Embed Size (px)
Citation preview
LANDWARNET 2011 TRANSFORMING CYBER WHILE AT WAR UNCLASSIFIED
UNCLASSIFIED
Army Golden Master (AGM) Apple OS X 10.6
Information Exchange Forum
Session: 4
Army Golden Master Program
Tina Hernandez
NETCOM 9th SC (A) G5 PP&A
LANDWARNET 2011 TRANSFORMING CYBER WHILE AT WAR UNCLASSIFIED
UNCLASSIFIED
Program Overview / Objectives
UGM Baseline
UGM-Army Configurations
Product families
Release / Deployment
Demonstration
Questions
IEF Session: 4, Track: NETCOM/9th SC(A) 2011-08-24 (1430-1545) // Army Golden Master Program for Apple OS 2
LANDWARNET 2011 TRANSFORMING CYBER WHILE AT WAR UNCLASSIFIED
UNCLASSIFIED 3
AGM Program Functions
Federal Security Governance
•DISA
•NSA
•USGCB
•Branch Services
•Govt. Agencies
•Industry Partners
DOD Consensus Working group
•Joint Consensus configuration baseline security settings
•Security Template Implementation Guidance (STIG)
UGM-Army
•Is based on DOD Consensus working group settings
•Includes functionality settings required by the Army
Enterprise License Agreement
•Token based activation
•Issuance license
•Software assurance
Accreditation
•CoN - certificate of Networthiness
• DIACAP
• ACA Scorecard
• IATT
• IATO
• ATO
Deployment
•UGM-Army builds
• DVD’s
•SYSMAN
• Distribution
•PD CHESS
•CB Program
•SOFTMART
• Download
Authoritative source for Army defined standard configurations for the office productivity computing
environment within the Army Enterprise Infrastructure.
2011-08-24 (1430-1545) // Army Golden Master Program for Apple OS IEF Session: 4, Track: NETCOM/9th SC(A)
LANDWARNET 2011 TRANSFORMING CYBER WHILE AT WAR UNCLASSIFIED
UNCLASSIFIED 4
Standard Application integration
Automated Build
Process
DISA, NSA, MILDEPs
(Army, Air Force, Navy, Marine Corps, Coast Guard)
Service Working Group
DISA/NSA “STIG”
USGCB Baselines
Vendor Security Guides Federal Policy
DOD UGM Configuration
2011-08-24 (1430-1545) // Army Golden Master Program for Apple OS IEF Session: 4, Track: NETCOM/9th SC(A)
LANDWARNET 2011 TRANSFORMING CYBER WHILE AT WAR UNCLASSIFIED
UNCLASSIFIED 5
NSA/DISA/USGCB
Army Configuration
Enterprise Applications
HW Drivers
Requires Applications
Security Modifications
2011-08-24 (1430-1545) // Army Golden Master Program for Apple OS IEF Session: 4, Track: NETCOM/9th SC(A)
Type Accreditation (ATO) and Enterprise Certificate of Networthiness (CON) obtained
through services and or reciprocity.
LANDWARNET 2011 TRANSFORMING CYBER WHILE AT WAR UNCLASSIFIED
UNCLASSIFIED
Full Baseline • Three digit versioning allows for
minor updates without
reaccreditation (“10.0.0”)
• Version is only updated when
there is a security change or the
vendor releases a major Service
Pack
Updates • No version changes
• Cumulative Hotfixes
• Updated application library
• Updated Utilities/Documentation
6
(Required)
DOD UGM Baseline
Image
STIG/USGCB Compliance
IAVM Compliance
(release date)
OS image (dmg)
(Optional)
UGM-ARMY
Security Patches
Cumulative Update
Hotfixes/IAVM
(Optional)
UGM-ARMY
Application Library
New/Updated applications
Full AGM Library
published
2011-08-24 (1430-1545) // Army Golden Master Program for Apple OS IEF Session: 4, Track: NETCOM/9th SC(A)
LANDWARNET 2011 TRANSFORMING CYBER WHILE AT WAR UNCLASSIFIED
UNCLASSIFIED 7
• Windows Vista SP2
• Windows Server 2008 SP2
• Windows Server 2003 SP2
• Mac OS X Leopard
• Windows 7 Enterprise (AGM)
• Windows Server 2008 R2
• Mac OS X Snow Leopard
x86 & x64
UGM-Army
10 Family
x64 only
AGM
9 Family
2011-08-24 (1430-1545) // Army Golden Master Program for Apple OS IEF Session: 4, Track: NETCOM/9th SC(A)
LANDWARNET 2011 TRANSFORMING CYBER WHILE AT WAR UNCLASSIFIED
UNCLASSIFIED 8
SOFTMART
• Hosts AGM\ELA media
CHESS
• Maintains Installation List
• Maintains POC list
NEC\NEC equivalent
• Approves ELA license requests
• Download media
• Receives physical shipments
Trusted Agent
• Download media
For assistance accessing media:
SoftMart\CHESS
NEC\PM Points of Contact
Trusted Agent
Local Distribution of AGM or MS-ELA2 media
2011-08-24 (1430-1545) // Army Golden Master Program for Apple OS IEF Session: 4, Track: NETCOM/9th SC(A)
LANDWARNET 2011 TRANSFORMING CYBER WHILE AT WAR UNCLASSIFIED
UNCLASSIFIED
Interim Authority to Operate (IATO)
Effective through 25 Jan 2012 • UGMA OS X 10.6 will NOT connect to the Active Directory domain.
• The AGM Program will provide configuration guidance and procedures for CAC/PKI authentication.
• UGMA OS X 10.6 is implemented and operated with protection mechanisms as documented in UGMA OS X 10.6 IA C&A package as updated July 2011.
Deprecated support AGM Leopard 10.5 • Apple has deprecated support for 10.5 Leopard, Users must upgrade to
the DoD/UGM-Army OS X 10.6 Snow Leopard.
way ahead is to use 3rd party for AD Bind solution and Data at Rest solution.
9 2011-08-24 (1430-1545) // Army Golden Master Program for Apple OS IEF Session: 4, Track: NETCOM/9th SC(A)
LANDWARNET 2011 TRANSFORMING CYBER WHILE AT WAR UNCLASSIFIED
UNCLASSIFIED
Frequently asked questions…… Does the AGM Team support iPhone and iPad?
• The AGM Team does NOT create images for Apple iOS devices.
Can I sign Lotus Forms on a Mac? • There are no applications for the Mac that let users view, fill out or sign
Lotus Forms natively. It is suggested that users install Windows on their Mac using Boot Camp Assistant or a 3rd-Party virtualization tool.
Can I bind to AD using Apple’s native support? • Per current IATO UGM-Army Snow Leopard machines are not to be
bound to the domain.
Does the AGM Team support AGM Leopard 10.5? • Since Apple has deprecated support for 10.5 Leopard, the AGM Team
will not support this operating system. We suggest users upgrade to the DoD/UGM-Army OS X 10.6 Snow Leopard build.
10 2011-08-24 (1430-1545) // Army Golden Master Program for Apple OS IEF Session: 4, Track: NETCOM/9th SC(A)
LANDWARNET 2011 TRANSFORMING CYBER WHILE AT WAR UNCLASSIFIED
UNCLASSIFIED 11
Deployment Training UGM-Army Mac OS X 10.6 deployment training
sessions are being scheduled for later this year. •The first session was held the week of 1-5 August in Reston,
VA.
•Organizations interested in hosting UGM-A OS X 10.6 deployment trainings should contact AGM Capability Manager, NETCOM 9th SC(A) G5 at [email protected]
2011-08-24 (1430-1545) // Army Golden Master Program for Apple OS IEF Session: 4, Track: NETCOM/9th SC(A)
LANDWARNET 2011 TRANSFORMING CYBER WHILE AT WAR UNCLASSIFIED
UNCLASSIFIED 12
1. Boot from installation media.
2. Restore DoD OS X Image. • Base OS • Security Hardening • Customization
3. Apply post install actions • Admin Actions • Optional Actions • User Actions
DoD OS X Snow Leopard Installation Overview
2011-08-24 (1430-1545) // Army Golden Master Program for Apple OS IEF Session: 4, Track: NETCOM/9th SC(A)
LANDWARNET 2011 TRANSFORMING CYBER WHILE AT WAR UNCLASSIFIED
UNCLASSIFIED 13
Unified Golden Master Army Package Installer Overview
2. Initiate the install process
1. Download the UGM-Army Installer from Softmart
3. Follow install prompts
4. Restart
• Configuring Office • CAC Bind Utility
5. Apply post install actions
2011-08-24 (1430-1545) // Army Golden Master Program for Apple OS IEF Session: 4, Track: NETCOM/9th SC(A)
LANDWARNET 2011 TRANSFORMING CYBER WHILE AT WAR UNCLASSIFIED
UNCLASSIFIED
CAC Enabler Tool
14 2011-08-24 (1430-1545) // Army Golden Master Program for Apple OS IEF Session: 4, Track: NETCOM/9th SC(A)
LANDWARNET 2011 TRANSFORMING CYBER WHILE AT WAR UNCLASSIFIED
UNCLASSIFIED 15
• Tina Hernandez
• 520-538-3648
AGM Program Management
• Ken Beall/NCI (Contractor)
AGM Technical/Project
Lead
• Comm: 800-966-7176 AGM Help Desk
• https://www.us.army.mil/suite/page/130061 AGM Home Page
(AKO Login required)
2011-08-24 (1430-1545) // Army Golden Master Program for Apple OS IEF Session: 4, Track: NETCOM/9th SC(A)
LANDWARNET 2011 TRANSFORMING CYBER WHILE AT WAR UNCLASSIFIED
UNCLASSIFIED 16 2011-08-24 (1430-1545) // Army Golden Master Program for Apple OS IEF Session: 4, Track: NETCOM/9th SC(A)
