Since November 2019, the managed LAN service is the on-ramp to the network for PCs, printers, servers and similar devices in user locations statewide. This service includes wired and wireless connectivity from each end-station, through a shared Local Area Network infrastructure, to the Managed wide area network backbone and the internet. The service is sold in blocks of eight switch ports. Depending on the number of closets and the number of connections needed in each, OTS will determine how many eight-port switch blocks must be deployed. Connectivity from the site to the OTS network and the Internet is purchased separately (see Regional Ethernet and IWAY).
Wireless LAN access is included in the Managed LAN rate. The service is designed for building residents and guests and requires authentication for state users and identification/validation for guests. OTS will not provide "open" wireless access for the general public.
The following wireless networks are available at all Managed LAN sites:
- LASG_WIRELESS* – Provides access to private agency resources. Only accessible to State PCs with an appropriate certificate installed and users with specific permissions.
- Guest_Portal – Provides Internet access to any device that is capable of registering through a web portal. Intended for general guest access (such as a vendor or outside presenter) and will allow a maximum of 10 hours access per registration.
- LASG_VIP_GUEST – Provides persistent Internet access to devices that are capable of installing a pushed certificate and which allow direct user authentication. The one-time onboarding process is done through a web browser and requires a State user account. Once complete, the device will automatically connect to the LASG_VIP_GUEST network and authenticate silently. Intended for State employees’ legacy and personal devices.
*Note: State issued devices that are configured to use the LASG_WIRELESS internal network will not be allowed to connect through Guest_Portal or LASG_VIP_GUEST for security reasons.
Supplemental Service Offerings
Virtual Private Network (VPN)
- Provides secure, encrypted remote access to internal data center resources from remote locations.
- Available for authorized individuals (clients) and for always-on connectivity to third party sites (tunnels).
- Contact the OTS Network Security team for more information.
Hospitality Access Point
- Alternative to VPN that provides secure remote network connectivity through a portable hardware device called a Hospitality Access Point.
- H-AP may be used by teleworkers, mobile employees, and very small offices whose workstations are managed by OTS.
- Provides a scaled-down version of the standard secure OTS remote office network solution. The H-AP device plugs into an existing Internet-connected network or may optionally be equipped with an LTE SIM card or other dedicated Internet connection (additional fees apply) for access back to the OTS network and to the Internet. The HAP extends the OTS secure enterprise wireless solution to the small office or home office and provides limited wired Ethernet connectivity, supporting up to six total devices in one subnet.
- HVS phones are not currently supported due to the single subnet restriction. The HVS Communicator soft client is supported, with the exception of E911 service as location data cannot be accurately relayed.
- Contact the DCO Network management team for more information.
Who Can Use This?
Customers may only utilize Managed LAN and the supplemental services described below if OTS fully manages their IT infrastructure.
|Managed LAN (MLAN)
|8 LAN ports + 2 wireless access points
|Hospitality Access Point (H-AP)
|1 H-AP device
|Virtual Private Network (VPN)
|User access or L2L tunnel
How to Order
To expand existing MLAN service and/or add H-AP service a TC may email a request to the OTS Service Desk. Include the address, a brief description of the need, and contact info for the most knowledgeable agency resource. A ticket will automatically be created, and the OTS Service Desk will assign the request to the Edge Network team.
To initiate a request for new service at a location not currently billed for MLAN, a knowledgeable agency resource should submit a Network Project Request (NS-16) via the OTS service desk. An approval request will be forwarded to the TC(s) for the agency/section/office listed in the request. Upon approval, the service request ticket and various tasks will be assigned to appropriate OTS teams based on the selections made in the request. The process of establishing new network service at a site involves several OTS teams and vendors. Network Project Requests must be submitted at least 60 days prior to the date service is needed.