NOSCINST 5239.1A
913/TBW:sks
20 September 1991
NOSC INSTRUCTION 5239.1A
From: Commander, Naval Ocean Systems Center
To: All Codes
Subj: POLICY ON NETWORK MANAGEMENT AND SECURITY FOR THE GCB
Ref: (a) OPNAVINST 5239.1A, Department of the Navy Automatic Data Processing
Security Program
(b) NOSCINST 5500.1A, Security Manual
(c) OPNAVINST 5510.1H, Department of the Navy Information and Personnel
Security Program Regulation
Encl: (1) Sample Network Security Officer (NSO) Memorandum
1. Purpose. To establish NOSC policies and procedures governing generalized
communications backbone (GCB) security and configuration management, and to
assign responsibility for GCB operations.
2. Cancellation. NOSCINST 5239.1.
3. Scope. The provisions of this instruction apply to any communications
equipment (Government-owned, leased, or contractor furnished) connected to the
GCB.
4. Background. The GCB network consisting of fiber optics, broadband
coaxial, baseband coaxial, and twisted pair cable provides interconnectivity
capabilities for all NOSC computing resources. Use of the GCB is encouraged
for all legitimate tasks in support of the NOSC mission. References (a)
through (c) provide network security policy for the NOSC GCB.
5. Policy
a. The GCB local area network shall be centrally managed and maintained
by the Networking and Communications Branch, Code 913, Network Control Center
(NCC).
b. The acquisition of GCB equipment and any interfaces shall be coordi-
nated and planned by the NCC to ensure compatibility and to avoid duplication
of effort. Users shall not alter the network before notifying the NCC.
c. Use of the GCB shall conform to applicable Navy directives regarding
network security. Accreditation to operate this network will be obtained from
the NOSC Automation Data Processing Security Officer (ADPSO) as required by
reference (b).
d. Failure to notify the NCC before altering the configuration of the
GCB, or disconnecting and connecting users, may result in a disconnection and
require reaccreditation of the system(s) involved.
NOSCINST 5239.1A
20 September 1991
6. Responsibilities
a. Code 90. The Head, Engineering and Computer Sciences Department, Code
90, is responsible to the Technical Director, Code 01, for the management and
development of the GCB.
b. Code 91. The Head, Computer Sciences and Resources Division, Code 91,
is responsible for ensuring that the provisions of this instruction are
implemented.
c. Code 913. The Head, Networking and Communications Branch, Code 913,
is the GCB Network Security Officer (NSO) and is responsible for procurement,
administration of the NCC, and technical management of the GCB. The GCB NSO
is responsible to the NOSC ADPSO for the applicable network security require-
ments stipulated in references (a) and (b). All procurement of equipment
which will be directly connected to send or receive signals over the GCB must
be approved by the NSO through the Information Resources Management (IRM)
Focal Point Office, Code 9103.
d. Network Control Center (NCC). The NCC is responsible for:
(1) The location, maintenance, repair, and installation of Sytek
20/100 Packet communication units (t-boxes).
(2) Installation of any compatible direct interface device to the GCB
and any subnetwork generated by these devices.
(3) Allocation of channel frequencies.
(4) Repair, maintenance, and improvements to the GCB.
(5) Resolution of network malfunction and user problems.
(6) Registration of all network interface devices and system connec-
tions through the NSO and Division ADP System Security Officers (DADPSSO's).
(7) Responding to new GCB service requirements and installation
requests.
(8) Allocation of station-owned fiber optic cable pairs.
(9) Management of network devices connected to the GCB.
e. Division ADP System Security Officer (DADPSSO). It is the responsi-
bility of each NOSC DADPSSO to support the NSO in identifying and obtaining
accreditation for all systems in their division with a point of entry to the
GCB. The DADPSSO will notify the NSO by memorandum (see enclosure (1)) of all
GCB connections through interface devices such as bridges, terminals, PC's,
dial-up devices, routers, repeaters, work stations, and multiplexors. GCB
equipment under custody of the NSO will be accredited through the Code 91
DADPSSO.
f. GCB Users. It is the user's responsibility to:
(1) Report any problem with the GCB to the NCC at ext. 32770.
2
NOSCINST 5239.1A
20 September 1991
(2) Notify the NCC of service requirements and installation requests.
(3) Not alter parameters, locations, or connections of any GCB
equipment.
(4) Notify, via memorandum, and obtain approval from the NSO for all
equipment that will be connected to the GCB. This includes but is not limited
to ethernet fiber cable, optical fiber cable, and video equipment.
(5) Notify the NCC of appropriate network addresses for all devices
connected to the GCB.
(6) Check with the DADPSSO, before GCB connection, to confirm that the
system is properly accredited.
(7) Notify the NOSC ADPSO and the GCB NSO of all network security
incidents.
7. Directive Responsibility. The Head, Computer Sciences and Resources Divi-
sion, Code 91, is responsible for keeping this instruction current.
/s/J. D. FONTANA
Distribution:
C
3
NOSCINST 5239.1A
20 September 1991
4
NOSCINST 5239.1A
20 September 1991
SAMPLE NETWORK SECURITY OFFICER (NSO) MEMORANDUM
MEMORANDUM
From: Code (DIVISION ADPSSO)
To: Code 913, Network Security Officer
Subj: GCB CONNECTION(S)
Ref: (a) NOSCINST 5239.1A, Policy on network management and security for
the GCB
1. The following is a list of accredited systems in Code with
points of entry to the GCB.
Device directly connected to the GCB, i.e., bridge, multiplexor/location:
Equipment Ethernet/Internet
User Name Code Bldg./Rm. Connected Address
Enclosure (1)