by using a jitter buffer.

Original Component Manufacturer (OCM)

A company that controls the design and manufacture of components used in information networks and that owns the associated intellectual property necessary to create the product and enable its functionality. OCMs typically sell their products directly to manufacturers or through licensed “authorized” distributors.

Original Equipment Manufacturer (OEM)

A company that controls the design and manufacture of hardware or software products used in information networks and owns the associated intellectual property necessary to create the product and enable its functionality. OEMs typically sell their products through formally “authorized” distributors.

Operational Support Systems (OSS)

Systems employed by carriers in managing the information networks, including supporting load monitoring, provisioning services, configuring network components, equipment surveillance, and managing faults. Services may include the capability to create, deploy, manage, maintain, and bill for telecommunications services. OSS may also encompass network hardware and software maintenance contracts and professional services applicable to the installation and operation of a customer’s infrastructure.

Optical Amplification/ Repeater System

A device that amplifies an input optical signal without converting it to electrical form. Alternatively, a repeater that regenerates the signal my converting in to the electrical domain.

Optical Cross Connect System (OXC)

An optical network element that grooms and switches incoming optical signals (greater than or equal to 50 megabits per second) to appropriate output ports. OXCs generally switch signals using Layer 1 protocols such as SONET, SDH, and OTN. OXCs can have optical or electrical switch matrices.

Optical Transport Network

Optical Transport Network (OTN) is an industry standard optical transport protocol defined by the ITU G.709 standard.

Packet Optical Transport System (P-OTS)

Also known as Packet Optical Network Platforms (PONPs)], this device combines three essential elements: a wave division multiplexer with a reconfigurable add-drop module (ROADM); a TDM interface to multiplex and groom traditional TDM traffic; and an Ethernet switching device. P-OTS may also support(OTN), IP/MPLS switching.

Packet-Switch

A device for routing data through a network by reading addresses in variable-sized packet headers or labels to determine their destination.

Point-of-Presence (POP)

A physical location, usually a building where the Inter-exchange Carrier system, that is interconnected with the Local Exchange Carrier Network.

Primary Reference Source (PRS)

Systems critical for synchronizing information networks. Typically these synchronizing devices are cesium-based clocks for Stratus 1 applications. Status 2 timing devices, which are slightly less precise, may be rubidium-based, or utilize global positioning satellites (GPS).

Reconfigurable Optical Add-Drop Multiplexer (ROADM)

Switching is enabled in these devices using an all-optical switch fabric that does not require optical-to-electrical or electrical-to-optical conversion. A ROADM system can support multiple DWDM transmission spans and client-level grooming.

Resilient Packet Rings (RPR)

A data link layer that utilizes dual, counter-rotating rings for fault tolerance in for carrier SONET and Ethernet networks. RPR, (a.k.a. IEEE 802.17) is similar to dynamic packet technology (DPT) and spatial re-use protocol (SPR) approaches to enhancing the efficiency of SONET/SDH multiplexers in transmitting packets on ring networks.

Router

A hardware and software system that directs data packets toward their intended destinations. Routers have various physical interfaces such as Ethernet, T1, E1, DS3, OC-3, etc. Routing is based upon the destination address contained within the header of the IP data packet.

Security Operations Center

The security operations center monitors activity and events in client environments to ensure that anomalous behavior is detected, identified, classified and acted upon where appropriate. Some carriers combine this function with their network operation centers.

Session Border Controllers (SBC)

Devices deployed in some voice over Internet protocol (VOIP) networks to control signaling and/or data flows used to establish, conduct, and terminate telephone calls or other interactive media communications. SBCs typically reside between two service provider networks in a peering environment; or between an access network and a backbone network to provide service to residential and/or enterprise customers.

Synchronous Digital Hierarchy (SDH)

An international standard for synchronous data transmission over fiber optic cables. SDH, as defined by the European Telecommunications Standards Institute (ETSI), specifies a standard rate of transmission at 155.52 Mega bits/s, STM-1. STM-1 is equivalent to SONET's Optical Carrier (OC) level-3.

Signal Transfer Point (STP)

A packet switching device that performs a message routing function in a common channel signaling (CCS) network. It receives, discriminates, and transfers CCS messages between the signaling points connected to it. STP devices can function in a network as separate network elements or as a part of a switch.

Synchronous Optical Networking (SONET)

SONET defines a standard rate of transmission at 51.84 Mega bits/s, STS-1. SONET is defined in Telcordia Technology’s Generic Requirements Document GR-253-CORE.

SONET Path Terminating Equipment

Path-Terminating Equipment (PTE) interfaces non-SONET equipment to the SONET network. At this layer, the payload is mapped and de-mapped into the SONET frame.

SONET/SDH/OTN Add-Drop Multiplexer

A device that enables data to enter and leave a SONET bit stream without having to de-multiplex the stream. An Add/Drop Multiplexer (ADM) is an example of Line-Terminating Equipment (LTE) that originates or terminates one or more sections of a line signal.

Switch

A network infrastructure component to which multiple nodes attach. Unlike hubs, switches typically have internal bandwidth that is a multiple of link bandwidth, and the ability to rapidly switch node connections from one to another. A typical switch can accommodate several simultaneous full duplex transmissions between different pairs of nodes. A switch filters, forwards and directs frames or circuits based on a destination address.

Tandem Switch

Switches that consolidate traffic, reduce trunk group requirements, and switch inter-office traffic. Also referred to as "local" and "access" tandems, these switches handle originating or terminating traffic between End Offices and the Inter-exchange Carrier’s Point-of-Termination. An Access Tandem is also used to distribute originating or terminating traffic between a CLEC end office and an intra-LATA toll point or an Inter-exchange Carrier’s Point of Termination.

Tier I

Another definition is that the service provider is considered Tier 1, if it does not pay any other provider for transit of its traffic across its backbone.

Time Division Multiplexing (TDM)

Time division multiplexing (TDM) was designed to delivery a steady stream of data, i.e., digitized voice. The data rate for each channel is exactly what is needed to carry a digitized voice-64Kbits/sec. TDM is a multiplexing technique that divides a circuit into multiple channels based on time. The technique is associated with telephone company voice services. T1 and T3 circuits are divided into multiple channels using time division multiplexing.

Satellite Ground Stations

A satellite ground station or earth station sends or receives data or messages to and from orbiting satellites. Stations conduct tele-communications with spacecraft and/or receive radio waves from astronomical radio sources. Earth stations communicate with space-craft by transmitting and receiving radio waves in the super high frequency or extremely high frequency bands (e.g., microwaves).

Satellite Teleport Stations

Permanent satellite uplink facilities built to maintain high quality communications with orbiting satellites, and consisting of a number of facilities for data transmission and reception via a satellite connection.

Satellite Transmission

Telecommunication activity using a downlink from a satellite down to one or more ground stations or receivers, and an uplink from a ground station up to a satellite.

Signaling Gateway

A device that enables connectivity between different signaling networks by resolving signaling differences between legacy switches and new network equipment (such as VoIP Gateways). Signaling Networks may use standardized signaling gateway protocols like SS7, ISDN, and other CAS or CCS based signaling protocols. The Signaling Gateway usually is installed between the legacy network signaling node and new network equipment such as a VoIP Gateway.

Transmission Control Protocol/Internet Protocol (TCP/IP)

A family of IP-based protocols which facilitate reliable transmission of data packets over various media in various circumstances. TCP/ IP provides the basis of the Internet and also of many subscriber services. Also, a set of protocols developed to link dissimilar computers across many kinds of networks.

Two-Factor Authentication

The employment of two means of identification as a security strategy to protect access to data, devices, or networks. Two-factor authentication may be invoked with a physical token, such as a card, and a separate security code, e.g. a password or personal identification number. Alternatively, it may rely on two separate codes.

Ultra Long-Haul Dense Wave Division Multiplexer

A DWDM system supporting unrepeated traffic over distances greater than 1,000 kilometers.

Undersea Cable Landing Stations

Termination point for underwater cable. Most often very close to cable landing point, but can be several miles distant. Often houses co-located facilities from various companies accessing the telecommunications or power transmitted over the underwater cable. Also known as cable termination station.

U.S.-Based

A company that is headquartered and incorporated in the United States, and whose ultimate parent company is headquartered and incorporated, or otherwise registered in the United States.

Virtual Local Area Network (VLAN)

Network hosts with a common requirements that communicate as if they were attached to the same broadcast domain, regardless of physical location. VLANs operate similarly to physical LANs, but permit end stations to be grouped together even if they are not located on the same network switch. Network reconfiguration can be done through software instead of physically relocating devices.

Virtual Private Networks (VPN)

A network that uses a public telecommunication infrastructure, such as the Internet, to service remote offices or individual users. VPN uses shared public infrastructure while maintaining privacy through security procedures, for example, by encrypting data at the sending end and decrypting it at the receiving end – sending the data through a "tunnel" that cannot be "entered" by data that is not properly encrypted. VPN can employ another level of security by encrypting the originating and receiving network addresses.

Voice over Internet Protocol (VOIP)

A group of transmission technologies for delivery of voice communications via the Internet or other packet-switched networks. . VOIP originates an Internet telephone call by converting an analog voice or facsimile signals to digital format and compressing/translating the signal into Internet protocol (IP) packets for transmission over the Internet; the process is reversed at the receiving end.

Wavelength Division Multiplexing (WDM)

A technique in fiber-optic transmission for using multiple light wavelengths (colors) to send data over the same medium. Two or more colors of light on one fiber. Simultaneous transmission of several signals in an optical waveguide at differing wavelengths.

Wavelength Division Multiplexer (WDM)

A passive optical device that combines light signals with different wavelengths on different fibers onto a single fiber.

Wholesale Transport Carrier

A telecommunications carrier that sells capacity to smaller communications companies and local carriers.

Section IV - b

Definitions – Wireless Network Systems

Term

Advanced Mobile Phone Service (AMPS)

Wireless Advanced Mobile Phone Service and digital AMPS (D-AMPS) connect the sender and receiver by radio waves and/or microwaves. A standard system for analog signal cellular telephone service in the United States and some other countries, AMPS allocates frequency ranges within the 800 and 900 Megahertz spectrum to cellular telephone. Bands are divided into 30 kHz sub-bands (channels). Spectrum division into sub-band channels occurs using frequency division multiple access (FDMA).

Authentication Center (AuC)

Associated with the HLR in a GSM or UMTS network. Provides authentication parameters for the authentication process.

Authentication Center (AC)

Provides authentication parameters for the authentication process in a CDMA network.

Code-Division Multiple Access (CDMA)

digital cellular network that utilizes spread-spectrum techniques where every channel uses the full available spectrum with individual conversations being encoded with a pseudo-random digital sequence, rather than by assigning a specific frequency to each user.

Base Station Controller (BSC) - CDMA

A network component that controls one or more Base Transceiver Stations.

Base Station Controller (BSC) - GSM

A network component that controls one or more Base Transceiver Stations.

Base Transceiver Station (BTS) – CDMA/EVDO

A base station is the actual transmitter and receiver in a CDMA/EVDO network.

Evolved Packet Core (EPC)

An all-Internet Protocol mobile core network for LTE (see 3GPP Release 8 standards) to enable provision of advanced real-time and media-rich services with enhanced Quality of Experience (QoE).. The EPC provides mobile core functionality that in previous mobile generations (2G, 3G) are realized through two separate sub-domains: circuit-switched (CS) for voice and packet-switched (PS) for data. The EPC separates of control and data planes and through a flattened IP architecture, which reduces the hierarchy

between mobile data elements.The EPC provides the key core elements of the LTE Core Network architecture. The EPC consists of the Mobility Management Engine (MME) which handles the mobility and IP connections between devices and the network and the SAE Gateway which provide the packet processing.

Gateway GPRS Support Node (GGSN)

Supports the edge routing function of the GPRS network. To external packet data networks the GGSN performs the task of an IP router. Firewall and filtering functionality, to protect the integrity of the GPRS core network, are also associated with the GGSN along with a billing function.

General Packet Radio Services (GPRS)

A packet-based wireless communication service with data rates from 56 up to 114 Kbps and continuous connection to the Internet for mobile phone and computer users. GPRS is based on Global System for Mobile (GSM) communication and complements existing services such circuit-switched cellular phone connections and the Short Message Service (SMS).

GPRS Support Node (GSN)

Combined SGSN and GGSN in a single network node which supports the use of packet data (2G and/or 3G) in a GSM core network

Global System for Mobile Communications (GSM)

A wireless digital cellular network. GSM employs both signaling and speech channels capable of eight simultaneous calls on the same radio frequency. This is achieved with the use of a combination of frequency division multiple access (FDMA) and time division multiple access (TDMA).

Home Location Register / Home Subscription Server (HLR/HSS)

A central database that contains details of each mobile phone subscriber authorized to use the GSM core network. Stores details of every SIM card issued by the mobile phone operator including information such as the electronic serial number, mobile identification number, current location, and service profile information. This database within the Home Public Land Mobile Network. Provides routing information for Mobile Terminated calls and SMS. Also responsible for the maintenance of user subscription information.

Home Public Land Mobile Network (HPLMN)

The Home Public Land Mobile Network identifies the PLMN (Public Land Mobile Network) in which the subscriber's profile is held. Users roaming to other networks will receive subscription information from the HPLMN.

IP Multimedia Subsystem (IMS)

Manages requests for services between the subscriber and the Application Server that provides the service

Media Gateway (MGW)

A translation device or service that converts digital media streams between disparate telecommunications networks such as

PSTN, SS7, Next Generation Networks (2G, 2.5G, 3G, and 4G radio access networks) or PBX. Media gateways enable multimedia communications across Next Generation Networks over multiple transport protocols such as Asynchronous Transfer Mode (ATM) and Internet Protocol (IP).

Mobility Management Engine (MME)

This device handles the mobility and IP connections between devices and the network and the SAE Gateway that provides packet processing.

Multimedia Messaging Service Center (MMSC)

Provides a store and forward facility for multimedia messages sent across a mobile network. Also provides formatting role to enable messages to be optimized for receiving handset's capability

Mobile Switching Center (MSC)

A switch or exchange that enables voice call processing in the wireless architecture. The MSC Server functionality enables a split between the control (signaling) and the user plane. The MSS and MGW makes it possible to cross-connect circuit switched calls switched by using IP, ATM, as well as TDM.

Mobile Switching Center Server (MSS)

The Server is a 3G core network element, which provides circuit-switched calling, mobility management, and GSM services to the mobile phones roaming within the area that it serves.

Node-B

The UMTS equivalent to the BTS (base transceiver station) description used in GSM. An enhanced Node-B (eNode-B) is the term used for a BTS in LTE systems. Note: BTS = GSM; Node-B = UMTS; eNode-B = LTE.

eNode-B

An enhanced Node-B (eNode-B) is the term used for a BTS in LTE systems. Note: BTS = GSM; Node-B = UMTS; eNode-B = LTE.

Packet Control Function (PCF)

Provides the control in Base Transceiver Stations for packet access in a CDMA network.

Packet Control Unit

Provides the control in Base Transceiver Stations for packet access in a GSM network.

Radio Network Controller (RNC)

A governing element in the UMTS radio access network (UTRAN) and is responsible for controlling the Node Bs that are connected to it. The RNC carries out radio resource management, some of the mobility management functions, and is the point where encryption is done before user data is sent to and from the mobile (or UE). The RNC connects to the Circuit Switched Core Network through Media Gateway (MGW) and to the SGSN (Serving GPRS Support Node) in the Packet Switched Core Network.

Service Control Function (SCF)

Intelligent Network node providing the control for IN based application in a wireless network.

Serving GPRS Support Node (SGSN)

Keeps track of the location of an individual Mobile Station and performs security functions and access control. Connects to RNC over the Iu-PS interface.

Short Message Service Center (SMSC)

To allow SMS messages to be sent. SMSC forwards the SMS to the indicated destination subscriber number.

Signalling Gateway (SG)

A network component responsible for transferring signaling messages (i.e. information related to call establishment, billing, location, short messages, address conversion, and other services) between Common Channel Signaling (CCS) nodes that communicate using different protocols and transports. Transport conversion is often from SS7 to IP.

Universal Mobile Switching Center (UMSC)

A combination of standard MSC voice call processing functionality and GSN packet switching in a single node.

Visitor Location Register (VLR)

Contains all subscriber data required for call handling and mobility management for mobile subscribers currently located in the area controlled by the VLR.

Wireless AMPS

Wireless Advanced Mobile Phone Service (AMPS) and digital AMPS (D-AMPS) connect the sender and receiver by radio waves and/or microwaves. A standard system for analog signal cellular telephone service in the United States and some other countries, AMPS allocates frequency ranges within the 800 and 900 Megahertz spectrum to cellular telephone. Bands are divided into 30 kHz sub-bands (channels). Spectrum division into sub-band channels occurs using frequency division multiple access (FDMA).

Universal Mobile Telecommunications System (UMTS)

A 3G mobile communication technology successor to GSM and GPRS. UMTS combines the W-CDMA, TD-CDMA, or TD-SCDMA air interfaces, GSM's Mobile Application Part (MAP) core, and the GSM family of speech codecs.

Section 1a CORPORATE RESPONSE Network Systems – Corporate Profile: Company Information

Company Name

Street Address – Corporate Headquarters

City

State

Zip Code

Website

Phone Number

Fax Number

Location of company’s Parent Company/Organization

Same as the above stated address?

Yes

No

If “No” – provide the address for your parent company in the space below.

Street Address

City

State

Zip Code

Country

Website

Phone Number

Fax Number

Primary point(s) of contact regarding this survey’s completion

Name(s)

Title

Phone

State

E-mail Address

Person(s) that have lead responsibility in your company for network operations, management, and maintenance.

Name(s)

Title

Phone

State

E-mail Address

BUSINESS CONFIDENTIAL – Per Section 705(d) of the Defense Production Act

Section 1b

Network Systems – Corporate Profile: Facility & Service Information

[Answer ALL questions – Surveys With Blank Responses Will Be Returned For Completion]

1. State your company’s total operating revenue for fiscal year 2009 (e.g. inputs of $12,000 = $12,000,000.00):

Comments:

2.a State the number of backbone/core-level information network facilities your company operates in the:

United States

U.S. Territories

Non-U.S. locations

2.b State the number of aggregation/metro core-level information network facilities your company operates in the:

United States

U.S. Territories

Non-U.S. locations

Comments:

4. Identify the types of data and telecommunications services that your company provides in the United States:

[Check all that apply]

Analog Telephony/Time Domain Multiplexing (TDM)

Video distribution

Cable TV

Voice Over Internet Protocol Telephony

Cellular

Internet

Wireless Internet

Microwave transmission

Virtual Private Networks

Satellite transmission

Data Centers

Optical transmission

Other

Comments:

5. My company:

[Check all that apply]

Owns and manages its own network operation centers (NOCs) for company-owned network infrastructure located in the United States

Relies on contractor organizations to provide network operation center (NOC) services for company-owned network infrastructure in the United States

Both

Owns and manages its own network operation centers (NOCs) for company-owned network infrastructure outside of the United States

Relies on contractor organizations to provide network operation center (NOC) services for company-owned network infrastructure outside of the United States

Both

Comment:

BUSINESS CONFIDENTIAL – Per Section 705(d) of the Defense Production Act

3. Identify the types of information network facilities that your company operates in the United States

[Check all that apply]

Long-haul transport networks

Undersea cable landing stations

Internet peering, co-location, gateway

Satellite Ground Stations

Telephony peering, co-location, gateway

Other

Comments:

Section 1b – continued

Network Systems – Corporate Profile: Facility & Service Information - continued

[Answer ALL questions – Surveys With Blank Responses Will Be Returned For Completion]

6. State the locations of all company network operation centers (NOCs) in the United States; and provide the manager’s name, phone number, and e-mail address.

Operating Center Name

Address

State

Zip Code

Country

Manager’s Name

Phone Number

E-mail Address

Drop-Down Forms

Comments:

7. State the locations of all company network operation centers (NOCs) in Non-U.S. locations; and provide the manager’s name, phone number, and e-mail address.

Operations Center Name

Address

State

Zip Code

Country

Manager’s Name

Phone Number

E-mail Address

Drop-Down Forms

Comments:

8. Identify the Names and contact information of all third-party organizations that provide network operation center (NOC) management services to your company.

NOC Service Provider(s)

Address

State

Zip Code

Country

Manager’s Name

Phone Number

E-Mail Address

Drop-Down Forms

Operations Center Names

Address

State

Zip Code

Country

Manager’s Name

Phone Number

E-Mail Address

Drop-Down Forms

9. Identify all locations of the third-party network operation centers (NOCs) used to manage any segment of your company’s network infrastructure in U.S. and Non-U.S. locations.

NOC Service Provider(s)

Address

State

Zip Code

Country

Manager’s Name

Phone Number

E-Mail Address

Drop-Down Forms

Operations Center Names

Address

State

Zip Code

Country

Manager’s Name

Phone Number

E-Mail Address

Drop-Down Forms

Comments:

BUSINESS CONFIDENTIAL – Per Section 705(d) of the Defense Production Act

Section 1b – continued

Network Systems – Corporate Profile: Facility & Service Information - continued

[Answer ALL questions – Surveys With Blank Responses Will Be Returned For Completion]

10. My company:

[Check all that apply]

Owns and manages its own security operations centers (SOCs) for company-owned network infrastructure located in the United States

Relies on contractor organizations to provide security operations center (SOC) services for company-owned network infrastructure located in the United States

Co-locates its SOC operations with its NOC facilities in the United States.

Owns and manages its own security operations centers (SOCs) for company-owned network infrastructure outside of the United States

Relies on contractor organizations to provide security operations center (SOC) services for company-owned network infrastructure outside of the United States

Co-locates its SOC operations with its NOC facilities in Non-U.S. locations.

Comment:

11. State the locations of all company security operations centers (SOCs) in the United States; and provide the manager’s name and phone number.

Operations Center Name

Address

State

Zip Code

Country

Manager’s Name

Phone Number

E-Mail Address

Drop-Down Forms

Comments:

12. State the locations of all company security operations centers (SOCs) in Non-U.S. locations; and provide the manager’s name and phone number.

Operations Center Name

Address

State

Zip Code

Country

Manager’s Name

Phone Number

E-Mail Address

Drop-Down Forms

Comments:

13. Identify the names of all third-party organizations that provide security operations center (SOC) management services to your company.

SOC Service Provider(s)

Address

State

Zip Code

Country

Manager’s Name

Phone Number

E-Mail Address

Drop-Down Forms

Operations Center Names

Address

State

Zip Code

Country

Manager’s Name

Phone Number

E-Mail Address

Drop-Down Forms

14. Identify all locations of the third-party security operations centers (SOCs) used to manage any segment of your company’s network infrastructure in U.S. and Non-U.S. locations.

SOC Service Provider(s)

Address

State

Zip Code

Country

Manager’s Name

Phone Number

E-Mail Address

Drop-Down Forms

Operations Center Names

Address

State

Zip Code

Country

Manager’s Name

Phone Number

E-Mail Address

Drop-Down Forms

Comments:

BUSINESS CONFIDENTIAL – Per Section 705(d) of the Defense Production Act

Section 1c

Network Systems – Corporate Profile: Business & Operational Practices

[Answer ALL questions – Surveys With Blank Responses Will Be Returned For Completion]

1a. Identify how your data network operations centers (NOCs) are protected from cyber attack:

[Check all that apply]

Host-Based Protections

Perimeter Protections

False Hosts ("Honey pots")

- Malware Scanning/Detection (Anti-Virus/Anti-Spyware, etc.)

- Network Firewalls

Network Encryption

- Host-Based Intrusion

Prevention System

- Network Intrusion/ Anomaly

Detection Tools

Security Info and Event Managment (SIEM)

- Host-Based Firewall

- Network Flow/Packet

Collection

Other [Explain in Space provided]

- Root kit Detection Capability

- De-Militarized Zones

(DMZs)

Other [Explain in Space provided]

1b. Identify the detection and analysis techniques that your company uses to understand attacks/threats to your data network operations centers (NOCs):

[Check all that apply]

Host Forensics

Network Event Forensics

Real-time Traffic Analysis

Host Configuration Management

Network Configuration Management

Policy management

Other [Explain in Space provided]

Comments:

2. Data management and network management occurs: [Check]

In-band?

Through a separate physical network

Through a separate virtual private network (VPN)

Other [Explain in Space provided]

Comments:

3. Identify how network and data managers remotely manage systems/networks: [Check all that apply]

Remote connection via Internet

Internal network

connection

No remote access

Remote External Virtual Private Network (VPN)

Internet

Comments:

BUSINESS CONFIDENTIAL – Per Section 705(d) of the Defense Production Act

Section 1c – continued

Network Systems – Corporate Profile: Business & Operational Practices - continued

[Answer ALL questions – Surveys With Blank Responses Will Be Returned For Completion]

4.a Do you permit third-party organizations to operate within your management network and/or data management networks – and to report out of your networks for activities to: [Check]

Collect data on traffic

(e.g. network-wide traffic, routing traffic, subscriber usage, and application traffic)

Yes

No

Monitor security threats

Yes

No

Other

[Explain in Space provided]

Yes

No

If you responded “Yes” to any of the question responses above, identify all such third-party organizations that operate within your network. Specify the nature of their activities, and provide a point of contact and phone number. Survey participants responding "No" to all of the three above responses in this question, proceed to Question 4.c.

Organization Name:

Nature of In-Network Activity:

Headquarters Location - Country

Organization Contact Name:

Phone Number:

E-Mail Address

Drop-Down Forms

Drop-Down Forms

Drop-Down Forms

Comments:

4.b Do the third-party organizations that you permit to operate within your network and/or data management networks do so

from:

[Check all that apply]

Facilities located in the United States that your company owns and controls.

Facilities located outside of the United States that your company owns and controls.

Facilities located in the United States that they control.

Facilities located outside of the United States that they control

Do not know the countries from which approved third-party organizations operate on my network.

Other [Please explain in space below]

If you responded “Yes” to any of the question responses above, identify all such third-party organizations that operate within your network. Specify the nature of their activities, and provide a point of contact and phone number. Survey participants responding "No" to all of the three above responses in this question, proceed to Question 5.

4.c Does your company perform testing and validation of software upgrades, patches, and updates on network equipment prior to deployment in your systems? [Check]

Yes

No

If you responded “Yes” to this question, respond to Questions 4.d and 4.e. Survey participants responding "No" to this question should proceed to Question 5.

4.d State the types of tests performed on the software in our equipment laboratory or test environment.

[Check all that apply]

Validate system performance and features

Test system reliability

Verify system interoperability

Analyze impact on security

Other [Please explain in space below]

Other [Please explain in space below]

Comments:

4.e State the types of procedures that your company follows to ensure the integrity of the software installed in your network systems.

[Check all that apply]

Verify digital certificates and code signatures

Request and analyze source code

Scan software for viruses and malware

Perform other analyses or procedures

[Please explain in space below]

Comments:

BUSINESS CONFIDENTIAL – Per Section 705(d) of the Defense Production Act

Section 1c – continued

Network Systems – Corporate Profile: Business & Operational Practices - continued

[Answer ALL questions – Surveys With Blank Responses Will Be Returned For Completion]

5a. Identify all Communications Assistance for Law Enforcement Act (CALEA) compliance equipment vendors that you company uses:

Name

Type of Equipment

Type of Software

Drop-Down Forms

Drop-Down Forms

5b. Identify all support companies that you company employs to assure compliance with CALEA requirements:

Name of Company

Type of Service Provided

Frequency of Service (Check)

Drop-Down Forms

Daily

Weekly

Monthly

Continuously

Comments:

6.a State the number of Data Centers that your company operates:

Within the United States

Outside of the United States

Comments:

6.b Identify the locations of the Data Centers that your company owns and/or operates in the United States and outside of the United States; and provide the manager’s name and phone number.

Operations Center Name

Address

State

Zip Code

Country

Manager’s Name

Phone Number

E-Mail Address

Drop-Down Forms

Comments:

7. Identify all organizations that operate Data Centers on behalf of your company to support its network operations; and provide the manager’s name and phone number.

Operations Center Name

Address

State

Zip Code

Country

Manager’s Name

Phone Number

E-Mail Address

Drop-Down Forms

Comments:

8. Does your company lease network equipment from:

[Check all that apply]

Manufacturers

MFG’s Authorized Distributors

Third-Party Suppliers

Yes

No

Yes

No

Yes

No

If the answer is “No” for all choices – proceed to Question 14. If the answer is “Yes” – complete Questions 9 - 13b.

Comments:

BUSINESS CONFIDENTIAL – Per Section 705(d) of the Defense Production Act

Section 1c – continued

Network Systems – Corporate Profile: Business & Operational Practices - continued

[Answer ALL questions – Surveys With Blank Responses Will Be Returned For Completion]

9. State the typical duration of the network equipment lease:

1 - 3 years

3 – 5 years

5-7 years

7-10 years

10 years or longer

Comments:

10. Do the terms of the lease stipulate that:

[Check all that apply]

Your company maintains the network equipment

The manufacturer maintains the network equipment

The manufacturer’s designated contractor maintains the network equipment

Other (Describe in space below)

Comments:

11. Can ownership of the Equipment Lease be transferred by the lessor to another company or organization?

Yes

No

12. Can ownership of the Equipment subject to the lease be transferred to another company or organization?

Yes

No

Comments:

13a. State the percent of your backbone/core U.S. facilities that use leased equipment from:

U.S.-based suppliers

%

13b. State the percent of your U.S. metropolitan area core facilities that use leased equipment from:

U.S.-based suppliers

%

Non-U.S.-based suppliers

%

Non-U.S.-based suppliers

%

Comments:

14. State the percent of decisions for procure-ment of network equipment that are made by:

[Check all that apply]

%

Corporate-Level Company network operations staff

%

Contractor(s) support-ing corporate network operations staff

%

Contractor(s) operating corporate network operating systems

%

Other

(Describe in space below)

15. State the percent of decisions for procure-ment of information security products made by: [Check all that apply]

%

Corporate-Level Company network operations staff

%

Contractor(s) support-ing company network operations staff

%

Contractor(s) operating company network systems

%

Other (Describe in space below)

Comments:

BUSINESS CONFIDENTIAL – Per Section 705(d) of the Defense Production Act

Section 1d

Network Systems – Corporate Profile: Equipment & Software Procurement

[Answer ALL questions – Surveys With Blank Responses Will Be Returned For Completion]

1. When first equipping a network facility, or performing a major change-out of network systems, my company/

organization:

[Check all that apply]

- buys parts and systems directly from OEM/OCM manufacturers

- buys parts and systems through OEM/OCM authorized distributors

- buys parts and systems through known 3^rd party vendors

- buys used equipment, parts and systems from third-parties, auction sites, etc.

- provides a project contractor with instructions on systems and parts to purchase

- buys turn-key systems through a contractor and does not specify system component

brands, or model types – just specifies overall performance requirements

- leases equipment

Comments:

2. My company/organization purchases spare or replacement routers, line cards and chassis, switches, multiplexers, and other data handling equipment:

[Check all that apply]

- directly from OEM/OCM manufacturers

- directly from OEM/OCM authorized distributors

- through known domestic 3^rd party, new-part vendors

- through known non-U.S., 3^rd party, new-part vendors

- through a U.S.-based contractor that maintains systems at this facility

- through a Non-U.S. contractor that maintains systems at this facility

- through a used-part vendor

- Other [please explain in space below]

Comments:

3.a As a condition of purchase, does your company require equipment manufacturers and their authorized distributors to disclose the original developers (including subcontractors) of software that enables the operation of acquired equipment currently deployed in your network systems?

Yes

No

3.b Identify the written requirements your company stipulates when buying systems or components from third-party vendors and/or maintenance contractors:

[Check all that apply]

- documentation to establish product authenticity, pedigree, and chain of custody?

- disclosure how the supplier acquired the product (e.g. manufacturer’s product closeout,

contract manufacturer surplus, independent distributor, broker, Internet purchase, etc.?

- declaration of whether the product is “new” or “used”?

- disclosure of whether the product will be shipped directly from the vendor’s warehouse?

- disclosure when the product ordered is being fulfilled and delivered by another party via

drop-shipment to your company’s designated point of delivery?

- pre-sale identification of the product brand name and manufacturer?

Comments:

4. Does your company have written procedures and guidance for its engineering and facility operations personnel to follow to assure that electronic systems installed, and maintained in this facility are:

[Check “Yes” or “No”]

Genuine (OCM/OEM)

Yes

No

Have not been subject to tampering

Comments:

BUSINESS CONFIDENTIAL – Per Section 705(d) of the Defense Production Act

Section 1d – continued

Network Systems – Corporate Profile: Equipment & Software Procurement

[Answer ALL questions – Surveys With Blank Responses Will Be Returned For Completion]

5. State the steps your company/organization takes to verify that network parts/systems that are acquired for its facilities are genuine OEM/OCM product:

[Check all that apply]

- Verifies that documentation for products delivered for installation in this facility are genuine

- Confirms that model numbers, serial numbers, lot number, dates of manufacture, place of manufacture, etc., are valid

- Tests systems and components delivered to this facility

- Other

Comments:

6. Identify the due diligence steps that your company performs in selecting carrier information network equipment prior to its purchase and installation in facilities in the United States and in U.S. territories:

[Check all that apply]

Evaluates hardware and software for vulnerability to denial-of-service attacks.

Checks on the manufacturer’s ties to foreign governments, and business espionage

Consults National Security Agency

Tests equipment to assure that data transfers can not be intercepted or redirected

Consults U.S. Computer Emergency Readiness Team – Dept. of Homeland Security

Consults the National Institute of Standards & Technology/ U.S. Dept. of Commerce