DEPLOYMENT OF DATA AT REST (DAR) ENCRYPTION SOLUTION FOR U.S. NAVY NETWORKS AND ASSETS:
UNCLASSIFIED//
ATTENTION INVITED TO
ROUTINE
R 071633Z DEC 09
FM CNO WASHINGTON DC//N2N6//
TO NAVADMIN
CNO WASHINGTON DC//N2N6//
COMUSFLTFORCOM NORFOLK VA
COMUSNAVEUR NAPLES IT
COMPACFLT PEARL HARBOR HI
USNA ANNAPOLIS MD
COMUSNAVCENT BAHRAIN
COMNAVRESFORCOM NEW ORLEANS LA
COMNAVAIRSYSCOMPATUXENT RIVER MD
BUMED WASHINGTON DC
NETC PENSACOLA FL
COMNAVSEASYSCOM WASHINGTON DC
COMNAVSEASYSCOM WASHINGTON DC
COMNAVSUPSYSCOM MECHANICSBURG PA
DIRSSP WASHINGTON DC
CNIC WASHINGTON DC
PRESINSURV NORFOLK VA
COMNAVLEGSVCCOM WASHINGTON DC
NAVPGSCOL MONTEREY CA
COMNAVFACENGCOM WASHINGTON DC
COMNAVSAFECEN NORFOLK VA
BUPERS MILLINGTON TN
NAVWARCOL NEWPORT RI
ONI WASHINGTON DC
COMNAVSPECWARCOM CORONADO CA
COMSPAWARSYSCOM SAN DIEGO CA
COMNAVDIST WASHINGTON DC
NAVHISTCEN WASHINGTON DC
COMNAVNETWARCOM NORFOLK VA
DON CIO WASHINGTON DC
COMOPTEVFOR NORFOLK VA
DRPM NMCI ARLINGTON VA
INFO CMC WASHINGTON DC//C4//
COMMARCORSYSCOM QUANTICO VA
COMMARFOREUR
COMMARFORLANT
COMMARFORPAC
COMMARFORPAC
COMMARFORRES
COMMARFORSOUTH
CG MCCDC QUANTICO VA
PEO C4I SAN DIEGO CA
PEO EIS WASHINGTON DC
COMSPAWARSYSCOM SAN DIEGO CA
PMW 160 SAN DIEGO CA
BT
NAVADMIN 344/09//
MSGID/GENADMIN/CNO WASHINGTON DC/NOV 09//
SUBJ/DEPLOYMENT OF DATA AT REST (DAR) ENCRYPTION SOLUTION FOR U.S.
NAVY NETWORKS AND ASSETS//
REF/A/DOC/DOD MEMO/03JUL2007//
REF/B/MSG/DON CIO WASHINGTON DC/312021ZJAN09//
REF/C/MSG/CNO WASHINGTON DC/151831Z APR 09//
REF/D/TEST REPORT/SSC PACIFIC/30SEP08//
REF/E/DOC/DON CIO MEMO/18SEP09//
NARR/REF A IS DEPARTMENT OF DEFENSE (DOD) POLICY MEMO, ENCRYPTION OF
SENSITIVE UNCLASSIFIED DATA AT REST (DAR) ON MOBILE COMPUTING DEVICES
AND REMOVABLE STORAGE MEDIA USED WITHIN THE DOD. REF B IS DON CIO
ENTERPRISE DAR ENCRYPTION SOLUTION GUIDANCE. REF C IS CNO INTERIM
GUIDANCE. REF D IS COMPUTER NETWORK DEFENSE - AFLOAT DAR TEST REPORT
REF E IS DON CIO WAIVER TO USN TO EMPLOY NMCI DAR ENCRYPTION SOLUTION//
POC/EDWIN BERRIOS-ORTIZ/LT/OPNAV N6N1 (NETWORKS)/LOC: ARLINGTON
VA/EMAIL: EDWIN.BERRIOSORTIZ (AT) NAVY.MIL/TEL: 703-601-1284//
POC/SONYA SMITH/CIV/DON CIO/LOC:ARLINGTON VA/EMAIL:
SONYA.R.SMITH1(AT) NAVY.MIL/TEL: 703-604-7059//
RMKS/1. THIS IS A COORDINATED DON CIO AND OPNAV N2/N6 MESSAGE AND
SUPERSEDES REF C. THIS MESSAGE PROVIDES DAR ENCRYPTION IMPLEMENTATION
DIRECTION FOR ASSETS CONNECTED TO UNCLASSIFIED US NAVY ENTERPRISE,
LEGACY AND EXCEPTED NETWORKS. THIS INCLUDES DESKTOPS, LAPTOPS AND
BLACKBERRIES.
2. BACKGROUND: PER REF A, DEPARTMENT OF DEFENSE POLICY GUIDANCE
REQUIRES U.S. NAVY TO ENCRYPT ALL UNCLASSIFIED DATA AT REST THAT HAS
NOT BEEN APPROVED FOR PUBLIC RELEASE AND IS STORED ON MOBILE COMPUTING
DEVICES AND REMOVABLE STORAGE MEDIA. THIS DATA SHOULD BE TREATED AS
SENSITIVE AND ENCRYPTED USING COMMERCIALLY AVAILABLE TECHNOLOGY.
3. THE FOLLOWING DEFINITIONS APPLY:
CATEGORY I - NETWORKS/ASSETS THAT WILL ULTIMATELY CONSTITUTE THE NAVY
NETWORK ENVIRONMENT (NNE), SPECIFICALLY NMCI, ONE-NET, IT21/ISNS, CANES,
AND NGEN, AS WELL AS LEGACY NETWORKS/ASSETS THAT ARE TARGETED TO
MIGRATE TO THE EXISTING NMCI/NGEN/ONE-NET ENVIRONMENT BY FY 2011. THIS
ALSO INCLUDES SYSTEMS TRANSPORTED BY THE IT21/ISNS/CANES ENVIRONMENT
(E.G. SNAPS, NALCOMIS, NAVYCASH, NIAPS, NTCSS, ETC.) CATEGORY II -
EXCEPTED NETWORKS/ASSETS THAT ARE OR THAT WILL BE RE-HOMED BEHIND THE
NNWC CENTRALLY MANAGED EXCEPTED NETWORK IA/CND SUITES.
CATEGORY III - EXCEPTED NETWORKS/ASSETS NOT BEHIND THE NNWC CENTRALLY
MANAGED IA/CND SUITES (E.G. DREN, (DOT)EDU, AND GIG-WAIVERED
NETWORKS/ASSETS NOT CONNECTED TO DISN
INFRASTRUCTURE)
4. ACTION: THE FOLLOWING GUIDELINES ARE PROVIDED FOR NAVY WIDE DAR
ENCRYPTION DEPLOYMENT ON CATEGORY I/II/III NETWORKS/ASSETS/ SYSTEMS.
EACH WILL EMPLOY EITHER THE DAR ENCRYPTION MANAGEMENT SOLUTION
CURRENTLY EMPLOYED ON NMCI OR THE DAR ENCRYPTION SOLUTION ANNOUNCED AND
NEGOTIATED IN REF B. NO OTHER DAR ENCRYPTION SOLUTIONS ARE AUTHORIZED
FOR EMPLOYMENT ON NAVY NETWORKS.
A. CATEGORY I IMPLEMENTATION TO BE RESOURCED BY THE RESPECTIVE
PROGRAM MANAGEMENT OFFICE/PEO WITH TECHNICAL ASSISTANCE
FROM PMW160. PMW160 WILL ENSURE THE SOLUTION PROVIDER
SATISFIES INTEROPERABILITY REQUIREMENTS ACROSS ALL NETWORK
ENVIRONMENT DOMAINS.
B. CATEGORY II NETWORKS/ASSETS WILL RESOURCE THEIR RESPECTIVE
SOLUTION. IMPLEMENTATION WILL BE CONDUCTED BY PMW160 AND
NNWC. REQUEST PMW160 ASSIST IN THE DEVELOPMENT OF AN
EFFICIENT ARCHITECTURE AND DEPLOYMENT PROCESS TO LEVERAGE
EXISTING EXCEPTED NETWORK IA/CND SUITES. DETAILS REGARDING
IMPLEMENTATION WILL BE PROVIDED BY NNWC SEPCOR.
C. CATEGORY III NETWORKS/ASSETS WILL RESOURCE AND IMPLEMENT
THEIR RESPECTIVE SOLUTION. NNWC ODAA MUST APPROVE THE
SELECTED SOLUTION PRIOR TO IMPLEMENTATION.
5. OWNING ECHELON II COMMANDS WILL BE RESPONSIBLE FOR REPORTING DAR
ENCRYPTION INSTALLATION PROGRESS FOR ALL CATEGORY II AND III ASSETS
USING COMPUTER TASKING ORDER (CTO) REPORTING. REPORTING GUIDANCE WILL
BE PROVIDED BY NNWC SEPCOR.
6. EVERY NETWORK IMPLEMENTING DAR ENCRYPTION WILL ENSURE THAT 100% OF
ALL GOVERNMENT ASSETS WITH PERMANENT OR REMOVABLE MEDIA STORAGE
CAPABILITY, WHETHER OPERATED IN A DISCONNECTED OR CONNECTED NETWORK
MODE, ARE USING THE DAR ENCRYPTION SOLUTION.
ENTERPRISE-WIDE DEPLOYMENT OF THE DAR ENCRYPTION SOLUTION IS CRITICAL
TO THE PROTECTION OF PERSONALLY IDENTIFIABLE INFORMATION AND OTHER DON
SENSITIVE INFORMATION.
7. REQUEST WIDEST DISSEMINATION OF THIS MESSAGE.
8. RELEASED BY VADM DAVID J. DORSETT, N2/N6.//
BT
#3137
NNNN