Operations
Roles and Responsibilities
Onboarding
MFW-V Installation
| Activity | Equinix | Customer |
|---|---|---|
| Virtual Machine resources (compute, storage and networking) for the virtual firewall on MPC | RA | I |
| Virtual Firewall appliance software, licenses and support | RA | I |
| Equinix management environment for firewall management including Self-Service & Analyzing portal | RA | I |
MFW-P Installation
| Activity | Equinix | Customer |
|---|---|---|
| Provide power and rackspace for the Physical Firewalls (Customer Licensed Space), Rack Firewalls and cabling, Provide cross-connects, etc. | CI | RA |
| Provide power and rackspace for the Physical Firewalls (EMS Licensed Space), Rack Firewalls and cabling, Provide cross-connects, etc. | RA | I |
| Provide firewall appliances including software and licenses | RA | I |
| Equinix management environment for firewall management including Self-Service & Analyzing portal | RA | I |
MFW-V & MFW-P Configuration
| Activity | Equinix | Customer |
|---|---|---|
| Firewall-appliance basic configuration, Network interfaces, network settings and hardening | RA | I |
| Set up firewall monitoring and logging to Analyzer-Portal | RA | I |
| Setup customer accounts on portal for access to logging, reporting and self-service | RA | CI |
| Defining initial firewall rule-set | CI | RA |
| Loading initial firewall rule-set trough Self-Service | CI | RA |
| Loading initial firewall rule-set trough Service Request | RA | CI |
Acceptance Into Service
| Activity | Equinix | Customer |
|---|---|---|
| Testing the configuration and failover as part of operational management | RA | CI |
| Functional testing | CI | RA |
Operational
| Activity | Equinix | Customer |
|---|---|---|
| Service desk | RA | CI |
| Maintenance of the firewall-appliance (hardware/software break & fix, software updates, security patches) | RA | I |
| 24x7 monitoring of the virtual firewall (health checks) | RA | I |
| Back-up and management of log files and rule base | RA | I |
| Submitting Service Request via the Portal | CI | RA |
| Implementation of Changes in accordance with change process based on Service Requests | RA | CI |
| Interpretation of security events | RA |
Important: The customer is responsible for the firewall rule-sets and policies, optional VPN connection configuration and server load balancing configurations. Equinix implements changes only based on customer's instructions.
Reporting and Management
Reporting & Analyzing
The customer can view and save reports on network traffic and security events via the portal. The Self-Service Portal offers a customizable, interactive dashboard which helps to quickly identify problems with intuitive graphs (see example in figure) of network traffic, threats, applications and more. It is a comprehensive monitoring system that integrates real-time and historical data into one overview.
Custom data reports can be generated using more than 70 built-in templates and more than 2000+ combined ready-to-use datasets, charts and macros for analysis of anomaly detection, threat assessments, etc. These can be run directly (on-demand) or scheduled (scheduled) with optional automatic e-mail notifications. The format of the reports is flexible with a choice of PDF, HTML, CSV and XML and JSON.
Security Events
The customer’s security teams can monitor and manage alerts and event logs from the firewall, with events processed and correlated in a format that analysts can easily understand.
Service Availability
The following service availability apply for the different Service Options.
| Service Option | Availability |
|---|---|
| MFW-V and MFW-P1 standard service | 99.9% |
| MFW-V and MFW-P1 Stretched deployment option | 99.95% |
Note: For MFW-P, the availability depends on the design of the customer-specific network and connectivity between the IBX data centers.
See Managed Solutions Product Policies on how to calculate SLAs and what exclusions are applicable if physical equipment is placed in a customer licensed IBX space.