Upload File

effects of restricting ports 20/21 on dod networks and information transfer operations fall copc...

  • Home
  • Documents
  • Effects of restricting ports 20/21 on DoD Networks and Information Transfer Operations Fall COPC 2007 Mr. Walter L. Coley, Jr. JAG/CCM Chair
20
Effects of restricting ports 20/21 on DoD Networks and Information Transfer Operations Fall COPC 2007 Mr. Walter L. Coley, Jr. JAG/CCM Chair

Upload: ariel-miles

Post on 17-Dec-2015

216 views

Category:

Documents


1 download

Report

Tags:

TRANSCRIPT

Page 1: Effects of restricting ports 20/21 on DoD Networks and Information Transfer Operations Fall COPC 2007 Mr. Walter L. Coley, Jr. JAG/CCM Chair

Effects of restricting ports 20/21 on DoD Networks and

Information Transfer OperationsFall COPC 2007

Mr. Walter L. Coley, Jr.JAG/CCM Chair

Page 2: Effects of restricting ports 20/21 on DoD Networks and Information Transfer Operations Fall COPC 2007 Mr. Walter L. Coley, Jr. JAG/CCM Chair

2

2

Overview

Guidance

Effects

DoC Initiative

Navy Initiative

AFW Initiative

Options

Recommendation

Page 3: Effects of restricting ports 20/21 on DoD Networks and Information Transfer Operations Fall COPC 2007 Mr. Walter L. Coley, Jr. JAG/CCM Chair

3

Guidance

All standards are based on NIST guidance DoC follows NIST DoD modified to satisfy mission

Use of anonymous protocols is restricted “Risk Accepted by one is accepted by all”

Guidance concerns IPv4 IPv6 guidance is under review

Page 4: Effects of restricting ports 20/21 on DoD Networks and Information Transfer Operations Fall COPC 2007 Mr. Walter L. Coley, Jr. JAG/CCM Chair

44

DISA Guidance

Xx

FOUO

FOUO

Page 5: Effects of restricting ports 20/21 on DoD Networks and Information Transfer Operations Fall COPC 2007 Mr. Walter L. Coley, Jr. JAG/CCM Chair

5

Guidance (cont)..What the Chart Colors Mean

Guidance from PPS Category Assignments list release 6.8.1 (Aug 2007) Those PPS designated as Red will be severely

restricted. Those PPS designated as Yellow may be allowed

through with specific negotiation and limitations on use. Acceptance of those PPS designated as Green is

generally automatic.

5

Page 6: Effects of restricting ports 20/21 on DoD Networks and Information Transfer Operations Fall COPC 2007 Mr. Walter L. Coley, Jr. JAG/CCM Chair

6

Effects

No more unrestricted data transfer

All traffic is segmented outside VPN

DoD can push and pull data

Non-DoD can only push or pull data within DATMS-U

No more store and forward systems

Page 7: Effects of restricting ports 20/21 on DoD Networks and Information Transfer Operations Fall COPC 2007 Mr. Walter L. Coley, Jr. JAG/CCM Chair

7

Acceptable Services

Short Term Goal – all sites (6 months) FTP Ports 20/21 (Conditional)

Session from Enclave DMZ to DoD Network to Enclave DMZ

HTTP (Port 80 for non-DoD only) HTTPS (TCP) Port 443

Long Term Goal SFTP (SSH) Port 22 only HTTPS (TCP) Port 443

HTTP (Port 80 for non-DoD only)

7

Page 8: Effects of restricting ports 20/21 on DoD Networks and Information Transfer Operations Fall COPC 2007 Mr. Walter L. Coley, Jr. JAG/CCM Chair

8

Acceptable Services (cont)

DDM-SSL (TCP) Port 448

FTPS-DATA (TCP) Ports 989/990 (Army)

Some proprietary others

SFTP has most utility and economy

DOD can initiate FTP sessions

Page 9: Effects of restricting ports 20/21 on DoD Networks and Information Transfer Operations Fall COPC 2007 Mr. Walter L. Coley, Jr. JAG/CCM Chair

9

9

Navy Initiative

FNMOC/NAVO are going through site accreditation

Required to secure communication ports and bring the operation in line with DISA/Navy guidance

Sites will use HTTPS and SFTP

Page 10: Effects of restricting ports 20/21 on DoD Networks and Information Transfer Operations Fall COPC 2007 Mr. Walter L. Coley, Jr. JAG/CCM Chair

1010

DoC Initiative

NWS is moving away from FTP to HTTP(s)-based file transfer.

NWS will support SFTP Need funding to support encryption

NESDIS uses Public Keys

NWSTG supports RSA 2 factor authentication

Page 11: Effects of restricting ports 20/21 on DoD Networks and Information Transfer Operations Fall COPC 2007 Mr. Walter L. Coley, Jr. JAG/CCM Chair

11

Air Force Initiative

Air Force supports SFTP and HTTPS

Systems tuned to work with DMZ

Conversion to data ‘pull’ system Operational load and timing issues under study

Page 12: Effects of restricting ports 20/21 on DoD Networks and Information Transfer Operations Fall COPC 2007 Mr. Walter L. Coley, Jr. JAG/CCM Chair

12

Options

Option 1 Move methodically to secure networks in next 6 months

Can complete HTTPS, but not SFTP without funding No driver for this or funding supporting rapid transition

Option 2 Continue to incrementally improve infrastructure and

document as we go Can still complete HTTPS in 6 months, limited use of SFTP Same effect as option 1 but slower and lower risk Less potentially disruptive to operations

Page 13: Effects of restricting ports 20/21 on DoD Networks and Information Transfer Operations Fall COPC 2007 Mr. Walter L. Coley, Jr. JAG/CCM Chair

13

RECOMMENDATION

Option 2

Communication uses HTTPS and SFTP FTP where essential

Convert all communications to work through DMZ where possible in next 6-12 months Most work is done All OPC locations continue to support ATO process

Page 14: Effects of restricting ports 20/21 on DoD Networks and Information Transfer Operations Fall COPC 2007 Mr. Walter L. Coley, Jr. JAG/CCM Chair

14

Questions?

Page 15: Effects of restricting ports 20/21 on DoD Networks and Information Transfer Operations Fall COPC 2007 Mr. Walter L. Coley, Jr. JAG/CCM Chair

15

Background Information

Page 16: Effects of restricting ports 20/21 on DoD Networks and Information Transfer Operations Fall COPC 2007 Mr. Walter L. Coley, Jr. JAG/CCM Chair

16

16

DISA Guidance

Page 17: Effects of restricting ports 20/21 on DoD Networks and Information Transfer Operations Fall COPC 2007 Mr. Walter L. Coley, Jr. JAG/CCM Chair

1717

DoD DMZDoD DMZ

Internal DoD Network

Internal DoD Network

External Network

External Network

Ports Protocols & Services Category Assignment List (PPS CAL) Boundaries for FTP

Enclave DMZ

Enclave DMZ

DoD Network

DoD Network

13

147

8

1211 9

105

6 3

4

1

2

DoD Network:

NIPRNET, DATMS-U, DREN

Red – PPS CAL Denied/Restricted

Yellow – PPS CAL Conditional

15 – Red16 - Yellow

Page 18: Effects of restricting ports 20/21 on DoD Networks and Information Transfer Operations Fall COPC 2007 Mr. Walter L. Coley, Jr. JAG/CCM Chair

1818

DoD DMZDoD DMZ

Enclave DoD

Network

Enclave DoD

Network External Network

External Network

Ports Protocols & Services Category Assignment List (PPS CAL) Boundaries for SFTP

Enclave DMZ

Enclave DMZ

DoD Network

DoD Network

13

147

8

1211 9

105

6 3

4

1

2

DoD Network:

NIPRNET, DATMS-U, DREN

Red – PPS CAL Denied/Restricted

Yellow – PPS CAL Conditional

15-Green16-Yellow

Page 19: Effects of restricting ports 20/21 on DoD Networks and Information Transfer Operations Fall COPC 2007 Mr. Walter L. Coley, Jr. JAG/CCM Chair

1919

DoD DMZDoD DMZ

Internal DoD Network

Internal DoD Network

External Network

External Network

Ports Protocols & Services Category Assignment List (PPS CAL) Boundaries for HTTPS

Enclave DMZ

Enclave DMZ

DoD Network

DoD Network

13

147

8

1211 9

105

6 3

4

1

2

DoD Network:

NIPRNET, DATMS-U, DREN

Red – PPS CAL Denied/Restricted

Yellow – PPS CAL Conditional

15 – Green16 - Green

Page 20: Effects of restricting ports 20/21 on DoD Networks and Information Transfer Operations Fall COPC 2007 Mr. Walter L. Coley, Jr. JAG/CCM Chair

2020

AF DMZAF DMZ

Navy DoD Network

DMZ

Navy DoD Network

DMZ

External Network

DMZ

External Network

DMZ

DMZ Communications


State Legislation Restricting Judicial Consideration of ... · 7.02.2012 · State Legislation Restricting Judicial Consideration of ... STATE LEGISLATION RESTRICTING JUDICIAL CONSIDERATION

Copc. Malay

Bill Schulz Federal Coordinator - National Oceanic and ... › groups › COPC › meetings › ... · Bill Schulz Federal Coordinator OFCM . FEDERAL COORDINATOR’S UPDATE . TO COPC

COPC 2011 Version 5.0 Guia Atencion Personalizada-May11

COPC Lean Six Sigma for Contact Centers

COPC 2011 Release 5.0 Changes

COPC Actual Costing FAQ

Copc Application for Baseline

Ben Coley-Greece

Coley Comparison - coley.biology.utah.edu

COPC Standards of Call Monitroing( TM Monitoring)

shafto coley vitkin finalcopyNewshaftolab.com › ... › shafto_coley_vitkin_finalcopyNew.pdf · 2020-05-07 · Shafto, Coley & Vitkin Availability and Induction 3 might be accessed

Jacob Coley Question 2

NESDIS COPC Update Spring 2008

COPC Inc Overview Presentation

Implementation of IECEx Certification of Personnel Competence (CoPC) Training Programme · 2020-02-21 · Implementation of IECEx Certification of Personnel Competence (CoPC) Training

Ohs 2010 G Coley

Gestion de la Satisfaccion del Cliente. Kenwin COPC

COPC May 2016 - icams-portal.gov

PROGRAM STATUS ON COPC - isucauayan.edu.ph

Copc Executive Overview 27-June-06

Copc Application for Certification

Sam Coley - Practice-based research

Bankhead-Coley Cancer Research Program

NESDIS COPC Update Spring 2009 May 13, 2009

Coley Crop

Ian Coley Shooting School - Brochure

Coley Catalogue 2 - Stewarts Group

Implementing open data, Alexandra Coley

Outbound - COPC

Our Environment Introduction...Nathan Coley, The Lamp of Sacrifice, 286 Places of Worship, Edinburgh 2004. Made 2004 ©Studio Nathan Coley Made 2004 ©Studio Nathan Coley Ask pupils

Better Care in Venice Family Clinic’s...Santa Monica C3 •Ernesto Ortiz, PA •Dr. Coley King St. Joseph’s C3 •Dr. Coley King Malibu/Briskin •Dr. Coley King •Ryan Wesley,

RESTRICTING SPINOZA’S CAUSAL AXIOM - columbia.edujrm2182/Morrison - Spinoza - Restricting Spinoza... · RESTRICTING SPINOZA’S CAUSAL AXIOM By John Morrison Spinoza’s causal

Preview of “David K Coley Dissertation”

1-Coley Economic Analysis