Get documents about "Configuration Management Application System Network
Description
Configuration Management Application System Network document sample
Document Sample
NETCOM/9th SIGNAL COMMAND (ARMY)
LANDWARNET NETOPS ARCHITECTURE (LNA)
INTERNET PROTOCOL NETWORK MANAGEMENT SYSTEM
COMPLIANCE CHECKLIST #1
Vendors Certification of Product Meeting LNA
PRODUCT
CHECKLIST TO BE COMPLETED BY Name:
Requirements
Title:
Name:
VENDOR
Version: Signature:
FUNCTIONAL REQUIREMENTS PRODUCT COMPLIANCE
MET NOT-MET
SUPPORTING DOCUMENTATION TO INCLUDE:
PR
FUNCTION SYSTEM DESCRIPTION JUSTIFICATION DESCRIPTION COMMENTS
IO
URL, NAME OF SOURCE DOCUMENT AND
RI
√ √
PAGE NUMBER
TY
Add, Delete and Register Agents The system shall add and delete agents to/from managed clients/assets. This is needed in order to perform basic management
Whenever a new agent is added, the manager triggers inventory data functions on agent managed assets and services.
collection for the affected asset/ agent. Whenever an agent is removed, 1
the pertinent data is removed from the manager.
Analyze Events by Multiple Criteria The system shall enable administrators to analyze system events by This is essential to support root cause analyses,
multiple criteria. It shall enable tem to analyze events relating to two or troubleshooting, and in order to assess progress in improving
more administrator designated criteria, to include (but not limited to) support/services - all necessary to operate, maintain and
specific times, assets (hardware, software, Agents), Command, Control, defend the LandWarNet. It also reduces the amount of time
Communications, Computers, and Information Management/Information administrators will spend in isolating the underpinning cause
2
Technology (C4IM/IT) services, users, administrators, threat signatures, of an outage.
behavioral profiles, asset/ threat type, management system
transactions/job, Capacity, Availability, Performance (CAP) data, business
impact, data source, and/or configuration items.
Assign Privileges to Administrative Groups The system shall provide the ability to assign privileges (read, write, This is needed for administrators to quickly and securely add
execute, access to, restrictions from) to administrative groups. and remove access permissions to management platforms.
2
Administrative groups are composed of administrative accounts used to
manage the platform.
Assign Privileges To User Groups This system shall enable the administrator's to assign user privileges to This is needed for administrators to quickly and efficiently
defined user groups. This includes assigning privileges to assign and remove privileges from users assigned to groups.
2
ports/protocols/services, applications, modules within applications, and/or It reduces the amount of time administrators will spend
assets. configuring access.
Collect Component Status This system shall be able to query devices or device managers to obtain Status of a device is needed to ensure services/applications
information about their operational status/health. Within Host Based are working appropriately.
2
Security System (HBSS), this applies to monitoring the status of its
distributed repositories.
Collect Data from Associated Devices This system shall establish the capabilities of a Network Manager to collect Needed to identify failures, and repair network devices.
management data from specific network devices associated with a network 1
failure.
Collect Hardware Inventory and The system shall query managed platforms, agents, and devices/clients to Needed in order to manage the underlying components of the
Configuration Data obtain information about their operational hardware inventory and LandWarNet. Could be used for metering for compliance.
configuration. It automatically forwards designated Assets and 1
Configuration Items data, as directed/configured by the administrator.
Collect Software/Firmware Inventory and The system shall query manage components, agents, or sensors and This is necessary in order to baseline, manage, and defend
Configuration Data obtain information about the operational software/firmware inventory on the the underlying software existing within the LandWarNet.
1
managed asset(s). This information is stored in the Software Repository.
Enterprise NetOps Planning Division
ESTA-OSC I-ENPD
2133 Cushing St.
Ft. Huachuca, AZ
85613-7070
Compliance.Team@conus.army.mil 1 1/7/2011
FUNCTIONAL REQUIREMENTS PRODUCT COMPLIANCE
MET NOT-MET
SUPPORTING DOCUMENTATION TO INCLUDE:
PR
FUNCTION SYSTEM DESCRIPTION JUSTIFICATION DESCRIPTION COMMENTS
IO
URL, NAME OF SOURCE DOCUMENT AND
RI
√ √
PAGE NUMBER
TY
Configure Communication Resources The system shall have configurable communication parameters. These This is needed to securely configure communication channels
parameters can be set between component-to- management consoles, between agents and management platforms ensures secure
manager-to-agent and manager-to-management consoles; client-to-server, transfer of data between the two elements.
1
client-to-client, Virtual Private Network (VPN) Device-to-remote user, and
server-to-server components. This include configuring ports, Internet
Protocol (IP) address.
Configure Network Groupings The system shall enable the administrator to define network segments to This is needed for the basic configuration of the system and is
2
be used in the organization of network groupings. core to its functionality.
Create Relationships Between Assets The system shall enable administrators to create relationships between This is essential to manage and secure the configuration of
managed assets and asset groups, with sufficient data to enable the and relationships between IT assets and their supported C4IM
system to automatically assess the impacts of changes in the configuration services. It also enables automated analyses and alarms -
2
of one asset to any linked asset's ability to function/operate. and reduces the time to determine any underlying cause of an
asset's outage/degraded performance (and that of their
supported service).
Customize Knowledge Base The system should enable administrators to customize its digital N/A
documents knowledge bases for its managed clients/agents/applications,
and supported customers, organizations, or services. This enables
administrators to add Army specific documents (approval to operate,
tailored Standard Operating Procedure (SOP)/Tactics, Techniques, and
Procedures (TTPs), Army-refined Frequently Asked Questions (FAQs), 3
Intrusion Prevention System (IPS) Policy/Behavior-Based Rule
Implementation Instructions, Field Manuals (FMs)/Behavior-Based Rules,
etc.) to standard Enterprise documents and links within the knowledge
base.
Define Access Privileges The system shall enable designated administrators to define, and This is critical for securing LandWarNet resources and
subsequently enforce access privileges for other administrators, users and preventing unauthorized users from making changes that
assets to the management platform its data and any managed assets. could lead to false alarms, failure of vital system functions, 2
and corruption of data used to operate, manage and defend
the LandWarNet.
Define Network Data Collections The system shall enable the administrator to define a collection of This is needed to restrict and define the amount of data that is
operational status data from devices or device managers for collection and sent between devices and managers. 2
storage.
Detect and Report Login Credential The system shall identify when users/administrators have changed, or This is needed to track user activity and identify those types of
Changes attempted to change, their login credentials (user name, password, activities that may indicate unauthorized changes to accounts. 2
domain) and report this change.
Detect Asset Down The system should detect managed assets that are missing (absent) from Not Applicable (N/A)
the network. This could be due to a system being powered down or being 3
physically removed from the network.
Detect Configuration Changes The system shall track the changes made to component, agent/sensor, Needed to ensure authorized changes are effected and that
and/or configuration data. Messages sent to agents/sensors, along with unauthorized changes are identified.
date/time stamped responses, are logged; these are used to identify the 2
user/administrator directing the changes.
Detect Hardware Changes The system shall identify hardware changes that have occurred within a This enables systems to prompt administrators to validate
managed asset, based on the previous collection of hardware authorized infrastructure modifications and to identify and
configuration and version data. respond to unauthorized modifications. This is key to 2
effectively defending and maintaining the LandWarNet.
Detect Network Changes The system shall detect changes within the managed network, based on This is needed to identify and resolve possible configuration
the analysis of network configuration and/or operational status data. issues with network devices on the LandWarNet. 2
Detect Network Congestion The system shall detect and display network congestion. Network This is needed by the administrator to quickly and efficiently
congestion is defined as an excessive delay in data transport throughput, identify and resolve network congestion issues that may
1
in which packet loss may occur. hinder the flow of IP traffic across the LandWarNet.
Detect Software/Firmware Changes The system shall identify software/ firmware changes that have occurred This is needed to ensure authorized changes are effected and
within a device, agent, or sensor, based on the previous collection of that unauthorized changes are identified. 2
software configuration and version data.
Enterprise NetOps Planning Division
ESTA-OSC I-ENPD
2133 Cushing St.
Ft. Huachuca, AZ
85613-7070
Compliance.Team@conus.army.mil 2 1/7/2011
FUNCTIONAL REQUIREMENTS PRODUCT COMPLIANCE
MET NOT-MET
SUPPORTING DOCUMENTATION TO INCLUDE:
PR
FUNCTION SYSTEM DESCRIPTION JUSTIFICATION DESCRIPTION COMMENTS
IO
URL, NAME OF SOURCE DOCUMENT AND
RI
√ √
PAGE NUMBER
TY
Display Change History The system shall display information regarding historical changes to the This is needed to enable administrators to verify authorized
system and its managed objects or applications. changes and identify unauthorized changes to the
1
management system and any managed devices and
applications.
Display Events The system shall display dynamic near-real-time events based on alarm This is needed for the operation, maintenance, and defense of
severity, time, hierarchical importance, client groups, etc. The system shall the Global Information Grid (GIG) and LandWarNet.
1
support drill down capabilities to display the underlying events behind
larger alarms/incidents.
Display Help The system should provide the ability to view help files specific to the N/A
3
application or management system.
Display Knowledge Base Information The system should display requested information from a particular N/A
knowledge base, in response to administrator queries. It should support
information retrieval and display from authorized (administratively-linked)
external knowledge bases (e.g., a vendor maintained knowledge base. 3
This facilitates rapid trouble-shooting and insightful decision making,
particularly by less experienced administrators.
Display Monitored Data The system shall drill down and display information about displayed This is essential for basic LandWarNet monitoring,
devices and events. The information may include troubleshooting, and maintenance - particularly at Theater
event/incidents/problems, operational activities, system transactions and/or Network Operation and Security Centers (TNOSCs), where 1
CAP data. remote access to fault sources will be critical for security and
rapid repair/problem prevention.
Display NetOps Maps The capability to display dynamic, near-real-time graphical maps of the Provides quick and efficient way to visually identify potential
managed network. These maps shall show graphical icons for network problems in the LandWarNet reducing time need to perform
devices/nodes and interconnecting circuits. Map graphics shall include root cause analysis.
color coded and other visually based techniques to convey the network's
configuration and operational status in an intuitive fashion. This also
includes:
a) Display Network Sub-Groups -The capability to display network sub-
groups through the provision of a graphical user interface. Examples of
device and network sub-groups are geographical, hierarchical, and political
segmentation.
b) Identify Network Device Connectivity-The capability to provide
identification of network device connectivity. The inter-connectivity
2
between network devices (nodes) shall be displayed on a near-real-time
basis to include operational status, alarms, etc. Clicking on a graphical
connectivity link shall cause a more detailed display of the circuit's
identification, operation status, recent alarm history, etc.
c) Display Network Status - The capability to display dynamic near-real-
time network status information on the network map. This information
shall be displayed for network nodes and interconnecting circuits. The
status display shall include color coded and other visually based
techniques to convey the network's operational status in an intuitive
fashion. The display shall have filtering and formatting options to allow
presentation based on severity, hierarchical importance, network
segmentation, etc.
Display Results of Diagnostics The system shall present results of diagnostic routines executed on a This is needed to facilitate trouble shooting.
2
network device.
Distribute Configuration The system shall distribute configuration information to managed This is needed to set/change the configuration of an asset.
components/assets. Also supports rollbacks to an authorized current baseline
2
following an unauthorized change/information attack.
Distribute Current Software/Firmware The system shall distribute current baseline software releases from the This is needed to ensure current versions of software and
Version Current Software Versions (i.e., management software, applications, patches can be installed. It also supports rapid rollbacks to an
patches, etc.) area within the Software Repository. authorized current software/firmware baseline following an 2
unauthorized change/information attack.
Distribute Historic Software/Firmware The system should distribute a previous version of software (i.e., This is critical to support rollbacks of software, signatures,
Version applications, patches, etc.) from the Historical Software Information area profiles and/or processing rules following from a faulty update
3
within the Software Repository. or implementation of a flawed rule/process.
Enterprise NetOps Planning Division
ESTA-OSC I-ENPD
2133 Cushing St.
Ft. Huachuca, AZ
85613-7070
Compliance.Team@conus.army.mil 3 1/7/2011
FUNCTIONAL REQUIREMENTS PRODUCT COMPLIANCE
MET NOT-MET
SUPPORTING DOCUMENTATION TO INCLUDE:
PR
FUNCTION SYSTEM DESCRIPTION JUSTIFICATION DESCRIPTION COMMENTS
IO
URL, NAME OF SOURCE DOCUMENT AND
RI
√ √
PAGE NUMBER
TY
Distribute New Software/Firmware The system shall distribute new software releases (i.e., applications, This is needed to ensure that those systems will not be
patches, etc.) from the New Software Versions staging area within the compromised. Remediation of systems on the LandWarNet
Software Repository. Once installed and verified, the system changes the contributes to security in depth. Retaining prior baseline data 2
new release's status to current baseline status, and the previous current as described enables rollbacks in the event of a faulty update.
baseline software to historical baseline status.
Distribute Software/ Firmware Based on The system should distribute software (i.e., applications, patches, agents, N/A
Profiles etc.) based on client profiles and managed/defended IT assets and
network segments. The system is essential for the correct software
3
installation, configuration and maintenance of network operations devices
and their managed/defended networks and IT assets.
Encrypt Data Exchanges The system shall provide secure (encrypted) data exchange between a Secures Network Operations (NetOps) management data
manager and clients. Certain types of data being exchanged require used to control management platforms on the LandWarNet.
encryption (e.g., logon credentials). The system shall provide the
capability to encrypt data transferred between the system and assets using 1
Secure Socket Layer (SSL) and Transport Layer Security (TLS) that is
Federal Information Processing Standards (FIPS) Publication 140-2
compliant.
Event Root Cause Analysis The system shall provide the capability to perform root cause analysis of This is essential for troubleshooting the true source of device
asset failures, service breaches or problems. The system shall identify the failures and resultant service outages - speeding
point of failure and any down stream (e.g., 2nd and 3rd order) effects to recovery/restoration of the LandWarNet. 2
assets, services, or users/organizations. The system shall clearly indicate
when network or service isolation has occurred.
Identify and Collect Data for Monitoring The system shall enable an administrator to select (identify) what data toThis is necessary in order to receive information about the
monitor/report and enable the reception collection of that data. status of an asset or service. It provides valuable information 2
used to identify failures.
Identify Associated Network Devices The system shall establish the capabilities of a Network Manager to This provides the logic necessary to ensure correct diagnosis
identify network elements associated with a detected network failure. The of the failed component thus reducing the amount of time
1
identified elements must only be those directly related to the primary administrators spend investigating failures.
failure, not sympathetic or downstream failures.
Initiate Failover The system shall be able to initiate failover of its managed assets based Needed to ensure assets/systems/services in the
on administratively set threshold criteria and redundant configurations. LandWarNet will continue to operate. 2
Manage Administrator Accounts The system shall provide the ability to manage (add, modify, verify, delete) This is needed to ensure that access to management systems
accounts that are used to administrate the system. This also includes the is controlled and secure. 2
ability add and remove users from groups.
Manage Agent Profiles The system should administratively manage (create, modify, and delete) This is needed in order to manage large numbers of agents
2
configuration profiles for different types of agents. via the profile functionality.
Manage Component Grouping The system shall allow administrators to define groups of assets. Groups This is needed to enable the administrators to perform
may be created using different characteristics, including hierarchical, common operations upon them (loading patches, signatures,
organizational, geographical, or functional (e.g., Email Servers). Also, the profiles, access control list, etc.) - speeding implementation of
2
system shall enable administrators to assign specific assets/components to security measures during an attack, reducing the chances of
defined groups. error, and reducing overall administrator workloads.
Enterprise NetOps Planning Division
ESTA-OSC I-ENPD
2133 Cushing St.
Ft. Huachuca, AZ
85613-7070
Compliance.Team@conus.army.mil 4 1/7/2011
FUNCTIONAL REQUIREMENTS PRODUCT COMPLIANCE
MET NOT-MET
SUPPORTING DOCUMENTATION TO INCLUDE:
PR
FUNCTION SYSTEM DESCRIPTION JUSTIFICATION DESCRIPTION COMMENTS
IO
URL, NAME OF SOURCE DOCUMENT AND
RI
√ √
PAGE NUMBER
TY
Manage Environment Specific Event The system shall enable administrators to create, copy, modify, archive This allows administrators to refine automated responses by
Actions and delete Event Response/Operations rules for environment specific the manager to address unique/Army mission and
(local) events or administratively defined filters. It shall allow them to environment/ infrastructure needs and constraints. A pick list
create/modify names for each rule, select pre-defined standard/ custom enables administrators to predefine rules to support conditions
filters, and specify the pre-defined responses/operations the management anticipated when an Operations Plan (OPLAN)/Concept of
system shall take when the criteria are met. The system's automated Operations Plan (CONPLAN) is executed, or major
response options shall support audible alarms, visual alarms, administrator event/policy (e.g., Brigade Combat Team exercise or
defined text messaging (e.g., email/pager alerts), normalization of Information Operations policy) occurs. Pre-configured
externally generated events, correlation/consolidation of automated responses help prevent both administrators and
redundant/associated events, setting event classification/priority data, and the system from becoming overwhelmed - while speeding 2
execution of other operations using administratively defined variable remedial actions.
entries. It shall permit an administrator to create a rule set of related rules.
It shall enable administrators define rules/criteria used to match specific
data fields and the data entry that results from the match. It should enable
them to provide a named set of these combination rules. The system shall
enable administrators to manage a pick list of these
rules/rules sets for latter execution by administrators and authorized
users.
Manage Event Filter Criteria The system shall enable administrators to create, modify, archive, and This is needed to the effective application of the filter to the
delete filtering criteria used to control what events are generated (sent) or asset. Event filtering prevents the console from receiving
permitted (accepted) from each managed element/asset. It shall support more events that can be processed. This could cause the
different filters for sending events, receiving/ processing events, and console to lock up, and could also result in loss of pertinent
alerts/notifications arising from events. The system shall support event data.
temporary filters, enabling administrators to select default/administrator
2
defined filters from a pick list to adjust and activate. The supported filtering
criteria shall address standards/Protocol based variables/thresholds (e.g.,
Simple Network Management Protocol (SNMP), computer input
multiplexer) as well as system unique ones (e.g., vendor provided SNMP,
manual input buffer extensions).
Manage Event Repository The system shall enable the administrator to manage event data This is necessary to monitor the health and/or security of
storage/repositories. [Events are security alerts/reports or operational data managed assets/services, and to perform detailed studies of
reported by managed agents/sensors/adaptors and/or generated internally their failures/performance (used to improve procedures,
by the Manager.] The system shall enable authorized administrators to training and infrastructure decisions]. 2
sort, query, archive and delete events with Commercial-off-the-shelf
(COTS)/Government-off-the-Shelf (GOTS) tools.
Manage Failover Configuration Settings The system shall enable the administrator to define failover criteria and This is vital for the reliability, survivability and speedy recovery
required configuration settings. of the LandWarNet following a critical asset/applications' 2
failure, destruction, or removal.
Manage Groups The system shall manage (create, modify, delete) User Groups, with user The system is critical to the operations and security of this
roles and privileges. It shall support User Group creation, data NetOps system and the LandWarNet. User accounts and
entry/modification, and deletion by authorized system users. This includes their associated User Group(s) will be used throughout the
the ability to remove multiple groups/super groups (groups that contain Enterprise to control privilege-based access to various
other groups) within a single action. resources/assets and services, track trouble calls/service 1
requests, provide alerts/notifications, and to maintain
audit/transaction logs (In Accordance With Army Regulation
(AR) 25-1 and AR 25-2).
Manage Hardware Scans The system shall manage hardware platform scans. It enables This provides enhanced LandWarNet security through
administrator to configure scans to identify and collect inventory data on management of scans for unauthorized hardware devices,
specific classes/types of hardware devices and sub-modules (e.g., TPM inventory checks/validation, and security/operational checks 2
chips, BIOS chips, RAM, hard drives). of their physical configuration.
Manage Network Discovery The system shall have the ability to create and manage network discovery This is needed to automatically discover systems that need to
rules. The rules for network discovery must include a flexible combination be managed, and reduces the amount of time spent
of at least the following parameters: specific device address(es), address configuring the management system. 2
ranges (starting and bounding points), sub-nets, and networks.
Enterprise NetOps Planning Division
ESTA-OSC I-ENPD
2133 Cushing St.
Ft. Huachuca, AZ
85613-7070
Compliance.Team@conus.army.mil 5 1/7/2011
FUNCTIONAL REQUIREMENTS PRODUCT COMPLIANCE
MET NOT-MET
SUPPORTING DOCUMENTATION TO INCLUDE:
PR
FUNCTION SYSTEM DESCRIPTION JUSTIFICATION DESCRIPTION COMMENTS
IO
URL, NAME OF SOURCE DOCUMENT AND
RI
√ √
PAGE NUMBER
TY
Manage Network Discovery Rules The system should manage (add, delete, change) network discovery rules. N/A
The rules for network discovery must include a flexible combination of at
least the following parameters: specific device address(es), address 3
ranges (starting and bounding points), sub-nets, and networks.
Manage Network Maps The system shall enable the administrator to define multiple graphical This is needed for administrators to view networks and quickly
2
depictions of the network. identify any network failures.
Manage Network Organization The system shall enable the administrator to establish rules governing the This is needed to control the configuration of network devices
grouping of network segments. This includes setting rules to control and is core to the functionality of the system.
2
network grouping (which may be graphical), network mapping, and access
privileges.
Manage Network Tool Sets The system should create and manage various tools sets used within the N/A
application. This includes the ability to configure graphical bit-maps, screen
3
layouts, tool-bar icons, custom menus, click-on actions, script launching or
routines.
Manage Other Communication Protocols The system shall support management of non- SNMPl protocols for This is needed to configure systems that control the flow of IP
communication. Examples include File Transfer Protocol, Internet Control Network traffic on the LandWarNet.
1
Message Protocol, and Common Management Information Protocol.
Manage Platform Discovery Rules The system shall provide the administrator with the ability to manage This simplifies the process through which a management
(create, edit, delete, and archive) rules sets that are used as part of the platform will discover and eventually manage assets.
discovery process. It enables administrators to define active (poll-
response) and/or passive discovery rules' search criteria (i.e., IP Segment
2
range, Domain, Group, System Type, administrative group, IP message
types, etc.) and identification/classification data as to the types of systems,
applications and services that will be discovered/managed.
Manage Polling Intervals The system shall manage data collection polling intervals. Polling intervals This is needed to ensure proper updates of the status of
will be adjusted to reflect the status (operational stability) of the network or systems are received by the Management system and
2
the current information operations condition. Network Common Operational Picture System (NETCOP).
Manage Simple Network Management The system shall establish the capabilities expected from a Network This is needed to configure systems that control the flow of IP
Protocol Agent Configuration Manager enabling the management and configuration of the system's Network traffic on the LandWarNet. 1
SNMP server. This includes SNMP Trap Generation.
Manage Simple Network Management The system shall enable administrators to be able to configure a device's This is needed to configure systems that control the flow of IP
Protocol Community Strings SNMP agent community strings when required. Multiple read and write Network traffic on the LandWarNet. 1
community strings must be supported.
Manage Simple Network Management The system shall establish the system's ability to allow the administrator to This is needed to configure systems that control the flow of IP
Protocol Management Information Bases manage (create, modify, and delete) SNMP Management Information Base Network traffic on the LandWarNet.
1
information from the Network Manager.
Manage Software/Firmware Scans The system should manage and execute software/firmware inventory N/A
scans on managed platforms/agents/applications. This includes the
3
capability to create, modify, and delete scan rules and launch defined
scans.
Manage System Log Configuration The system shall be capable of configuring the device's SysLog facility. This will provide system administrators a way to remotely, and
This configuration includes the types of messages to be logged, the level in groups, configure syslog configuration settings. This will
of detail to present in the messages, and where to send these messages. help to ensure a consistent application of syslog configuration 2
settings while reducing the amount of time spent applying the
configuration.
Manage User Accounts The system shall manage (create, modify, archive, verify, delete) individual This is needed to manage accounts for users to access
user accounts; support entering personal contact/notification information services/systems/applications and secure the LandWarNet
and linking the account to one or more (e.g., supervisory) user accounts through assurance of identity.
and user groups/organizations. Primary account creation for desktops will
occur via the systems management capability; when this is unavailable it 1
can be done via the Active Directory (AD) Management capability. This
also includes the ability add and remove users from groups.
Enterprise NetOps Planning Division
ESTA-OSC I-ENPD
2133 Cushing St.
Ft. Huachuca, AZ
85613-7070
Compliance.Team@conus.army.mil 6 1/7/2011
FUNCTIONAL REQUIREMENTS PRODUCT COMPLIANCE
MET NOT-MET
SUPPORTING DOCUMENTATION TO INCLUDE:
PR
FUNCTION SYSTEM DESCRIPTION JUSTIFICATION DESCRIPTION COMMENTS
IO
URL, NAME OF SOURCE DOCUMENT AND
RI
√ √
PAGE NUMBER
TY
Management Information Base Information The system should manage storage of the Management Information Base N/A
information for network devices under management. These Management
Information Bases are necessary to collect management information and 3
control the device's hardware and software components.
Monitor Processes The system shall be able to monitor a single process or multiple processes This is needed to ensure assets providing enterprise services,
on a managed platform or group of platforms. security, or other support is operational and functioning within 2
acceptable behavioral patterns/norms.
Obtain Software/ Firmware Updates from The system shall obtain software/ firmware (i.e., software/firmware Updates to assets in the LandWarNet are required in order to
Authoritative Source patches, signature/profile updates, rules updates) updates from a specified prevent compromise of the assets. 2
location in either an on-demand or scheduled fashion.
Perform Local Authentication The system shall authenticate users, administrators, and assets from data This is needed for the authentication of users to access and
stored locally within the management application or device. resources on the LandWarNet and is required by AR 25-1, 1
and AR 25-2.
Perform Operations on Multiple Assets The system shall permit administrators to interact with multiple managed This is needed to save the administrators considerable time,
assets on a single screen. It allows them to select and perform operations enable central management and maintenance of large
on individual assets, and groups of assets (Hardware, Software, Agents), network - enhancing overall reliability and security.
from administratively defined (pick) lists of available assets/asset groups 2
and operations. The system shall enable the administrator to define and
save groups of assets for future pick list displays (to perform future
operations upon).
Perform Remote Authentication The system shall authenticate users, administrators, and assets from a This is the core function for the authentication of users to
remote authentication service on the network. access and resources on the LandWarNet and is required by 1
AR 25-1, and AR 25-2.
Present Network Diagnostic Information The system shall present accurate and intelligent diagnosis of network Analysis of failures and the subsequent diagnosis of a failure
failures based upon the diagnostic analysis of the management data decreases the amount of time needed to repair the failure.
1
collected from network devices associated with the failure.
Process Requests For Capacity, Availability, The system shall process Requests For Data (polls) from the CAP This is needed to enable overarching NetOps management
and Performance Data Monitoring system. The system shall determine the required information/ systems to function; it directly feeds the IT Metrics Program's
data, retrieve/collect it and forward it to the CAP system. data collection, which in turn provides required reports to meet 1
provisions within the Clinger-Cohen Act.
Provide Ability to Drill-Down The system shall provide in-depth detailed information about any This enables rapid trouble-shooting or identification of key
monitored asset, service, or function depicted on the Graphical User information necessary for operations, maintenance or defense
Interface (GUI). This enables the user to drill-down on any graphical actions. 2
representation (e.g., icon) to obtain specific relevant detailed information
regarding its status.
Provide Ad Hoc Network Data Analysis The system shall provide on demand capabilities to collect and analyze Results of this analysis can be used to help quickly identify
information from network devices, circuits, interfaces, and nodes. It allows issues with assets as well as to fine tune operational
the administrator to analyze various functional behaviors such as error configurations. May also serve as a decision support tool for
rates, capacity, and utilization. This includes the capability to: improvement of other like components.
a) identify and select specific network elements, nodes, or segments for
functional analysis;
b) identify specific data and initiate the collection of this data for ad hoc
functional analysis; 1
c) allow the administrator to specify the interval and duration which the
data will be collected from the device;
d) present informative reports based on collected Network Manager
functional data. All presentation requirements (filters, formats, etc.) apply.
Provide Administrator Audit Log The system shall provide administrator audit log information, to include the This is required in accordance with Department of Defense
administrator's identification, time stamp, the specific activity/transaction Instruction (DoDI) 8500.2, AR 25-1 and AR 25-2.
performed, changes in permissions, and any other specified data of 2
interest related to administrator transactions on the system.
Enterprise NetOps Planning Division
ESTA-OSC I-ENPD
2133 Cushing St.
Ft. Huachuca, AZ
85613-7070
Compliance.Team@conus.army.mil 7 1/7/2011
FUNCTIONAL REQUIREMENTS PRODUCT COMPLIANCE
MET NOT-MET
SUPPORTING DOCUMENTATION TO INCLUDE:
PR
FUNCTION SYSTEM DESCRIPTION JUSTIFICATION DESCRIPTION COMMENTS
IO
URL, NAME OF SOURCE DOCUMENT AND
RI
√ √
PAGE NUMBER
TY
Provide Agent/Sensor Inventory Repository The system shall store inventory information on managed This is essential to provide baseline data of managed
agent/sensors/adaptor devices. This shall include the Agent/Sensor agents/sensors/adaptors, used to support the management
Location Catalog (the topology of agent/sensors in the managed system's operations and processing.
environment), the Asset Inventory (the known inventory of manageable
devices) and any Component Groupings (Administrator-defined groupings
of agents/sensors and their relationships to other assets and/or services, to 1
include fail-over responsibilities between them or their management
consoles). It shall be able to store multiple versions of this data (staged,
current and various historical sets of information). This repository should
support queries of this data (for authorized administrators/users only).
Provide Alarm Trace Data Repository The system shall store Alarm/Event data collected and analyzed by the This is essential for retaining records of system failures and
management system. Alarm data is generated based on predefined security events necessary for follow-up, in-depth analysis
2
criteria established and rules run against event/operational data received used to resolve problems and improve LandWarNet readiness
by the management platform. and availability.
Provide Availability Data Repository The system should store availability data collected and analyzed by the N/A
management system. Availability data may include average/maximum
time in service as scheduled, task/job response times, incident/problem
3
resolution times, maximum/mean times between failures, time in
scheduled maintenance, time support/service is lost while an asset is back-
ordered, etc.
Provide Bandwidth Throttling The system shall enable the administrator to limit bandwidth use for data This is needed to limit administrative network traffic to
transfer between NetOps systems. Bandwidth throttling is the ability to supportable levels, ensuring adequate support to Warfighters
configure the system to control the size of packets that traverse over the and Business systems - while retaining the ability to perform
1
network and is primarily and networking function. vital operations, Continuity of Operations (COOP)/Disaster
Recovery (DR) and NetOps administrative tasks.
Provide Capacity Data Repository The system should store capacity data collected and analyzed by the N/A
management system. Capacity data may include used/remaining storage
capacity (for disk drives, LUN, tape, drive pools, etc) , processing/central
3
processing unit capacity, the average/maximum number of
files/applications/users and asset/service supports, transmission
rate/bandwidth data, etc.
Provide Capacity, Availability and The system should provide reports on CAP data. N/A
3
Performance Data Report
Provide Capacity, Availability, and The system should integrate with the CAP Monitoring System. This is N/A
Performance Monitoring System Integration needed in order for the CAP system to receive data that it can then 3
analyze.
Provide Command Line Interface The system shall use a command line interface for system or account This is needed to enable administrators to execute changes
administration locally and remotely. on large groups of configuration items via a single command. 2
Provide Command Line Interface and The system should provide security mechanisms for Command Line N/A
Application Program Interface Security Interface (CLI) and Application Program Interface access to the system.
The system should enforce security for command line input that is
3
functionally identical to GUI access restrictions and controls; security for
Advanced Programming Interfaces that are functionally identical to GUI
access restrictions and controls.
Provide Communication Ports Security The system shall provide the capability to designate a limited set of ports This is necessary to configure management platforms to
for communication between management platforms and managed communicate across routers and switches (considering port
1
components. restrictions that may be applied to network devices) within the
LandWarNet.
Provide Configuration Change Reports The system should produce reports on a managed client’s configuration N/A
3
changes based on inventory scans.
Provide Configuration Management Data This system shall integrate with an external Configuration Management This is required to provide critical NetOps inventory and
Base/Service Support Integration Data Base/Service Support (CMDB/SS) system; which includes configuration item data, health/welfare status
components such as: Service Desk, Incident Management, Problem information/events, and other administrative information
Management, Change Management, Configuration Management, Asset necessary to monitor and manage the health, welfare, and 1
Management, Project Management, etc. This includes enabling the user operational status of the LandWarNet.
to access the manual workflow report (Trouble Ticket) features of the
CMDB/SS.
Enterprise NetOps Planning Division
ESTA-OSC I-ENPD
2133 Cushing St.
Ft. Huachuca, AZ
85613-7070
Compliance.Team@conus.army.mil 8 1/7/2011
FUNCTIONAL REQUIREMENTS PRODUCT COMPLIANCE
MET NOT-MET
SUPPORTING DOCUMENTATION TO INCLUDE:
PR
FUNCTION SYSTEM DESCRIPTION JUSTIFICATION DESCRIPTION COMMENTS
IO
URL, NAME OF SOURCE DOCUMENT AND
RI
√ √
PAGE NUMBER
TY
Provide Defineable Report Filters The system should provide filters that can be created and modified. Filters N/A
provide a way to produce reports that provide data on a specific 3
attribute(s).
Provide Device and Media Configuration The system shall store all configuration information about devices and This is needed to maintain and defend LandWarNet systems
Information Repository media that is generated by the management system or its sub- via their configurations. It supports restoring and
systems/agents, to include any unique communications/encryption reconstitution of vital assets and applications. 2
settings. This also includes new/staged, current, and multiple copies of
historical configuration data.
Provide Device Relationships Repository The system shall store the relationships between network devices. [These This information provides vital baseline data used to
relationships define the interconnections between and hierarchy of network determine, configure, and control authorized network
devices and network nodes within the Network Manager's sphere of interactions. It is also used to restore/reconstitute networked
control.] This device inventory information is expected to be stored as following a fire/flood/physical destruction, etc.
textual data within a database. It shall be able to store multiple versions of 1
this data (staged/new, current and various historical sets of information).
This repository should support queries of this data (for authorized
administrators/users only).
Provide Device Type Catalog Repository The system shall store the Master Catalog/Library of known manageable This catalog contains the information needed by the IP
network devices/assets, by type and manufacturer. This device catalog Network Management system to interface/communicate with
1
information can be stored in various data formats (textual and/or binary) the devices.
within a database.
Provide Diagnostic Routines The system shall provide diagnostic routines. Diagnostic routines enable This is essential for the rapid trouble shooting and
administrators to execute an action or set of actions intended to reveal maintenance of assets. 2
operational failures.
Provide Event Log Reports The system shall produce reports containing event and associated user This is needed to meet AR requirements for reporting on
2
activity logs. potential security breeches.
Provide External Events Repository The system shall capture and store external systems/operations events This data is essential for the basic operation of this system's
and logs retrieved from external clients/repositories. It shall provide timely management console, which is used to operate and maintain
storage for all operational events and/or transaction logs (e.g., Sys-logs) Information technology assets and services within the
received/polled from specific monitored clients/repositories. It shall record LandWarNet. The ability to query its data is essential for
all reported event information, with time-stamp data, as textual data in a detailed analyses, which support NetOps procedures, training,
2
database. It shall support queries of this data. [External systems are not staffing, and infrastructure decisions.
part of the NetOps management system itself; these events/logs address
health and welfare information of these external, but managed,
LandWarNet assets).
Provide Failover Capabilities to Secondary The system should provide failover capabilities to a secondary site. This This is needed in order for LandWarNet systems to fail over to
Site encompasses the failover configuration and parameters for the secondary other systems and maintain the service to users.
3
site. This capability required secure data transmissions to the secondary
site.
Provide Frequently Asked Questions The system should support a FAQs capability, providing searchable, quick N/A
Feature solutions for common problems for both administrators and 3
customers/users.
Provide Graphical Diagrams The system shall provide a GUI/Web based diagram of disks or networks, This is required to monitor the health and security posture of
along with physical and logical views of the assets. Additionally, the the networked infrastructure.
2
system shall provide a network diagram of the assets to include switches,
tape libraries, or other managed assets.
Provide Graphical Interface The system shall provide a GUI enabling users and/or administrators to This is needed to simplify the use of the management system.
access and operate the system from their terminal or via a web-accessible
Interface. The system functionality should be the same whether the 2
operator accesses the system via the terminal or at the server/system's
native interface.
Provide Hardware Inventory Repository The system shall store hardware data collected and analyzed by the This is needed to rapidly and remotely detect unauthorized
management system. The system shall be capable of storing staged, changes to hardware devices on the LandWarNet. Multiple
current and multiple historical versions of hardware inventory information versions enable administrators to prepare for new systems
for each managed asset. It shall support queries against this data. and archive inventory that is deployed/being repaired and will
return in the future; it also supports battle handovers of this 1
data to the gaining theater NetOps and Security Center/signal
unit and helps to centrally identify all assets belonging to an
organization.
Enterprise NetOps Planning Division
ESTA-OSC I-ENPD
2133 Cushing St.
Ft. Huachuca, AZ
85613-7070
Compliance.Team@conus.army.mil 9 1/7/2011
FUNCTIONAL REQUIREMENTS PRODUCT COMPLIANCE
MET NOT-MET
SUPPORTING DOCUMENTATION TO INCLUDE:
PR
FUNCTION SYSTEM DESCRIPTION JUSTIFICATION DESCRIPTION COMMENTS
IO
URL, NAME OF SOURCE DOCUMENT AND
RI
√ √
PAGE NUMBER
TY
Provide Hardware Monitoring The system shall monitor hardware components of the LandWarNet This is needed to ensure hardware components that are part
2
infrastructure in order to obtain operational status. of providing an enterprise service are operational.
Provide Help Feature The system should provide help functionality. This can be an on-line N/A
functionality or provided locally on the platform. It should provide a search 3
and index capability.
Provide Import Digital Documents For The system should import vendor supplied Digital Documentation N/A
3
Knowledge Bases Knowledge Base information.
Provide Import/Export Translation Code The system shall store the rules and code required to translate data files This data is necessary for the interoperation of the system
Repository between the native Network Manager format(s) and COTS document with external systems that provide it data. It also enables
exchange formats (e.g., CVS, RTF, HTML, etc.) for import and export rapid restoration of corrupted/deleted files/systems/managed
2
functions. This file format information can be stored in various data assets.
formats (textual and/or binary) within a database.
Provide Intelligent Fault Isolation The system shall provide the administrator with an intelligent fault isolation This is needed to help administrators quickly and efficiently
capability. It accurately and reliably identifies the point on the network that identify and isolate network faults in order to rapidly restore
failed. The network map should clearly indicate the failed services to the LandWarNet.
device/component and the portion of the network that has been isolated by
the failure. The network event display should clearly indicate when
network isolation has occurred. When a failure results in network isolation, 1
events related to the isolated portion of the network should be displayed
with a lower priority than events related to the primary failure. Additionally,
the user should be provided the ability to not display sympathetic events
related to network isolation.
Provide Internal Events Repository The system shall provide timely storage for internally-generated system This data is essential for the basic operation and maintenance
log/transaction events (events/ logs addressing the NetOps system's of this system, which is used to operate, maintain, and defend
health and operational status). It shall record all reported event Information technology assets and services within the
information, with time-stamp data, as textual data in a database. It shall LandWarNet. The ability to query its data is essential for 2
support queries of this data. It shall capture and store all agent/sensor detailed analyses, which support NetOps procedures, training,
reported events/logs and all operational logs (e.g., Sys-logs) polled from staffing, and infrastructure decisions.
specific managed assets.
Provide Knowledge Base The system should provide a knowledge base. Knowledge bases are N/A
searchable (via queries) repository of information about a specific topic or
product. The knowledge base should contain at a minimum; FAQs, trouble- 3
shooting wizards, URLs for additional help/information.
Provide Knowledge Base Repository The system should store NetOps Knowledge Base information. This This is essential for the basic operation of the NetOps
includes all information stored in the Knowledge Base used primarily by Systems Knowledge Base management capabilities.
3
administrators in the operations and maintenance of systems and services.
Provide Management Information Base The system shall store the SNMP Management Information Base for This is necessary to collect management information and to
Repository managed networked assets. Management Information Bases provide control the managed device's software and hardware
device-specific management control message data to leverage unique components.
2
capabilities within the device, collect management information from it, and
control its hardware and software components.
Provide Manual Component Registration The system shall accept manually entered asset and asset sub-component This supports management, situational awareness, and
registration information. This information is entered by the administrator defense of critical LandWarNet assets and the
about a specific asset(s) that is to be managed and is used to find and take implementation of urgent defensive measures and policies.
2
administrative control of the asset. The system shall enable administrators
and designated users to add or remove assets as necessary.
Provide Multiple Component Access The system shall control the administrator's ability to only perform This is needed to enable automated administrative access
Controls operations to those assets/asset groups they are authorized to manage. controls - enhancing overall reliability and security. 2
Provide Network Common Operational The system shall enable administrators to manage (create, modify, archive This is essential for dynamically monitoring the health and
Picture Integration and delete) local/environment-specific rules used to control the status of LandWarNet assets, services, and overall support to
1
integration/forwarding of network topology maps and event data sent to the war fighting and base operations/business organizations.
NETCOP System's GUI.
Enterprise NetOps Planning Division
ESTA-OSC I-ENPD
2133 Cushing St.
Ft. Huachuca, AZ
85613-7070
Compliance.Team@conus.army.mil 10 1/7/2011
FUNCTIONAL REQUIREMENTS PRODUCT COMPLIANCE
MET NOT-MET
SUPPORTING DOCUMENTATION TO INCLUDE:
PR
FUNCTION SYSTEM DESCRIPTION JUSTIFICATION DESCRIPTION COMMENTS
IO
URL, NAME OF SOURCE DOCUMENT AND
RI
√ √
PAGE NUMBER
TY
Provide Network Discovery Features The system shall provide discovery (detection and collection) of This is needed in order to identify and subsequently manage
information related to the network elements. The configuration and new devices on the LandWarNet.
2
management of the discovery process is discussed under the Network
Manager Administrative Capabilities.
Provide Network Element Manager This system shall integrate with Device Element Managers, to include This is core to the functionality of the IP network management
Integration providing any graphical and event integration necessary to enable remote system. It depends upon data received via element
1
operation of the element managers. Two-way event integration is desired. managers to provide its management capabilities and
graphical representations of the network.
Provide Operational Reports The system shall provide operational Network Operations reports, to This is needed to allow the element manager to combine and
include those on component and aggregated asset/system utilization (or summarize device/storage information, Job Status, Job
usage); failed components/assets; configuration settings for all/designated Volume, Device Utilization, media verification, job failures, job 2
components/ assets; and asset/device/storage information. schedules, report alerts.
Provide Operational Status Repository The system shall store the operational status of all managed assets. [This Knowing the health/operational status of managed assets is a
asset/service health and status data is received by or generated within the core NetOps function and essential to operate, maintain and
1
management system, based upon events/other reports.] defend the LandWarNet.
Provide Predefined Correlation Rule Sets The system shall provide predefined rules to establish relationships This is needed to reduce the amount of data administrators
between events received from different event sources when the events are need to review, thus reducing the amount of time necessary
2
functionally related. Extensive tuning of the predefined rule sets should not to identify a potential threat.
be required.
Provide Predefined Display Formats The system shall display predefined formats/displays to make the system This is needed for basic operation of the system out of the
2
usable immediately after the initial installation. box, reducing configuration and implementation time.
Provide Predefined Reporting Filters The system should display filters to reduce displayed data based on N/A
relevancy and provide predefined display filters to support analysis of 3
reported data.
Provide Remediation Knowledgebase The system shall provide a repository that contains knowledgebase for This is needed in order for system administrators to quickly
Repository remediation data. This data links remediation to associated threat identify the available fixes or preventative measures and
2
signatures/profiles and vulnerabilities. system impact for specific threats and vulnerabilities.
Provide Remote Administration The system shall provide secure, Internet protocol-based remote This is required to secure the LandWarNet and operate large
administration of the manager and its managed assets. networks. 2
Provide Scalable Topology The system shall be scalable and able to operate in a single server This is required to ensure that management of assets can be
topology (e.g., a military system/vehicle) or in a hierarchical topology (i.e., efficiently performed at differing echelons within the
multiple servers arranged hierarchically). LandWarNet. Further, it supports the consolidated/correlated
of data as it is transferred from one management platform to
another. A scalable topology is the foundation of the Army's
2
ability to management the LandWarNet as an enterprise in
that it provides a way to manage assets locally while providing
valuable data/information forming an enterprise view of those
assets.
Provide Security Information Management This system shall integrate with the external Security Information This is needed for the SIMS to get data from systems. SIMS
System Integration Management System (SIMS). This includes data received from managed depends upon this data in order to do it's analysis of security
assets as well as events generated on the security management platform related information. 2
itself (i.e., user unsuccessfully tried to log onto management platform more
than three times).
Provide Single Component Access The system shall enable administrators to interact with a single monitored This is needed to facilitate defensive actions, maintenance,
asset or service on a single screen. This includes enabling them to view and operational management of core components and
2
and manipulate the asset/service's status, type, capacity, utilization, services underpinning the entire LandWarNet.
allocation, and location.
Provide Software Repository The system shall provide a repository for storage of software or firmware, This repository is essential for the operation of the
by version. It shall store the current version of profiles; and store multiple management system and in order to install, restore, and
historical versions. It shall stage new versions within the repository for trouble-shoot faulty software/firmware versions. It also
subsequent distribution/installation. Once a new version is deployed, it provides a baseline of authorized software that may be used
1
becomes the current version and the old current version becomes a during forensic analysis to identify unauthorized changes
historical version. It shall enable administrators to control the number arising from a computer network attack.
and/or age of historical versions retained.
Enterprise NetOps Planning Division
ESTA-OSC I-ENPD
2133 Cushing St.
Ft. Huachuca, AZ
85613-7070
Compliance.Team@conus.army.mil 11 1/7/2011
FUNCTIONAL REQUIREMENTS PRODUCT COMPLIANCE
MET NOT-MET
SUPPORTING DOCUMENTATION TO INCLUDE:
PR
FUNCTION SYSTEM DESCRIPTION JUSTIFICATION DESCRIPTION COMMENTS
IO
URL, NAME OF SOURCE DOCUMENT AND
RI
√ √
PAGE NUMBER
TY
Provide Software/ Firmware Distribution The system should verify a software/firmware distribution was successful. N/A
Verification 3
Provide Standard and Predefined Reports The system should predefined/standard reports and views. The system N/A
should also provide graphics within text reports (e.g., Trending Reports
may contain pie charts, bar charts, line charts and other standard
graphics). The system should publish reports in Hyper Text Markup
Language (HTML), eXtensible Markup Language (XML), Sequential Query
3
Language (SQL), American Standard Code for Information Interchange
(ASCII), Joint Photographic Experts Group (JPEG) and other standard
languages/formats; be able to print and email all generated reports. The
system should be able to provide displays and reports on all on the
following:
a) audit reports that detail modifications and upgrades to the system,
b) identifying all major problems (per pre-defined service level
agreement/service support program, per period),
c) resolution time for incidents/problems,
d) closed incidents/problems,
e) problems that result in the highest percentage of resource utilization,
f) first contact to closure for incidents or problems,
g) first call closure for incidents or problems,
h) open incidents or problems,
i) incidents or problems that violate Service Level Agreement (SLA)/service
support program, Service Level Indicators,
j) closed incidents and problems,
k) resolved incidents and problems,
l) escalated incidents and problems,
m) based on each individual support staff for the number of incidents or
problems that they turned over to other support staff during a shift change,
n) based on department/group for the number of incidents or problems that
are turned over to other support staff during a shift change,
o) trends by agent/support staff for number of incidents and problems
opened per day, week, and month,
p) trends by agent/support staff for number of incidents and problems
resolved per day, week, and month,
q) trends by agent/support staff for number of incidents and problems
escalated per day, week, and month,
r) trends by agent/support staff on the average time taken for incidents and
problems to move from open to resolved status,
s) trends by agent/support staff on the average time spent talking to
customers/ users regarding an incident or problem,
Enterprise NetOps Planning Division
ESTA-OSC I-ENPD
2133 Cushing St.
Ft. Huachuca, AZ
85613-7070
Compliance.Team@conus.army.mil 12 1/7/2011
FUNCTIONAL REQUIREMENTS PRODUCT COMPLIANCE
MET NOT-MET
SUPPORTING DOCUMENTATION TO INCLUDE:
PR
FUNCTION SYSTEM DESCRIPTION JUSTIFICATION DESCRIPTION COMMENTS
IO
URL, NAME OF SOURCE DOCUMENT AND
RI
√ √
PAGE NUMBER
TY
t) trends by agent/support staff on percent of first contact to resolution
regarding incidents and problems, 3
u) trends (daily, weekly, monthly) by agent/support staff on percent of first
call resolution regarding incidents and problems,
v) trends (daily, weekly, monthly) by agent/support staff on the average
first contact to resolution regarding incidents and problems,
w) trends (daily, weekly, monthly) by agent/support staff on the average
first call to resolution regarding incidents and problems,
x) trends by group/department for number of incidents and problems
opened per day, week, and month,
y) trends by group/department for number of incidents and problems
resolved per day, week, and month,
z) trends by group/department for number of incidents and problems
escalated per day, week, and month,
aa) trends by group/department on the average time taken for incidents
and problems to move from open to resolved status,
bb) trends by group/department on the average time spent talking to
customers/ users regarding an incident or problem,
cc) trends by group/department on percent of first contact to resolution
regarding incidents and problems,
dd) trends by group/department on percent of first call to resolution
regarding incidents and problems,
ee) trends by group/department on the average first contact to resolution
regarding incidents and problems,
ff) trends (daily, weekly, monthly) by group on the average first call to
resolution regarding incidents and problems,
gg) Incident/Problem rollups by LandWarNet C4IM/IT service or product,
hh) Users that access a specific asset,
ii) users that own a specific asset,
jj) operational assets which have exceeded their life-cycle (to identify
equipment that needs to be replaced),
kk) minimum, maximum, and averages for all time and numeric based
reports,
ll) number of users that access a defined service,
3
mm) customers and their associated users,
nn) specify the concentration and distribution of vendors and their related
products within the enterprise (allows the organization to more clearly
understand the impact of issues related to specific products or vendors),
oo) life-cycle plans (projections) for an asset,
pp) service or product defect status,
qq) service or product enhancement request/Request For Change reports.
Provide Synchronous Event Polling The system should collect event logs based on synchronous polling. N/A
3
Enterprise NetOps Planning Division
ESTA-OSC I-ENPD
2133 Cushing St.
Ft. Huachuca, AZ
85613-7070
Compliance.Team@conus.army.mil 13 1/7/2011
FUNCTIONAL REQUIREMENTS PRODUCT COMPLIANCE
MET NOT-MET
SUPPORTING DOCUMENTATION TO INCLUDE:
PR
FUNCTION SYSTEM DESCRIPTION JUSTIFICATION DESCRIPTION COMMENTS
IO
URL, NAME OF SOURCE DOCUMENT AND
RI
√ √
PAGE NUMBER
TY
Provide System Documentation The system should support documentation for a specific N/A
technology/capabilities. This includes system design, implementation and 3
user guides.
Provide User Account Repository The system shall store user and administrator account information for the This is needed to control access to the management system
management system. and to support addressing for notification messages/alerts. 2
Provide User Activity Log The system shall create and manage the User Activity (Audit) Log, This is required per Army Regulatory requirements and
recording all user transactions, and changes to permissions on the system provides a means to verify NetOps staff actions, conduct roll-
1
in accordance with AR 25-2. backs, and conduct post-mortems/After-Action-Reviews
(AARs) to improve NetOps procedures.
Provide User Defined Display Filters The system shall enable administrators to define filtering criteria to view a This is needed to enable administrators to quickly view all
subset of the available information. data based upon specific criteria, facilitating analyses, trouble- 2
shooting, work scheduling, etc.
Provide User Defined Display Formats The system should allow users to create, add, modify, or delete display N/A
3
formats.
Provide User Defined Report Format The system should allow for defined presentation formats to view available N/A
information. It should enable the customization of the fields in a report
template or system-provided default report. The system should provide
report creation tools and support ability to customize reports. The system 3
should enable the user to define output report formats in XML, Hypertext
Transfer Protocol (HTTP), ASCII, SQL, and JPEG.
Provide User Log Data Repository The system shall store User Activity Log data collected for analyses by the This is needed to trace user logon activity and to meet
management system. AR 25-1 and AR 25-2 requirements (punitive requirement). 1
Provide Web Accessible Display The system shall interact with devices via a web-based interface. The This is needed to support Army requirements to provide web
functionality shall be equivalent to the capability provided by non-web accessible interface. 2
based user interfaces.
Queue Data To Send The system's components (e.g., Agents) shall queue events when This is required in order to store and forward alerts, events,
2
communications with the manager is not possible. and methods.
Receive Events in Standard Protocols The system shall receive events via industry standard protocols (Storage This is needed to reduce the amount of time spent integrating
Management Initiative - Specifications, SNMPl v2/3, common information products. 2
model, XML, User Datagram Protocol, etc.)
Receive Graphical Network Views The system shall receive graphical network information from an external This is needed by the Management platform in order to
system. generate enterprise level network diagrams and subsequently 1
monitor the health of the LandWarNet.
Recover From Failover Operations The system shall recover from failover operations by returning to normal Needed to revert back to normal operations after a failover
settings/operations/systems. has been execute, thus ensuring that assets/services in the 2
LandWarNet remain operational.
Remove Asset The system should remove an asset from the group of its managed assets N/A
without sympathetic errors. This function is used when removing an asset
from the network for service, for security violations, redeployment, 3
reallocation, or when decommissioning a platform.
Report Inactive Administrator Accounts The system shall detect and report inactive administrator accounts. This is needed for enforcing secure access controls over the
Inactive administrators are those who have not accessed a specific system NetOps systems used to secure, operate, and manage the
for a predefined amount of time. Inactive administrators shall be flagged LandWarNet and its supported Army and Business systems.
for administrative attention and possible action (i.e., account suspension, 2
deletion, etc.). The system shall provide alert and report mechanisms to
system administrators to act on flagged files.
Report Inactive User Accounts The system shall detect and report inactive users. Inactive users are those This system function is essential for enforcing secure access
who have not accessed a specific system for a predefined amount of time. controls over the NetOps systems used to secure, operate,
Inactive users shall be flagged for administrative attention and possible and manage the LandWarNet and its supported Army and
2
action (i.e., account suspension, deletion, etc.). The system shall provide Business systems.
alert and report mechanisms to system administrators to act on flagged
files.
Reset Administrator Account Parameters The system shall establish the capabilities expected from a Manager to This is to provide the ability to lock accounts and unlock
reset Administrator Account/Group parameters of an application. A reset is administrative accounts allowing for the securing of the
2
the ability to lock or unlock, make active or disable, or change any of the LandWarNet.
settings of an account.
Enterprise NetOps Planning Division
ESTA-OSC I-ENPD
2133 Cushing St.
Ft. Huachuca, AZ
85613-7070
Compliance.Team@conus.army.mil 14 1/7/2011
FUNCTIONAL REQUIREMENTS PRODUCT COMPLIANCE
MET NOT-MET
SUPPORTING DOCUMENTATION TO INCLUDE:
PR
FUNCTION SYSTEM DESCRIPTION JUSTIFICATION DESCRIPTION COMMENTS
IO
URL, NAME OF SOURCE DOCUMENT AND
RI
√ √
PAGE NUMBER
TY
Reset User Account Parameters The system shall provide administrators with the ability to reset User This is vital to have the ability to lock accounts and unlock
Account/Group parameters of an application. A reset is the ability to lock user accounts allowing for the securing of the LandWarNet.
2
or unlock, make active or disable, or change any of the settings of an
account.
Schedule Asset Maintenance Tasks The system should provide for the scheduling of automated maintenance N/A
tasks/jobs to be executed on managed assets from the management
console. Examples of maintenance tasks include: cleaning out the cache 3
file, defragging hard drives, and deleting files in a temp directory/buffer.
Schedule Configuration Information The system shall allow the administrator to define a schedule for the This enables the network administrators to pull recurring
Collection collection of configuration information from devices or device managers. audits of configuration information, as well as to verify recent
configuration updates, during non-peak hours. This helps 2
minimize adverse impacts to the network, while freeing
administrators to perform other tasks.
Schedule Hardware Inventory Data The system should enable an administrator to schedule for the collection of N/A
Collection hardware inventory and configuration information from managed 3
components, directly or via an agent.
Schedule Software/ Firmware Inventory The system should define a schedule for the collection of N/A
Collection software/firmware inventory information from devices, agent, adapter, or 3
sensors.
Schedule Software/ Firmware Distribution The system should allow an administrator to define a schedule for the N/A
distribution of software (i.e., applications, patches, signatures,
3
remediations) to managed assets (e.g., sensors, agents, applications,
devices, etc.).
Schedule Status Collection The system should allow the administrator to define a schedule for the N/A
collection of operational status information from assets or asset managers. 3
Schedule Synchronization With Authoritative The system should schedule synchronization of manager's software and N/A
3
Source files with an authoritative source.
Schedule the Production of Reports The system should support the ability schedule the production of reports. N/A
Scheduling will allow for monthly, daily, and hourly configuration such that 3
reports can be run automatically.
Select Platforms for Monitoring The system should select (identify) which platforms will be monitored N/A
based on administratively-defined criteria (IP address, domain, group,
3
threat alarm data, configuration items) and thresholds/value ranges.
Send Asset Inventory Data The system shall transmit asset and service resource inventory data to Supports deploying/redeploying units and sites (under Base
other systems, to include those escalated for expedited Realignment and Closure (BRAC) to the gaining theater,
action/implementation. Note that the content of that inventory data may Directorate of Information Management (DOIM) and/or unit
change significantly, depending upon the systems passing it (IT Asset Signal element for planning/management. It also enables
Inventory information versus RF Asset Inventory Information). Program Manager/Program Executive Office (PM/PEO) and 2
tactical units to provide locally procured asset information to
the Enterprise CMDB/SS to place them under long-term
management and configuration control.
Send Capacity, Availability, and The system should transmit capacity and availability data to the CAP N/A
Performance Data Monitoring system. 3
Send Graphical Network Views The system shall send graphical network information to another This is necessary to support situational awareness and policy
management system. management. 2
Send Incident/Problem Data The system shall transmit Incident and Problem data. The system shall, This is necessary for ensuring that assets in the LandWarNet
upon triggering of operational or security related problems, send or are operating optimally.
transmit the data (time of event, IP address, category of event, etc.) 1
needed to create a workflow record.
Send Network Event Data The system shall asynchronously send a message to the manager and/or This is necessary to ensure network devices are operational.
other monitoring host(s) describing the time and nature of an alert event. 1
Enterprise NetOps Planning Division
ESTA-OSC I-ENPD
2133 Cushing St.
Ft. Huachuca, AZ
85613-7070
Compliance.Team@conus.army.mil 15 1/7/2011
FUNCTIONAL REQUIREMENTS PRODUCT COMPLIANCE
MET NOT-MET
SUPPORTING DOCUMENTATION TO INCLUDE:
PR
FUNCTION SYSTEM DESCRIPTION JUSTIFICATION DESCRIPTION COMMENTS
IO
URL, NAME OF SOURCE DOCUMENT AND
RI
√ √
PAGE NUMBER
TY
Support Distributed Network Manager This system shall provide the ability to operate in a distributed This is needed to provide the enterprise roll up of data
Systems management environment (peer-to-peer, or hierarchical). Managers shall necessary to operate manage and defend the LandWarNet.
be distributed; i.e., there is NOT only one centralized ubiquitous Manager
1
System/Platform. Distribution may be employed for organizational,
hierarchical, geographical, capacity, and/or survivability reasons.
Support Multiple Concurrent Administrators The system shall support multiple administrators performing management This is needed to support the ability for multiple administrators
operations concurrently. to perform operations concurrently reducing the Total Cost of
2
Ownership (TCO).
Track Logon Attempts The system shall detect and log user logon attempts (successful or This is needed for enforcing AR 25-1 and AR 25-2 security
otherwise). The system shall provide alerts/reports to system regulations and enforcing secure access controls over the
administrators to act on multiple failed attempts. systems used to secure, operate, and manage the
1
LandWarNet and its supported Army and Business systems.
It also supports post-mortems on IT outages/attacks.
10/28/2009
Enterprise NetOps Planning Division
ESTA-OSC I-ENPD
2133 Cushing St.
Ft. Huachuca, AZ
85613-7070
Compliance.Team@conus.army.mil 16 1/7/2011
NETCOM/9TH SIGNAL COMMAND (ARMY)
LANDWARNET NETOPS ARCHITECTURE (LNA)
COMPLIANCE CHECKLIST #2
INTERNET PROTOCOL NETWORK MANAGEMENT SYSTEM PRODUCT COMPLIANCE
INTERACTION WITH OTHER LNA CAPABILITIES TO BE COMPLETED BY VENDOR
SUPPORTING DOCUMENTATION
COMPLIANCE TO INCLUDE: URL, SOURCE DOCUMENT
FROM TO DATA FLOW TEXT DESCRIPTION DATA ELEMENT DEFINITION YES/NO NAME AND PAGE NUMBERS
DESCRIPTION COMMENTS
Capacity, Availability, and Internet Protocol Network Contains a request for data sent from the CAP system to Request for Data: This is a generic request for data from one NetOps
Performance Monitoring System Management System the IP Network Management System. system to another. The type, content, format, and frequency of the data
requested and/or sent is dependant on the respective unique systems.
Configuration Management Internet Protocol Network Contains data sent from the CMDB/SS system to the IP Event/Trouble Ticket Status: Data regarding the status of an "Incident"
Database/Service Support Management System Network Management System. as reported from CMDB/SS to a management system.
Firewall Element Manager Internet Protocol Network Firewall Inventory, Configuration Items, Events and Configuration: Contains all the information on how an asset
Management System Remote Access/control data sent from Firewall Element (configuration item) is presently configured (e.g., parameter settings, ports
Manager to the IP Network Management System. and protocols enabled, filters set, version of Internetwork Operating
System/firmware, etc.).
Events: Contains information reported by managed objects, typically in
the form of SNMP or dedicated alert messages. In some cases (i.e.,
Network Management) this may be consolidated data.
Inventory: Contains the full descriptive inventory of managed assets - to
include all known/discoverable metadata about the asset.
Remote Access to Element Manager: This provides remote access to
the element manager application thru either direct application programming
interface access, Web interface, Remote Desktop, or some other method.
Host Based Security System Internet Protocol Network Contains data sent from the HBSS to the IP Network Address: Address that this protocol end point represents, for example,
Management System Management System. This information is used to by 171.79.6.40 or FE:ED:FE:ED:00:11. The address format, such as IP,
receiving systems to preclude false alarms. Internetwork Packet Exchange, or Ethernet, depends on the Protocol Type
value. It can be further refined in subclasses.
Alerting Managed Element: Name of the alerting computer as known by
the management system.
Host Name: Contains alphanumeric data reflecting the name of
LandWarNet Asset.
Logical Networks Collection Stores information about groups of logical
networks. Use this class to represent subsets of machines that are
physically connected to larger networks. For example, if you have ten
machines connected to the same networking backbone, you could have
five of the machines on the address range 192.168.0.x and the other five
machines on the address range 172.16.10.x. Although they are physically
connected to the same backbone, the two groups of machines are on
separate logical networks.
Port Number: Transmission Control Protocol or User Datagram Protocol
port number.
Protocol Type: Type of endpoint. Often, information in this attribute and
a subclass overlap. However, when this class is used to represent an
endpoint (for example, no subclass exists for fiber channel endpoints), this
Unknown (0),
Other (1),
IPv4 (2),
IPv6 (3),
IPX (4),
AppleTalk (5),
DECnet (6),
SNA (7),
CONP (8),
CLNP (9),
VINES (10),
XNS (11),
ATM (12),
Frame Relay (13),
Enterprise NetOps Planning Division
ESTA-OSC I-ENPD
2133 Cushing St.
Ft. Huachuca, AZ 85613-7070
Compliance.Team@conus.army.mil 17 1/7/2011
INTERNET PROTOCOL NETWORK MANAGEMENT SYSTEM PRODUCT COMPLIANCE
INTERACTION WITH OTHER LNA CAPABILITIES TO BE COMPLETED BY VENDOR
SUPPORTING DOCUMENTATION
COMPLIANCE TO INCLUDE: URL, SOURCE DOCUMENT
FROM TO DATA FLOW TEXT DESCRIPTION DATA ELEMENT DEFINITION YES/NO NAME AND PAGE NUMBERS
DESCRIPTION COMMENTS
Ethernet (14),
TokenRing (15),
FDDI (16),
Infiniband (17),
Fibre Channel (18),
ISDN BRI Endpoint (19),
ISDN B Channel Endpoint (20),
ISDN D Channel Endpoint (21),
IPv4/v6 (22),
BGP (23),
OSPF (24),
MPLS (25),
UDP (26), and
TCP (27).
No default value.
Internet Protocol Network Internet Protocol Network Contains updates to application, device libraries, device Update: This generic data exchange is used to send an update to an LNA
Management System External Management System Internetwork Operating Systems, etc. management system from its respective external authoritative support site.
Support Site For example, the Anti-Virus system receiving an updated list of virus
signatures or the IP Network Management system requesting an update to
the known device catalog.
Internet Protocol Network Internet Protocol Network This is a request from the IP Network Management Request Update: This generic data exchange is used to request an
Management System Management System External System to its external authoritative support site for update from an LNA management system to its respective external
Support Site update known device catalogs, SNMP or Community authoritative support site. For example, the Anti-Virus system requesting
string data, etc. an updated list of virus signatures or the IP Network Management system
requesting an update to the known device catalog.
Internet Protocol Network Internet Protocol Network This is the data and control messages necessary to allow Hierarchical: This is the data and control messages necessary to allow
Management System Management System" the IP Network Manager to operate with another like IP one LNA management system to operate with another like system in a
Network Management System in a peer-to-peer or Hierarchical mode.
hierarchical mode. Peer-to-Peer: This is the data and control messages necessary to allow
one LNA management system to operate with another like system in a
Peer-to-Peer mode.
Internet Protocol Network Capacity, Availability, and Contains CAP data sent from the IP Network Availability Data: Data relative to which resources are ready for use.
Management System Performance Monitoring System Management system to the CAP System.
Capacity Data: Data regarding the resource utilization, user data
consumption, and allocation of resources.
Performance Data: Provides graphical representations of current and
historic performance information and trend analysis of the servers in the
enterprise.
Internet Protocol Network Configuration Management Contains Event reporting, Incident Status, Inventory and Address: Address that this protocol end point represents, for example,
Management System Database/Service Support Configuration data sent from the IP Network 171.79.6.40 or FE:ED:FE:ED:00:11. The address format, such as IP,
Management system to the CMDB/SS. Internetwork Packet Exchange, or Ethernet, depends on the ProtocolType
value. It can be further refined in subclasses.
Alerting Managed Element: Name of the alerting computer as known by
the management system.
Configuration: Contains all the information on how an asset
(configuration item) is presently configured (e.g., parameter settings, ports
and protocols enabled, filters set, version of Internetwork Operating
System/firmware, etc.)
Description: Textual description of the instance.
Event Time: Date and time of the event or occurrence within the
LandWarNet.
Host Name: Contains alphanumeric data reflecting the name of
LandWarNet Asset.
Incident Status Poll: A request from a management system to the CMDB
that is a status poll for any work unit/trouble ticket submitted by the
originating management system.
Enterprise NetOps Planning Division
ESTA-OSC I-ENPD
2133 Cushing St.
Ft. Huachuca, AZ 85613-7070
Compliance.Team@conus.army.mil 18 1/7/2011
INTERNET PROTOCOL NETWORK MANAGEMENT SYSTEM PRODUCT COMPLIANCE
INTERACTION WITH OTHER LNA CAPABILITIES TO BE COMPLETED BY VENDOR
SUPPORTING DOCUMENTATION
COMPLIANCE TO INCLUDE: URL, SOURCE DOCUMENT
FROM TO DATA FLOW TEXT DESCRIPTION DATA ELEMENT DEFINITION YES/NO NAME AND PAGE NUMBERS
DESCRIPTION COMMENTS
Inventory: Contains the full descriptive inventory of managed assets - to
include all known/discoverable metadata about the asset.
Primary Capability: Main function of the computer system. Possible
values are defined in the Capability List attribute:
Not Dedicated (0, default),
Unknown (1),
Other (2),
Storage (3),
Router (4),
Switch (5),
Layer 3 Switch (6),
Central Office Switch (7),
Hub (8),
Access Server (9),
Firewall (10),
Print (11),
Input/Output (I/O) (12),
Web Caching (13),
Server (14),
Management (15),
Block Server (16),
File Server (17),
Mobile User Device (18),
Repeater (19),
Bridge/Extender (20),
Gateway (21),
LoadBalancer (22),
Mainframe (23),
SANSwitch (24),
SANHub (25),
SANBridge (26),
SANRouter (27),
SANDirector (28),
Redundant Array of Independent Disk (RAID) StorageDevice (29),
TapeLibrary (30), and
JBOD (31).
Typically, this attribute is set to the first item in Capability List. For
example, a server that has some firewall capabilities could have Primary
Capability set to Server and Capability List set to Server, Firewall. A
switch device would have both Capability List and Primary Capability set to
Switch.
Primary Operating System: Computer system's primary operating
system.
Submitter: Unique account identifier of the user that created the instance.
This attribute is automatically populated and can be an actual individual or
a system that auto-generated instance.
System Type: Type of computer system. If the computer is Windows-
based, this attribute must have a value. Values are:
X86-based Personal Computer (PC) (0),
Millions of Instructions Per Second (MIPS) -based PC (1),
Alpha-based PC (2),
Power PC (3),
Enterprise NetOps Planning Division
ESTA-OSC I-ENPD
2133 Cushing St.
Ft. Huachuca, AZ 85613-7070
Compliance.Team@conus.army.mil 19 1/7/2011
INTERNET PROTOCOL NETWORK MANAGEMENT SYSTEM PRODUCT COMPLIANCE
INTERACTION WITH OTHER LNA CAPABILITIES TO BE COMPLETED BY VENDOR
SUPPORTING DOCUMENTATION
COMPLIANCE TO INCLUDE: URL, SOURCE DOCUMENT
FROM TO DATA FLOW TEXT DESCRIPTION DATA ELEMENT DEFINITION YES/NO NAME AND PAGE NUMBERS
DESCRIPTION COMMENTS
SH-x PC (4),
StrongARM PC (5),
64-bit Intel PC (6),
64-bit Alpha PC (7),
Unknown (8, default), and
X86-Nec98 PC (9).
Internet Protocol Network Firewall Element Manager This is the data and control messages necessary for the Remote Control of Element Manager: This is the data and control
Management System IP Network Manager to remotely access and control the messages necessary to allow remote control of an element manager by its
Firewall Element Manager application. respective manager of managers.
Internet Protocol Network Internet Protocol Network This is a request from the IP Network Management Request Update: This generic data exchange is used to request an
Management System Management System External System to its external authoritative support site for update from an LNA management system to its respective external
Support Site update known device catalogs, SNMP or Community authoritative support site. For example, the Anti-Virus system requesting
string data, etc. an updated list of virus signatures or the IP Network Management system
requesting an update to the known device catalog.
Internet Protocol Network Internet Protocol Network This is the data and control messages necessary to allow Hierarchical: This is the data and control messages necessary to allow
Management System Management System" the IP Network Manager to operate with another like IP one LNA management system to operate with another like system in a
Network Management System in a peer-to-peer or Hierarchical mode.
hierarchical mode.
Peer-to-Peer: This is the data and control messages necessary to allow
one LNA management system to operate with another like system in a
Peer-to-Peer mode.
Internet Protocol Network Layer 2 Switch Element Manager This is the data and control messages necessary for the Remote Access to Element Manager: This provides remote access to
Management System Internet Protocol Network Management System to the element manager application thru either direct application programming
remotely access and control the Layer 2 Switch Element interface access, Web interface, Remote Desktop, or some other method.
Manager application.
Internet Protocol Network Layer 4 Switch Element Manager This is the data and control messages necessary for the Remote Access to Element Manager: This provides remote access to
Management System IP Network Management System to remotely access and the element manager application thru either direct application programming
control the Layer 4 Switch Element Manager application. interface access, Web interface, Remote Desktop, or some other method.
Internet Protocol Network Network Situational Awareness Contains Network Topology and Network status data Events: Contains information reported by managed objects, typically in
Management System (NETCOP) sent from the IP Network Management System to the the form of SNMP or dedicated alert messages. In some cases (i.e.,
Network Situational Awareness (NETCOP) system. Network Management) this may be consolidated data.
Network Topology Data: This is the data about the physical and logical
relationship of nodes within the network. It can also be configuration of the
individual network elements.
Internet Protocol Network Policy-Based Internet Protocol Contains Configuration, Inventory, and Network Topology Configuration: Contains all the information on how an asset
Management System Network Management data sent from the IP Network Management System to (configuration item) is presently configured (e.g., parameter settings, ports
the Policy-based IP Network Management System. and protocols enabled, filters set, version of Internetwork Operating
System/firmware, etc.)
Inventory: Contains the full descriptive inventory of managed assets - to
include all known/discoverable metadata about the asset.
Network Topology Data: This is the data about the physical and logical
relationship of nodes within the network. It can also be configuration of the
individual network elements.
Internet Protocol Network Router Element Manager Remote Access originating from the IP Network Remote Access to Element Manager: This provides remote access to
Management System Management System going to the Firewall Element the element manager application thru either direct application programming
Management System. interface access, Web interface, Remote Desktop, or some other method.
Internet Protocol Network Security Information Management Contains Security Event data sent from the IP Network Security Event Data: This is a report of one or more security events
Management System System Management System to the SIMS. detected by a managed object or NetOps management system. It includes
all pertinent data about the event and/or consolidation of multiple events.
Internet Protocol Network Wireless Internet Protocol Network Remote Access originating from the IP Network Remote Access to Element Manager: This provides remote access to
Management System Management Management System going to the Wireless IP Network the element manager application thru either direct application programming
Management System. interface access, Web interface, Remote Desktop, or some other method.
Internet Protocol Network Internet Protocol Network Contains data sent from the IP Network Vulnerability Address: Address that this protocol end point represents, for example,
Vulnerability Scanner Management System system to the IP Network Management System. 171.79.6.40 or FE:ED:FE:ED:00:11. The address format, such as IP,
Internetwork Packet Exchange, or Ethernet, depends on the ProtocolType
value. It can be further refined in subclasses.
Enterprise NetOps Planning Division
ESTA-OSC I-ENPD
2133 Cushing St.
Ft. Huachuca, AZ 85613-7070
Compliance.Team@conus.army.mil 20 1/7/2011
INTERNET PROTOCOL NETWORK MANAGEMENT SYSTEM PRODUCT COMPLIANCE
INTERACTION WITH OTHER LNA CAPABILITIES TO BE COMPLETED BY VENDOR
SUPPORTING DOCUMENTATION
COMPLIANCE TO INCLUDE: URL, SOURCE DOCUMENT
FROM TO DATA FLOW TEXT DESCRIPTION DATA ELEMENT DEFINITION YES/NO NAME AND PAGE NUMBERS
DESCRIPTION COMMENTS
Alerting Managed Element: Name of the alerting computer as known by
the management system.
Alerting Manager: Contains the name of the alerting management
platform. This is not necessarily the name of the system generating an
event, but rather its management platform.
Criticality: Contains alphanumeric data indicating the severity of a
specific occurrence. Options for data include low, medium, high or 1, 2, 3
etc.
Event Count: Number indicating the number of events that have
occurred.
Event Time: Date and time of the event or occurrence within the
LandWarNet.
Vulnerability Data: This is a weakness in the operating system or
application that could be exploited for any number of reasons, including
executing malicious code, tampering with data on the local drive, or
hindering network activity.
Layer 2 Switch Element Manager Internet Protocol Network Contains configuration, events, and inventory data sent Configuration: Contains all the information on how an asset
Management System from the Layer 2 Switch Element Management system to (configuration item) is presently configured (e.g., parameter settings, ports
the IP Network Management System. and protocols enabled, filters set, version of Internetwork Operating
System/firmware, etc.).
Events: Contains information reported by managed objects, typically in
the form of Simple Network Management Protocol or dedicated alert
messages. In some cases (i.e., Network Management) this may be
consolidated data.
Inventory: Contains the full descriptive inventory of managed assets - to
include all known/discoverable metadata about the asset.
Remote Access to Element Manager: This provides remote access to
the element manager application thru either direct application programming
interface access, Web interface, Remote Desktop, or some other method.
Layer 4 Switch Element Manager Internet Protocol Network Contains configuration, event, and inventory data sent Configuration: Contains all the information on how an asset
Management System from the Layer 4 Switch Element Management system to (configuration item) is presently configured (e.g., parameter settings, ports
the IP Network Management System. and protocols enabled, filters set, version of Internetwork Operating
System/firmware, etc.)
Events: Contains information reported by managed objects, typically in
the form of SNMP or dedicated alert messages. In some cases (i.e.
Network Management), this may be consolidated data.
Inventory: Contains the full descriptive inventory of managed assets - to
include all known/discoverable metadata about the asset.
Remote Access to Element Manager: This provides remote access to
the element manager application thru either direct application programming
interface access, Web interface, Remote Desktop, or some other method.
Network Situational Awareness Internet Protocol Network Contains Request for data sent from the Network Request for Data: This is a generic request for data from one NetOps
(NETCOP) Management System Situational Awareness (NETCOP) Management system system to another. The type, content, format, and frequency of the data
to the IP Network Management System. requested and/or sent is dependant on the respective unique systems.
Policy-Based Internet Protocol Internet Protocol Network Contains a request for data and the configuration profiles Request for Data: This is a generic request for data from one NetOps
Network Management Management System sent from the Policy Based IP Network Management system to another. The type, content, format, and frequency of the data
system to the IP Network Manager. requested and/or sent is dependant on the respective unique systems.
Router Element Manager Internet Protocol Network Contains Event, Inventory, and Configuration data sent Configuration: Contains all the information on how an asset
Management System from the Router Element Management system to the IP (configuration item) is presently configured (e.g., parameter settings, ports
Network Manager; Remote Access related interactions to and protocols enabled, filters set, version of Internetwork Operating
Network Manager. System/firmware, etc.).
Events: Contains information reported by managed objects, typically in
the form of SNMP or dedicated alert messages. In some cases (i.e.
Network Management), this may be consolidated data.
Inventory: Contains the full descriptive inventory of managed assets - to
include all known/discoverable metadata about the asset.
Enterprise NetOps Planning Division
ESTA-OSC I-ENPD
2133 Cushing St.
Ft. Huachuca, AZ 85613-7070
Compliance.Team@conus.army.mil 21 1/7/2011
Router Element Manager Internet Protocol Network Contains Event, Inventory, and Configuration data sent
Management System from the Router Element Management system to the IP
INTERNET Network Manager; NETWORK MANAGEMENT
SYSTEM
PROTOCOLRemote Access related interactions to PRODUCT COMPLIANCE
Network Manager.
INTERACTION WITH OTHER LNA CAPABILITIES TO BE COMPLETED BY VENDOR
SUPPORTING DOCUMENTATION
COMPLIANCE TO INCLUDE: URL, SOURCE DOCUMENT
FROM TO DATA FLOW TEXT DESCRIPTION DATA ELEMENT DEFINITION YES/NO NAME AND PAGE NUMBERS
DESCRIPTION COMMENTS
Remote Access to Element Manager: This provides remote access to
the element manager application thru either direct application programming
interface access, Web interface, Remote Desktop, or some other method.
Wireless Internet Protocol Network Internet Protocol Network Wireless Inventory, Configuration Items, Events and Configuration: Contains all the information on how an asset
Management Management System Remote Access/control data sent from Wireless IP (configuration item) is presently configured (e.g., parameter settings, ports
Network Management System to the IP Network and protocols enabled, filters set, version of Internetwork Operating
Management System. System/firmware, etc.).
Events: Contains information reported by managed objects, typically in
the form of SNMP or dedicated alert messages. In some cases (i.e.,
Network Management) this may be consolidated data.
Inventory: Contains the full descriptive inventory of managed assets - to
include all known/discoverable metadata about the asset.
Remote Access to Element Manager: This provides remote access to
the element manager application thru either direct application programming
interface access, Web interface, Remote Desktop, or some other method.
Enterprise NetOps Planning Division
ESTA-OSC I-ENPD
2133 Cushing St.
Ft. Huachuca, AZ 85613-7070
Compliance.Team@conus.army.mil 22 1/7/2011
9th SIGNAL COMMAND (ARMY)
LANDWARNET NETOPS ARCHITECTURE (LNA)
INTERNET PROTOCOL NETWORK MANAGEMENT SY
TO BE COMPLETED BY ARMY REQUIRING ACTIVITY ACTIVITY
ARMY PROPONENT VENDOR PRODUCT COMPLIANCE CHECKLIST SUBMITTED TO NETCOM
ORGANIZATION: COMPANY NAME: NAME:
DATE:
VERSION:
POINT OF CONTACT: POINT OF CONTACT:
INTENDED USE OF TH
PHONE: PHONE:
E-MAIL: E-MAIL:
TARGETED ECHELON(S) FOR IMPLEMENTATION OF THIS PRODUCT (Please Chec
Army Area Processing Center (APC): Army CIO G-6:
Army Global Network Operations and Security Center (Army-GNOSC) TOC: Army Operations Center - Pentagon:
Army Strategic Command (ARSTRAT): Battalion (II) S-6:
Battalion Command Assistance Team (BCAT): Brigade (X) Combat Team (BCT):
Brigade (X) Signal Company: Communications-Electronics Research Development & Engineering Center (CERDEC):
Corps (XXX) G-6: Corps (XXX) Signal Company:
Division (XXX) G-6: Division (XX) Signal Company:
Installation, Garrison, Post, Camp, Station NEC (formally DOIM): NETCOM / 9th Signal Command (Army):
Regional Computer Emergency Response Team (RCERT): Regional Hub Node:
Theater Network Operations (NetOps) Center (TNC) - DISA: Theater Network Operations (NetOps) Control Center (TNCC):
Theater Tactical Signal Brigade (TTSB): U.S. Army National Guard NOSC:
Other (Please Identify):
NOTE:
a) Completed LNA Compliance Checklists and supporting documentation are to be e-mailed to the NETCOM 9th Signal Command, LNA Compliance Team at the following: .- - - - - - - - - - - - - - - -- - - - - - - - - - - - - - - - - - - - - - -
b) These LNA Checklists and supporting documentation will be utilized by the LNA Compliance Team in their assessment of this NetOps products compliance to the Army LNA, prior to a CoN being granted by NETCOM/9th Signal Command
NAL COMMAND (ARMY)
T NETOPS ARCHITECTURE (LNA)
L NETWORK MANAGEMENT SYSTEM
BY ARMY REQUIRING ACTIVITY ACTIVITY
COMPLIANCE CHECKLIST SUBMITTED TO NETCOM DOES THIS PRODUCT ( VERSION ) HAVE A CERTIFICATE OF NETWORTHINESS (CoN)
YES: CoN DATE:
DATE:
NO: DATE REQUEST SUBMITTED:
INTENDED USE OF THIS PRODUCT
LEMENTATION OF THIS PRODUCT (Please Check ( √ )
Army Computer Emergency Response Team (ACERT) Tactical Operations Center (TOC):
Army Service Component Commands:
Battalion (II) Signal Company:
Brigade (X) S-6:
Development & Engineering Center (CERDEC): Company Signal Support:
Department of the Army (DA):
Expeditionary Signal Battalion (ESB) BATCON:
): NSC Operations Center (OC):
Signal Command (Theater) HQ and CIO:
Control Center (TNCC): Theater Network Operations and Security Center (TNOSC):
U.S. Strategic Command (STRATCOM):
t the following: .- - - - - - - - - - - - - - - -- - - - - - - - - - - - - - - - - - - - - - - compliance.team@conus.army.mil
e to the Army LNA, prior to a CoN being granted by NETCOM/9th Signal Command.
