DEPLOYMENT OF DATA AT REST (DAR) ENCRYPTION SOLUTION FOR U.S. NAVY NETWORKS AND ASSETS:

UNCLASSIFIED//
ATTENTION INVITED TO  
ROUTINE
R 071633Z DEC 09

FM CNO WASHINGTON DC//N2N6//
TO NAVADMIN
CNO WASHINGTON DC//N2N6//
COMUSFLTFORCOM NORFOLK VA
COMUSNAVEUR NAPLES IT
COMPACFLT PEARL HARBOR HI
USNA ANNAPOLIS MD
COMUSNAVCENT BAHRAIN
COMNAVRESFORCOM NEW ORLEANS LA
COMNAVAIRSYSCOMPATUXENT RIVER MD
BUMED WASHINGTON DC
NETC PENSACOLA FL
COMNAVSEASYSCOM WASHINGTON DC
COMNAVSEASYSCOM WASHINGTON DC
COMNAVSUPSYSCOM MECHANICSBURG PA
DIRSSP WASHINGTON DC
CNIC WASHINGTON DC
PRESINSURV NORFOLK VA
COMNAVLEGSVCCOM WASHINGTON DC
NAVPGSCOL MONTEREY CA
COMNAVFACENGCOM WASHINGTON DC
COMNAVSAFECEN NORFOLK VA
BUPERS MILLINGTON TN
NAVWARCOL NEWPORT RI
ONI WASHINGTON DC
COMNAVSPECWARCOM CORONADO CA
COMSPAWARSYSCOM SAN DIEGO CA
COMNAVDIST WASHINGTON DC
NAVHISTCEN WASHINGTON DC
COMNAVNETWARCOM NORFOLK VA
DON CIO WASHINGTON DC
COMOPTEVFOR NORFOLK VA
DRPM NMCI ARLINGTON VA
INFO CMC WASHINGTON DC//C4//
COMMARCORSYSCOM QUANTICO VA
COMMARFOREUR
COMMARFORLANT
COMMARFORPAC
COMMARFORPAC
COMMARFORRES
COMMARFORSOUTH
CG MCCDC QUANTICO VA
PEO C4I SAN DIEGO CA
PEO EIS WASHINGTON DC
COMSPAWARSYSCOM SAN DIEGO CA
PMW 160 SAN DIEGO CA
BT


NAVADMIN 344/09//

MSGID/GENADMIN/CNO WASHINGTON DC/NOV 09//

SUBJ/DEPLOYMENT OF DATA AT REST (DAR) ENCRYPTION SOLUTION FOR U.S.
NAVY NETWORKS AND ASSETS//

REF/A/DOC/DOD MEMO/03JUL2007//

REF/B/MSG/DON CIO WASHINGTON DC/312021ZJAN09//

REF/C/MSG/CNO WASHINGTON DC/151831Z APR 09//

REF/D/TEST REPORT/SSC PACIFIC/30SEP08//

REF/E/DOC/DON CIO MEMO/18SEP09//

NARR/REF A IS DEPARTMENT OF DEFENSE (DOD) POLICY MEMO, ENCRYPTION OF 
SENSITIVE UNCLASSIFIED DATA AT REST (DAR) ON MOBILE COMPUTING DEVICES 
AND REMOVABLE STORAGE MEDIA USED WITHIN THE DOD. REF B IS DON CIO 
ENTERPRISE DAR ENCRYPTION SOLUTION GUIDANCE. REF C IS CNO INTERIM 
GUIDANCE. REF D IS COMPUTER NETWORK DEFENSE - AFLOAT DAR TEST REPORT 
REF E IS DON CIO WAIVER TO USN TO EMPLOY NMCI DAR ENCRYPTION SOLUTION// 
POC/EDWIN BERRIOS-ORTIZ/LT/OPNAV N6N1 (NETWORKS)/LOC: ARLINGTON
VA/EMAIL: EDWIN.BERRIOSORTIZ (AT) NAVY.MIL/TEL: 703-601-1284// 
POC/SONYA SMITH/CIV/DON CIO/LOC:ARLINGTON VA/EMAIL:
SONYA.R.SMITH1(AT) NAVY.MIL/TEL: 703-604-7059//

RMKS/1. THIS IS A COORDINATED DON CIO AND OPNAV N2/N6 MESSAGE AND 
SUPERSEDES REF C. THIS MESSAGE PROVIDES DAR ENCRYPTION IMPLEMENTATION 
DIRECTION FOR ASSETS CONNECTED TO UNCLASSIFIED US NAVY ENTERPRISE, 
LEGACY AND EXCEPTED NETWORKS. THIS INCLUDES DESKTOPS, LAPTOPS AND 
BLACKBERRIES.

2. BACKGROUND: PER REF A, DEPARTMENT OF DEFENSE POLICY GUIDANCE 
REQUIRES U.S. NAVY TO ENCRYPT ALL UNCLASSIFIED DATA AT REST THAT HAS 
NOT BEEN APPROVED FOR PUBLIC RELEASE AND IS STORED ON MOBILE COMPUTING 
DEVICES AND REMOVABLE STORAGE MEDIA. THIS DATA SHOULD BE TREATED AS 
SENSITIVE AND ENCRYPTED USING COMMERCIALLY AVAILABLE TECHNOLOGY.

3. THE FOLLOWING DEFINITIONS APPLY:
CATEGORY I - NETWORKS/ASSETS THAT WILL ULTIMATELY CONSTITUTE THE NAVY 
NETWORK ENVIRONMENT (NNE), SPECIFICALLY NMCI, ONE-NET, IT21/ISNS, CANES, 
AND NGEN, AS WELL AS LEGACY NETWORKS/ASSETS THAT ARE TARGETED TO 
MIGRATE TO THE EXISTING NMCI/NGEN/ONE-NET ENVIRONMENT BY FY 2011.  THIS 
ALSO INCLUDES SYSTEMS TRANSPORTED BY THE IT21/ISNS/CANES ENVIRONMENT 
(E.G. SNAPS, NALCOMIS, NAVYCASH, NIAPS, NTCSS, ETC.) CATEGORY II - 
EXCEPTED NETWORKS/ASSETS THAT ARE OR THAT WILL BE RE-HOMED BEHIND THE 
NNWC CENTRALLY MANAGED EXCEPTED NETWORK IA/CND SUITES.
CATEGORY III - EXCEPTED NETWORKS/ASSETS NOT BEHIND THE NNWC CENTRALLY 
MANAGED IA/CND SUITES (E.G. DREN, (DOT)EDU, AND GIG-WAIVERED 
NETWORKS/ASSETS NOT CONNECTED TO DISN
INFRASTRUCTURE)

4. ACTION: THE FOLLOWING GUIDELINES ARE PROVIDED FOR NAVY WIDE DAR 
ENCRYPTION DEPLOYMENT ON CATEGORY I/II/III NETWORKS/ASSETS/ SYSTEMS. 
EACH WILL EMPLOY EITHER THE DAR ENCRYPTION MANAGEMENT SOLUTION 
CURRENTLY EMPLOYED ON NMCI OR THE DAR ENCRYPTION SOLUTION ANNOUNCED AND 
NEGOTIATED IN REF B. NO OTHER DAR ENCRYPTION SOLUTIONS ARE AUTHORIZED 
FOR EMPLOYMENT ON NAVY NETWORKS.
A. CATEGORY I IMPLEMENTATION TO BE RESOURCED BY THE RESPECTIVE
   PROGRAM MANAGEMENT OFFICE/PEO WITH TECHNICAL ASSISTANCE
   FROM PMW160. PMW160 WILL ENSURE THE SOLUTION PROVIDER
   SATISFIES INTEROPERABILITY REQUIREMENTS ACROSS ALL NETWORK
   ENVIRONMENT DOMAINS.
B. CATEGORY II NETWORKS/ASSETS WILL RESOURCE THEIR RESPECTIVE
   SOLUTION. IMPLEMENTATION WILL BE CONDUCTED BY PMW160 AND
   NNWC. REQUEST PMW160 ASSIST IN THE DEVELOPMENT OF AN
   EFFICIENT ARCHITECTURE AND DEPLOYMENT PROCESS TO LEVERAGE
   EXISTING EXCEPTED NETWORK IA/CND SUITES. DETAILS REGARDING
   IMPLEMENTATION WILL BE PROVIDED BY NNWC SEPCOR.
C. CATEGORY III NETWORKS/ASSETS WILL RESOURCE AND IMPLEMENT
   THEIR RESPECTIVE SOLUTION. NNWC ODAA MUST APPROVE THE
   SELECTED SOLUTION PRIOR TO IMPLEMENTATION.

5. OWNING ECHELON II COMMANDS WILL BE RESPONSIBLE FOR REPORTING DAR 
ENCRYPTION INSTALLATION PROGRESS FOR ALL CATEGORY II AND III ASSETS 
USING COMPUTER TASKING ORDER (CTO) REPORTING. REPORTING GUIDANCE WILL 
BE PROVIDED BY NNWC SEPCOR.

6. EVERY NETWORK IMPLEMENTING DAR ENCRYPTION WILL ENSURE THAT 100% OF 
ALL GOVERNMENT ASSETS WITH PERMANENT OR REMOVABLE MEDIA STORAGE 
CAPABILITY, WHETHER OPERATED IN A DISCONNECTED OR CONNECTED NETWORK 
MODE, ARE USING THE DAR ENCRYPTION SOLUTION.
ENTERPRISE-WIDE DEPLOYMENT OF THE DAR ENCRYPTION SOLUTION IS CRITICAL 
TO THE PROTECTION OF PERSONALLY IDENTIFIABLE INFORMATION AND OTHER DON 
SENSITIVE INFORMATION.

7. REQUEST WIDEST DISSEMINATION OF THIS MESSAGE.

8. RELEASED BY VADM DAVID J. DORSETT, N2/N6.//

BT
#3137
NNNN