NOSCINST 5239.1A 913/TBW:sks 20 September 1991 NOSC INSTRUCTION 5239.1A From: Commander, Naval Ocean Systems Center To: All Codes Subj: POLICY ON NETWORK MANAGEMENT AND SECURITY FOR THE GCB Ref: (a) OPNAVINST 5239.1A, Department of the Navy Automatic Data Processing Security Program (b) NOSCINST 5500.1A, Security Manual (c) OPNAVINST 5510.1H, Department of the Navy Information and Personnel Security Program Regulation Encl: (1) Sample Network Security Officer (NSO) Memorandum 1. Purpose. To establish NOSC policies and procedures governing generalized communications backbone (GCB) security and configuration management, and to assign responsibility for GCB operations. 2. Cancellation. NOSCINST 5239.1. 3. Scope. The provisions of this instruction apply to any communications equipment (Government-owned, leased, or contractor furnished) connected to the GCB. 4. Background. The GCB network consisting of fiber optics, broadband coaxial, baseband coaxial, and twisted pair cable provides interconnectivity capabilities for all NOSC computing resources. Use of the GCB is encouraged for all legitimate tasks in support of the NOSC mission. References (a) through (c) provide network security policy for the NOSC GCB. 5. Policy a. The GCB local area network shall be centrally managed and maintained by the Networking and Communications Branch, Code 913, Network Control Center (NCC). b. The acquisition of GCB equipment and any interfaces shall be coordi- nated and planned by the NCC to ensure compatibility and to avoid duplication of effort. Users shall not alter the network before notifying the NCC. c. Use of the GCB shall conform to applicable Navy directives regarding network security. Accreditation to operate this network will be obtained from the NOSC Automation Data Processing Security Officer (ADPSO) as required by reference (b). d. Failure to notify the NCC before altering the configuration of the GCB, or disconnecting and connecting users, may result in a disconnection and require reaccreditation of the system(s) involved. NOSCINST 5239.1A 20 September 1991 6. Responsibilities a. Code 90. The Head, Engineering and Computer Sciences Department, Code 90, is responsible to the Technical Director, Code 01, for the management and development of the GCB. b. Code 91. The Head, Computer Sciences and Resources Division, Code 91, is responsible for ensuring that the provisions of this instruction are implemented. c. Code 913. The Head, Networking and Communications Branch, Code 913, is the GCB Network Security Officer (NSO) and is responsible for procurement, administration of the NCC, and technical management of the GCB. The GCB NSO is responsible to the NOSC ADPSO for the applicable network security require- ments stipulated in references (a) and (b). All procurement of equipment which will be directly connected to send or receive signals over the GCB must be approved by the NSO through the Information Resources Management (IRM) Focal Point Office, Code 9103. d. Network Control Center (NCC). The NCC is responsible for: (1) The location, maintenance, repair, and installation of Sytek 20/100 Packet communication units (t-boxes). (2) Installation of any compatible direct interface device to the GCB and any subnetwork generated by these devices. (3) Allocation of channel frequencies. (4) Repair, maintenance, and improvements to the GCB. (5) Resolution of network malfunction and user problems. (6) Registration of all network interface devices and system connec- tions through the NSO and Division ADP System Security Officers (DADPSSO's). (7) Responding to new GCB service requirements and installation requests. (8) Allocation of station-owned fiber optic cable pairs. (9) Management of network devices connected to the GCB. e. Division ADP System Security Officer (DADPSSO). It is the responsi- bility of each NOSC DADPSSO to support the NSO in identifying and obtaining accreditation for all systems in their division with a point of entry to the GCB. The DADPSSO will notify the NSO by memorandum (see enclosure (1)) of all GCB connections through interface devices such as bridges, terminals, PC's, dial-up devices, routers, repeaters, work stations, and multiplexors. GCB equipment under custody of the NSO will be accredited through the Code 91 DADPSSO. f. GCB Users. It is the user's responsibility to: (1) Report any problem with the GCB to the NCC at ext. 32770. 2 NOSCINST 5239.1A 20 September 1991 (2) Notify the NCC of service requirements and installation requests. (3) Not alter parameters, locations, or connections of any GCB equipment. (4) Notify, via memorandum, and obtain approval from the NSO for all equipment that will be connected to the GCB. This includes but is not limited to ethernet fiber cable, optical fiber cable, and video equipment. (5) Notify the NCC of appropriate network addresses for all devices connected to the GCB. (6) Check with the DADPSSO, before GCB connection, to confirm that the system is properly accredited. (7) Notify the NOSC ADPSO and the GCB NSO of all network security incidents. 7. Directive Responsibility. The Head, Computer Sciences and Resources Divi- sion, Code 91, is responsible for keeping this instruction current. /s/J. D. FONTANA Distribution: C 3 NOSCINST 5239.1A 20 September 1991 4 NOSCINST 5239.1A 20 September 1991 SAMPLE NETWORK SECURITY OFFICER (NSO) MEMORANDUM MEMORANDUM From: Code (DIVISION ADPSSO) To: Code 913, Network Security Officer Subj: GCB CONNECTION(S) Ref: (a) NOSCINST 5239.1A, Policy on network management and security for the GCB 1. The following is a list of accredited systems in Code with points of entry to the GCB. Device directly connected to the GCB, i.e., bridge, multiplexor/location: Equipment Ethernet/Internet User Name Code Bldg./Rm. Connected Address Enclosure (1)