The Division of Technology Services (DTS) operates a State Wide Area Network (WAN) as well as the State Local Area Networks (LAN) for all State of Utah Executive Branch agencies. DTS also provides WAN services for State and other government agencies with enterprise-wide, intra-state network services.
The State WAN provides gateway services to the public Internet and functions as a private fault tolerant network, connecting facilities in geographic locations statewide.
In FY2009, WAN and LAN services merged into Network Services, delivering jack-to-jack connectivity to agency customers, using a single rate.
Network Services include IP addressing, Domain Name System (DNS), primary domain email service, Internet access, web content filtering, security products such as firewalls, VPN termination and intrusion prevention systems (IPS), and the necessary tools and staff to support these services. Network Services will provide limited wireless connectivity for agencies (see the Wireless Services description in the following sections).
Included Functions and Duties
Services include consulting, engineering, network diagramming, deployment, and operational support.
Wide Area Network
- Connectivity to agency locations for access to the Internet and system applications that reside in our data centers or cloud environments.
- Network based encryption between remote locations and WAN Core.
- Site to Site VPN tunnels.
Local Area Network
- Connectivity from all edge network devices within agency locations to end-points using State approved best practices.
- Network utilization monitoring and bandwidth management at edge network locations.
- Network circuits may be provided via several types of services including:
- State Owned Fiber
- Point to Point / MOE (Metro Optical Ethernet)
- Business Class Internet (e.g. DSL, Local ISP, etc)
- DTS Networking will provide the primary network circuits between remote facilities and state data centers.
- DTS Networking may provide a secondary network circuit under the following circumstances (Secondary circuits are not guaranteed):
- The location processes credit card payments
- The location is a Network GeoHub or Aggregation site
- If the primary circuit is using state owned fiber and
- The location is providing residential housing with voice services reliant on network connectivity (e.g., USH and USDC)
- The location is an administrative agency location (e.g. MASOB, DWS Admin)
- Agencies requesting additional circuits not covered under the standard will be required to cover the costs via Special Billing Agreement (SBA).
- Building Entrance for fiber services will be paid for by the agency unless special funding is available and approved.
- DTS Networking will provide bandwidth based on the number of employees at a given location.
- The bandwidth listed below is not guaranteed.
- Networking will complete a utilization assessment and provide bandwidth based upon findings.
- Site Size Number of Employees Bandwidth
- Small up to 25 up to 50 Mbps
- Medium 26 to 50 up to 100 Mbps
- Large 51 to 100 up to 500 Mbps
- Extra Large over 100 employees up to 1 Gbps
- Campus Multiple Buildings up to 10 Gbps
- Agencies requesting bandwidth above the recommended standard from the bandwidth assessment may pay the difference in cost for both circuit charges and additional hardware requirements via a Special Billing Agreement (SBA).
- Example: The standard provides up to 100 Mbps for a location. An agency requests 200 Mbps for that site. The agency would be responsible for the cost difference between 100 and 200 mbps.
- Agencies paying DTS Network Service rates (Standard & IoT) will be provided the necessary network hardware.
- DTS Networking will provide hardware based on the following standard:
- Network Router / Security Appliance
- Network Switches
- Wireless Access Points (See Wireless Access product description for more information)
Devices on the State Network
- Unmanaged switches or hubs are NOT authorized on the State WAN and will be disabled or blocked.
- If additional ports are needed please submit a Service Now request to have additional wiring installed. ( Network Services – Add Ons for more information)
- All devices connected to the state network (excluding Guest Wireless i.e. CapNet) must be authorized and will be billed one of the following network services rates: standard Network or Network IoT.
- State employees covered by the monthly standard Network service rate for desktop or laptop purposes may use a mobile device, such as a phone or tablet, without incurring additional network rate:
- However, employees may not avoid the Network services rate by opting for a mobile device only or by “Bringing Your Own Device” (BYOD).
- The following device types will be charged the standard Network Service rate:
- Workstations – Desktops/Laptops
- Security cameras systems/servers
- Streaming TVs/DVR systems (e.g. Roku)
- Cellular Boosters
- The following device types may be charged a Network IoT (Internet of Things) service rate (See IoT product description for more information):
- Building or Environmental Controls (e.g. HVAC, door access)
- Credit Card readers
- Individual cameras
- Miscellaneous items that may also be subject to the IoT rate
- Some examples include: Seismograph, warehouse crane, air monitoring, fingerprinting, scan guns, non streaming TV systems
- Firewall services between the Internet and the state WAN.
- Firewall VSYS / context creation and removal.
- Backbone intrusion monitoring and management.
- GeoBlocking – limiting access to state resources based on physical location.
- Access Control Lists (ACLs) for local LAN segments, where technically feasible.
- Note: Logging on router access lists is not provided to customers.
- Packet screening to prevent IP spoofing from external networks.
- Firewall rule management and support (See Firewall Rule Management for more information).
- For additional security services see the Enterprise Security product description.
- Manage IP address space.
- Management of DHCP and IP address reservations.
- Manage subnets, VLANs and public/private IP assignments.
- Manage host, MX, alias and PTR records.
- Host newly registered DNS domains and manage DNS records.
- Delegate sub-domains per agency request.
- Manage changes to DNS entries.
- Provide instructions for registering new DNS names.
- High bandwidth Internet access from our primary data center with redundant internet connection
- Secondary data center Internet access available for configuration with system applications
- Content filtering and blocking inappropriate or unauthorized access.
- See the Web URL Filtering product description for more information.
- Networking provides secure user VPN access into the state network from the Internet; pre-authorization is required.
- Networking can provide site to site VPN tunnels.
- See the VPN product description for more information.
- See Wireless Network (WiFi) product description for more information.
- See the Cellular Boosters product description for more information.
Non Executive Branch Customers
- See the Network Services for Non-State Agencies product description for more information.
Features Not Included
See the Network Services – Add Ons product description for more information. These services may require an additional negotiated cost or be dependent on available funding. See DTS Consulting Rate table under Rates and Billing.
Additional Firewalls or Security
DTS can help evaluate and develop a solution for additional security requirements.
- Customized site to site tunnel design and configuration
Wiring and Cable Design
A DTS wiring specialist will review customer requests and will engineer a solution or plan using the latest technology in accordance with code, and industry best standards and practices.
- Agencies will be responsible for the costs of supplying, installing, or upgrading the agency’s infrastructure cabling.
- All copper wiring must be at current standard (Cat5e or better).
- DTS will assess and engineer appropriate network bandwidth by working with agency requirements.
- DTS can provide unique WAN or LAN connections, at an additional negotiated cost via Special Billing Agreement (SBA).
- Provide jack-to-jack network maintenance
- Coordinate customer notification of planned maintenance and outages
- Assess and engineer appropriate network bandwidth by working with agency business requirements
- Provide network service in an efficient and economical manner—to include using bandwidth monitoring statistics to justify enhancements
- Maintain the integrity and security of the State WAN and Local Area Networks by shutting down ports that have been penetrated, or otherwise violate network security policies
- Conduct periodic device count audits, in accordance with the network device definition and published guidelines
- Conduct periodic Special Billing Agreement (SBA) audits and updating agreements as applicable
- Network Solutions Engineer and technical support staff must document the firewall configurations so that agencies that need access to applications have access—i.e., enabling state interoperability.
- Comply with the state Acceptable Use Policy: https://dts.utah.gov/policies/documents/1000-0003acceptableuse.pdf
- Provide security requirements.
- Consult with DTS Networking when planning facility moves.
- Notify DTS Networking when planning to deploy applications that might affect network traffic by submitting the appropriate request.
- Provide adequate space, power, cooling, etc. for state network equipment at each agency facility.
- Provide physical security in facility locations that house state network equipment.
- DTS customers should provide DTS Networking a local contact at each facility that is capable of assisting with troubleshooting customer concerns.
- Comply with state security policies.
- Facility cabling is the responsibility of the agency.
- Agencies are responsible for reviewing their Network Bill from DTS in a timely manner for accuracy.
- Ensure that unmanaged switches or hubs are NOT installed on the State WAN. These unmanaged hubs are NOT authorized and will be disabled or blocked.
- Contact DTS Networking if unmanaged switches are identified by submitting an incident ticket.
General Service Levels and Metrics
- See the General Service Levels and Metrics product description for more information.
All technical incidents, service requests, and certain types of orders related to products and services provided by DTS will be reported to the DTS Enterprise Service Desk or to specialized Help Desks that support State agencies or DTS divisions and regions. All incidents and requests will be captured in the DTS ServiceNow application. DTS staff will provide timely acknowledgement and resolution of technical incidents and service requests.
DTS support staff, including staff directly assigned to the DTS Enterprise Service Desk, will exert all reasonable efforts to meet the Time to Initial Response (TIR) and Total Time to Resolution (TTR) targets set forth below.
The DTS Enterprise Service Desk is accessible 24×7 by telephone at 801-538-3440 or 800-678-3440. Live chat and direct user reporting of incidents are also available on the DTS website at dts.utah.gov. Published “Business Hours” for the DTS Service Desk are 7:00 AM-6:00 PM, Monday-Friday. Hours of support/on-call coverage vary by agency/division/region and product.
Incident Response and Resolution Targets
Time to Initial Response Targets
Total Time to Resolution Targets
Low Priority – 1 Business hour
Low priority – 6 Business hours
Medium priority – 1 Business hour
Medium priority – 4 Business hours
High priority – 1 Clock hour
High priority – 3 Clock hours
Critical priority – 30 Clock minutes
Critical priority – 3 Clock hours
Customer Satisfaction Surveys and Reporting
All users/customers whose technical incidents are resolved by DTS staff will be given the opportunity to respond to an on-line survey regarding their level of satisfaction with the support received from DTS. Responding to the survey is voluntary.
Periodic reports will be created showing the level of satisfaction with resolution of incidents by specific support groups and the level of satisfaction of users by agency.
Customer Satisfaction Targets
Average level of satisfaction with resolution efforts
> 4.5 on a scale of 0–5
Percentage of respondents satisfied or better with service received
93% of respondents satisfied