TUCoPS :: Networks :: 85.txt

NETWORK SECURITY TESTING AND MONITORING
 

**********************************************************************
DDN MGT Bulletin 85              DISA DDN Defense Communications System   
1 NOV 91                         Published by: DDN Network Info Center
                                     (NIC@NIC.DDN.MIL)  (800) 365-3642


                        DEFENSE  DATA  NETWORK

                         MANAGEMENT  BULLETIN

The DDN MANAGEMENT BULLETIN is distributed online by the DDN Network
Information Center under DISA contract as a means of communicating
official policy, procedures and other information of concern to
management personnel at DDN facilities.  Back issues may be read
through the TACNEWS server ("@n" command at the TAC) or may be
obtained by FTP (or Kermit) from the NIC.DDN.MIL host [192.112.36.5]
using login="anonymous" and password="guest".  The pathname
for bulletins is ddn-news/ddn-mgt-bulletin-nn.txt (where "nn" is the
bulletin number).
**********************************************************************

          NETWORK SECURITY TESTING AND MONITORING


1. IN ACCORDANCE WITH NATIONAL TELECOMMUNICATIONS AND INFORMATION
SYSTEMS SECURITY DIRECTIVE (NTISSD) NO. 600, "COMMUNICATIONS
SECURITY (COMSEC) MONITORING," 10 APR 90 (FOUO), IT IS REQUIRED
THAT USERS OF GOVERNMENT TELECOMMUNICATIONS SYSTEMS BE NOTIFIED
IN ADVANCE THAT THEIR USE OF THESE SYSTEMS CONSTITUTES CONSENT
TO MONITORING FOR COMSEC PURPOSES.  THE SAME APPLIES TO SECURITY
TESTING OF AUTOMATED INFORMATION SYSTEMS AND NETWORKS.

2. ADEQUATE NOTICE TO USERS CAN BE ACCOMPLISHED BY ANY OF THE
FOLLOWING MEANS OR ANY COMBINATION THEREOF:
   (A) DISPLAYING A PRINTED MESSAGE DURING THE LOG-ON PROCESS.
   (B) DISPLAYING A PRINTED MESSAGE PERIODICALLY OR CONTINUALLY
   DURING SYSTEM OPERATION.
   (C) DECALS PLACED ON PROCESSING TERMINALS, TRANSMITTING AND
   RECEIVING DEVICES.
   (D) NOTICES IN DAILY BULLETINS OR SIMILAR MEDIUM.
   (E) A SPECIFIC MEMORANDUM TO USERS.
   (F) A STATEMENT IN THE STANDING OPERATING PROCEDURES,
   INSTRUCTIONS, OR SIMILAR DOCUMENTS.

3. RECOMMEND, AS SOON AS POSSIBLE, ALL USERS OF THE DEFENSE DATA
NETWORK (DDN) BE PUT ON NOTICE THAT THEIR USE OF THE DDN CONSTITUTES
CONSENT TO SECURITY MONITORING AND SYSTEM TESTING.  PROPER
NOTIFICATION IN TERMS OF CONTENT AND SPECIFICITY IS:
   "GOVERNMENT TELECOMMUNICATIONS SYSTEMS AND AUTOMATED INFORMATION
SYSTEMS ARE SUBJECT TO PERIODIC SECURITY TESTING AND MONITORING TO
ENSURE PROPER COMMUNICATIONS SECURITY (COMSEC) PROCEDURES ARE BEING
OBSERVED.  USE OF THESE SYSTEMS CONSTITUTES CONSENT TO SECURITY
TESTING AND COMSEC MONITORING."

4. ON DDN HOSTS WITH LIMITED CHARACTERS AVAILABLE IN THE LOG-IN
BANNERS, ADEQUATE NOTICE WOULD BE PROVIDED BY DISPLAYING THE
FOLLOWING:
   "USE CONSTITUTES CONSENT TO SECURITY TESTING AND MONITORING."

5. POINT OF CONTACT IS MAJOR BOYD, CODE DODM, AT COMM (703) 692-7580
OR DSN (312) 222-7580.

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH