Introduction

Section 1 - Dedicated Internet Access Service
Section 2 - Dedicated Internet Access Options
Section 3 - Address and Domain Name Registration
Section 4 - Dedicated Internet Access Ordering and Timelines
Section 5 - Internet Network Security

Appendix A - Address and Domain Name Registration Survey
Appendix B - Implementation Checklist
Appendix C - Helpful Resources
Glossary of Acronyms
 

Introduction

Who is NetStar Technologies?

NetStar Technologies is a Multimedia Communications Service Provider that provides customers with a reliable, comprehensive, easy to use range of Internet-related services, including dial-up Internet access for residential and business customers, e-mail services, local news and information, content filtering and search capabilities. NetStar also offers complete solutions for your business including Dedicated Internet access, equipment, on-site installation, hosting, e-mail. 

What is the Internet?

The Internet is a vast worldwide network comprised of thousands of smaller interconnected networks; this worldwide network evolved from a project funded by the U.S. Defense Advanced Research Projects Agency (DARPA). The Internet was originally created to help researchers and scientists exchange information quickly and actually prohibited use of the network for commercial purposes. 

Today, the Internet has grown dramatically and its users have expanded from research institutions and scientific laboratories to commercial businesses and consumers. The Internet now includes many for-profit communications Providers such as NetStar Technologies. Along with the increase in number of users on the Internet, the quantity of tools that can be used on the Internet has also grown. Now these users on the Internet can not only transfer files in electronic format, they can send messages via electronic mail (e-mail), conduct research using the vast resources of the Internet, hold real-time "talk" sessions with others connected to the Internet and much more. 

The NetStar Technologies' network is composed of multiple network hubs connected by a high speed Internet backbone network. Each major network hub runs on a LAN connecting routes and hosts that accept and route Internet Protocol (PI) traffic and provide auxiliary services that make accessing the Internet easier. Today, customers access NetStar Technologies' network by connecting to the closest major hub via point-to-point DS1, DS3, ISDN, Frame Relay, ATM or 2-way Satellite Link. Each of these major hubs is connected directly to the Internet through an Internet Global Service Provider. 

Section 1 - Dedicated Access Service

• What Does NetStar Technologies Offer? 
• What Do I Need to Connect to the Internet? 
• Domain Name Service 
• Electronic Mail System 
• Network News Server 
• Web Browser 
• Web Server 
• Contact update for your firm. 

NetStar Technologies offers the most comprehensive and cost-effective business solutions in the industry. Unlike our competitors, NetStar offers complete solutions for your company's communications and Internet needs. 

Our Dedicated Business offering includes: 

• Dedicated access to the Internet through a full range of transport options 
• Top-rated equipment from the most respected names in the business 
• Personalized consultation of your Internet business needs 
• On-site installation 
• Around-the-clock monitoring of the network 
• Additional personalized services 

• E-mail services 
• Local news and information 
• Content filtering capability

Typically, dedicated access customers are connecting a LAN-based configuration to the Internet. Customers need to provide the appropriate standard WAN equipment such as routers and CSU/DSUs. Because the Internet is a TCP/IP based network, customers need to have the TCP/IP protocol stack installed on each host or to translate any proprietary network traffic into TCP/IP through the use of a gateway. 

Customers are also responsible for providing, configuring, and supporting any software tools required for accessing the Internet. Below we have provided a short explanation of the most commonly used Internet tools. 

Domain Name Service (DNS)

Domain Name Service (DNS), though typically invisible to the user, is the most fundamental tool associated with use of the Internet. The Internet uses the IP protocol and all IP traffic must have a source host IP address and a destination host IP address. Unfortunately, these addresses are extremely cumbersome and nearly impossible to remember. 

The function of DNS is to map the required IP addresses into more user-friendly, easy-to-remember host names. DNS allows users to document the correlation between their IP addresses and host names. Each site is responsible for documenting the correlation between their own IP addresses and host names. This information is then propagated to other DNS servers all over the world. Everyone on the Internet relies on this mapping to easily access hosts and resources. 

Also, since hosts at a specific site are associated with a specific IP network address, all hosts at that site can be grouped together into a single domain. In this way, a host name such as "compass" can be reused by many Internet sites, as long as they each belong to different domains. Of course, two computers cannot have the same host name if they are part of the same domain. 

The DNS for a particular site is provided by one or more hosts running specialized software; these hosts are commonly referred to as name servers or domain name servers. Customers are responsible for providing one primary name server at their location. 

As part of our basic service, NetStar Technologies offers Dedicated Access customers the option of using one of our carrier's name servers as a primary or secondary name server, for one fully qualified domain per customer. The advantage of such a configuration is that if the customer's name server fails, the carrier can provide the required mapping between host names and IP addresses.

Without a secondary name server, the site would be virtually isolated from the rest of the Internet. Remote users would find hosts at that site to be unresponsive to their host names. Likewise, local users trying to reach any host would be forced to manually enter the destination IP address in place of its host name. Please note that not providing DNS is NOT a security feature; it will not prevent your site from receiving data since the IP addresses for your site can easily be found or guessed. 

Electronic Mail System

Electronic mail (e-mail) is an electronic equivalent to a letter delivered by the US Postal Service. However, in its electronic format, mail can be delivered almost instantaneously around the world! The Internet is equivalent to the US Postal Service delivery system and like the US Postal Service there must be a mechanism for getting mail in and out of the delivery system. With the US Postal Service, the sender must take the letter to the nearest post office or mailbox. Once a letter is delivered by the US Postal Service, the receiver must go to their mailbox and retrieve their mail. 

Similarly, the sender of e-mail must have a way of both delivering and receiving mail from the delivery system. This is accomplished through the use of individual host e-mail software, mail servers, and mail gateways. 

NetStar Technologies Dedicated Internet Access customers may provide their own e-mail host software, server and gateway(s), or can choose to purchase these services from NetStar Technologies. If customers choose to provide their own e-mail, we strongly recommend that the customer's e-mail system be Simple Mail Transfer Protocol (SMTP) RFC-1123 compliant since this is the predominant e-mail protocol used on the Internet. 

Each host must have an e-mail software package installed to generate the actual e-mail messages. The host e-mail software must be configured to forward messages to the local SMTP mail server for delivery. 

The local SMTP mail server then determines where to send outgoing messages by looking up the Mail Exchange (MX) record for the top level domain portion of the destination e-mail address. For example, if the destination address of an electronic mail message is support@netstartechnologies.net, the latter portion of the address is netstartechnologies.net. The SMTP mail server (which may also be referred to as the "mail server", "mail host", "mail spooler", or "mail relay") will check its DNS to obtain the MX record for netstartechnologies.net. The mail server would then forward the e-mail message to the IP address indicated in the MX record for netstartechnologies.net. 

The mail server also accepts incoming mail addressed to its site and delivers the mail to the individual hosts. The mail server may be configured to "spool" incoming mail if an individual host is temporarily unable to receive mail. The mail server stores the messages until the host is again able to accept mail. A spooling facility requires that disk space be reserved on the mail server for this purpose; the more mail a site gets, the more disk space is required. A reasonable configuration is disk space to spool mail for the entire site for three days. 

In some environments, a mail gateway is also necessary. A mail gateway's function is to translate e-mail messages from a proprietary format to a standard, SMTP-compliant format. For example, a mail gateway might translate between Novell Groupware and SMTP Internet mail. If you are unsure which mail package your site is using, contact your local system administrator. If you need assistance setting up your e-mail system, you may contact your Internet Application Manager for a list of integration partners. 

Network News Server

An electronic news feed provides access to the exchange of information between Usenet news servers around the world. The process of exchanging information between Usenet servers occurs fairly frequently in order that updates and postings to Usenet news groups can be propagated throughout the Internet. 

The function of Usenet news is to allow Internet users to exchange ideas about particular subjects ranging from highly technical to political to recreational. Many users find that Usenet news is a valuable resource since specific questions or ideas can be posted to a news group and a response is usually posted fairly rapidly. Internet users tend to monitor news groups that are of specific interest to them; therefore, the likelihood of getting valuable, free information is quite high. Since Usenet is not administered by any one entity, news groups may or may not be moderated. This means that some newsgroups may be considered distasteful, offensive, or inappropriate to certain users. 

Customers who want to receive Usenet news must provide a high performance host which can devote a large percentage of resources to processing news. NetStar Technologies recommends that dedicated access customers set up their news server on a host with the following minimal characteristics: 

• Mid-size UNIX server
• 64 - 128 megabytes of RAM minimum
• 1-5 gigabytes of disk storage 

Please note that the configuration and administration of a news server is a complicated issue requiring a high level of systems administration expertise. NetStar Technologies can assist you in setting up your news server. 

Web Browser

A Web browser, such as Netscape Navigator, is a software application that enables individual users to access the Internet with a Graphical User Interface (GUI). These applications make it easy for Internet users to do research, locate specific sites or services, conduct financial transactions and keep up on the news available on the world wide web (www). Most Web browsers also provide facilities for posting and reading Usenet news. Under an agreement with Netscape Communications Corporation, NetStar Technologies is authorized to distribute Netscape Communicator and Microsft Internet Explorer. 

Web Server

More and more organizations are finding it valuable to have a presence on the World Wide Web (WWW). Web servers function as "virtual storefronts" to provide customer service, marketing, advertisements and public relations information to Internet users. Web servers may also be used to provide resources or proprietary information to employees or key partners. A Web server can be easily configured to record the number of hits or connections to each of its Web pages; this information can be used to measure the interest level of the content of the Web pages themselves. 

If you want to have a Web server on the Internet, NetStar Technologies recommends that your server have at least the following characteristics: 

• Mid-size UNIX server
• 32 megabytes of RAM minimum
• 1-5 gigabits of disk storage 

Section 2 - Dedicated Access Options

• Transport Options Supported 
• Recommended Customer Network Equipment 
• Recommended Routing Protocols 

NetStar Technologies supports five dedicated access options: DSL, ISDN, DS1, DS3, Frame Relay, Point to Point private line service, ATM and 2-way Satellite Link. Access speeds range from 56 Kbps to 6 Mbps. Many customers find that these types of services can reduce their network and equipment cost, as well as providing added flexibility. For example, if a site with a 384Kbps Fractional DS1 connection to the Internet suddenly has more users to support, the service can be increased to 512 Kbps or even 1.536 Mbps with minimal effort.

Recommended Customer Network Equipment 

Regardless of the data transport service ordered, customers must ensure the network equipment they are using conforms to industry standards. NetStar Technologies has tested and approved the standards compliant CSU/DSUs and routers from the following vendors: 

• ADC Kentrox 
• Adtran 
• Cisco Systems 
• Lucent Technologies
• Paradyne

Recommended Routing Protocol

NetStar Technologies recommends that Dedicated Internet Access customers set up a static default route in their router that points to the appropriate router of the port provider. A static route helps avoid the problems associated with dynamic routing protocol interactions. If static routes are not appropriate for your situation (i.e., you have multiple, diverse links to the Internet), NetStar Technologies will be happy to discuss a more suitable choice with your local network administrator. Please contact your Internet Application Manager with such concerns. 

Section 3 - Address and Domain Name Registration

• Why Must I Register My Address and Domain Name? 
• How Do I Register My Address? 
• How Long Will Internet Address Registration Take? 
• No Previously Assigned Internet IP Address 
• Previously Assigned Internet Address to be Transferred to the Port Provider 
• Previously assigned Address to be Replaced by a Port Provider Allocated Address 
• How Do I Register My Domain Name? 
• What If I Already Have a Registered Domain Name? 

All Internet IP addresses and Domain Names must be registered to ensure that there are no duplications. If duplications were to occur, there would be a great deal of confusion and inaccessibility due to incorrect host name/IP address mapping and routing errors. Such problems could be extreme and affect many Internet users. 

To avoid this, the Internet Addressing and Numbering Authority (IANA) was established. The IANA has chosen the InterNIC as its service provider, who in turn has contracted with Network Solutions Inc. (NSI) to perform the tasks associated with address and name registration. While this may seem somewhat confusing, the processes are fairly straightforward. 

How Do I Register My Address?

To receive an InterNIC allocated or registered IP address, the policies of the InterNIC must be followed. NetStar Technologies will be happy to assist dedicated access customers with this process. Appendix A includes a survey to be completed by your network administrator so the appropriate information can be passed to the InterNIC in the correct format. 

How Long Will Internet Address Registration Take?

The length of time required to obtain a InterNIC allocated address depends your specific circumstances. Below are the most common scenarios and their corresponding time lines. It should be noted that the re-addressing of the local network cannot begin until the Internet address assignment process is completed by the InterNIC. 

No Previously Assigned Internet IP Address

NetStar Technologies should be able to allocate an IP address within two weeks. If your addressing requirements are very large or unique, addresses may have to be obtained directly from the InterNIC. This process could take eight weeks depending on how busy the InterNIC is at the time. 

Previously Assigned Internet Address to be "transferred" to the Port Provider

If a dedicated access customer has been allocated an Internet IP address block by another Internet Service Provider (ISP), agreement with the ISP must be reached as to whether the addresses can be transferred. The advantage of transferring IP addresses is that the customer will not have to re-number all hosts on their local network. In order to begin the transfer process, written permission must be obtained by the customer from their previous ISP. These transfers may take up to 8 weeks. 

Previously Assigned Address to be replaced by a Port Provider Allocated Address

Dedicated access customers who have IP addresses from another ISP will be allocated an IP address from the Port Provider's IP address block upon request. NetStar Technologies should be able to allocate an IP address within two weeks. If your addressing requirements are very large or unique, they may have to be obtained directly from the InterNIC. This process could take eight weeks depending on how busy the InterNIC is at the time.

How Do I Register My Domain Name?

NetStar Technologies will register domain names with the InterNIC on behalf of our dedicated access customers. Appendix A includes a survey to be completed by your network administrator so the correct information can be passed to the InterNIC in the appropriate format. 

There are a few important factors customers must know before they choose to register a domain. First, since domain names are typically provided on a first come, first served basis we cannot guarantee your desired domain name will be available. Second, those customers that choose to register a domain name zone must provide the following: 

• Primary DNS server for that zone. 
• One or more Secondary DNS servers for that zone. 

What If I Already Have A Registered Domain Name?

If you already have a registered domain name, the InterNIC must still be notified that you have changed Internet Service Providers. NetStar Technologies recommends that you complete the customer survey in Appendix A so we can assist you in updating the InterNIC's records. 

Table 1 - Domain Name Suffix Options
 

Section 4 - Dedicated Access Ordering and Timelines

For each installation, a Customer Service Activation appointment will be scheduled by the Dedicated Service Representative. The purpose of this appointment is to verify installation and to ensure the customer is able to properly exchange routing information. Please note that NetStar Technologies considers your site successfully connected to the Internet when routing information can be exchanged with your site and your site can reach remote sites on the Internet by IP address (not host name). 

If you are providing primary DNS and your site's Domain Name Service is not functioning at the time of the Service Activation appointment, but your site passes the Internet service installation verification tests, billing for the service will commence. If you are changing Internet Service Providers, we recommend you do not discontinue your current service until your site has passed the Internet service installation verification tests. Please notify the Dedicated Service Representative during your Service Activation appointment of your existing Internet connection. 

NetStar Technologies' configurations requiring only a new transport service are typically installed in 21 business days. Configurations requiring InterNIC domain name registration may take as long as 8 weeks or more depending on the domain involved. .COM is usually 2-3 weeks while .ORG or .EDU can take up to 8 weeks.

Section 5 - Internet Network Security

• Internet Network Security 
• Packet Filtering 
• Application Level Firewall 
• Authentication 
• One-Time Passwords 
• Dynamic Passwords 
• Encryption 
• Application Encryption 

Since the Internet is not owned or administered by any one entity, it is impossible to ensure the credibility or integrity of the millions of users. For this reason, NetStar Technologies has a strong concern that each customer understands they are responsible for implementing the level of security that is appropriate for their specific situation. 

Security implementations are unique - no one solution fits every situation. It is important to understand that security is inversely proportional to convenience; this means that the more levels of security a site implements, the less convenient it is for users. Just as there are many levels of security that can be implemented, there are many ways in which to implement these levels of security. Below is a description of a few of the most common Internet security implementation methods.

Packet Filtering

Packet filters are typically implemented on the routers connecting a site to the Internet. These filters are a set of criteria by which each IP packet that is sent or received from a particular interface is judged. If the packet meets the criteria, it will also decrease the number of sites that your users can access. 

Since each IP packet has a source and destination address, it is possible to narrow down the set of other Internet sites that can connect to your network; however, since most Internet applications require two-way transmission, such filtering will also decrease the number of sites that your users can access. 

Along with a source and destination address, IP packets utilizing TCP and UDP protocols also contain a destination port number. The port number determines what Internet service is being accessed by this packet. For example, an IP packet with TCP port number 25 is destined for the Sendmail port, the standard SMTP mail port on a UNIX machine. Many sites choose to develop a filter criteria based on the TCP port number and the structure of the packet itself. Such filtering is certainly more thorough than the simple source/address packet filter; however, it requires an in-depth understanding of TCP/IP. 

Finally, filters can be created based on the location of particular bits within each packet. Such filtering is quite valuable to those who have mastered the intricacies of TCP/IP. 

Application Level Firewall

An application level firewall is considered by many to be a more complete security mechanism than packet filtering because it is more configurable. Application level firewalls utilize a host that runs application proxy software, such as a telnet proxy. 

These proxies support more detailed filtering criteria like destination, user, time of day, etc. Application proxies also allow for hiding the true internal IP address of the user's workstation. This may be important for those sites that are extremely concerned about security. 

One concern with application level firewalls is their performance, since the associated proxying tasks require additional computing time. Another concern with application level firewalls is that each client and server involved in proxying must be configured to do so (a time-consuming effort). 

Authentication

For many organizations with Internet connectivity, authentication is one of the most important aspects of security. Employees frequently use the Internet for remote access to the corporate local network while at home or away on travel. For example, a traveling employee who has dial-up access to the Internet and needs to access information on an office workstation. In such situations, it is imperative that the authentication of the user attempting to gain access is verified. 

The problem with the scenario described above is that most sites authenticate users through the use of a login ID and a reusable password that is sent in clear text. There exists a possibility that when the employee attempts to access the office network through the Internet from home, a malicious person could tap the employee's home telephone line and record the entire remote login session. With this information, the malicious person could impersonate a legitimate user and gain access to the company resources, probably without being detected. For this reason, better authentication methods have been developed; a few are described below. 

One-Time Passwords

The philosophy of one-time passwords is that it does not matter if both the login ID and password were "sniffed" since the password is valid only for one remote login session. One-time password authentication schemes require both the user and corporate systems is set-up to use a login ID and a one-time password. The one-time password is usually composed of a secret and a calculated portion. Both the user and the system must know which password is expected each time a remote login occurs. 

Since it is unrealistic for a user to memorize each of the successive calculated portions of the passwords, systems have been developed that precalculate the calculated portions of the passwords. These can be printed on a small sheet of paper which can be tucked into the user's wallet or purse. If this paper is stolen, it is not enough information by itself for an unauthorized user to gain access to the corporate system. The user's name, login ID and secret portion of the one-time password should NOT be written on this or any other paper. 

Software versions of one-time password schemes can be installed on portable computers so that the paper is not necessary. This assumes the user will only use that portable computer to gain remote access to the company. There are also electronic pocket calculator-like password generators that eliminate the need for the paper listing of one-time passwords. With these calculators, the user enters a secret password that is then used to calculate the one-time password. Again, the secret password, user name and login ID should not be written on the calculator. s/Key is one of the most commonly used one-time password schemes and is available free of charge on the World Wide Web.

Dynamic Passwords

Dynamic password authentication schemes are similar to one-time password schemes in that if the login ID and dynamic password are sniffed, there would not be enough information to obtain unauthorized reentry. Dynamic passwords rely on the use of a token card. The token card continuously generates dynamic passwords that are displayed on an LCD screen. The dynamic password alone is not enough information for an unauthorized user to gain access to the local resources. The process requires the user to first enter a login ID, followed by a secret password, followed by the dynamic password displayed on the token card at that instant in time. Once again, the user's name, login ID, and secret password should NOT be written on the token card. 

The most popular dynamic password implementation to date is Security Dynamics' SecureID token card system. This system is not free of charge, but does provide for more convenient and highly improved authentication than that of the traditional login ID and reusable, clear text password authentication method. 

Encryption

Encryption is a more intensive security mechanism than those described above. Encryption simply refers to the manipulation of a message resulting in a new message that is meaningless to anyone who does not know how to re-manipulate it to its original form. This manipulation of messages is called cryptography. 

There are two types of cryptography: symmetric and asymmetric. The most popular implementation of symmetric cryptography is the Data Encryption Standard (DES). In DES the manipulation of the message is done with a private key that is known only to those parties that need to manipulate the message. 

One of the major drawbacks of symmetric cryptography is that private keys must be communicated prior to the data exchange and are vulnerable to being accessed by unauthorized users at this point. This may sound trivial, but in today's world of electronic information exchange, ensuring that a key is not compromised in transmission is very difficult. Even utilizing non-electronic systems, such as the US Postal Service does not ensure that during transit unauthorized eyes have not seen the key. 

An advantage of symmetric cryptography is the technology is available in hardware implementations. This makes the entire process of encrypting and decrypting messages much faster than cryptography systems that are implemented in software. 

Asymmetric or "public key" cryptography systems operate with both a private and a public key. Messages are encrypted with the sender's private key, and decrypted with the sender's public key. Since each public key decrypts only one private key, the receiver can be certain that the message was generated by the holder of the private key. 

Public key cryptography can also be utilized to ensure that only the intended recipient can decrypt the message by first encrypting the message with the recipient's public key. Since only the recipient holds the corresponding private key, only the recipient will be able to decrypt and read the message. 

Public key cryptography was made feasible by the mathematical algorithm invented by three people: Rivest, Shamir, and Adleman. Their initials make up the most commonly used public key cryptographic implementation, RSA. 

Public key systems do not require the sharing of a private key with others. A person's public key can be published or sent directly to those with whom that person wishes to share secure data. For this reason, as well as the fact that public key cryptography is considered by many to be more robust than symmetric cryptography, public key systems are becoming more and more popular. 

In Conclusion

Many organizations find it appropriate to implement security at many levels: the network level, the host level, and the application level. It is important to fully understand the consequences of implementing and not implementing security in your network. 

Product names mentioned herein may be service marks, trademarks, or registered trademarks of their respective companies. 

Appendix A - Address and Domain Registration Survey

General Site Information:

• What date is your dedicated Internet connection expected to become operational? 
• What is the complete name and mailing address of your organization? 
• Briefly describe the focus of your organization (2-3 sentences). 
• Who is the administrative contact for Internet registrations at your site? (This person will be contacted for service and billing issues.) 
• What is the mailing address, business telephone number, and e-mail address of the administrative contact at your site? 
• Who is the technical contact for Internet issues at your site? (This person will be contacted in the event that technical problems arise.) Contact information should include pager number and after hours number. 
• What is the mailing address, business telephone number, and e-mail address of the technical contact at your site? 
• Who is the billing contact at your site? (This person will be contacted for invoice and fee payment issues.) 
• What is the mailing address, business telephone number, and e-mail address of the billing contact at your site? 
• Would you like the InterNIC to bill your site via e-mail or US Postal Service? 
• Who is your designated Global Service Provider for Internet services? (NetStar Technologies will provide you with a list of Global Service Provider options.) 
• What is your site's existing IP address, including subnet mask? (If you are waiting for NetStar Technologies to provide you with an IP address, simply enter "TBD.") 
• Who provided your site with the existing IP address? (Choices are: InterNIC, other service provider [indicate which], private address.) 

• How many buildings compose your existing network? 
• How many subnets are on your existing network? 
• How many subnets do you expect to have on your network in the next three months? One year? Two years? Five years? 
• How many hosts are on your entire existing network? 
• How many hosts do you expect to have on your entire network in the next three months? One year? Two years? Five years? 
• Are you aware that your addressing requires an InterNIC allocated address? 

• Would you like to register a Zone (such as netstartechnologies.net) or Individual Hosts (such as customer-machine1.netstartechnologies.net)? 
• What Domain Name suffix would you like? (.COM, .GOV, .MIL, .ORG, .INT, .NET, .EDU, <COMPANY>.CITY.STATE.US, <COMPANY>.SBIS.net). 
• NOTE: See Table 1 for details of applicability of suffixes. 
• What is the complete (fully qualified domain name) requested? (Example: netstartechnologies.net.) 
• What is the Internet IP address of the primary domain name server for this zone? 
• What is the Internet IP address of the secondary domain name server for this zone? (If you would like port provider to provide this service, indicate "Port Provider-Secondary.") 

Appendix B - Implementation Checklist

Hardware

• Is your CSU/DSU configured, installed, and ready for connection to your transport service? 
• Is your router configured and tested? 
• Unless otherwise negotiated, have you installed a static default route on your router that points to the Port Provider's router? 
• Are all servers required to support your Internet tools/applications configured, installed and tested? (including DNS, e-mail, Usenet news, WWW and firewall security) 
• Do you have all the correct cables (including male-female connectors) to connect the hardware together? 
• Is your inside wiring complete? 
• Is your LAN operational? 
• Do you have backup power for your hosts and network equipment? 

Software Applications

• Have you set up your Domain Name Service (DNS) server? 
• Have you configured your DNS so that your Port Provider is providing secondary DNS service for your site? 
• Have you set up your e-mail server? 
• Have you set up your Usenet news server? 
• If you are planning a Web site, have you set up a World Wide Web server? 
• Have you implemented the appropriate level of security? 

• Do all your hosts have a TCP/IP protocol stack installed or have access to this function via a gateway? 
• Do you have a mail package on each local host? 
• Do you have a Web browser on each local host? Does your Web browser include a news reader? 
• Have you updated all host IP addresses as required? 
• Have you installed a default route on your local hosts that points to your Internet gateway router? 

Address and Domain Name Registration

• Have you gotten your IP address assignments from NetStar Technologies? 
• Have you programmed all network components with the appropriate assigned IP addresses? 
• Have you submitted the completed Customer Survey (Appendix A) to NetStar Technologies and received verification of either your new domain name or your changes? 

Data Transport Service

• Did you remember to document your circuit number? 
• Have you configured your router and CSU/DSU for the appropriate line speed? 
• Did you remember to configure your CSU/DSU for network/external clock? 
• Have you ensured that all cable lengths meet the specified distance limitation? 

Frame Relay Connections
• Have you selected the appropriate framing and coding types for your CSU/DSU? (Typically Extended SuperFrame and B8ZS Coding for DS1s.) 
• Did you remember to configure your DLCIs? (Unless done automatically.) 

SMDS Connections
• Did you remember to document your SMDS addresses? 
• Have you selected the appropriate framing and coding types for your CSU/DSU (Typically Extended SuperFrame and B8ZS Coding.) 
• Have you informed NetStar Technologies of your SMDS Group specifications? 
• Have you configured your router for SMDS, including address mapping protocols? 

Appendix C - Helpful Resources

Internet Engineering Task Force Requests For Comments

The following documents are RFCs that are documents defining defacto standards for the Internet. They are available from various sources, including the Internet at: ftp://rs.internic.net

 

RFC #	TITLE
791	Internet Protocol
793	Transmission Control Protocol
904	Exterior Gateway Protocol Formal Specification
920	Domain Requirements
974	Mail Routing and the Domain System
1009	Requirements for Internet Gateways
1055	Transmission of IP over Serial Lines
1157	A Simple Network Management Protocol (SNMP)
1209	The Transmission of IP Datagrams over the SMDS Service
1213	Management Information Base for Network Management of TCP/IP Based Internets: MIB II
1281	Guidelines for the Secure Operation of the Internet
1332	Point-to-Point Protocol Control Protocol
1334	Point-to-Point Protocol Authentication
1403	BGP-OSPF Interaction
1459	Internet Relay Chat Protocol
1466	Guidelines for Management of IP Address Space
1467	Status of CIDR Deployment in the Internet
1477	IDPR as a Proposed Standard
1478	An Architecture for Inter-Domain Policy Routing
1492	An Access Control Protocol, Sometimes Called TACACS
1518	An Architecture for IP Address Allocation with CIDR
1519	Classless Inter-Domain Routing (CIDR): an Address Assignment and Aggregation Strategy
1520	Exchanging Routing Information Across Provider Boundaries in the CIDR Environment
1531	Dynamic Host Configuration Protocol

Glossary of Acronyms

 

bps	bits per second
B8ZS	Binary 8 Zero Substitution
CIDR	Classless Inter-Domain Routing
CSU	Channel Service Unit
DES	Data Encryption Standard
DNS	Domain Name Service
DSU	Data Service Unit
FTP	File Transfer Protocol
GUI	Graphical User Interface
HTML	HyperText Markup Language
HTTP	HyperText Transfer Protocol
IANA	Internet Addressing and Numbering Authority
INN	InterNetNews
IP	Internet Protocol
LCD	Liquid Crystal Display
MX	Mail eXchange
NAP	Network Access Point
NIC	Network Interface Card
NSI	Network Solutions Inc.
RAM	Random Access Memory
RFC	Request for Comment
RIP	Routing Information Protocol
RSA	Rivest, Shamir, Adleman
SHTTP	Secure HyperText Transfer Protocol
SMDS	Switched Multimegabit Data Service
SMTP	Simple Mail Transfer Protocol
SSL	Secure Sockets Layer
TCP	Transmission Control Protocol
UDP	User Datagram Protocol
WWW	World Wide Web