home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
Internet Info 1994 March
/
Internet Info CD-ROM (Walnut Creek) (March 1994).iso
/
inet
/
ddn-news
/
ddn-mgt-bulletin-119.txt
< prev
next >
Wrap
Text File
|
1993-03-01
|
4KB
|
82 lines
************************************************************************
DDN MGT Bulletin 119 DISA DDN Defense Communications System
1 March 1993 Published by: DDN Network Info Center
(NIC@NIC.DDN.MIL) (800) 365-3642
DEFENSE DATA NETWORK
MANAGEMENT BULLETIN
The DDN MANAGEMENT BULLETIN is distributed online by the DDN Network
Information Center under DISA contract as a means of communicating
official policy, procedures and other information of concern to
management personnel at DDN facilities. Back issues may be read
through the TACNEWS server ("@n" command at the TAC) or may be
obtained by FTP (or Kermit) from the NIC.DDN.MIL host [192.112.36.5]
using login="anonymous" and password="guest". The pathname
for bulletins is ddn-news/ddn-mgt-bulletin-nn.txt (where "nn" is the
bulletin number).
************************************************************************
PLEASE PASS TO ALL MILNET NODE SITE COORDINATORS.
FOR DISA AREAS, PLEASE PASS AS A LOCAL AREASTA.
THIS INFORMATION HAS ALSO BEEN RELEASED AS CONUSMILNETSTA 04/93
Subject: Policy for Crypto Re-Keying of MILNET ISTs
1. One of the most common reasons for MILNET inter-switch trunk
(IST) outages is crypto coordination problems at MILNET sites at HJ
times. We have been working hard to reduce these occurences, with
significant success. However, problems still occur. The best
solution to this problem is for all MILNET ISTs to use OTAR.
DISA has an ongoing effort to assist the net control stations (NCSs)
to convert to OTAR. The MILNET POC for OTAR is SSgt Joe Buchanan,
DSN 222-2771, commercial (703) 692-2771. We have found another
partial solution. We have researched the crypto procedures required
for MILNET ISTs not currently using OTAR. This bulletin restates
existing policy for encryption in MILNET ISTs where OTAR is not
implemented.
2. Standard NSA policy states that unclassified network circuits that
do not use OTAR may use a monthly crypto period with no update.
This means that the traffic encryption key (TEK) may be loaded into
the crypto device monthly and no daily update is required. This
bulletin establishes the monthly crypto period with no update as the
standard for MILNET ISTs that are not using OTAR. This procedure
should be implemented ASAP. The deadline for converting to this
procedure is 19 Mar 1993.
3. Two procedures have been defined: 1) the procedure that must be
followed when a circuit outage occurs and 2) for sites that are not
manned seven days a week, the procedure for installing the next TEK
when the first of the month occurs on a week-end or holiday
a. If a circuit fails but the crypto equipment re-synchs
automatically after restoral, loading of new TEK is not
required. Please note that a KG-84A will retain key during
power or circuit outages only if fresh fill-hold batteries are
installed. If a circuit fails and the crypto equipment does not
re-synch automatically, the "next up" segment of TEK will be
loaded. In order to re-establish the normal period, the KG-84A
will also be loaded on the first of the next month.
b. When the first of the month occurs on a week-end or holiday at a
site not manned during that time, the monthly loading of the TEK
will be accomplished on the next duty day at a time established by
the NCS. This situation should be coordinated with the MILNET
monitoring center (1-800-451-7413).
4. DISA POCs for this topic are:
Maj Ted A. Tatchio (DSN 222-2757, commercial 703-692-2757)
email: milnetmgr@ddn-conus.ddn.mil
Mr Rod McDaniel, DSN 222-7580, commercial 703-692-7580)
email: cmcmgr@ddn-conus.ddn.mil
5. This CONUSMILNETSTA will remain in effect until cancelled by
this office.
