Network Security Services Clause Samples
The Network Security Services clause defines the obligations and standards related to protecting a network and its data from unauthorized access, breaches, or cyber threats. Typically, this clause outlines the specific security measures that must be implemented, such as firewalls, encryption, regular security audits, and incident response protocols. Its core practical function is to ensure that both parties understand and agree upon the level of security required, thereby reducing the risk of data breaches and clarifying responsibilities in the event of a security incident.
Network Security Services. Network transport (WAN ports, WAN cloud, redundant paths).
Network Security Services a. A [ * ] MPLS closed network used for internal purposes will satisfy current requirements. In addition, the non-MPLS network (solution includes provisioning and support of both MPLS and non-MPLS circuits) which includes encryption in the firewall (a supported piece of Equipment) also satisfies current requirements. The Vendor’s responsibilities include the following:
1. Implement and maintain security tools, procedures, and systems required to protect the integrity, confidentiality, and availability of the ACI Data Network and data on the Data Network;
1.1. ACI will approve the selection of the security tools;
2. Comply with ACI’s Data Network security policies (described in Schedule J (ACI Policies and Standards), whereby the Vendor will follow the best practices of either ACI or Vendor, whichever requires greater security based on reasonable and prudent standard practices, with approval by ACI;
3. Perform quarterly assessments of risk exposure including:
3.1. Gap analyses to indicate exposure to security threats; Confidential Exhibit A-7—Data Network Services
3.2. Action plans to address gaps; and
3.3. Ratings to gauge progress against closure of gaps;
4. Provide access to and/or assist ACI’s designated third-party vendors in performing vulnerability assessments (of the Vendor support network infrastructure) [ * ] from ACI;
5. Perform reactive security assessments and Incident and problem determination in accordance with ACI network security policies;
6. Activate appropriate security monitoring tools, and back up and analyze the logs from these tools, in accordance with ACI security requirements;
7. Provide recommendations to remediate the gaps identified by analyzing the logs;
Network Security Services. Network security Services firewall include the provision and support of methods that provide security to physical and logical devise connected to the network. Security services include firewall, intrusion detection, penetration/vulnerability testing.
Network Security Services. For additional requirements related to physical and logical security requirements, see Exhibit 2.6 (Cross-Functional Services) and Exhibit 16 (Safety and Security Procedures). Supplier’s responsibilities include the following:
1. Implement and maintain security Tools, procedures, and Systems required to protect the integrity, confidentiality, and Availability of the Network and data on the Network.
a. Company will approve the selection of the security Tools.
2. Comply with Company’s Network Security policies (described in Exhibit 16 (Safety and Security Procedures)), and Network Architecture and standards, described in Exhibit 8 (Technical Architecture and Product Standards).
3. Provide access and/or assist Company’s designated Third-Party Vendors in performing vulnerability assessments (of Supplier support Network Infrastructure) upon five (5) days written notice from Company.
4. Activate appropriate Security monitoring Tools, and back up and analyze the logs from these Tools, in accordance with Company Security requirements.
5. Provide recommendations to remediate the gaps identified by analyzing the logs.
6. Utilize access control mechanisms on all networking devices in accordance with Company Network Security Policies.
7. Monitor usage patterns and investigate and report significant discrepancies in those patterns no later than one (1) week after their detection.
8. Report all attempts at illicit monitoring, interception, eavesdropping, or toll-fraud to Company when detected by Supplier and propose appropriate action to prevent re-occurrence.
Network Security Services. Service Provider shall meet the requirements related to physical and logical security set forth in Exhibit 2.1.2 and in Exhibit 17. Service Provider responsibilities include:
1. Act as a single point of contact for the management of the DCS Network Security Services.
2. Implement and maintain security tools, procedures, and systems required to protect the integrity, confidentiality, and availability of the DCS Network and data on the DCS Network.
2.1. DIR will approve the selection of the security tools.
3. Comply with DIR’s and DIR Customers’ Network security policies described in Exhibit 17, and network architecture and standards, whereby the Service Provider will follow the best practices of either DIR, DIR Customers or Service Provider, whichever requires greater security based on reasonable and prudent standard practices, with approval by DIR.
4. Perform periodic assessments of risk exposure including:
4.1. Gap analyses to indicate exposure to security threats, and report analysis to DIR and DIR Customers as appropriate.
4.2. Action plans to address gaps; integrate actions into Service Provider Problem Management and provide reports to DIR and DIR Customers as appropriate.
4.3. Ratings to gauge progress against closure of gaps.
4.4. Categorize risk in compliance to Exhibit 17.
5. Provide data privacy as required by DIR and DIR Customers (e.g. network segmentation, firewalls).
6. Provide access and assist the MSI and DIR’s designated Third Party Vendors in performing vulnerability assessments (of the Service Provider supported network infrastructure) upon five (5) day’s written notice from the MSI.
7. Perform reactive network security assessments, along with Incident and Problem determination, and in accordance with DIR and DIR Customers security policies.
8. Activate appropriate security monitoring tools, and back up and analyze the logs from these tools, in accordance with DIR and DIR Customers security requirements.
8.1. Manage network security devices in the environment (e.g. NIPS, FW, NIDS) to provide appropriate logging and reporting of network activities.
8.2. Establish working relationships with DIR and DIR Customers as required to ensure that network security elements are configured and functioning properly to meet business needs.
9. Provide recommendations to remediate the gaps identified by analyzing the logs.
10. Utilize Access Control Lists (ACLs) on all networking devices in accordance with DIR and DIR Customers network security policies....
Network Security Services. Network transport link performance verification 1.3.8. Information Assurance.