Support & Maintenance Solutions

The following table outlines support and maintenance solutions for the N.C. Department of Information Technology's distributed hosting service.

ServiceDetails
Hardware support and maintenance
  • NCDIT engineers install and set up all server hardware in accordance with industry best practices. Together with hardware operating system vendors, we apply system firmware patches in accordance with state policies and standards.
  • NCDIT repairs or replaces hardware components that are under warranty or appear to potentially disrupt system operation.
Operating system support and maintenanceNCDIT engineers, in conjunction with operating system vendors, apply patches to operating systems in accordance with state policies and standards.
Performance and system monitoring
  • NCDIT monitors several key functions for all servers on Windows, Linux, AIX and Solaris platforms
  • Processes and log files can be monitored as requested.
  • NCDIT monitors several key functions for the server farm network.
  • Standard fault, configuration, performance and security management monitoring includes:
    • Fault detection with incident ticket creation and notifications sent to operational personnel
    • Archiving device configurations and ensuring security policies are enforced in the configuration
    • Collecting and reporting on performance metrics
    • Syslog collection, storage and analysis
    • Device authentication, authorization and accounting
Security, vulnerability and scanning
  • OS logs are configured to be sent to NCDIT’s SIEM.
  • Windows and Linux operating systems, where standardization is possible, are configuration hardened per Statewide Information Security Manual requirements following DISA STIG as the main template as part of establishing a readily deployable baseline. Customers should indicate during provisioning, or before, that additional regulatory requirements must be met, whereby additional applicable configuration checks and hardening will then be done.
  • Regular internal and external scans, as per Statewide Information Security Manual requirements, of IP addresses under the state of North Carolina's control:
    • NCDIT takes every precaution to protect the network infrastructure and the machines scanned.
    • Regular scans are tuned to ensure minimum impact. Deeper scans with additional checks are available on request or if the customer indicates additional regulatory requirements must be met.
    • NCDIT makes no representation or warranty that vulnerability scans will disclose all vulnerabilities. Customers will be responsible for scheduling third-party assessments and penetration tests to meet State and/or regulatory requirements as applicable to the application(s) and data.
  • Monthly executive level report, at minimum, of the scanning results is provided to the customer’s agency Security Liaison and whomever they designate.
  • Detailed scanning results are available via a web interface to the customer’s agency Security Liaison and whomever they designate to have access. This includes custom dashboards that assist in meeting Statewide Information Security Manual requirements and assists in distinguishing what is the customer responsibility vs our responsibility.
  • Consultation on findings and mitigations
  • Tracking findings according to classification and status
Off