Computer, Network and It Management Manual

Document Sample
Computer, Network and It Management Manual Powered By Docstoc
					                                                                                                                                           NETCOM/9th SIGNAL COMMAND (ARMY)
                                                                                                                                      LANDWARNET NETOPS ARCHITECTURE (LNA)

                                                                                                                            E-MAIL MANAGEMENT SYSTEM
                                                                                                                                                COMPLIANCE CHECKLIST #1
                                                       PRODUCT                                                                                                                                                                                                 Vendors Certification of Product Meeting LNA
                                                                                                                                       CHECKLIST TO BE COMPLETED BY                                                                                       Name:
                                                                                                                                                                                                                                                                               Requirements
                                                                                                                                                                                                                                                                                  Title:
Name:
                                                                                                                                                                                  VENDOR
Version:                                                                                                                                                                                                                                                  Signature:


                                                                        FUNCTIONAL REQUIREMENTS                                                                                                                                                           PRODUCT COMPLIANCE

                                                                                                                                                                                                             MET                                                                  NOT-MET
                                                                                                                                                                                                                   SUPPORTING DOCUMENTATION TO INCLUDE:




                                                                                                                                                                                                  PR
              FUNCTION                                               SYSTEM DESCRIPTION                                                            JUSTIFICATION                                                                                                  DESCRIPTION                 COMMENTS




                                                                                                                                                                                                    IO
                                                                                                                                                                                                                     URL, NAME OF SOURCE DOCUMENT AND




                                                                                                                                                                                                      RI
                                                                                                                                                                                                             √                                                                      √
                                                                                                                                                                                                                                PAGE NUMBER




                                                                                                                                                                                                        TY
Add, Delete and Register Agents                  The system shall add and delete agents to/from managed clients/assets.         This is needed in order to perform basic management
                                                 Whenever a new agent is added, the manager triggers inventory data             functions on agent managed assets and services.
                                                 collection for the affected asset/agent. Whenever an agent is removed,                                                                              1
                                                 the pertinent data is removed from the Manager.

Alert on Unauthorized Configuration              The system shall provide the alerts of unauthorized configuration changes This provides fast notification of unauthorized changes to
Changes                                          on management platform(s) and the managed clients/assets.                 configurations; speeds remedial action.                                   2

Analyze Events By Asset                          The system shall provide on demand and scheduled analysis of event             This enables administrators to troubleshoot faulty/absent
                                                 data. It should be able to extract and produce event data based on             reporting by sources, fine-tune their configurations, develop
                                                 specified asset/system criteria (e.g., platform, device, application, asset    new/more effective behavior based profiles (for
                                                 type, agent/system failure reports, source, system performing attack, etc.).   firewalls/intrusion prevention system), and provide evaluations
                                                                                                                                                                                                     2
                                                 It shall enable administrators to query, extract/filter and report event       on the effectiveness of sources. All improve the
                                                 information based on the event source. It shall enable the administrator to    LandWarNet's availability, reliability, and security.
                                                 schedule the analyses/queries, with the same criteria.

Analyze Events by Multiple Criteria              The system shall enable administrators to analyze system events by             This is essential to support root cause analyses,
                                                 multiple criteria. It shall enable them to analyze events relating to two or   troubleshooting, and in order to assess progress in improving
                                                 more administrator designated criteria, to include (but not limited to)        support/services - all necessary to operate, maintain and
                                                 specific times, assets (hardware, software, agents), Command, Control,         defend the LandWarNet. It also reduces the amount of time
                                                 Communications, Computers, and Information Management/Information              administrators will spend in isolating the underpinning cause
                                                                                                                                                                                                     2
                                                 Technology (C4IM/IT) services, users, administrators, threat signatures,       of an outage.
                                                 behavioral profiles, asset/threat type, management system
                                                 transactions/job, Capacity, Availability, Performance (CAP) data, business
                                                 impact, data source, and/or configuration items.

Application/Service Modeling                     The system should provide application and IT service modeling tools.          Not Applicable (N/A)
                                                 Modeling provides the ability to evaluate a model of the existing application
                                                 and service systems by inputting projected changes and receiving                                                                                    3
                                                 information relative to how the changes will affect the overall performance.

Assign Privileges to Administrative Groups       The system shall provide the ability to assign privileges (read, write,        This is needed for administrators to quickly and securely add
                                                 execute, access to, restrictions from) to administrative groups.               and remove access permissions to management platforms.
                                                                                                                                                                                                     2
                                                 Administrative groups are composed of administrative accounts used to
                                                 manage the platform.
Collect Agent Configuration Data                 The system shall obtain information from managed agents about their            This is required to reduce administrative workloads and
                                                 client's configuration and status. The reported data includes agent            network traffic burdens (during peak operational periods),
                                                 identification, addresses, and agent/client computing platform's operational   while providing the data needed to operate, manage and
                                                                                                                                                                                                     2
                                                 status data. The system enables administrators to schedule these data          defend the LandWarNet remotely.
                                                 collections. The reported information is stored in the Manager.


           Enterprise NetOps Planning Division
           ESTA-OSC I-ENPD
           2133 Cushing St.
           Ft. Huachuca, AZ
           85613-7070
           Compliance.Team@conus.army.mil                                                                                                                                           1                                                                                                              1/11/2011
                                                                        FUNCTIONAL REQUIREMENTS                                                                                                                                                                 PRODUCT COMPLIANCE

                                                                                                                                                                                                                   MET                                                               NOT-MET
                                                                                                                                                                                                                         SUPPORTING DOCUMENTATION TO INCLUDE:




                                                                                                                                                                                                        PR
             FUNCTION                                               SYSTEM DESCRIPTION                                                                JUSTIFICATION                                                                                                  DESCRIPTION               COMMENTS




                                                                                                                                                                                                          IO
                                                                                                                                                                                                                           URL, NAME OF SOURCE DOCUMENT AND




                                                                                                                                                                                                            RI
                                                                                                                                                                                                                   √                                                                   √
                                                                                                                                                                                                                                      PAGE NUMBER




                                                                                                                                                                                                              TY
Collect Agent Inventory                         The system shall provide the capability to query agents to obtain                 This reduces administrator workloads, facilitates network
                                                information about their operational software version. The manager shall           optimization, and increases the probability and speed of
                                                include the capability to identify software changes that have occurred            detecting illicit changes and incomplete/failed updates to
                                                within an agent, based on previously collected data. The manager shall            agents; all combine to improve LandWarNet security,                      2
                                                support the definition of a schedule for the collection of information from       availability and reliability.
                                                agents. This information is stored in the Software Repository.

Collect Component Status                        This system shall be able to query devices or device managers to obtain           Status of a device is needed to ensure services/applications
                                                information about their operational status/ health. Within Host Based             are working appropriately.
                                                                                                                                                                                                           2
                                                Security System (HBSS), this applies to monitoring the status of its
                                                distributed repositories.
Collect Events From Log Files (Active)          The system shall collect events from log files or logging systems. (Active  This is needed in order for the management platform to
                                                collection).                                                                receive health, status and security posture of managed                         2
                                                                                                                            systems in the LandWarNet.
Collect Hardware Inventory and                  The system shall query managed platforms, agents, and devices/clients to Needed in order to manage the underlying components of the
Configuration Data                              obtain information about their operational hardware inventory and           LandWarNet. Could be used for metering for compliance.
                                                configuration. It automatically forwards designated Assets and                                                                                             1
                                                Configuration Items (CI) data, as directed/configured by the administrator.

Collect Software/Firmware Inventory and         The system shall query manage components, agents, or sensors and            This is necessary in order to baseline, manage, and defend
Configuration Data                              obtain information about the operational software/firmware inventory on the the underlying software existing within the LandWarNet.
                                                                                                                                                                                                           1
                                                managed asset(s). This information is stored in the Software Repository.

Configure Communication Resources               The system shall have configurable communication parameters. These                This is needed to securely configure communication channels
                                                parameters can be set between component-to-management consoles,                   between agents and management platforms ensures secure
                                                manager-to-agent and manager-to-management consoles; client-to-server,            transfer of data between the two elements.
                                                                                                                                                                                                           1
                                                client-to-client, Virtual Private Network (VPN) Device-to-remote user, and
                                                server-to-server components. This includes configuring ports, Internet
                                                Protocol (IP) address.
Configure Filter/Signature Download             The system shall provide the ability to set attributes for downloading            This is required to provide the ability to establish a hierarchical
Attributes                                      filters/signatures from a configurable download address. This includes            architecture for the automated download of filters/signatures
                                                                                                                                                                                                           2
                                                establishing authentication/access controls, and permitted                        used to limit traffic and apply policy.
                                                ports/protocols/services on the download sessions/jobs.
Configure Local Event Queues                    The system should accept user input of the data required to configure a           N/A
                                                queue of events for a defined period of time for later collection by the
                                                                                                                                                                                                           3
                                                Manager. This includes enabling customers/users to define optimal times
                                                for non-disruptive data collection.
Configure Operational Data Collection           The system shall enable administrators to define the particulars of               This is required to ensure that asset statuses and other
                                                operational data collection and storage. These shall include the intervals        operational data are collected to operate and maintain the
                                                of data collection, the specific data to be collected (e.g., system operational   LandWarNet.                                                              2
                                                status, user actions/activities being performed, etc.), and the methods of
                                                collection.
Control Report Generation                       The system should control how and when reports are generated; It should           [This facilitates early detection of potential future asset/service
                                                support ad hoc reporting capability; automated generation of all available        failures and anomalies.]
                                                reports, by user request or per a schedule. The system should provide
                                                                                                                                                                                                           3
                                                statistical reports based on administrator-selected attributes/thresholds. It
                                                should generate reports based on attribute associations.

Correlate Resource Use to Performance           The system should provide an administrator-controlled ability to correlate        N/A
                                                the Assets and/or underpinning services used to determine/measure the
                                                                                                                                                                                                           3
                                                performance of a LandWarNet system or service.

Customize Diagnostic Routines                   The system should support local customization of the default diagnostic           N/A
                                                                                                                                                                                                           3
                                                routines.
Customize Help Feature                          The system should support the customization of help-related system                N/A
                                                functions for its management console(s) and its managed                                                                                                    3
                                                components/devices/applications/service.




          Enterprise NetOps Planning Division
          ESTA-OSC I-ENPD
          2133 Cushing St.
          Ft. Huachuca, AZ
          85613-7070
          Compliance.Team@conus.army.mil                                                                                                                                                 2                                                                                                         1/11/2011
                                                                       FUNCTIONAL REQUIREMENTS                                                                                                                                                           PRODUCT COMPLIANCE

                                                                                                                                                                                                            MET                                                               NOT-MET
                                                                                                                                                                                                                  SUPPORTING DOCUMENTATION TO INCLUDE:




                                                                                                                                                                                                 PR
               FUNCTION                                             SYSTEM DESCRIPTION                                                           JUSTIFICATION                                                                                                DESCRIPTION               COMMENTS




                                                                                                                                                                                                   IO
                                                                                                                                                                                                                    URL, NAME OF SOURCE DOCUMENT AND




                                                                                                                                                                                                     RI
                                                                                                                                                                                                            √                                                                   √
                                                                                                                                                                                                                               PAGE NUMBER




                                                                                                                                                                                                       TY
Customize Knowledge Base                        The system should enable administrators to customize its digital             N/A
                                                documents knowledge bases for its managed clients/agents/applications,
                                                and supported customers, organizations, or services. This enables
                                                administrators to add Army specific documents (approval to operate,
                                                tailored Standard Operating Procedure (SOP)/Tactics, Techniques, and
                                                Procedures (TTPs), Army-refined Frequently Asked Questions (FAQs),                                                                                  3
                                                Intrusion Prevention System (IPS) Policy/Behavior-Based Rule
                                                Implementation Instructions, Field Manuals(FMs)/Behavior-Based Rules,
                                                etc.) to standard Enterprise documents and links within the knowledge
                                                base.

Define Access Privileges                        The system shall enable designated administrators to define, and             This is critical for securing LandWarNet resources and
                                                subsequently enforce access privileges for other administrators, users and preventing unauthorized users from making changes that
                                                assets to the management platform its data and any managed assets.           could lead to false alarms, failure of vital system functions,         2
                                                                                                                             and corruption of data used to operate, manage and defend
                                                                                                                             the LandWarNet.
Define Performance Thresholds                   The system should define performance thresholds for the managed              N/A
                                                agents/systems/clients/applications. Performance is primarily tied to
                                                availability, throughput and response time. (e.g., transaction time, storage
                                                                                                                                                                                                    3
                                                read write times, authentication processing time, update times, attacks
                                                blocked, attacks blocked by signature/behavior rule, etc.).

Define Rule Set Logic                           The system should enable the administrator to create, modify, and save       N/A
                                                the logic necessary to produce comprehensive rule sets. Rules sets are
                                                used to send messages, trigger alerts, detect events, route files/data for                                                                          3
                                                processing, sequence jobs/transactions, etc.

Detect and Report Login Credential              The system shall identify when users/administrators have changed, or         This is needed to track user activity and identify those types of
Changes                                         attempted to change, their login credentials (user name, password,           activities that may indicate unauthorized changes to accounts.         2
                                                domain) and report this change.
Detect Configuration Changes                    The system shall track the changes made to component, agent/sensor,          Needed to ensure authorized changes are effected and that
                                                and/or configuration data. Messages sent to agents/sensors, along with       unauthorized changes are identified.
                                                date/time stamped responses, are logged; these are used to identify the                                                                             2
                                                user/administrator directing the changes.

Display Available Diagnostic Routines           The system should present a list of available diagnostic routines that can   N/A
                                                be executed on either the management platform or managed asset.                                                                                     3

Display Change History                          The system shall display information regarding historical changes to the      This is needed to enable administrators to verify authorized
                                                system and its managed objects or applications.                               changes and identify unauthorized changes to the
                                                                                                                                                                                                    1
                                                                                                                              management system and any managed devices and
                                                                                                                              applications.
Display Events                                  The system shall display dynamic near-real-time events based on alarm         This is needed for the operation, maintenance, and defense of
                                                severity, time, hierarchical importance, client groups, etc. The system shall the Global Information Grid (GIG) and LandWarNet.
                                                                                                                                                                                                    1
                                                support drill down capabilities to display the underlying events behind
                                                larger alarms/incidents.
Display Help                                    The system should provide the ability to view help files specific to the      N/A
                                                                                                                                                                                                    3
                                                application or management system.
Display Knowledge Base Information              The system should display requested information from a particular             N/A
                                                knowledge base, in response to administrator queries. It should support
                                                information retrieval and display from authorized (administratively-linked)
                                                external knowledge bases (e.g., a vendor maintained knowledge base.                                                                                 3
                                                This facilitates rapid trouble-shooting and insightful decision making,
                                                particularly by less experienced administrators.

Display Logging Information                     The system shall present logging information received from an asset or       Enables administrators to view activity logs to identify
                                                                                                                                                                                                    2
                                                agent/sensor.                                                                unauthorized events per Army Regulation (AR) 25-2.




          Enterprise NetOps Planning Division
          ESTA-OSC I-ENPD
          2133 Cushing St.
          Ft. Huachuca, AZ
          85613-7070
          Compliance.Team@conus.army.mil                                                                                                                                           3                                                                                                        1/11/2011
                                                                        FUNCTIONAL REQUIREMENTS                                                                                                                                                            PRODUCT COMPLIANCE

                                                                                                                                                                                                              MET                                                               NOT-MET
                                                                                                                                                                                                                    SUPPORTING DOCUMENTATION TO INCLUDE:




                                                                                                                                                                                                   PR
                FUNCTION                                             SYSTEM DESCRIPTION                                                             JUSTIFICATION                                                                                               DESCRIPTION               COMMENTS




                                                                                                                                                                                                     IO
                                                                                                                                                                                                                      URL, NAME OF SOURCE DOCUMENT AND




                                                                                                                                                                                                       RI
                                                                                                                                                                                                              √                                                                   √
                                                                                                                                                                                                                                 PAGE NUMBER




                                                                                                                                                                                                         TY
Display Monitored Data                           The system shall drill down and display information about displayed            This is essential for basic LandWarNet monitoring,
                                                 devices and events. The information may include                                troubleshooting, and maintenance - particularly at Theater
                                                 event/incidents/problems, operational activities, system transactions and/or   Network Operation and Security Centers (TNOSC), where                 1
                                                 CAP data.                                                                      remote access to fault sources will be critical for security and
                                                                                                                                rapid repair/problem prevention.
Display Results of Diagnostics                   The system shall present results of diagnostic routines executed on a          This is needed to facilitate trouble shooting.
                                                                                                                                                                                                      2
                                                 network device.
Encrypt Data Exchanges                           The system shall provide secure (encrypted) data exchange between a            Secures Network Operations (NetOps) management data
                                                 manager and clients. Certain types of data being exchanged require             used to control management platforms on the LandWarNet.
                                                 encryption (e.g., logon credentials). The system shall provide the
                                                 capability to encrypt data transferred between the system and assets using                                                                           1
                                                 Secure Socket Layer (SSL) and Transport Layer Security (TLS) that is
                                                 Federal Information Processing Standards (FIPS) Publication 140-2
                                                 compliant.
Event Root Cause Analysis                        The system shall provide the capability to perform root cause analysis of      This is essential for troubleshooting the true source of device
                                                 asset failures, service breaches or problems. The system shall identify the    failures and resultant service outages - speeding
                                                 point of failure and any down stream (e.g., 2nd and 3rd order) effects to      recovery/restoration of the LandWarNet.
                                                                                                                                                                                                      2
                                                 assets, services, or users/organizations. The system shall clearly indicate
                                                 when network or service isolation has occurred.

Execute Diagnostic Routines                      The system shall enable the user to execute the available diagnostic           This is needed for administrators to remotely execute routines
                                                 routines.                                                                      that will help with the diagnosis of problems with the system.        2

Filter Events                                    The system shall filter or limit the events being generated from the           This is needed to filter events being generated from the
                                                 managed asset. Examples of filter criteria are event name, type,               managed assets the console will receive to prevent more
                                                 identification number, source, and type of event (i.e., security, system,      events that can be processed. This could cause the console            2
                                                 application).                                                                  to lock up, and could also result in loss of pertinent event
                                                                                                                                data.
Identify and Collect Data for Monitoring         The system shall enable an administrator to select (identify) what data to     This is necessary in order to receive information about the
                                                 monitor/report and enable the reception collection of that data.               status of an asset or service. It provides valuable information       2
                                                                                                                                used to identify failures.
Identify Resource Consumption Based on           The system should identify resource consumption based upon a specific          N/A
Applications                                     Application. It should specify (disk/Random Access Memory
                                                 (RAM)/bandwidth/Central Processing Unit (CPU)) capacity and/or any
                                                 underpinning/supporting assets used by an specific application (asset), or
                                                                                                                                                                                                      3
                                                 group of applications, to provide a service or underpinning Information
                                                 Technology (IT) support. It should enable the administrator to select one
                                                 or more applications to collect/determine this resource consumption
                                                 information.
Identify Resource Consumption Based on           The system should identify resource consumption based upon specific         N/A
Systems                                          systems/assets. It should specify (disk/RAM/bandwidth/CPU) capacity
                                                 and/or any underpinning/supporting assets used by an specific
                                                 system/device (asset), or group of systems/devices, to provide a service or
                                                                                                                                                                                                      3
                                                 underpinning IT support. It should enable the administrator to select one
                                                 or more systems/devices to collect/determine this resource consumption
                                                 information.

Identify Resource Consumption Based On           The system should provide the ability to identify resource consumption         N/A
Users And Groups                                 based on predefined user groups/roles. It should specify
                                                 disk/RAM/bandwidth capacity and/or any underpinning/supporting assets
                                                 used by a specific user, or group of users (roles/organizations). It should                                                                          3
                                                 enable the administrator to select one or more users or user groups to
                                                 collect/determine this resource consumption information.

Identify Trends Based On Historical Metrics The system should support the ability to identify trends based on historical N/A
                                                                                                                                                                                                      3
                                            metrics.
Improve Performance                         The system shall enable the administrator to adjust application and system Needed to ensure assets in the LandWarNet are operating at
                                            settings so as to improve performance on the managed assets. Adjusted an optimal level, thus meeting defined service levels.
                                                                                                                                                                                                      2
                                            settings include; cache, virtual memory, hard memory limits, and dynamic
                                            limits for replicas.


           Enterprise NetOps Planning Division
           ESTA-OSC I-ENPD
           2133 Cushing St.
           Ft. Huachuca, AZ
           85613-7070
           Compliance.Team@conus.army.mil                                                                                                                                             4                                                                                                       1/11/2011
                                                                          FUNCTIONAL REQUIREMENTS                                                                                                                                                              PRODUCT COMPLIANCE

                                                                                                                                                                                                                  MET                                                               NOT-MET
                                                                                                                                                                                                                        SUPPORTING DOCUMENTATION TO INCLUDE:




                                                                                                                                                                                                       PR
               FUNCTION                                               SYSTEM DESCRIPTION                                                                JUSTIFICATION                                                                                               DESCRIPTION               COMMENTS




                                                                                                                                                                                                         IO
                                                                                                                                                                                                                          URL, NAME OF SOURCE DOCUMENT AND




                                                                                                                                                                                                           RI
                                                                                                                                                                                                                  √                                                                   √
                                                                                                                                                                                                                                     PAGE NUMBER




                                                                                                                                                                                                             TY
Initiate Failover                                 The system shall be able to initiate failover of its managed assets based          Needed to ensure assets/systems/services in the
                                                  on administratively set threshold criteria and redundant configurations.           LandWarNet will continue to operate.                                 2

Manage Administrator Accounts              The system shall provide the ability to manage (add, modify, verify, delete)              This is needed to ensure that access to management systems
                                           accounts that are used to administrate the system. This also includes the                 is controlled and secure.                                            2
                                           ability add and remove users from groups.
Manage Agent Profiles                      The system should administratively manage (create, modify, and delete)                    This is needed in order to manage large numbers of agents
                                                                                                                                                                                                          2
                                           configuration profiles for different types of agents.                                     via the profile functionality.
Manage Agent/Client Configuration Settings The system shall manage agent/client related configuration settings. To                   This is needed to be able to manage any LandWarNet asset.
                                           include 'auto-install' new definitions, files to exclude, reporting criteria,                                                                                  2
                                           reporting times, etc.
Manage Application Configuration Settings The system shall manage application related configuration settings.                  This is essential to ensure Army Gold Master and other
                                                                                                                               common Enterprise Applications have implemented secure
                                                                                                                                                                                                          2
                                                                                                                               configuration settings as part of the LandWarNet Defense In
                                                                                                                               Depth (DID) effort.
Manage Component Grouping                         The system shall allow administrators to define groups of assets. Groups This is needed to enable the administrators to perform
                                                  may be created using different characteristics, including hierarchical,      common operations upon them (loading patches, signatures,
                                                  organizational, geographical, or functional (e.g., Email Servers). Also, the profiles, access control list, etc.) - speeding implementation of
                                                                                                                                                                                                          2
                                                  system shall enable administrators to assign specific assets/components to security measures during an attack, reducing the chances of
                                                  defined groups.                                                              error, and reducing overall administrator workloads.

Manage Configuration Profiles                     The system shall manage (create, modify, archive and delete) sets of               This speeds asset configuration (during installation/updates),
                                                  configuration profiles for specific classes of devices, agent/clients, and         reduces administrator burdens, and reduces human error by
                                                  applications. A configuration profile contains all the configuration               establishing standard configuration sets to apply for specific
                                                  information about a specific asset. It shall support both the current              assets. It also provides a means to assess compliance to an
                                                  configuration profile of a managed asset as well as a baseline                     approved Enterprise configuration standard for common                2
                                                  configuration profile.                                                             systems/devices (e.g., an Active Directory (AD) server should
                                                                                                                                     have specific agents, signatures and profiles loaded at any
                                                                                                                                     given time).

Manage Diagnostic Routines                        The system should enable administrators to create, copy, and delete                N/A
                                                  tailored/unique diagnostic routines for the management system and any                                                                                   3
                                                  managed devices, agents or applications.
Manage Environment Specific Event                 The system shall enable administrators to create, copy, modify, archive            This allows administrators to refine automated responses by
Actions                                           and delete Event Response/Operations rules for environment specific                the manager to address unique/Army mission and
                                                  (local) events or administratively defined filters. It shall allow them to         environment/infrastructure needs and constraints. A pick list
                                                  create/modify names for each rule, select pre-defined standard/ custom             enables administrators to predefine rules to support conditions
                                                  filters, and specify the pre-defined responses/operations the management           anticipated when an Operations Plan (OPLAN)/Concept of
                                                  system shall take when the criteria are met. The system's automated                Operations Plan (CONPLAN) is executed, or major
                                                  response options shall support audible alarms, visual alarms, administrator        event/policy (e.g., Brigade Combat Team exercise or
                                                  defined text messaging (e.g., email/pager alerts), normalization of                Information Operations policy) occurs. Pre-configured
                                                  externally generated events, correlation/consolidation of                          automated responses help prevent both administrators and
                                                  redundant/associated events, setting event classification/priority data, and       the system from becoming overwhelmed - while speeding                2
                                                  execution of other operations using administratively defined variable              remedial actions.
                                                  entries. It shall permit an administrator to create a rule set of related rules.
                                                  It shall enable administrators define rules/criteria used to match specific
                                                  data fields and the data entry that results from the match. It should enable
                                                  them to provide a named set of these combination rules. The system shall
                                                  enable administrators to manage a pick list of
                                                   these rules/rules sets for latter execution by administrators and
                                                  authorized users.




            Enterprise NetOps Planning Division
            ESTA-OSC I-ENPD
            2133 Cushing St.
            Ft. Huachuca, AZ
            85613-7070
            Compliance.Team@conus.army.mil                                                                                                                                               5                                                                                                        1/11/2011
                                                                         FUNCTIONAL REQUIREMENTS                                                                                                                                                                PRODUCT COMPLIANCE

                                                                                                                                                                                                                   MET                                                               NOT-MET
                                                                                                                                                                                                                         SUPPORTING DOCUMENTATION TO INCLUDE:




                                                                                                                                                                                                        PR
              FUNCTION                                                SYSTEM DESCRIPTION                                                                 JUSTIFICATION                                                                                               DESCRIPTION               COMMENTS




                                                                                                                                                                                                          IO
                                                                                                                                                                                                                           URL, NAME OF SOURCE DOCUMENT AND




                                                                                                                                                                                                            RI
                                                                                                                                                                                                                   √                                                                   √
                                                                                                                                                                                                                                      PAGE NUMBER




                                                                                                                                                                                                              TY
Manage Event Filter Criteria                     The system shall enable administrators to create, modify, archive, and              This is needed to the effective application of the filter to the
                                                 delete filtering criteria used to control what events are generated (sent) or       asset. Event filtering prevents the console from receiving
                                                 permitted (accepted) from each managed element/ asset. It shall support             more events that can be processed. This could cause the
                                                 different filters for sending events, receiving/ processing events, and alerts/     console to lock up, and could also result in loss of pertinent
                                                 notifications arising from events. The system shall support temporary               event data.
                                                 filters, enabling administrators to select default/ administrator defined filters
                                                 from a pick list to adjust and activate. The supported filtering criteria shall                                                                           2
                                                 address standards/Protocol based variables/thresholds (e.g., Simple
                                                 Network Management Protocol, computer input multiplexer) as well as
                                                 system unique ones (e.g., vendor provided Simple Network Management
                                                 Protocol, manual input buffer extensions).

Manage Event Repository                          The system shall enable the administrator to manage event data                      This is necessary to monitor the health and/or security of
                                                 storage/repositories. [Events are security alerts/reports or operational data       managed assets/services, and to perform detailed studies of
                                                 reported by managed agents/sensors/adaptors and/or generated internally             their failures/performance (used to improve procedures,
                                                 by the Manager.] The system shall enable authorized administrators to               training and infrastructure decisions].                               2
                                                 sort, query, archive and delete events with Commercial-off-The-shelf
                                                 (COTS)/Government-off-the-Shelf (GOTS) tools.

Manage Failed Jobs                               The system shall process and recover from failed backup or recovery jobs. This is essential to reconstitute vital LandWarNet
                                                 This includes: The capability to recover from failed jobs. The capability to assets/resources by recovering from a failed restoration.
                                                 provide data replication for a failed backup job; this is an attempt for
                                                 replicate the original data to an alternate backup device/media if the prior                                                                              2
                                                 backup attempt was unsuccessful. If all of the above failed then the
                                                 system shall cancel failed jobs and alert the administrator.

Manage Failover Configuration Settings           The system shall enable the administrator to define failover criteria and     This is vital for the reliability, survivability and speedy recovery
                                                 required configuration settings.                                              of the LandWarNet following a critical asset/applications'                  2
                                                                                                                               failure, destruction, or removal.
Manage Groups                                    The system shall manage (create, modify, delete) User Groups, with user The system is critical to the operations and security of this
                                                 roles and privileges. It shall support User Group creation, data              NetOps system and the LandWarNet. User accounts and
                                                 entry/modification, and deletion by authorized system users. This includes their associated User Group(s) will be used throughout the
                                                 the ability to remove multiple groups/super groups (groups that contain       Enterprise to control privilege-based access to various
                                                                                                                                                                                                           1
                                                 other groups) within a single action.                                         resources/assets and services, track trouble calls/service
                                                                                                                               requests, provide alerts/notifications, and to maintain
                                                                                                                               audit/transaction logs (In Accordance With (IAW) AR 25-1 and
                                                                                                                               AR 25-2).
Manage Hardware Configuration Baselines          The system shall manage LandWarNet hardware configuration baselines. This is essential to manage and secure the LandWarNet and
                                                 The system shall provide the means to record hardware components'             supported Warfighter and Army business systems/applications
                                                 inventory control numbers, machine address codes/automated                    - by identifying/validating an authorized hardware baseline and
                                                 identification numbers, authorized sub-modules/cards, physical interfaces using it to detect and manage future hardware changes.
                                                 to other hardware devices, production/installation date, and other structural
                                                                                                                                                                                                           1
                                                 details necessary to serve as a reference point for future hardware
                                                 inventories, change detection, and management/maintenance. It shall
                                                 maintain a list of hardware devices that are not permitted on the managed
                                                 network segment/device.

Manage Polling Intervals                         The system shall manage data collection polling intervals. Polling intervals This is needed to ensure proper updates of the status of
                                                 will be adjusted to reflect the status (operational stability) of the network or systems are received by the Management system and
                                                                                                                                                                                                           2
                                                 the current information operations condition.                                    Network Common Operational Picture (NETCOP) System.

Manage Report Distribution Lists                 The system should manage distribution lists. As management systems are N/A
                                                 configured to automatically generate reports they can also be configured to
                                                 distribute (email, post on servers, text messages etc.) those reports. This                                                                               3
                                                 function allows for the management of those distribution lists.

Monitor Availability                             The system shall monitor for the availability of a specific service.                This is the data used to determine if service meets the service
                                                 Availability is the ability of an IT service or component to perform its            level management.                                                     2
                                                 required function at a stated instant or over a stated period of time.



           Enterprise NetOps Planning Division
           ESTA-OSC I-ENPD
           2133 Cushing St.
           Ft. Huachuca, AZ
           85613-7070
           Compliance.Team@conus.army.mil                                                                                                                                                    6                                                                                                     1/11/2011
                                                                            FUNCTIONAL REQUIREMENTS                                                                                                                                                      PRODUCT COMPLIANCE

                                                                                                                                                                                                            MET                                                               NOT-MET
                                                                                                                                                                                                                  SUPPORTING DOCUMENTATION TO INCLUDE:




                                                                                                                                                                                                 PR
              FUNCTION                                                SYSTEM DESCRIPTION                                                          JUSTIFICATION                                                                                               DESCRIPTION               COMMENTS




                                                                                                                                                                                                   IO
                                                                                                                                                                                                                    URL, NAME OF SOURCE DOCUMENT AND




                                                                                                                                                                                                     RI
                                                                                                                                                                                                            √                                                                   √
                                                                                                                                                                                                                               PAGE NUMBER




                                                                                                                                                                                                       TY
Monitor Capacity                                 The system shall monitor current component capacity data against              Monitoring of capacity provides a proactive way to identify the
                                                 specified thresholds (e.g., from the LandWarNet Service Catalog).             need for expansion of the system prior to failure of any of the
                                                                                                                                                                                                    2
                                                                                                                               components, thus ensuring the continuity of the overall
                                                                                                                               service.
Monitor Client to Server Response Times          The system should monitor the response time from the client to the server. N/A
                                                 This helps to provide both current and historical metrics that can be                                                                              3
                                                 analyzed for performance of a system.
Monitor Email Server Health                      The system shall monitor the health of the server. It includes the            This ensures that the basic components of the email service
                                                 monitoring of server availability, event logs, mail flow status, mail queues, are operational.
                                                                                                                                                                                                    2
                                                 active connections, and undelivered messages.

Monitor Email Usage                              The system should provide the ability to monitor the overall use of the       N/A
                                                 email service. This can be done based on users, folders or groups.                                                                                 3

Monitor Internet Protocol Services               The system shall monitor the status and health of service based IP to         This is essential to ensure communications that rely on these
                                                 include; Lightweight Directory Access Protocol (LDAP), Network News           services can occur across the LandWarNet.
                                                 Transfer Protocol, Simple Mail Transfer Protocol (SMTP), Point Of                                                                                  2
                                                 Presence, Internet Message Access Protocol 4 and Distributed Authoring
                                                 and Versioning.
Monitor Inter-site Message Traffic               The system shall provide the ability to monitor the traffic between computer This is needed to ensure the proper flow of email through the
                                                 systems that have been configured as part of a site. Sites provide for       LandWarNet.
                                                 groupings of servers within a topology. There are benefits to have sites
                                                 within email to include the reduction of replication and reduced bandwidth                                                                         2
                                                 consumption. Messages sent between servers in a site are not sent
                                                 outside the site thus reducing replication.
Monitor Performance                              The system shall monitor current component performance data against           Monitoring of performance provides a proactive way to identify
                                                 specified thresholds (e.g., from the LandWarNet Service Catalog).             the need for expansion of the system prior to failure of any of
                                                                                                                               the components, thus ensuring the continuity of the overall          2
                                                                                                                               service.

Monitor Processes                                The system shall be able to monitor a single process or multiple processes This is needed to ensure assets providing enterprise services,
                                                 on a managed platform or group of platforms.                               security, or other support is operational and functioning within
                                                                                                                                                                                                    2
                                                                                                                            acceptable behavioral patterns/norms.

Monitor Round Trip Response Times                The system should monitor response time expired for a message to be           N/A
                                                 sent round trip. This can be between a client and server, or server to                                                                             3
                                                 server.

Monitor Server Clusters                          The system shall monitor servers that are clustered and represent a single This is needed to monitor the health and security of server
                                                 server. This includes the following;                                       clusters within the LandWarNet and thus ensuring the
                                                                                                                            continuity of services provided.
                                                 a) Fail cluster to another node,

                                                 b) Take server cluster off line,

                                                 c) Bring server cluster on line,
                                                                                                                                                                                                    2
                                                 d) Start server cluster,

                                                 e) Stop server cluster,

                                                 f) Move server cluster,

                                                 g) View cluster properties.

Monitor Subsystem Performance                    The system shall provide monitoring of subsystem components of email          This ensures that the basic components of the email service
                                                 systems. This includes but is not limited to Name Service provider, Email     are operational.
                                                 store drivers, information store, address lists, Object Linking and                                                                                2
                                                 Embedding/Data Base events, database kernel, and IP servers.




           Enterprise NetOps Planning Division
           ESTA-OSC I-ENPD
           2133 Cushing St.
           Ft. Huachuca, AZ
           85613-7070
           Compliance.Team@conus.army.mil                                                                                                                                           7                                                                                                       1/11/2011
                                                                         FUNCTIONAL REQUIREMENTS                                                                                                                                                              PRODUCT COMPLIANCE

                                                                                                                                                                                                                 MET                                                               NOT-MET
                                                                                                                                                                                                                       SUPPORTING DOCUMENTATION TO INCLUDE:




                                                                                                                                                                                                      PR
              FUNCTION                                               SYSTEM DESCRIPTION                                                                JUSTIFICATION                                                                                               DESCRIPTION               COMMENTS




                                                                                                                                                                                                        IO
                                                                                                                                                                                                                         URL, NAME OF SOURCE DOCUMENT AND




                                                                                                                                                                                                          RI
                                                                                                                                                                                                                 √                                                                   √
                                                                                                                                                                                                                                    PAGE NUMBER




                                                                                                                                                                                                            TY
Monitor Total External Message Traffic           The system shall provide the ability to monitor traffic that is routing to or     Monitoring of this traffic often reveals unexpected increases or
                                                 coming from outside of the LandWarNet enterprise. This may be traffic to          decreases of traffic that may be due to other operational
                                                 another Department of Defense (DoD) service (Marines, Air Force, etc.) or         issues (configuration issues, System having been hacked,              2
                                                 a commercial site (Microsoft, AOL, etc.).                                         distributed denial of service attacks, etc.).

Monitor Total Intra-site Message Traffic         The system shall provide the ability to monitor the total intra-site message      This is needed to ensure the proper flow of email through the
                                                 traffic to determine operational status and isolate operational irregularities    LandWarNet from one Army unit to the next - to include those
                                                                                                                                                                                                         2
                                                 (e.g. Abnormally low or high message flows) relating to the replication of        within a single post.
                                                 traffic within a site.
Perform Asset Maintenance Management             The system shall perform maintenance activities on the system and its             Provides the ability to keep critical systems functioning
                                                 managed clients/assets, to include: cleaning out the cache file, deleting         through the remote execution of maintenance.
                                                 old logs, defragging hard drives, performing disk checks/optimization,
                                                 compressing specific folders, and deleting files in a temp                                                                                              2
                                                 directory/buffer/recycle bin. It also shall also enable administrators to
                                                 remove assets/agents, de-install applications, delete individual folders/files,
                                                 etc.
Perform Local Authentication                                                                                            This is needed for the authentication of users to access and
                                                 The system shall authenticate users, administrators, and assets from data
                                                 stored locally within the management application or device.            resources on the LandWarNet and is required by AR 25-1,                          1
                                                                                                                        and AR 25-2.
Perform Operations on Multiple Assets        The system shall permit administrators to interact with multiple managed   This is needed to save the administrators considerable time,
                                             assets on a single screen. It allows them to select and perform operations enable central management and maintenance of large
                                             on individual assets, and groups of assets (Hardware, Software, Agents), network - enhancing overall reliability and security.
                                             from administratively defined (pick) lists of available assets/asst groups                                                                                  2
                                             and operations. The system shall enable the administrator to define and
                                             save groups of assets for future pick list displays (to perform future
                                             operations upon).
Perform Remote Authentication                The system shall authenticate users, administrators, and assets from a     This is the core function for the authentication of users to
                                             remote authentication service on the network.                              access and resources on the LandWarNet and is required by                        1
                                                                                                                        AR 25-1, and AR 25-2.
Predict Performance Impact                   The system should predict performance impact of an administratively        N/A
                                             defined increase in application use. This can be done based on calculation                                                                                  3
                                             or modeling.
Process Requests for Capacity, Availability, The system shall process Requests For Data (polls) from the CAP            This is needed to enable overarching NetOps management
and Performance Monitoring Data              Monitoring system. The system shall determine the required                 systems to function; it directly feeds the IT Metrics Program's
                                             information/data, retrieve/collect it and forward it to the CAP Monitoring data collection, which in turn provides required reports to meet                 1
                                             system.                                                                    provisions within the Clinger-Cohen Act.

Provide Ability to Drill-Down                    The system shall provide in-depth detailed information about any                  This enables rapid trouble-shooting or identification of key
                                                 monitored asset, service, or function depicted on the GUI. This enables           information necessary for operations, maintenance or defense
                                                 the user to drill-down on any graphical representation (e.g., icon) to obtain     actions.                                                              2
                                                 specific relevant detailed information regarding its status.

Provide Ability To Model                         The system should provide modeling capabilities. Modeling is the use of   N/A                                                                           3
                                                 mathematical equations to simulate and predict real events and processes.
                                                 It provides a representation of the current environment and is used to
                                                 support prediction capabilities.
                                                 Resource Consumption Levels - System will identify the components of the
                                                 application that consume the most resources. This is based on information
                                                 from current environment.




           Enterprise NetOps Planning Division
           ESTA-OSC I-ENPD
           2133 Cushing St.
           Ft. Huachuca, AZ
           85613-7070
           Compliance.Team@conus.army.mil                                                                                                                                                8                                                                                                       1/11/2011
                                                                       FUNCTIONAL REQUIREMENTS                                                                                                                                                          PRODUCT COMPLIANCE
                                                                                                                                                                                                   3

                                                                                                                                                                                                           MET                                                               NOT-MET
                                                                                                                                                                                                                 SUPPORTING DOCUMENTATION TO INCLUDE:




                                                                                                                                                                                                PR
             FUNCTION                                              SYSTEM DESCRIPTION                                                             JUSTIFICATION                                                                                              DESCRIPTION               COMMENTS




                                                                                                                                                                                                  IO
                                                                                                                                                                                                                   URL, NAME OF SOURCE DOCUMENT AND




                                                                                                                                                                                                    RI
                                                                                                                                                                                                           √                                                                   √
                                                                                                                                                                                                                              PAGE NUMBER




                                                                                                                                                                                                      TY
                                                Provide Responsiveness Change - System will identify how adding or
                                                removing users will change the responsiveness of a server. This is based
                                                on information from current environment. Identify ideal tuning parameters -
                                                System will identify the ideal tuning parameters for removal of bottlenecks.
                                                This is based on information from current environment. Identify Necessity
                                                for Additional Resources - System will identify the necessity for additional
                                                resources needed based on additional users. This is based on information
                                                from current environment. Project Server Degradation - System will
                                                project server degradation based on increased work load. This is based
                                                on information from current environment. Project Affect on network traffic -
                                                System will project impact on network traffic based on server utilization.
                                                This is based on information from current environment. Provide Optimal
                                                Load Balances - System will provide information load balancing across
                                                servers. This is based on information from current environment.



Provide Access/Control Web                      The system should provide all functions needed to enable web application N/A
                                                interfaces and access controls. For example, it should enable an expert
                                                administrator to securely log onto and operate a management console                                                                                3
                                                from another computer (with web browsers) anywhere on the LandWarNet.

Provide Administrator Audit Log                 The system shall provide administrator audit log information, to include the This is required in accordance with Department of Defense
                                                administrator's identification, time stamp, the specific activity/transaction Instruction (DoDI) 8500.2, AR 25-1 and AR 25-2.
                                                performed, changes in permissions, and any other specified data of                                                                                 2
                                                interest related to administrator transactions on the system.

Provide Agent Registration                      The system shall support the ability of agents to register with the            This significantly reduces administrator burdens and
                                                management platform. This registration could be a result of agent              enhances the LandWarNet's security by providing automated
                                                software being loaded on the assets or other method through which the          mechanisms to report and subsequently validate and update
                                                asset/agent finds the management platform.                                     asset inventory. This frees administrators for more intensive       1
                                                                                                                               monitoring and maintenance tasks - improving support to war
                                                                                                                               fighters and Army support staff.

Provide Application Monitoring            The system shall monitor applications, of the LandWarNet infrastructure in           This is needed to ensure that services (e-mail, collaboration,
                                                                                                                                                                                                   2
                                          order to obtain operational status.                                                  and database) are operational.
Provide Availability Data Repository      The system should store availability data collected and analyzed by the              N/A
                                          management system. Availability data may include average/maximum
                                          time in service as scheduled, task/job response times, incident/problem
                                                                                                                                                                                                   3
                                          resolution times, maximum/mean times between failures, time in
                                          scheduled maintenance, time support/service is lost while an asset is back-
                                          ordered, etc.
Provide CAP Monitoring System Integration The system should integrate with the CAP Monitoring System. This is                  N/A
                                          needed in order for the CAP system to receive data that it can then                                                                                      3
                                          analyze.
Provide Capacity Data Repository          The system should store capacity data collected and analyzed by the                  N/A
                                          management system. Capacity data may include used/remaining storage
                                          capacity (for disk drives, LUN, tape, drive pools, etc.) , processing/CPU
                                                                                                                                                                                                   3
                                          capacity, the average/maximum number of files/applications/users and
                                          asset/service supports, transmission rate/bandwidth data, etc.

Provide Capacity, Availability and              The system should provide reports on CAP data.                                 N/A
                                                                                                                                                                                                   3
Performance Data Report
Provide Client-To-Server Modeling               The system should provide the number of clients that a server can support N/A
                                                and still maintain specified performance level. This is based on                                                                                   3
                                                information relative to current environment.




          Enterprise NetOps Planning Division
          ESTA-OSC I-ENPD
          2133 Cushing St.
          Ft. Huachuca, AZ
          85613-7070
          Compliance.Team@conus.army.mil                                                                                                                                            9                                                                                                      1/11/2011
                                                                        FUNCTIONAL REQUIREMENTS                                                                                                                                                          PRODUCT COMPLIANCE

                                                                                                                                                                                                            MET                                                               NOT-MET
                                                                                                                                                                                                                  SUPPORTING DOCUMENTATION TO INCLUDE:




                                                                                                                                                                                                 PR
             FUNCTION                                               SYSTEM DESCRIPTION                                                             JUSTIFICATION                                                                                              DESCRIPTION               COMMENTS




                                                                                                                                                                                                   IO
                                                                                                                                                                                                                    URL, NAME OF SOURCE DOCUMENT AND




                                                                                                                                                                                                     RI
                                                                                                                                                                                                            √                                                                   √
                                                                                                                                                                                                                               PAGE NUMBER




                                                                                                                                                                                                       TY
Provide Configuration Management Data           This system shall integrate with an external Configuration Management          This is required to provide critical NetOps inventory and
Base/Service Support Integration                Data Base/Service Support (CMDB/SS) system; which includes                     configuration item data, health/welfare status
                                                components such as: Service Desk, Incident Management, Problem                 information/events, and other administrative information
                                                Management, Change Management, Configuration Management, Asset                 necessary to monitor and manage the health, welfare, and             1
                                                Management, Project Management, etc. This includes enabling the user           operational status of the LandWarNet.
                                                to access the manual workflow report (Trouble Ticket) features of the
                                                CMDB/SS.
Provide Command Line Interface                  The system shall use a command line interface for system or account            This is needed to enable administrators to execute changes
                                                administration locally and remotely.                                           on large groups of configuration items via a single command.         2

Provide Command Line Interface and              The system should provide security mechanisms for Command Line                 N/A
Application Program Interface Security          Interface (CLI) and Application Program Interface access to the system.
                                                The system should enforce security for command line input that is
                                                                                                                                                                                                    3
                                                functionally identical to GUI access restrictions and controls; security for
                                                Advanced Programming Interfaces that are functionally identical to GUI
                                                access restrictions and controls.
Provide Communication Ports Security            The system shall provide the capability to designate a limited set of ports    This is necessary to configure management platforms to
                                                for communication between management platforms and managed                     communicate across routers and switches (considering port
                                                                                                                                                                                                    1
                                                components.                                                                    restrictions that may be applied to network devices) within the
                                                                                                                               LandWarNet.
Provide Configuration Change Reports            The system should produce reports on a managed client’s configuration          N/A
                                                                                                                                                                                                    3
                                                changes based on inventory scans.
Provide Configuration Profile Repository        The system should store information about configuration profiles used to    N/A
                                                manage asset configurations. [Configuration profiles are a named set of
                                                configuration settings, approved protocols/services and other operational
                                                files associated to a specific class/category of IT asset and/or users. For
                                                example, an administrative assistant's baseline profile software is Office
                                                XP and Outlook, an engineer's baseline profile contains Visio and Project,                                                                          3
                                                and an AD Server's baseline profile will contain the appropriate Tivoli/SMS
                                                agent, AD version, MS Server2003, and HBSS/Host Intrusion Prevention
                                                System (HIPS) agent information.] It should store new/staged, current,
                                                and multiple historical versions of these profiles.

Provide Definable Report Filters        The system should provide filters that can be created and modified. Filters            N/A
                                        provide a way to produce reports that provide data on a specific                                                                                            3
                                        attribute(s).
Provide Device and Media Configuration  The system shall store all configuration information about devices and                 This is needed to maintain and defend LandWarNet systems
Information Repository                  media that is generated by the management system or its sub-                           via their configurations. It supports restoring and
                                        systems/agents, to include any unique communications/encryption                        reconstitution of vital assets and applications.                     2
                                        settings. This also includes new/staged, current, and multiple copies of
                                        historical configuration data.
Provide Diagnostic Routines             The system shall provide diagnostic routines. Diagnostic routines enable               This is essential for the rapid trouble shooting and
                                        administrators to execute an action or set of actions intended to reveal               maintenance of assets.                                               2
                                        operational failures.
Provide Email Management Trend Analysis The system should provide Email-related prediction capabilities. Prediction            N/A
                                        uses historical service usage data and predicts future changes in terms of
                                                                                                                                                                                                    3
                                        service utilization. This information can then be used to expand systems
                                        prior to an increase in utilization.
Provide Event Aggregation               The system should aggregate/fuse similar events into a single event                    N/A
                                        record/report. [Aggregation/Fusion is the combination of data from multiple                                                                                 3
                                        sources into a single location/report.]
Provide Event Correlation               The system shall correlate events. [Correlation is the establishment of                This is needed to enable administrators to rapidly discern new
                                        relationships between events from various sources. The combination of                  computer network attacks, installation of a bad lot of
                                        these events will provide increased information about possible events.]                components, or other related failures/transactions requiring         2
                                                                                                                               immediate attention to ensure the LandWarNet continues to
                                                                                                                               operate.
Provide Event Escalation                        The system shall raise the priority or severity of an event based on           This ensures rapid responses to events that can disrupt the
                                                                                                                                                                                                    2
                                                predefined rules established within the system.                                LandWarNet if not addressed quickly.
Provide Event Log Reports                       The system shall produce reports containing event and associated user          This is needed to meet AR requirements for reporting on
                                                                                                                                                                                                    2
                                                activity logs.                                                                 potential security breeches.


          Enterprise NetOps Planning Division
          ESTA-OSC I-ENPD
          2133 Cushing St.
          Ft. Huachuca, AZ
          85613-7070
          Compliance.Team@conus.army.mil                                                                                                                                              10                                                                                                    1/11/2011
                                                                        FUNCTIONAL REQUIREMENTS                                                                                                                                                             PRODUCT COMPLIANCE

                                                                                                                                                                                                               MET                                                               NOT-MET
                                                                                                                                                                                                                     SUPPORTING DOCUMENTATION TO INCLUDE:




                                                                                                                                                                                                    PR
             FUNCTION                                               SYSTEM DESCRIPTION                                                                JUSTIFICATION                                                                                              DESCRIPTION               COMMENTS




                                                                                                                                                                                                      IO
                                                                                                                                                                                                                       URL, NAME OF SOURCE DOCUMENT AND




                                                                                                                                                                                                        RI
                                                                                                                                                                                                               √                                                                   √
                                                                                                                                                                                                                                  PAGE NUMBER




                                                                                                                                                                                                          TY
Provide Event Reduction                         The system should reduce the number of events generated. [Reduction of N/A
                                                events is the process of removing duplicate and repetitive events.] It
                                                should have the ability to automatically adjust the combined timestamp
                                                                                                                                                                                                       3
                                                information, provide/update any event duration time entries, and note the
                                                number of times it had been reported.

Provide External Events Repository              The system shall capture and store external systems/operations events            This data is essential for the basic operation of this system's
                                                and logs retrieved from external clients/repositories. It shall provide timely   management console, which is used to operate and maintain
                                                storage for all operational events and/or transaction logs (e.g., Sys-logs)      Information technology assets and services within the
                                                received/polled from specific monitored clients/repositories. It shall record    LandWarNet. The ability to query its data is essential for
                                                all reported event information, with time-stamp data, as textual data in a       detailed analyses, which support NetOps procedures, training,
                                                                                                                                                                                                       2
                                                database. It shall support queries of this data. [External systems are not       staffing, and infrastructure decisions.
                                                part of the NetOps management system itself; these events/logs address
                                                health and welfare information of these external, but managed,
                                                LandWarNet assets).

Provide Failover Capabilities to Secondary      The system should provide failover capabilities to a secondary site. This        This is needed in order for LandWarNet systems to fail over to
Site                                            encompasses the failover configuration and parameters for the secondary          other systems and maintain the service to users.
                                                                                                                                                                                                       3
                                                site. This capability required secure data transmissions to the secondary
                                                site.
Provide Failover Monitoring                     The system shall monitor infrastructure operations to determine when             This is vital for the reliability, survivability, and speedy
                                                failover criteria have been met.                                                 recovery of the LandWarNet following a critical                       2
                                                                                                                                 asset/applications' failure, destruction, or removal.
Provide Frequently Asked Questions              The system should support a Frequently Asked Question (FAQs)                     N/A
Feature                                         capability, providing searchable, quick solutions for common problems for                                                                              3
                                                both administrators and customers/users.
Provide Graphical Diagrams                      The system shall provide a GUI/Web based diagram of disks or networks,           This is required to monitor the health and security posture of
                                                along with physical and logical views of the assets. Additionally, the           the networked infrastructure.
                                                                                                                                                                                                       2
                                                system shall provide a network diagram of the assets to include switches,
                                                tape libraries, or other managed assets.
Provide Graphical Interface                     The system shall provide a graphical user interface enabling users and/or        This is needed to simplify the use of the management system.
                                                administrators to access and operate the system from their terminal or via
                                                a web-accessible Interface. The system functionality should be the same                                                                                2
                                                whether the operator accesses the system via the terminal or at the
                                                server/system's native interface.
Provide Grouping Repository                     The system should provide a repository for storage of groups or like             N/A
                                                objects/assets. This includes the ability to store groupings of remediations,
                                                components, events, devices, managed agents/elements, and users, and
                                                any data on their associated permissions/access restrictions. It should be
                                                                                                                                                                                                       3
                                                able to store multiple versions of this data (staged/new, current and
                                                various historical sets of information). This repository should support
                                                queries of this data (for authorized administrators/users only).

Provide Help Feature                            The system should provide help functionality. This can be an on-line             N/A
                                                functionality or provided locally on the platform. It should provide a search                                                                          3
                                                and index capability.
Provide Import Digital Documents For            The system should import vendor supplied Digital Documentation                   N/A
                                                                                                                                                                                                       3
Knowledge Bases                                 Knowledge Base information.
Provide Internal Events Repository              The system shall provide timely storage for internally-generated system          This data is essential for the basic operation and maintenance
                                                log/ transaction events (events/logs addressing the NetOps system's              of this system, which is used to operate, maintain, and defend
                                                health and operational status). It shall record all reported event               IT assets and services within the LandWarNet. The ability to
                                                information, with time-stamp data, as textual data in a database. It shall       query its data is essential for detailed analyses, which support      2
                                                support queries of this data. It shall capture and store all agent/sensor        NetOps procedures, training, staffing, and infrastructure
                                                reported events/logs and all operational logs (e.g., Sys-logs) polled from       decisions.
                                                specific managed assets.
Provide Kerberos Management                     The system shall manage (create, revoke, store) Kerberos tickets.                Kerberos is required to authenticate servers during the
                                                Kerberos is an Internet Engineering Task Force standard for providing            replication of AD, providing assurance of the server's identity
                                                authentication. Kerberos works by having a central server grant a ticket         and the validity of the directory being replicated.                   1
                                                honored by all networked nodes running Kerberos and is used by AD as
                                                the default authentication mechanism.


          Enterprise NetOps Planning Division
          ESTA-OSC I-ENPD
          2133 Cushing St.
          Ft. Huachuca, AZ
          85613-7070
          Compliance.Team@conus.army.mil                                                                                                                                                  11                                                                                                   1/11/2011
                                                                        FUNCTIONAL REQUIREMENTS                                                                                                                                                               PRODUCT COMPLIANCE

                                                                                                                                                                                                                 MET                                                               NOT-MET
                                                                                                                                                                                                                       SUPPORTING DOCUMENTATION TO INCLUDE:




                                                                                                                                                                                                      PR
             FUNCTION                                                SYSTEM DESCRIPTION                                                               JUSTIFICATION                                                                                                DESCRIPTION               COMMENTS




                                                                                                                                                                                                        IO
                                                                                                                                                                                                                         URL, NAME OF SOURCE DOCUMENT AND




                                                                                                                                                                                                          RI
                                                                                                                                                                                                                 √                                                                   √
                                                                                                                                                                                                                                    PAGE NUMBER




                                                                                                                                                                                                            TY
Provide Knowledge Base                          The system should provide a knowledge base. Knowledge bases are              N/A
                                                searchable (via queries) repository of information about a specific topic or
                                                product. The knowledge base should contain at a minimum; FAQs, trouble-                                                                                  3
                                                shooting wizards, Uniform Resource Locators (URL) for additional
                                                help/information.
Provide Knowledge Base Repository               The system should store NetOps Knowledge Base information. This              This is essential for the basic operation of the NetOps
                                                includes all information stored in the Knowledge Base used primarily by      Systems Knowledge Base management capabilities.
                                                                                                                                                                                                         3
                                                administrators in the operations and maintenance of systems and services.

Provide Manual Component Registration           The system shall accept manually entered asset and asset sub-component This supports management, situational awareness, and
                                                registration information. This information is entered by the administrator   defense of critical LandWarNet assets and the implementation
                                                about a specific asset(s) that is to be managed and is used to find and take of urgent defensive measures and policies.
                                                                                                                                                                                                         2
                                                administrative control of the asset. The system shall enable administrators
                                                and designated users to add or remove assets as necessary.

Provide Multiple Component Access               The system shall control the administrator's ability to only perform              This is needed to enable automated administrative access
Controls                                        operations to those assets/asset groups they are authorized to manage.            controls - enhancing overall reliability and security.                 2

Provide Operational Reports                     The system shall provide operational NetOps reports, to include those on          This is needed to allow the element manager to combine and
                                                component and aggregated asset/system utilization (or usage); failed              summarize device/storage information, Job Status, Job
                                                components/assets; configuration settings for all/designated                      Volume, Device Utilization, media verification, job failures, job      2
                                                components/assets; and asset/device/storage information.                          schedules, report alerts.

Provide Operational Status Repository           The system shall store the operational status of all managed assets. [This Knowing the health/operational status of managed assets is a
                                                asset/service health and status data is received by or generated within the core NetOps function and essential to operate, maintain and
                                                                                                                                                                                                         1
                                                management system, based upon events/other reports.]                        defend the LandWarNet.

Provide Performance Data Repository             The system should store Performance data collected and analyzed by the N/A
                                                management system. Performance data may include average/max
                                                transaction times (e.g., raw/average/maximum time required for network
                                                transmissions, storage read/writes, authentications, processing, etc.),
                                                security event metrics (number of attacks detected/prevented, number of
                                                                                                                                                                                                         3
                                                pre-emptive security-related work flow records, number of reactive security-
                                                related work flow records), customer satisfaction statistics, the mean time
                                                between service calls for a service, and accuracy metrics (e.g., Jitter, Bit-
                                                Error-Rates, Trouble Ticket re-openings, etc.).

Provide Performance Groupings                   The system should provide the ability to group users, systems and                 N/A
                                                applications against which performance measurements can be applied.                                                                                      3

Provide Performance Tracking                    The system should provide tracking for long-term performance trends of            N/A
                                                                                                                                                                                                         3
                                                assets.
Provide Predefined Display Formats              The system shall display predefined formats/displays to make the system           This is needed for basic operation of the system out of the
                                                usable immediately after the initial installation.                                box, reducing configuration and implementation time.                   2

Provide Predefined Reporting Filters            The system should display filters to reduce displayed data based on               N/A
                                                relevancy and provide predefined display filters to support analysis of                                                                                  3
                                                reported data.
Provide Remote Administration                   The system shall provide secure, IP-based remote administration of the            This is required to secure the LandWarNet and operate large
                                                manager and its managed assets.                                                   networks.                                                              2

Provide Scalable Topology                       The system shall be scalable and able to operate in a single server               This is required to ensure that management of assets can be
                                                topology (e.g., a military system/vehicle) or in a hierarchical topology (i.e.,   efficiently performed at differing echelons within the
                                                multiple servers arranged hierarchically).                                        LandWarNet. Further, it supports the consolidated/correlated
                                                                                                                                  of data as it is transferred from one management platform to
                                                                                                                                  another. A scalable topology is the foundation of the Army's
                                                                                                                                  ability to management the LandWarNet as an enterprise in               2
                                                                                                                                  that it provides a way to manage assets locally while providing
                                                                                                                                  valuable data/information forming an enterprise view of those
                                                                                                                                  assets.




          Enterprise NetOps Planning Division
          ESTA-OSC I-ENPD
          2133 Cushing St.
          Ft. Huachuca, AZ
          85613-7070
          Compliance.Team@conus.army.mil                                                                                                                                                12                                                                                                       1/11/2011
                                                                        FUNCTIONAL REQUIREMENTS                                                                                                                                                           PRODUCT COMPLIANCE

                                                                                                                                                                                                             MET                                                               NOT-MET
                                                                                                                                                                                                                   SUPPORTING DOCUMENTATION TO INCLUDE:




                                                                                                                                                                                                  PR
             FUNCTION                                                SYSTEM DESCRIPTION                                                             JUSTIFICATION                                                                                              DESCRIPTION               COMMENTS




                                                                                                                                                                                                    IO
                                                                                                                                                                                                                     URL, NAME OF SOURCE DOCUMENT AND




                                                                                                                                                                                                      RI
                                                                                                                                                                                                             √                                                                   √
                                                                                                                                                                                                                                PAGE NUMBER




                                                                                                                                                                                                        TY
Provide Security Event Repository               The system shall provide timely storage for security event information          This data is essential for the basic operation of this system's
                                                relating to the management console and any managed assets/services.             management console, which is used to defend the
                                                This includes expired passwords, user lock outs, numerous faulty log on         LandWarNet. The ability to query its data is essential for
                                                attempts, transaction logs of changes to system permissions, unauthorized       forensic analyses on computer network attacks and others
                                                transactions (e.g., user/administrator access escalations), and similar         security incidents.
                                                                                                                                                                                                     2
                                                alarms/alerts. It shall record all reported event information, with time-
                                                stamp data, as textual data in a database. It shall support queries. It shall
                                                capture and store all managed agents/sensors reported security
                                                events/logs.

Provide Signatures Profiles Repository          The system shall store grouped threat signature data (profile) generated        This enables administrative tailoring of threat signatures
                                                within the management system. This includes named profiles of                   packages for specific network segments and/or Intrusion
                                                signatures associated to a specific asset or asset category/group.              Detection System (IDS)/IPS/firewall devices. This reduces
                                                                                                                                                                                                     2
                                                                                                                                scan/detection times and network congestion, while
                                                                                                                                enhancing protection.

Provide Single Component Access                 The system shall enable administrators to interact with a single monitored      This is needed to facilitate defensive actions, maintenance,
                                                asset or service on a single screen. This includes enabling them to view        and operational management of core components and
                                                and manipulate the asset/service's status, type, capacity, utilization,         services underpinning the entire LandWarNet.                         2
                                                allocation, and location.
Provide Standard and Predefined Reports         The system should predefined/standard reports and views. The system      N/A
                                                should also provide graphics within text reports (e.g., Trending Reports
                                                may contain pie charts, bar charts, line charts and other standard
                                                graphics). The system should publish reports in Hyper Text Markup
                                                Language (HTML), eXtensible Markup Language (XML), Sequential Query
                                                Language (SQL), American Standard Code for Information Interchange                                                                                   3
                                                (ASCII), Joint Photographic Experts Group (JPEG) and other standard
                                                languages/formats; be able to print and email all generated reports. The
                                                system should be able to provide displays and reports on all on the
                                                following:


                                                a) audit reports that detail modifications and upgrades to the system,

                                                b) identifying all major problems (per pre-defined Service Level Agreement
                                                (SLA)/service support program, per period),
                                                c) resolution time for incidents/problems,
                                                d) closed incidents/problems,
                                                e) problems that result in the highest percentage of resource utilization,

                                                f) first contact to closure for incidents or problems,
                                                g) first call closure for incidents or problems,
                                                h) open incidents or problems,

                                                i) incidents or problems that violate SLA/service support program, Service
                                                Level Indicators,
                                                j) closed incidents and problems,
                                                k) resolved incidents and problems,

                                                l) escalated incidents and problems,

                                                m) based on each individual support staff for the number of incidents or
                                                problems that they turned over to other support staff during a shift change,


                                                n) based on department/group for the number of incidents or problems that
                                                are turned over to other support staff during a shift change,
                                                o) trends by agent/support staff for number of incidents and problems
                                                opened per day, week, and month,


          Enterprise NetOps Planning Division
          ESTA-OSC I-ENPD
          2133 Cushing St.
          Ft. Huachuca, AZ
          85613-7070
          Compliance.Team@conus.army.mil                                                                                                                                             13                                                                                                      1/11/2011
                                                              FUNCTIONAL REQUIREMENTS                                                                                                              PRODUCT COMPLIANCE

                                                                                                                                                      MET                                                               NOT-MET
                                                                                                                                                            SUPPORTING DOCUMENTATION TO INCLUDE:




                                                                                                                                           PR
   FUNCTION                                               SYSTEM DESCRIPTION                                          JUSTIFICATION                                                                     DESCRIPTION               COMMENTS




                                                                                                                                             IO
                                                                                                                                                              URL, NAME OF SOURCE DOCUMENT AND




                                                                                                                                               RI
                                                                                                                                                      √                                                                   √
                                                                                                                                                                         PAGE NUMBER




                                                                                                                                                 TY
                                      p) trends by agent/support staff for number of incidents and problems
                                      resolved per day, week, and month,
                                      q) trends by agent/support staff for number of incidents and problems
                                      escalated per day, week, and month,
                                      r) trends by agent/support staff on the average time taken for incidents and
                                      problems to move from open to resolved status,
                                      s) trends by agent/support staff on the average time spent talking to
                                      customers/users regarding an incident or problem,
                                      t) trends by agent/support staff on percent of first contact to resolution
                                      regarding incidents and problems,
                                      u) trends (daily, weekly, monthly) by agent/support staff on percent of first
                                      call resolution regarding incidents and problems,
                                      v) trends (daily, weekly, monthly) by agent/support staff on the average
                                      first contact to resolution regarding incidents and problems,
                                      w) trends (daily, weekly, monthly) by agent/support staff on the average
                                      first call to resolution regarding incidents and problems,
                                      x) trends by group/department for number of incidents and problems
                                      opened per day, week, and month,
                                      y) trends by group/department for number of incidents and problems
                                      resolved per day, week, and month,
                                      z) trends by group/department for number of incidents and problems
                                      escalated per day, week, and month,
                                      aa) trends by group/department on the average time taken for incidents
                                      and problems to move from open to resolved status,
                                      bb) trends by group/department on the average time spent talking to
                                      customers/ users regarding an incident or problem,
                                      cc) trends by group/department on percent of first contact to resolution
                                      regarding incidents and problems,
                                      dd) trends by group/department on percent of first call to resolution
                                      regarding incidents and problems,
                                      ee) trends by group/department on the average first contact to resolution
                                      regarding incidents and problems,
                                      ff) trends (daily, weekly, monthly) by group on the average first call to
                                      resolution regarding incidents and problems,
                                      gg) Incident/Problem rollups by LandWarNet C4IM/IT service or product,


                                      hh) Users that access a specific asset,
                                      ii) users that own a specific asset,
                                      jj) operational assets which have exceeded their life-cycle (to identify
                                      equipment that needs to be replaced),

                                      kk) minimum, maximum, and averages for all time and numeric based
                                      reports,

                                      ll) number of users that access a defined service,

                                      mm) customers and their associated users,

                                      nn) specify the concentration and distribution of vendors and their related
                                      products within the enterprise (allows the organization to more clearly
                                      understand the impact of issues related to specific products or vendors),


Enterprise NetOps Planning Division
ESTA-OSC I-ENPD
2133 Cushing St.
Ft. Huachuca, AZ
85613-7070
Compliance.Team@conus.army.mil                                                                                                        14                                                                                              1/11/2011
                                                                        FUNCTIONAL REQUIREMENTS                                                                                                                                                            PRODUCT COMPLIANCE

                                                                                                                                                                                                              MET                                                               NOT-MET
                                                                                                                                                                                                                    SUPPORTING DOCUMENTATION TO INCLUDE:




                                                                                                                                                                                                   PR
             FUNCTION                                                SYSTEM DESCRIPTION                                                            JUSTIFICATION                                                                                                DESCRIPTION               COMMENTS




                                                                                                                                                                                                     IO
                                                                                                                                                                                                                      URL, NAME OF SOURCE DOCUMENT AND




                                                                                                                                                                                                       RI
                                                                                                                                                                                                              √                                                                   √
                                                                                                                                                                                                                                 PAGE NUMBER




                                                                                                                                                                                                         TY
                                                oo) life-cycle plans (projections) for an asset,

                                                pp) service or product defect status,

                                                qq) service or product enhancement request/Request For Change reports.

Provide System Documentation                    The system should support documentation for a specific                    N/A
                                                technology/capabilities. This includes system design, implementation and                                                                              3
                                                user guides.
Provide User Account Repository                 The system shall store user and administrator account information for the This is needed to control access to the management system
                                                management system.                                                        and to support addressing for notification messages/ alerts.                2

Provide User Activity Log                       The system shall create and manage the User Activity (Audit) Log,             This is required per Army Regulatory requirements and
                                                recording all user transactions, and changes to permissions on the system provides a means to verify NetOps staff actions, conduct roll-
                                                                                                                                                                                                      1
                                                in accordance with AR 25-2.                                                   backs, and conduct post-mortems/After-Action-Reviews
                                                                                                                              (AARs) to improve NetOps procedures.
Provide User Defined Display Filters            The system shall enable administrators to define filtering criteria to view a This is needed to enable administrators to quickly view all
                                                subset of the available information.                                          data based upon specific criteria, facilitating analyses, trouble-      2
                                                                                                                              shooting, work scheduling, etc.
Provide User Defined Display Formats            The system should allow users to create, add, modify, or delete display       N/A
                                                                                                                                                                                                      3
                                                formats.
Provide User Defined Report Format              The system should allow for defined presentation formats to view available N/A
                                                information. It should enable the customization of the fields in a report
                                                template or system-provided default report. The system should provide
                                                                                                                                                                                                      3
                                                report creation tools and support ability to customize reports. The system
                                                should enable the user to define output report formats in XML, HTTP, the
                                                ASCII, SQL, and JPEG.
Provide User Log Data Repository                The system shall store User Activity Log data collected for analyses by the This is needed to trace user logon activity and to meet
                                                management system.                                                            AR 25-1 and AR 25-2 requirements (punitive requirement)                 1

Provide Web Accessible Display                  The system shall interact with devices via a web based interface. The          This is needed to support Army requirements to provide web
                                                functionality shall be equivalent to the capability provided by non-web        accessible interface.                                                  2
                                                based user interfaces.
Queue Data To Send                              The system's components (e.g., Agents) shall queue events when                 This is required in order to store and forward alerts, events,
                                                                                                                                                                                                      2
                                                communications with the manager is not possible.                               and methods.
Receive Events from Log Files (Passive)         The system shall receive events from log files or logging systems.             This is needed in order for the management platform to
                                                (Passive listening). This includes log files created by agents residing on     receive health, status, and security posture of managed                2
                                                managed client assets.                                                         systems in the LandWarNet.
Receive Events in Standard Protocols            The system shall receive events via industry standard protocols (Storage       This is needed to reduce the amount of time spent integrating
                                                Management Initiative - Specifications, SNMP v2/3, common information          products.                                                              2
                                                model, XML, User Datagram Protocol, etc.)).
Recover From Failover Operations                The system shall recover from failover operations by returning to normal Needed to revert back to normal operations after a failover
                                                settings/operations/systems.                                             has been execute, thus ensuring that assets/services in the                  2
                                                                                                                         LandWarNet remain operational.
Remove Asset                                    The system should remove an asset from the group of its managed assets N/A
                                                without sympathetic errors. This function is used when removing an asset
                                                from the network for service, for security violations, redeployment,                                                                                  3
                                                reallocation, or when decommissioning a platform.

Report Inactive Administrator Accounts          The system shall detect and report inactive administrator accounts.         This is needed for enforcing secure access controls over the
                                                Inactive administrators are those who have not accessed a specific system NetOpss systems used to secure, operate, and manage the
                                                for a predefined amount of time. Inactive administrators shall be flagged   LandWarNet and its supported Army and Business systems.
                                                for administrative attention and possible action (i.e., account suspension,                                                                           2
                                                deletion, etc.). The system shall provide alert and report mechanisms to
                                                system administrators to act on flagged files.

Reset Administrator Account Parameters          The system shall establish the capabilities expected from a Manager to      This is to provide the ability to lock accounts and unlock
                                                reset Administrator Account/Group parameters of an application. A reset is administrative accounts allowing for the securing of the
                                                                                                                                                                                                      2
                                                the ability to lock or unlock, make active or disable, or change any of the LandWarNet.
                                                settings of an account.


          Enterprise NetOps Planning Division
          ESTA-OSC I-ENPD
          2133 Cushing St.
          Ft. Huachuca, AZ
          85613-7070
          Compliance.Team@conus.army.mil                                                                                                                                            15                                                                                                        1/11/2011
                                                                         FUNCTIONAL REQUIREMENTS                                                                                                                                                             PRODUCT COMPLIANCE

                                                                                                                                                                                                                MET                                                               NOT-MET
                                                                                                                                                                                                                      SUPPORTING DOCUMENTATION TO INCLUDE:




                                                                                                                                                                                                     PR
               FUNCTION                                               SYSTEM DESCRIPTION                                                             JUSTIFICATION                                                                                                DESCRIPTION               COMMENTS




                                                                                                                                                                                                       IO
                                                                                                                                                                                                                        URL, NAME OF SOURCE DOCUMENT AND




                                                                                                                                                                                                         RI
                                                                                                                                                                                                                √                                                                   √
                                                                                                                                                                                                                                   PAGE NUMBER




                                                                                                                                                                                                           TY
Schedule Event Collection                         The system should schedule the collection (polling) of agents/clients for   N/A
                                                                                                                                                                                                        3
                                                  event logs.
Schedule Software/ Firmware Inventory             The system should define a schedule for the collection of                   N/A
Collection                                        software/firmware inventory information from devices, agent, adapter, or                                                                              3
                                                  sensors.
Schedule Status Collection                        The system should allow the administrator to define a schedule for the      N/A
                                                  collection of operational status information from assets or asset managers.                                                                           3

Schedule the Production of Reports                The system should support the ability schedule the production of reports.      N/A
                                                  Scheduling will allow for monthly, daily, and hourly configuration such that                                                                          3
                                                  reports can be run automatically.
Select Platforms for Monitoring                   The system should select (identify) which platforms will be monitored          N/A
                                                  based on administratively-defined criteria (IP address, domain, group,                                                                                3
                                                  threat alarm data, configuration items) and thresholds/value ranges.
Send Asset Inventory Data                         The system shall transmit asset and service resource inventory data to         Supports deploying/redeploying units and sites (under Base
                                                  other systems, to include those escalated for expedited                        Realignment and Closure(BRAC)) to the gaining theater,
                                                  action/implementation. Note that the content of that inventory data may        Directorate of Information Management (DOIM) and/or unit
                                                  change significantly, depending upon the systems passing it (IT Asset          Signal element for planning/management. It also enables
                                                  Inventory information versus Radio Frequency (FR) Asset Inventory              Program Manager/Program Executive Office (PM/PEO) and                  2
                                                  Information).                                                                  tactical units to provide locally-procured asset information to
                                                                                                                                 the Enterprise CMDB/SS to place them under long term
                                                                                                                                 management and configuration control.

Send Capacity, Availability, and                  The system should transmit capacity and availability data to the CAP           N/A
Performance Data                                  Monitoring system.                                                                                                                                    3

Send Incident/Problem Data                        The system shall transmit Incident and Problem data. The system shall,         This is necessary for ensuring that assets in the LandWarNet
                                                  upon triggering of operational or security related problems, send or           are operating optimally.
                                                  transmit the data (time of event, IP address, category of event, etc.)                                                                                1
                                                  needed to create a workflow record.


Set Event Severity                                The system shall set severity of events based on predefined criteria.          Provides a way for administrators to quickly identify those
                                                  Criteria include event type, name, source, and category.                       events with high priority, reducing the amount of time needed          2
                                                                                                                                 to resolve security/operational issues with assets.

Support Multiple Concurrent Administrators        The system shall support multiple administrators performing management         This is needed to support the ability for multiple administrators
                                                  operations concurrently.                                                       to perform operations concurrently reducing the Total Cost of          2
                                                                                                                                 Ownership (TCO).

Track Logon Attempts                              The system shall detect and log user logon attempts (successful or             This is needed for enforcing AR 25-1 and AR 25-2 security
                                                  otherwise). The system shall provide alerts/reports to system                  regulations and enforcing secure access controls over the
                                                  administrators to act on multiple failed attempts.                             systems used to secure, operate, and manage the
                                                                                                                                 LandWarNet and its supported Army and Business systems.                1
                                                                                                                                 It also supports post-mortems on IT outages/attacks.


Verify Agent Account Data                         The system shall manage agents to verify user account data, to include         This is a core functionality of the Backup and Recovery
                                                  which permissions, assets, services, and applications the user is              system and is needed by administrators to ensure proper
                                                  authorized to activate/possess. User account data may be modified and          usage of the system                                                    2
                                                  pushed back to the platform if necessary using the Manage Agent User
                                                  Accounts system function.


11/3/2009




            Enterprise NetOps Planning Division
            ESTA-OSC I-ENPD
            2133 Cushing St.
            Ft. Huachuca, AZ
            85613-7070
            Compliance.Team@conus.army.mil                                                                                                                                            16                                                                                                        1/11/2011
                                                                                                                                   NETCOM/9TH SIGNAL COMMAND (ARMY)
                                                                                                                                 LANDWARNET NETOPS ARCHITECTURE (LNA)
                                                                                                                                                     COMPLIANCE CHECKLIST #2
                                                                   E-MAIL MANAGEMENT SYSTEM                                                                                                                                                        PRODUCT COMPLIANCE
                                                             INTERACTION WITH OTHER LNA CAPABILITIES                                                                                                                                            TO BE COMPLETED BY VENDOR
                                                                                                                                                                                                             COMPLIANCE       SUPPORTING DOCUMENTATION
                 FROM                                TO                  DATA FLOW TEXT DESCRIPTION                                            DATA ELEMENT DEFINITION                                         YES/NO     TO INCLUDE: URL, SOURCE DOCUMENT   DESCRIPTION    COMMENTS
                                                                                                                                                                                                                               NAME AND PAGE NUMBERS
    Active Directory                  Email Management                Contains data sent from Active Directory (AD) to the     Contains AD user and group information needed for users to authenticate
                                                                      Email Management System.                                 themselves to systems.
    Capacity, Availability, and       Email Management                Contains a request for data sent from the Capacity,      This is a generic request for data from one NetOps system to another.
    Performance Monitoring System                                     Availability and Performance (CAP) system to the Email   The type, content, format, and frequency of the data requested and/or sent
                                                                      Management System.                                       is dependant on the respective unique systems.

    Configuration Management          Email Management                Contains data sent from the Configuration Management     Address that this protocol end point represents, for example, 171.79.6.40
    Database/Service Support                                          Database/Service Support (CMDB/SS) systems to the        or FE:ED:FE:ED:00:11. The address format, such as Internet Protocol
                                                                      Email Management System. This data is an update of       (IP), Internetwork Packet Exchange (IPX), or Ethernet, depends on the
                                                                      existing Work Flow Requests (WFR) initiated by the       Protocol Type value. It can be further refined in subclasses.
                                                                      Email manager.

                                                                                                                               Contains alphanumeric data reflecting the name of LandWarNet Asset.

                                                                                                                               Contains the current status of a WFR. Status options include open,
                                                                                                                               closed, pending, working etc.
    Email Management                  Active Directory                Contains a request for data sent from the Email          This is a request from a management platform for information regarding
                                                                      Management system to AD.                                 LandWarNet user accounts and groups. This information is then used by
                                                                                                                               the management platform to authenticate/validate user access.

    Email Management                  Capacity, Availability, and     Contains data sent from the Email Management system      Contains a number representing Mbytes available on the system at a
                                      Performance Monitoring System   to the CAP System.                                       specific time.

                                                                                                                               Contains numeric value representing average time elapsed for reading
                                                                                                                               from a disk.
                                                                                                                               Contains numeric value representing the average time elapsed for write to
                                                                                                                               a disk.
                                                                                                                               Contains the number of reads to a database during a given time period.

                                                                                                                               Contains the number of writes to a database over a given time period.

                                                                                                                               Contains information about the amount of space that is being used on a
                                                                                                                               drive. A drive can be a physical or virtual drive as in the case of RAID
                                                                                                                               assemblies. This measurement can be used individually or coupled with
                                                                                                                               another measurement to reflect how disk capacity is affected by other
                                                                                                                               types of activities.
                                                                                                                               Contains the number of table entries free on a system during a given
                                                                                                                               period.
                                                                                                                               Contains the amount of memory used on a specific system. This element
                                                                                                                               can be used individually or couple with other element to reflect how they
                                                                                                                               may effect memory utilization. (i.e. used in conjunction with time to
                                                                                                                               encrypt would show how encryption impacts memory usage).

                                                                                                                               Contains data relative to the amount of network traffic passing through a
                                                                                                                               given network card at a given time period. It can include total bites
                                                                                                                               received/sent, packets sent/received or current bandwidth.

                                                                                                                               Pages Per Second: Contains a numeric entry of the number of pages
                                                                                                                               read from the disk or written to the disk to resolve memory references to
                                                                                                                               pages that were not in memory at the time of the reference.

                                                                                                                             Contains information relative to the amount of processor being utilized
                                                                                                                             during a given period. This element can be used individually or couple
                                                                                                                             with other element to reflect how they may effect the amount of the
                                                                                                                             processor used.
                                                                                                                             Contains data about the availability of a given service during a given time
                                                                                                                             frame.
    Email Management                  Configuration Management        Contains Configuration, Event, and Inventory data sent Address that this protocol end point represents, for example, 171.79.6.40
                                      Database/Service Support        from the Email Management System to the Configuration or FE:ED:FE:ED:00:11. The address format, such as IP, Internetwork
                                                                      Management Data Base (CMDB).                           Packet Exchange, or Ethernet, depends on the Protocol Type value. It
                                                                                                                             can be further refined in subclasses.
                                                                                                                             Name of the alerting computer as known by the management system.
                                                                                                                               Contains the binary files that when executed install a specific application
                                                                                                                               onto a LandWarNet asset.


Enterprise NetOps Planning Division
ESTA-OSC I-ENPD
2133 Cushing St.
Ft. Huachuca, AZ 85613-7070
Compliance.Team@conus.army.mil                                                                                                                                          17                                                                                                      1/11/2011
                                                                                 NETCOM/9TH SIGNAL COMMAND (ARMY)
                                                                               LANDWARNET NETOPS ARCHITECTURE (LNA)
                                                                                                    COMPLIANCE CHECKLIST #2
                                                 E-MAIL MANAGEMENT SYSTEM                                                                                                                           PRODUCT COMPLIANCE
                                           INTERACTION WITH OTHER LNA CAPABILITIES                                                                                                               TO BE COMPLETED BY VENDOR
                                                                                                                                                              COMPLIANCE       SUPPORTING DOCUMENTATION
                 FROM                 TO         DATA FLOW TEXT DESCRIPTION                  DATA ELEMENT DEFINITION                                            YES/NO     TO INCLUDE: URL, SOURCE DOCUMENT   DESCRIPTION    COMMENTS
                                                                                                                                                                                NAME AND PAGE NUMBERS
                                                                              Internal identifier for the current compilation of the application.
                                                                              Textual description of the instance.
                                                                              Domain name of the computer as known by the target system. If unknown,
                                                                              use NULL.
                                                                              Date and time of the event or occurrence within the LandWarNet.
                                                                              Internal identifier for the current application patch.
                                                                              Main function of the computer system. Possible values are defined in the
                                                                              Capability List attribute:
                                                                              Not Dedicated (default)
                                                                              Unknown
                                                                              Other
                                                                              Storage
                                                                              Router
                                                                              Switch
                                                                              Layer 3 Switch
                                                                              Central Office Switch
                                                                              Hub
                                                                              Access Server
                                                                              Firewall
                                                                              Print
                                                                              Input/Output (I/O)
                                                                              Web Caching
                                                                              Server
                                                                              Management
                                                                              Block Server
                                                                              File Server
                                                                              Mobile User Device
                                                                              Repeater
                                                                              Bridge/Extender
                                                                              Gateway
                                                                              LoadBalancer
                                                                              Mainframe
                                                                              SANSwitch
                                                                              SANHub
                                                                              SANBridge
                                                                              SANRouter
                                                                              SANDirector
                                                                              Redundant Array of Independent Disk (RAID) StorageDevice
                                                                              TapeLibrary
                                                                              JBOD
                                                                              Typically, this attribute is set to the first item in Capability List. For
                                                                              example, a server that has some firewall capabilities could have Primary
                                                                              Capability set to Server and Capability List set to Server, Firewall. A
                                                                              switch device would have both Capability List and Primary Capability set to
                                                                              Switch.
                                                                              Computer system's primary operating system.
                                                                              Internal identifier of the application's service pack. For mainframe software
                                                                              elements, this attribute stores the Function Modification Identifier (FMID)
                                                                              with System Modification Program/Extended, a code that identifies the
                                                                              release levels of the element.
                                                                              Contains data reflecting the type and location of software installed on a
                                                                              LandWarNet asset.
                                                                              Unique account identifier of the user that created the instance. This
                                                                              attribute is automatically populated and can be an actual individual or a
                                                                              system that auto-generated instance.
                                                                              Type of computer system. If the computer is Windows-based, this attribute
                                                                              must have a value. Values are:
                                                                              X86-based Personal Computer (PC) (0),
                                                                              Millions of Instructions Per Second (MIPS) -based
                                                                              PC
                                                                              Alpha-based PC
                                                                              Power PC
                                                                              SH-x PC
                                                                              StrongARM PC
                                                                              64-bit Intel PC

Enterprise NetOps Planning Division
ESTA-OSC I-ENPD
2133 Cushing St.
Ft. Huachuca, AZ 85613-7070
Compliance.Team@conus.army.mil                                                                                        18                                                                                                         1/11/2011
                                                                                 NETCOM/9TH SIGNAL COMMAND (ARMY)
                                                                               LANDWARNET NETOPS ARCHITECTURE (LNA)
                                                                                                  COMPLIANCE CHECKLIST #2
                                                 E-MAIL MANAGEMENT SYSTEM                                                                                         PRODUCT COMPLIANCE
                                           INTERACTION WITH OTHER LNA CAPABILITIES                                                                             TO BE COMPLETED BY VENDOR
                                                                                                                            COMPLIANCE       SUPPORTING DOCUMENTATION
                 FROM                 TO         DATA FLOW TEXT DESCRIPTION                 DATA ELEMENT DEFINITION           YES/NO     TO INCLUDE: URL, SOURCE DOCUMENT   DESCRIPTION    COMMENTS
                                                                                                                                              NAME AND PAGE NUMBERS
                                                                              64-bit Alpha PC
                                                                              Unknown (default)
                                                                              X86-Nec98 PC




Enterprise NetOps Planning Division
ESTA-OSC I-ENPD
2133 Cushing St.
Ft. Huachuca, AZ 85613-7070
Compliance.Team@conus.army.mil                                                                           19                                                                                    1/11/2011
             ARMY PROPONENT

ORGANIZATION:



POINT OF CONTACT:
POINT OF CONTACT:



PHONE:


E-MAIL:



                                                                           TARGETE

    Army Area Processing Center (APC):


    Army Global Network Operations and Security Center (Army-GNOSC) TOC:


    Army Strategic Command (ARSTRAT):
Battalion Command Assistance Team (BCAT):


Brigade (X) Signal Company:


Corps (XXX) G-6:


Division (XXX) G-6:


Installation, Garrison, Post, Camp, Station NEC (formally DOIM):


Regional Computer Emergency Response Team (RCERT):


Theater Network Operations (NetOps) Center (TNC) - DISA:
   Theater Tactical Signal Brigade (TTSB):


   Other (Please Identify):




NOTE:
a) Completed LNA Compliance Checklists and supporting documentation are to be e-mailed to the NETCOM 9th Si

b) These LNA Checklists and supporting documentation will be utilized by the LNA Compliance Team in their asses
                                        9th SIGNAL CO
                                    LANDWARNET NETOP
                                       E-MAIL MANAG
                                    TO BE COMPLETED BY AR
                VENDOR                PRODUCT

COMPANY NAME:            NAME:

                         VERSION:

POINT OF CONTACT:
                POINT OF CONTACT:



                PHONE:


                E-MAIL:



                                       TARGETED ECHELON(S) FOR IMPLEMENTAT

C):


nd Security Center (Army-GNOSC) TOC:


AT):
 am (BCAT):




 Station NEC (formally DOIM):


esponse Team (RCERT):


Ops) Center (TNC) - DISA:
TSB):




klists and supporting documentation are to be e-mailed to the NETCOM 9th Signal Command, LNA Compliance Team at the following: .-

ting documentation will be utilized by the LNA Compliance Team in their assessment of this NetOps products compliance to the Army LN
               9th SIGNAL COMMAND (ARMY)
           LANDWARNET NETOPS ARCHITECTURE (LNA)
              E-MAIL MANAGEMENT SYSTEM
           TO BE COMPLETED BY ARMY REQUIRING ACTIVITY
             PRODUCT         COMPLIANCE CHECKLIST SUBMITTED TO NETCOM

NAME:
                           DATE:
VERSION:

                                                   INTENDED USE OF
TARGETED ECHELON(S) FOR IMPLEMENTATION OF THIS PRODUCT (Please Ch

        Army CIO G-6:


        Army Operations Center - Pentagon:


        Battalion (II) S-6:
Brigade (X) Combat Team (BCT):


Communications-Electronics Research Development & Engineering Center (CERDEC):


Corps (XXX) Signal Company:


Division (XX) Signal Company:


NETCOM / 9th Signal Command (Army):


Regional Hub Node:


Theater Network Operations (NetOps) Control Center (TNCC):
                    U.S. Army National Guard NOSC:




NETCOM 9th Signal Command, LNA Compliance Team at the following: .- - - - - - - - - - - - - - - -- - - - - - - - - - - - - - - - - - - - - - -

am in their assessment of this NetOps products compliance to the Army LNA, prior to a CoN being granted by NETCOM/9th Signal Comm
NAL COMMAND (ARMY)
T NETOPS ARCHITECTURE (LNA)
MANAGEMENT SYSTEM
TED BY ARMY REQUIRING ACTIVITY
     COMPLIANCE CHECKLIST SUBMITTED TO NETCOM          DOES THIS PRODUCT ( VERSION ) HAVE A

                                                YES:
   DATE:
                                                NO:

                           INTENDED USE OF THIS PRODUCT
LEMENTATION OF THIS PRODUCT (Please Check ( √ )
Development & Engineering Center (CERDEC):




):




Control Center (TNCC):
t the following: .- - - - - - - - - - - - - - - -- - - - - - - - - - - - - - - - - - - - - - -   compliance.team@conus.army.mil

e to the Army LNA, prior to a CoN being granted by NETCOM/9th Signal Command.
LNA)



Y
              DOES THIS PRODUCT ( VERSION ) HAVE A CERTIFICATE OF NETWORTHINESS (CoN)

       YES:                           CoN DATE:

       NO:                            DATE REQUEST SUBMITTED:

 USE OF THIS PRODUCT
lease Check ( √ )

          Army Computer Emergency Response Team (ACERT) Tactical Operations Center (TOC):


          Army Service Component Commands:


          Battalion (II) Signal Company:
Brigade (X) S-6:


Company Signal Support:


Department of the Army (DA):


Expeditionary Signal Battalion (ESB) BATCON:


NSC Operations Center (OC):


Signal Command (Theater) HQ and CIO:


Theater Network Operations and Security Center (TNOSC):
               U.S. Strategic Command (STRATCOM):




           compliance.team@conus.army.mil

h Signal Command.
TE OF NETWORTHINESS (CoN)



D:
ations Center (TOC):

				
DOCUMENT INFO
Description: Computer, Network and It Management Manual document sample