STUDENT TEXT (ST-II) E3AQR3D132 01AC

DESIGNED FOR AETC COURSE USE NOT INTENDED FOR USE ON THE JOB

TECHNICAL TRAINING

Cyber Transport Systems

Network Management Fundamentals

21 September 2015

81 TRAINING GROUP 338 TRAINING SQUADRON

Keesler AFB Ms 39532

This lesson contains information which may not be disclosed to international students without proper authorization. Refer to the foreign disclosure memorandum in the Security Annex of the Course Training Plan for further information

STUDENT TEXT (ST) E3AQR3D132 01AC

2

Table of Contents

UNIT 1 Network Management Fundamentals .......................................................................... 3 

OBJECTIVE 1A .................................................................................................................................. 3 

INTRODUCTION .................................................................................................................................................... 3 

Defense Information Systems Agency (DISA) ...................................................................................................... 3 

DISA Circulars ....................................................................................................................................................... 4 

The Global Information Grid (GIG) ....................................................................................................................... 4 

DISA’s Role with the GIG ...................................................................................................................................... 5 

Circuit Action Responsibilities .............................................................................................................................. 6 

The Air Force Information Networks (AFIN) ......................................................................................................... 6 

ASI Approval Authority ......................................................................................................................................... 8 

UNIT 1‐1 EXERCISE ........................................................................................................................... 9 

OBJECTIVe 1B ................................................................................................................................ 10 

Record Keeping .................................................................................................................................................. 10 

Reporting ............................................................................................................................................................ 10 

Time Compliance Technical Order (TCTOs) ........................................................................................................ 11 

Time Compliance Network Order (TCNOs) ........................................................................................................ 12 

Notice To Airman (NOTAMs) .............................................................................................................................. 13 

Configuration Management Concepts ............................................................................................................... 15 

Maintenance Tracking Software Fundamentals ................................................................................................ 16 

Gateway Access Request/Gateway Access Authorization (GAR/GAA) .............................................................. 17 

DISA Communications Requirements and Provisioning Process ....................................................................... 19 

Telecommunications Request (TR) .................................................................................................................... 19 

Telecommunications Service Request (TSR) ...................................................................................................... 20 

Telecommunications Service Order (TSO) ......................................................................................................... 20 

Telecommunications Service Priority (TSP) ........................................................................................................ 20 

Command Communications Service Designator (CCSD) .................................................................................... 22 

Status Acquisition Message (SAM) ..................................................................................................................... 25 

Completion Reports ........................................................................................................................................... 25 

Circuit History Folders ........................................................................................................................................ 26 

Service Level Agreements (SLAs)........................................................................................................................ 26 

SUMMARY .......................................................................................................................................................... 26 

EXERCISE 1‐2 ...................................................................................................................................................... 27 

OBJECTIVE 1C ................................................................................................................................. 30 

Maintenance Actions ......................................................................................................................................... 30 

Performing Maintenance ................................................................................................................................... 30 

Use Publications When Performing Work .......................................................................................................... 31 

Use Tracking Software ....................................................................................................................................... 32 

SUMMARY .......................................................................................................................................................... 32 

EXERCISE 1‐3 ...................................................................................................................................................... 33 

    

STUDENT TEXT (ST) E3AQR3D132 01AC

3

UNIT 1 NETWORK MANAGEMENT FUNDAMENTALS

OBJECTIVE 1A

Identify basic facts pertaining to network management fundamentals.

INTRODUCTION In this Block, you will learn that there is extensive planning and coordination involved with maintaining network communications. In the first Objective we will discuss various agencies in the Hierarchy of the Air Force and Department of Defense networks along with some terms associated with Network Management. We will also discuss various responsibilities pertaining to your role as a Cyber Transport technician when managing networks and the documentation and coordination that is involved.

Defense Information Systems Agency (DISA) The Defense Information Systems Agency (DISA) is a U.S. Department of Defense combat support agency composed of military, federal civilians, and contractors. DISA’s main objective is to provide information technology and communications support to the President, Vice President, Secretary of Defense, the military services, combatant commands, and any individual or system contributing to the defense of the United States. DISA delivers hundreds of IT support and service capabilities to its mission partners, and has the capacity to develop or acquire new capabilities to meet DoD’s evolving requirements. Many of DISA’s capabilities include (with systems within these capabilities listed):

Network Services – Transport, Data, Voice, Video, Wireless, Satellite, NIPRNet, SIPRNet

Enterprise Services – Enterprise Email, GCDS, Enterprise Identity Attribute Services Computing Services – Server Hosting & Virtualization, Mainframe Hosting, Web

Hosting, Application Monitoring Command & Control – GCCS-Joint, GCSS-Joint, Multinational Information Sharing Enterprise Engineering – Engineering & Modeling Spectrum Management – Joint Spectrum Data Repository, Global Electromagnetic

Spectrum Information System Information Assurance – Policy & Guidance, Network Defense, PKI, HBSS Interoperability Testing – Joint Interoperability Test Command, System Tracking

Program, Testing/Interoperability Certification Service Support – DCC, Joint Staff Support Center, FSO, Theater Network Operations

Centers, Combatant Command Field Offices, Defense Enterprise Computing Centers Contracting – DISA Direct Order Entry, Wide Area Workflow, DISA Contracts Guide

 

STUDENT TEXT (ST) E3AQR3D132 01AC

4

DISA Circulars A DISA Circular is a set of standards, policies, assignment responsibilities, instructions and procedures, processes, management or technical parameters, and user’s guides for a specific role or technical responsibility. An example of a circular is DISAC 310-130-4 Defense User’s Guide to the Telecommunications Service Priority (TSP) System which sets forth the policies and procedures required to receive a TSP. The TSP process is explained in detail in Objective 1b.

The Global Information Grid (GIG) You learned in Block 1 that the GIG is defined as the globally interconnected, end-to-end set of information capabilities, associated processes, and personnel for collecting, processing, storing, disseminating and managing information on demand to warfighters, policy makers, and support personnel. Essentially, it is the overarching infrastructure for DoD communications providing a worldwide networked infrastructure that allows warfighters to exchange information in a seamless, interoperable, and global space. The GIG was developed out of concerns regarding interoperability and the end-to-end integration of Information Technology (IT) within the DoD. It also:

Supports all DoD, National Security and related IC missions and functions (strategic, operational, tactical, and business), in war and in peace;

Provides secure capabilities from all operating locations (bases, posts, camps, stations, facilities, mobile platforms, and deployed sites); and

Provides interfaces to coalition, allied, and non-DoD users and systems. Ownership, control and management of the GIG are distributed throughout the DoD, (military services run their parts of the network, DISA manages the DISN, etc.). As a result, there are hundreds of networks, data centers, Network Operations (NetOps) centers, contract vehicles, security plans, etc. in the GIG. In many cases, these are duplicated efforts that do not seamlessly connect. This is a circuit-centric environment – functioning, but not efficient – old and new technologies, separate networks and capabilities, myriad of policies often redundant and sometimes conflicting. The DoD has a goal and has started a transition to deliver a standardized, consolidated information enterprise that enables DoD and partners to securely access the information and services they need at the time, place and on approved devices of their choosing. In this new environment, military services will continue to support their own networks – in accordance with DISA regulations – and redundancies in those networks will be eliminated. For example, instead of operating a parallel Army-only network for Army units that are stationed at a predominantly Air Force joint base, the Air Force will operate a single shared network for all personnel at the base.

STUDENT TEXT (ST) E3AQR3D132 01AC

5

DISA’s Role with the GIG One of the most vital parts of the GIG is the Defense Information Systems Network (DISN), which is managed by DISA. Through the DISN networks, users have access to services available in the GIG. Without a connection to the DISN, a military base would be unable to communicate with other DoD facilities and agencies. DISA designs, engineers, sustains, and manages the DISN, providing the connection points, capabilities, and services for the DoD and their mission partners. As the manager of DISN, DISA:

Resolves technical issues for the DISN global networks and communications services Evaluates and improves network performance Implements emerging technologies to maximize effectiveness of the DISN

infrastructure, assuring joint interoperability, security, and best value Translates customers' global network requirements into effective voice/video/data

network and service solutions Applies information assurance practices to all DISN networks and services and

ensures compliance of information systems connected to the DISN

Figure 1-1: The Defense Information Systems Network

STUDENT TEXT (ST) E3AQR3D132 01AC

6

Customer networks connect into the DISN to receive access to network services, such as data services (the ability to email across the country, access to the Internet, etc.). Since customer networks are not managed by DISA, they are not actually part of the DISN. For example, the NIPRNet at Keesler AFB is a customer network managed locally by the 81 Communications Squadron. However, in order for IP traffic to leave the base, the customer network will connect to a DISA controlled router that gives the customer access to the DISN.

Circuit Action Responsibilities DISA is responsible for the operation, configuration, and maintenance of the DISN network and its components. This includes all equipment in a node site that is not located in a DISA facility. A DISA node site or DISA Point of Presence (POP) is the physical location of the DISN equipment. It can be located in customer facilities on a base/post/camp/station or in DISA facilities. Node sites contain many circuits that connect multiple DoD facilities in a geographic region to the GIG. These connections provide DISN services such as NIPRNet or SIPRNet to those facilities. Node sites are connected to each other in a mesh network, thus providing the backbone of the GIG.

Node Site Coordinator If a node site is located at a customer’s facility (i.e. an Air Force base), a Node Site Coordinator (NSC) must be assigned. The NSC is a member of the sponsoring communications information system organization. While DISA retains responsibility for maintenance of DISN equipment in the node, the NSC provides essential, on-site assistance to DISA that enables DISA to maintain DISN equipment at a customer site. The NSC is designated to act on behalf of DISA at the node site, because there usually is no DISA person stationed at the site. The Node Site Coordinator’s responsibilities include:

Primary POC for the Node Site Liaison for Installation and Maintenance Local assistance to the DISA Monitoring Center Coordinates Authorized Service Interruptions Coordinates/Authorizes Node Site Access

The Air Force Information Networks (AFIN) While DISA is the overall manager of the GIG/DISN, the Air Force provisions and owns some of the equipment. This Air Force-owned portion of the GIG is called the AFIN. The Air Force’s underlying Non-Secure Internet Protocol Router Network (NIPRNet) is called the Air Force Network (AFNET), while SIPRNET is called the AFNET-Secure (AFNET-S).

STUDENT TEXT (ST) E3AQR3D132 01AC

7

Air Force Space Command (AFSPC) AFSPC is the Air Force focal point for establishment, operation, maintenance, defense, exploitation, and attack Cyberspace Operations. They are the lead command for all cyberspace operations performed by the USAF. AFSPC coordinates the prioritization of all Cyberspace Infrastructure requirements. The commander of AFSPC is responsible for the overall command and control, security and defense of the AFIN.

Twenty-Fourth Air Force (24 AF) The 24 AF is the Air Force’s component of U.S. Cyber Command, the armed forces command in charge of all military cyberspace operations. The 24 AF is the operational warfighting organization that executes full spectrum cyberspace operations to ensure friendly forces maintain a warfighting advantage. Their overall mission is to operate, extend, and defend the AFIN.

624th Operations Center (624 OC) The 624 OC, located at Lackland AFB, TX, is the operational-level command and control organization for 24 AF, providing strategy, planning, execution, monitoring, and assessment of AF cyber operations. They direct cyber operations of all subordinate units on the AFIN by issuing cyber tasking orders.

Cyber Transport’s Role in the GIG As a 3D1X2, you could be stationed at a GIG node site that monitors hundreds of DISA-owned circuits. At the node site, you could work in direct support of the Node Site Coordinator. If you are not stationed at a node site, you may be stationed in a Base Communications Squadron where you will work on a network that contains at least one circuit that connects to the GIG to provide your base with a gateway out of its own internal network.  

Authorized Service Interruptions (ASI). ASIs are scheduled periods of network, equipment, or system downtime required to perform preventive maintenance actions, software or equipment upgrades or replacement, system reboots, etc. There are three defined types of ASIs: Preventive Maintenance Inspection (PMI) PMI ASIs are required for any preventive maintenance actions accomplished on a recurring basis. Examples include routine maintenance of server equipment or server reboots required due to the application of TCTO/MTO-directed countermeasures. Routine Routine ASIs are required for any network system changes that will require an interruption of service to complete. Examples include service interruptions required to perform system/software upgrade, or to repair/replace faulty equipment.

STUDENT TEXT (ST) E3AQR3D132 01AC

8

Emergency Emergency ASIs are for those ad hoc events which require an immediate service interruption to correct hazardous or degraded conditions where loss of human life or of Core Services (DCs, exchange, switches, routers) could occur through lack of immediate action. Examples of emergency outages include power problems, equipment malfunctions, imminent system failures, or any hazardous condition that requires immediate attention and cannot otherwise be scheduled as a routine service interruption.

ASI Approval Authority

AFSPC or 24 AF is the approval authority for routine and emergency ASI requests associated with AFIN links, nodes, functional systems, or services on the AFIN that either (1) directly supporting an active Combatant Command’s operation; (2) whose compromise or loss could affect national security; or (3) whose compromise or loss would degrade or disable critical Command and Control communications. The 624 OC is the focal point for the coordination of these ASIs.

Installation commanders are the approval authority for all other ASIs. SUMMARY You should now have a better understanding of the organizations involved with the management and operation of the Air Force’s networks. You learned how DISA supports the GIG, as well as the various levels of responsibility. You also learned the different types of authorized service interruptions.

STUDENT TEXT (ST) E3AQR3D132 01AC

9

UNIT 1-1 EXERCISE

1) The main objective of ________________ is to provide information technology and communications support to the President, Vice President, Secretary of Defense, the military services, combatant commands, and any individual or system contributing to the defense of the United States. 2) What are the 10 major capabilities that DISA provides the Department of Defense? 3) One of the most vital parts of the GIG is the _______________. 4) DISA ___________, ____________, _____________, and ____________ the DISN, providing the connection points, capabilities, and services for the DoD and their mission partners. 5) As manager of the DISN, what functions does DISA perform? 6) What is another name for a DISA node site? 7) Name three of the Node Site Coordinator’s responsibilities. 8) What is the Air Force’s underlying Non-Secure Internet Protocol Router Network called? 9) ________________ is the Air Force focal point for establishment, operation, maintenance, defense, exploitation, and attack Cyberspace Operations. 10) A ____________________ ASI is required for server reboots. 11) Who is the approval authority of PMI ASIs?

STUDENT TEXT (ST) E3AQR3D132 01AC

10

OBJECTIVE 1B Identify basic facts pertaining to network management correspondence and documentation.

Record Keeping

Historical Records Work center facility, systems installation, and equipment records are historical documentation that constitutes a permanent record of significant maintenance actions or significant changes to the facility or system. These historical records must remain with each equipment or system throughout its life cycle. They are designed to provide technicians and item managers with an accurate portrayal of significant actions, modifications, issues, and overhauls. Master Station Log The Master Station Log (MSL) is the official narrative record maintained to record significant events (e.g., power failures, complete system outages, major equipment outages or impairments such as hazardous conditions (HAZCONs), and any other event that may have an impact on operation of the GIG, time verification, shift or watch changes, special tests, etc. Every facility that houses GIG equipment must maintain a MSL.

Reporting

Communications Focal Point (CFP) The Communications Focal Point (CFP) is an organization within a unit that performs help/service desk functions while monitoring and collecting data from various sources within the organization, depot, DISA, and others in their area of responsibility. This data is used to report equipment and work center statuses to unit commanders. The CFP functions in direct support of the unit’s operational mission, to include support of voice/data network systems (routers, switches, servers, key systems, and desktop systems), radio systems, video, and all other communications/cyber equipment/systems, while maintaining visibility of performance indicators. The CFP is typically made of personnel from multiple 3DXXX AFSCs. In Communication Squadrons, the CFP serves as the conduit for the Air Force’s Enterprise Service Desk (ESD) to resolve communications systems and equipment issues at base levels. The ESD is responsible for all Air Force Network (AFNET) users. Trouble tickets are created by customers on base and routed to the CFP. In turn, the CFP will route the ticket to the appropriate production work center for resolution. SITREPs SITREPs (Situational Reports) are narrative reports that keep recipients informed of significant outages, events, and/or status and enable higher levels (i.e. MAJCOMs, services, Joint Staff, Secretary of Defense, etc.) of command to prepare for potential effects of ongoing situations. They can be submitted at daily, weekly or monthly intervals, or as directed.

STUDENT TEXT (ST) E3AQR3D132 01AC

11

While the ultimate responsibility of sending a SITREP falls on unit commanders, they will be drafted by the unit’s CFP. CFP personnel should be mindful that information in SITREPs can be FOUO or classified and use the appropriate method of notification.

Status Reporting Status Reporting is a term used specifically for DISN circuits. Node Site Coordinators (NSCs) are responsible for sending Status Reports to DISA for various situations regarding degradation or outages of a DISN circuit. An example of such a report is the Hazardous Condition Report which informs DISA of an imminent loss or degradation of a DISN circuit. The NSC will coordinate these external reports with the Communication Focal Point to ensure the unit commander is informed of issues that may impact base operations, and the activities of the node site they are responsible for.

Time Compliance Technical Order (TCTOs) TCTOs are used to initiate and document all permanent modifications, update changes, and retrofit changes to standard Air Force systems, equipment, end items, and commodities. They provide instructions for either modifying these military systems within specified time limits, initiating special one-time inspections, or imposing temporary restrictions on systems or commodities. TCTOs are not used to modify Commercial Off-the-Shelf (COTS) equipment. Priorities: Each TCTO is assigned one of the following three priorities based off the severity of the modification: Immediate Action – Immediate action TCTOs are issued to prevent use of equipment or procedures until hazardous safety conditions, which could result in fatality or serious injury to personnel or extensive damage to or destruction of valuable property, can be corrected. Commanders shall ensure distribution to all affected personnel within four hours after receipt because of the critical nature of the TCTO. Urgent Action – Urgent action TCTOs are issued when potentially hazardous safety conditions could result in injury to personnel, damage to property, or when conditions cause unacceptable reductions in combat efficiency. Commanders shall ensure distribution is made to all affected personnel within 24 hours of receipt. Routine Action – Routine action TCTOs are issued for any conditions not covered under Immediate or Urgent action TCTOs.

STUDENT TEXT (ST) E3AQR3D132 01AC

12

Time Compliance Network Order (TCNOs) TCNOs are downward-directed security or vulnerability-related orders issued by the AF. The TCNO provides a standardized mechanism to issue one “order” to the entire Air Force Network (AFNET) Operations hierarchy, directing how to operate and make changes to the AFIN. TCNOs are created to direct implementation of an operational or security vulnerability risk mitigation procedure, a fix action (e.g. software patch), or in response to a DISA-generated Information Assurance Vulnerability Alert (IAVA). These orders have a significant implication if not accomplished in a timely manner.

TCNO Process

Figure 1-2: The TCNO Process

Two of the main organizations responsible for the creation and routing of TCNOs are the 624 OC and the Integrated-Network Operations and Security Center (INOSC): The 624 OC is responsible for issuing TCNOs as directed by the 24 AF. The 624 OC manages the Air Force-wide tasking system for these cyber orders. They test and develop all TCNOs and relay them to appropriate INOSCs. There are multiple INOSCs across the world that work underneath 24 AF. The INOSCs’ main function is to monitor and support AF network services associated with the bases and units they service. In the TCNO process, they relay, execute, and track TCNOs to affected MAJCOMs,

STUDENT TEXT (ST) E3AQR3D132 01AC

13

MAJCOM Communications Coordination Centers (MCCCs), and installation communications units. At the installation communications units, the CFP will receive the TCNO and direct applicable personnel to implement the TCNO’s actions. Once the TCNO’s actions are completed, the CFP will report completion back to the appropriate INOSC and to the 624 OC.

Notice To Airman (NOTAMs) Command, Control, Communications, and Computers Notice to Airmen (C4 NOTAM) are closely related to TCNOs with the primary difference being that they are informative in nature and are not used to direct actions. They are used by all organizations within the AFNET hierarchy. They are the primary means for disseminating network information that does not direct specific action to be taken, or compliance to be tracked. There are 4 types of C4 NOTAMs: Informative, Scheduled Event, Unscheduled Event, and Summary. Informative C4 NOTAMs (IC4N). IC4Ns serve as the primary vehicle for disseminating network information to Airmen that does not require specific actions to be taken or compliance to be tracked. In some cases, acknowledging receipt of an IC4N may be required. IC4Ns do not require compliance reporting; instead the responsibility remains with the recipient to take actions that best fit their situation. Unscheduled Event C4 NOTAMs (UEC4N). UEC4Ns are the standard format for network event reporting to notify others of any significant network event. The most common types of information included in this report will be, but not limited to, network and equipment outages, incidents, and newly detected vulnerabilities. Scheduled Event C4 NOTAMs (SEC4N). SEC4Ns are used to report scheduled network events including, but not limited to, preventive maintenance, upgrades, or authorized service interruptions. Summary C4 NOTAMs (SC4N). SC4Ns are similar in nature to an Informative C4 NOTAM but have a broader scope and are prepared and transmitted on a recurring basis, typically once each day. Their primary use is for up-channel notification of summary status from the various Network Control Centers (NCCs) to their INOSC. CIPS (Cyberspace Infrastructure Planning System) CIPS is the approved automated information system for planning, installing, and managing the AF cyberspace infrastructure. Its use is directed by AFI 33-150. The primary objective of CIPS is to document the process for procuring, installing, and managing cyberspace infrastructure to support the AF mission. CIPS is a web-enabled certified and secure enterprise government system. It is a key enabler of network centric operations and is a critical tool in support of the AFIN and AF Network Operations. CIPS allows collaboration in documenting and tracking the installation of IT on AF

STUDENT TEXT (ST) E3AQR3D132 01AC

14

installations. It is also the official repository for planning, installation, and management records for unclassified infrastructure/equipment/systems that enable the cyberspace mission on all installations. Documents generated in CIPS are considered historical documentation that remains in the historical records associated with each facility, equipment, or system. CIPS is comprised of three sub-programs: CIPS Visualization Component (CVC), Project Management Implementation Dashboard (PMID), and the Work Order Management System (WOMS).

CIPS Visualization Component (CVC) CVC is a system used to plan, implement, and sustain one geospatially accurate communications mission data set to provide the Air Force a communications infrastructure management tool. It is basically a map that shows the exact location of Air Force owned communication infrastructure.

Figure 1-3: CVC Image of Bryan Hall

Project Management Implementation Dashboard (PMID) PMID is designed to contain the information required to successfully manage a program from inception through closeout in a presentable format. It pulls data, real-time, from relevant existing business objects in the system allowing electronic management of programs without duplication. A program is an effort consisting of one or more related projects. They are developed and implemented to enhance or replace existing capabilities.

Work Order Management System (WOMS) WOMS is an integrated tool that permits users to create, track, and process work orders within CIPS at both the base and MAJCOM levels. Work orders are an enhancement to a current capability that can be funded and accomplished at the base level generally in less than 30 days in

STUDENT TEXT (ST) E3AQR3D132 01AC

15

the form of a maintenance task order. Customers insert work orders into WOMS, and WOMS automatically routes workload requirements to the proper work center.

Figure 1-4: Snapshot of WOMS

Configuration Management Concepts CM is about control. CM helps to ensure that the configuration of an item is known throughout its life. It controls the important aspects of a weapon system that might have a negative impact if not controlled. One small change could cause a rippling effect throughout a system. For example, if an aircraft subcontractor makes a design change to a jet engine that improves performance, the change could ripple through several subsystems. This one change could:

Impact a sensor on the engine; Cause a reading to change in the cockpit; Force the pilot to react differently in certain situations; Cause a change to a technical order and to a maintenance procedure; Impact the reliability of the weapon system and cause a change to provisioning

requirements; Cause a change to the training program and to the flight simulation programs; Cause a change to the supply or vendor base; and/or Require a change to software code that monitors engine performance.

Configuration management is a management process for establishing and maintaining consistency of a product's performance, functional, and physical attributes with its requirements, design and operational information throughout its life. These simple words describe a complex process essential to the successful management of a production program and highlight five major areas of effort as outlined below:

1. Planning and Management — Provides total life-cycle configuration management planning for the program/project and manages the implementation of that planning.

2. Configuration Identification — Establishes configuration information and

documentation of functional and physical characteristics of each configuration items. Documents agreed-to configuration baselines and changes to those configurations that occur over time.

STUDENT TEXT (ST) E3AQR3D132 01AC

16

3. Configuration Control — Ensures that changes to a configuration baseline are properly identified, recorded, evaluated, approved or disapproved, and incorporated and verified, as appropriate. The TCTO and TCNO processes are methods that the Air Force uses to control configuration changes.

4. Configuration Status Accounting — Manages the capture and maintenance of product

configuration information necessary to account for the configuration of a product throughout the product life cycle.

5. Configuration Verification and Audit — Establishes that the performance and

functional requirements defined in the technical baseline are achieved by the design and that the design is accurately documented in the technical baseline.

The CM discipline spans the product life cycle and contributes toward ensuring sustained system performance, minimizing the effects of design changes – functional or physical – reducing the incidence of system incompatibility, and avoiding the procurement of obsolete spare parts during the provisioning process. A strong configuration management program is a necessity within the Cyber Transport career field. Undocumented changes to a network configuration can cause downtime and make troubleshooting very difficult. Configuration Change Management Change potentially creates risk and can increase the vulnerabilities to the AF network from a defensive and operational perspective. The introduced capability must be balanced against the vulnerabilities introduced and the operational risk to users. Assessing and evaluating change risk requires situational awareness of all possible impacts to AF network components. Before changes are introduced into a network or system, they must be properly reviewed, approved and documented following Change Management methods and procedures.

Maintenance Tracking Software Fundamentals Work centers that maintain Air Force equipment must use an Air Force approved Automated Information System (AIS) to track PMIs, trouble tickets, jobs, and other maintenance actions. The following software systems are Air Force approved AISs that you may see in the Cyber Transport career field:

FACIT (Facility and Circuit Information Tracking) FaCIT is a windows-based program and relational database designed to provide centralized infrastructure tracking for leased circuits.

TCOSS (Telecommunications Certification Office Support System) TCOSS supports the management of Air Force and DOD Long Haul Communications office requirements by providing current and historical circuit action data supporting the Air Force, Army, Navy, DISA, DLA, and other DOD agencies, Air Force circuit financial information support for MAJCOMs, MSS database to support mobile satellite, INMARSAT, and Iridium services

STUDENT TEXT (ST) E3AQR3D132 01AC

17

Remedy Remedy is an IT management suite used by AF communication/IT organizations for communication management tracking and documentation.

IMDS Integrated Maintenance Data System (IMDS) is the Air Force's base-level automated maintenance information management system. The system is used primarily to assist managers in making decisions by presenting data that provides effective scheduling of equipment usage, work, and the labor force.

Gateway Access Request/Gateway Access Authorization (GAR/GAA) When setting up a network in a deployed location, the only way to connect to the GIG and pull DISN services is through a SATCOM link. DISA has 16 Standardized Tactical Entry Point (STEP) sites around the world that provide an access point into the DISN for these tactically deployed networks. Each STEP site consists of a satellite earth station and dedicated routers that connect tactical networks to the NIPRNET and SIPRNET.

Figure 1-5: Entry into a STEP

There are two critical documents required for users to connect to the DISN through a STEP: the Gateway Access Request (GAR) and the Gateway Access Authorization (GAA):

STUDENT TEXT (ST) E3AQR3D132 01AC

18

Gateway Access Request (GAR) The GAR is the official document for requesting tactical use of DISN services and equipment. Communication planners will submit the GAR, via their respective combatant command and other high level authority to a DISA Contingency Exercise (CONEX) office. If the request for access is approved, the CONEX office will generate a Gateway Access Authorization.

Gateway Access Authorization (GAA) Once resources for a specific mission are allocated, the CONEX office is able to issue the GAA. The GAA is the authorization to connect into the DISN through a specific STEP site. The GAA specifies who is responsible for network security and support of incident handling. It also lists transmissions technicians and the specific card settings for their multiplexer and cryptographic equipment.

STUDENT TEXT (ST) E3AQR3D132 01AC

19

DISA Communications Requirements and Provisioning Process The following section describes the communications requirements process necessary to start, change, amend, or discontinue the various basic types of services and circuits in the Global Information Grid (GIG), as prescribed by DISA Circular 310-130-1, Submission of Telecommunications Service Requests. Communications requirements add a new capability in the form of a new system, asset, or a change to the network/cyberspace infrastructure configuration.

Figure 1-6: The DISA Provisioning Process

Telecommunications Request (TR) A requester of telecommunication services starts the process by submitting a Telecommunications Request using the DISA Direct Order Entry (DDOE) database, also known as DISA Direct; this is DISA‘s online portal of tools for requesting telecommunications products and services. The TR includes the type of service required, its purpose, the location of the required equipment, the circuit hours of operation, a point of contact, and other pertinent information. This information is then routed to the MAJCOM Telecommunication Certifications Office (TCO) who will certify, validate, and approve funding for the TR. Once the certification

STUDENT TEXT (ST) E3AQR3D132 01AC

20

of the TR has been completed, a Telecommunication Service Request (TSR) will be prepared in accordance to DISA Circular (DISAC) 310-130-1.

Telecommunications Service Request (TSR) After validation, the TCO prepares a TSR. The TSR is a request for service that details the type of services (NIPRNET, SIPRNET, JWICS, etc.,) service locations, and other pertinent information required to specify parameters to the agency or commercial carrier providing the service. It also contains information such as: service start date, nature of requirement, type of action required, funding code, restoration priority (if any), point of contact, users‘ locations, details of service and user equipment, and type of service. Once the TSR is completed, the TCO updates the information in DISA Direct. Next, the TSRs will be routed and submitted via DISA Direct to the DISA action activity/agency responsible for providing the required service and to other agencies/units as necessary.

Telecommunications Service Order (TSO) The Telecommunications Service Order (TSO) is a document prepared by DISA to authorize government telecommunications facilities to make the circuit activations, deactivations, or changes the user requested. To do this, DISA assigns the TSR to their engineers to fulfill the user’s needs. In the case of a new or changed circuit, DISA coordinates with the Department of Homeland Security’s Office of Emergency Communications (OEC) to get provisioning and restoration priorities assigned or updated. Once all the engineering is complete and all the information is gathered, DISA produces a TSO that is distributed to all the affected facilities and other agencies directing them to proceed. A copy is also sent to each DISA station, the designated DISA control office, and the other DISA agencies that will be impacted. An information copy is also sent to the MAJCOM TCOs for their records.

Telecommunications Service Priority (TSP) Telecommunications Service Priority (TSP) is a program that authorizes national security and emergency preparedness (NS/EP) organizations to receive priority restoration and installation of vital voice and data circuits or other telecommunications services that may be damaged as a result of a natural or man-made disaster. TSP enables telecommunications carriers to prioritize the restoration, recovery and installation of critical circuits and voice capabilities in the event of a disaster or threat to the security of the United States. Under TSP system rules, service vendors are required to provision and restore services registered with TSP designations before services that do not have such assignments. Whether NS/EP users are responding to natural disasters, supporting civil or military crises, or maintaining emergency communications networks, the TSP program is their only authorized mechanism for receiving priority provisioning and restoration of NS/EP telecommunications circuits. TSP is authorized by the Federal Communications Commission (FCC) and is offered by the Department of Homeland Security’s Office of Emergency Communications (OEC).

STUDENT TEXT (ST) E3AQR3D132 01AC

21

TSP Eligibility TSP eligibility is restricted to federal, state, local, tribal and territorial stakeholders, as well as private sector organizations with a supporting NS/EP role. Traditionally, qualified organizations are first responders, health care providers, 9-1-1 call centers, and public utility entities. Non-federal users must be sponsored by a federal agency. There are five broad categories that serve as guidelines for determining whether a circuit or telecommunications service is eligible for priority provisioning or restoration:

• Serves our national security leadership; • Supports the national security posture and U.S. population attack warning systems; • Supports public health, safety, and maintenance of law and order activities; • Maintains the public welfare and the national economic system; • Is critical to the protection of life and property or to NS/EP activities during an emergency.

Provisioning versus Restoration The TSP assignment is used to determine the importance or precedence for provisioning (to install) or restoring telecommunication services. The process of providing telecommunications service to a user is called PROVISIONING. This includes all associated transmission media, wiring, and equipment. RESTORATION is the process of returning a defective circuit back to operation through either repair or alternate routing. We use the TSP as a guide to the order in which to respond to the provisioning and restoration requirements.

TSP Priority Levels The level that may be assigned to a national security and emergency preparedness (NS/EP) telecommunications service specifying the order in which provisioning or restoration of the service is to occur relative to other NS/EP and/or non-NS/EP telecommunications services. Authorized priority levels are designated (highest to lowest) E, l, 2, 3, 4, and 5 for provisioning and 1, 2, 3, 4, and 5 for restoration. Restoration priorities guide service vendors on the sequence in which to restore TSP services in case of the outage or failure of multiple TSP services. If too many TSP services carry the same priority level, in effect, none of those services have priority. For a given subcategory of essential services, the OEC has TSP management goals establishing a reasonable distribution of the available priority level assignments. These goals are depicted in Figure XXXXXX. For example, within the subcategory of "Public Health, Safety, and Maintenance of Law and Order," priority levels 3, 4, or 5 may be assigned. Use of the TSP management goals will encourage distribution of eligible services within that subcategory, such that 50 percent or more are

STUDENT TEXT (ST) E3AQR3D132 01AC

22

assigned a level 5, 30 percent are assigned a level 4, and no more than 20 percent are assigned a level 3.

Figure 1-7: Department of Homeland Security’s TSP Mangement Goals

Now consider this important question. Which is more important, an individual circuit (channel) or a trunk? Since a trunk normally has many channels, it normally has many circuits on it. Trunks don‘t use priorities since the loss of a trunk means the loss of many circuits. Thus, a trunk is more important than a single circuit. In the Air Force, there is a growing need for telecommunication assets. To obtain new services the proper paperwork must be completed in a particular sequence. This is similar to a homeowner contracting the cable company to supply television service to their house. The military has a more complex system of request and acceptance, but the thought behind it is the same.

Command Communications Service Designator (CCSD) The Command Communications Service Designator (CCSD) is a unique identifier for each circuit/service that is assigned in a TSO. It is an eight digit code, divided into two parts. The first four characters identify who the circuit belongs to, the purpose of the circuit, and the type of service being ordered. The last four characters are characters that are unique to each circuit. The following breaks down the entire CCSD format: 1st = Military department or DOD agency requesting the service. 2nd/3rd = The purpose and use of the circuit.

STUDENT TEXT (ST) E3AQR3D132 01AC

23

4th = The type of service. 5th thru 8th = Identifies the individual circuit. No two Permanent circuits will have the same LAST FOUR. Possible users indicated by the first character:

B Department of the Navy D Defense Information Systems Agency (DISA) J Department of the Air Force U Department of the Army L Federal Aviation Agency N DOD Agencies Not Listed R Commander in Chief‘s Command and Control Circuit

Possible purposes and uses of the circuit indicated by the second and third characters:

C5 Contractor Support Services – Misc DA Defense Information Systems Agency (DISA) QD Weather Activities – Misc RV Access Circuit into MILDEP Defense Red Switched Network T7 Tactical Voice Information Link JP Pacific Command joint Network PH Air Force, Army, Navy Network UU DSN

Possible types of services indicated by the fourth character:

9 SIPRNET Access Line B DSN Access Line V Voice Other than DCS Switched Networks S Video N DSN Access Line servicing a Red Switch subscriber or switch Example of a permanent CCSD: JT7N5A55

Trunk Identifiers A trunk is the aggregate serial data stream found in-between multiplexers. As with circuits, we must be able to tell one trunk from another. For this reason, a six-character code was created for use as a trunk identifier. Each character of a trunk identifier is a code symbol for certain information pertaining to that trunk.

1st = Geographical area the trunk is from

STUDENT TEXT (ST) E3AQR3D132 01AC

24

2nd = Geographical area the trunk is to 3rd = Operating and Managing (O&M) agency 4th = Type of trunk 5th/6th = Individual trunk identifier

If your transmit trunk identifier is BCJN24, then the receive (return) trunk is CBJN24 as the TO and FROM codes are reversed.

The first two positions of the trunk identifier tell the specific global area the trunk starts FROM and goes TO. If the trunk originates in the continental United States (CONUS) and terminates in the CONUS, it will have the letters for that specific area. If the trunk both originates in the CONUS and terminates anywhere else or it originates and ends completely outside the CONUS, it will have the numbers for the specific global area.

STUDENT TEXT (ST) E3AQR3D132 01AC

25

Status Acquisition Message (SAM) TSOs can only direct the government agencies involved. A significant portion of our telecommunications travel through commercial networks, any time a commercial service is needed a contract must be negotiated. There is only one organization authorized to negotiate and write contracts for commercial telecommunication services - Defense Information Technology Contracting Organization (DITCO). DITCO is the government liaison for communication services between commercial contractors and the DoD. If the required service uses commercial services or equipment, a Status Acquisition Message (SAM) is sent from DITCO to let the user know about the status of the order. A SAM is received for any of the following reasons:

1. Time for installation of the leased service at your facility

2. Contract service has been completed

3. Delay in service

4. Any additional information that is required

5. Contractor supplies information (i.e. reference number, cost, service date).

Completion Reports Every requested service has a date and time in which it should be completed. On the completion date, one of the following four types of completion reports will be submitted: In-effect, Delayed Service, Exception, or Acceptance.

In-effect Report. Also referred to as an ineffective report, an in-effect report is submitted when the service meets all details of the TSO, when it is operating end-to-end as specified, and when it meets all parameters of the technical schedule (if any). An in-effect report will be submitted within 72 hours of activation of the requested service. At this point the service is accepted as complete.

Delayed Service Report. A delayed service report can be submitted for several reasons. One reason is when the circuit cannot pass its parameter tests and the customer is still troubleshooting it. At this point, the customer cannot use the circuit. Another reason for a delayed service report is commercial vendor delays or governmental delays. DISA must be notified by phone of the reason for delay and the delayed service report will follow within 72 hours. When all the problems are corrected, delayed service reports are followed by an in-effect report.

Exception Report. An exception report is submitted when a service has not yet met the technical parameters required, but its close enough for the customer can use it to pass their information on it. The user must contact DISA to get approval to do this. The facility accepting

STUDENT TEXT (ST) E3AQR3D132 01AC

26

the service is required to issue follow up reports every 30 days until the exception is cleared. Once all technical parameters are met, the exception report is followed by an in-effect report.

Acceptance Report. Also called a Ready For Use (RFU) Report, an acceptance report is submitted in instances where one or more DISN systems or commercial point-to-point circuits are installed, tested and accepted by the government to satisfy a customer service request, but the customer is not ready to accept end-to-end service on the requested service date.

Circuit History Folders Circuit history folders are the historical records for DISN circuits. They contain the TR, TSR, TSO, completion report, circuit layout records, diagrams, testing data, SAMs, commercial circuit documents, message traffic, and any other documentation pertinent to the circuit or circuit history. They can be maintained in either hard copy format or in automated record keeping software.

Service Level Agreements (SLAs) A SLA is a set of performance objectives reached by consensus between the user and the provider of a service. For services acquired from DISA, there is a Network Services SLA that was established to communicate service performance objectives for DISN services and to give mission partners a clear expectation of the level of service to be delivered. Operational performance of the services defined in the SLA are measured, reported, and compared to Management Thresholds (MTs). Management Thresholds MTs are numerical baselines or levels against which operational performance is measured. They highlight where actual performance does not meet performance objectives, and indicate where management action is required. MTs provide an indicator of the service a customer can expect under normal conditions. One example of a MT found in the DISA Network Services SLA is an availability rate of 99.5% for the Sensitive but Unclassified IP Data network in DISA CONUS. If the availability rate cannot be met, DISA must take action to ensure the Management Threshold can be met.

SUMMARY In this unit we learned about the importance of documentation and various systems the Air Force uses to document network management. We covered circuit action requests and explored different maintenance tracking systems used to streamline documentation processes. We also covered documentation utilized when performing corrective actions and the importance of record keeping. You should be prepared for extensive documentation and coordination efforts in network management.

STUDENT TEXT (ST) E3AQR3D132 01AC

27

EXERCISE 1-2 1) If a facility houses DISN equipment, a _____________________ must be maintained to document significant events affecting the equipment.

2) Who serves as the conduit for the Air Force’s Enterprise Service Desk (ESD) to resolve communications systems and equipment issues at base levels?

3) Who drafts Situational Reports (SITREPs)?

4) An example of a _____________ is the Hazardous Condition Report which informs DISA of an imminent loss or degradation of a DISN circuit.

5) What are the three priorities of Time Compliance Technical Orders (TCTOs)?

6) How quickly must Commanders ensure distribution of an Urgent Action TCTO to affected personnel?

7) The ______________________ relays, executes, and tracks TCNOs to affected MAJCOMs, MAJCOM Communications Coordination Centers (MCCCs), and installation communications units.

8) What is the primary difference between TCNOs and NOTAMs?

9) What are the three sub-programs of CIPS?

STUDENT TEXT (ST) E3AQR3D132 01AC

28

10) ________________________ is a management process for establishing and maintaining consistency of a product's performance, functional, and physical attributes with its requirements, design and operational information throughout its life.

11) Assessing and evaluating risk of a change requires _____________________ of all possible impacts to AF network components.

12) What maintenance tracking software system provides current and historical circuit action data supporting the Air Force, Army, Navy, DISA, DLA, and other DOD agencies?

13) What is a Gateway Access Request (GAR)?

14) __________________ is DISA‘s online portal of tools for requesting telecommunications products and services.

15) What information can be found on the Telecommunications Service Request?

16) DISA coordinates with ___________________________ to get provisioning and restoration priorities assigned or updated on a TSO.

17) What is the difference between provisioning and restoration?

18) What do the last four characters of a CCSD identify?

STUDENT TEXT (ST) E3AQR3D132 01AC

29

19) A ____________ is the aggregate serial data stream found in-between multiplexers.

20) List three reasons why a DITCO would send a Status Acquisition Message.

21) What are the four types of completion reports used on DISA circuits?

22) If a service’s performance does not meet the performance objective outlined in a Service Level Agreement, ____________________ is required.

STUDENT TEXT (ST) E3AQR3D132 01AC

30

OBJECTIVE 1C

Using supplied publications, a desktop computer loaded with tracking software, open and close a trouble ticket in accordance with Progress Check 2.1c.

Maintenance Actions Preventive Maintenance Inspections Preventive Maintenance Inspections (PMIs) are conducted on equipment in optimal environmentally controlled areas within their performance work center. PMIs are performed to identify potential issues with equipment before they occur and to extend the life of Air Force assets. PMIs include general housekeeping measures; cleanliness; proper rack installation, grounding, and bonding; and a check for corrosion. Work centers will ensure a PMI does nothing to void equipment warranties or anything which contradicts vendor specific warnings or cautions. Work centers can increase the frequency of scheduled PMIs when trending shows the need, or when equipment is not located in an optimal environmentally controlled environment. A master PMI schedule is prepared by the CFP in accordance with technical and commercial guidance with assistance of the work centers that they support. All PMIs are tracked and maintained within an Air Force approved Automated Information System such as IMDS.

Performing Maintenance Unfortunately, PMIs cannot prevent all potential issues with equipment. At some point, technology will fail, and equipment will break. As a Cyber Transport technician, a good portion of your job is to fix problems that occur, and, of course, maintenance requires documentation. Every technician must be familiar with the following terms concerning documentation:

Trouble Ticket Trouble tickets are used to track all changes (i.e. incidents or malfunctions, time compliance items, etc) to equipment/systems, operating system software, and application software. Trouble tickets consist of information collected from a user about an outage/trouble with an existing service, or new service required. Generally, trouble tickets are in relation to personal device or client support systems such as a desktop computer or e-mail capability. Trouble tickets will be used to track corrective action for system faults or cleanup/restoral actions following an incident such as restoring a faulty server.

Jobs A job refers to the actions being performed by the technician, or work that needs to be performed. It is equivalent to the term “work order”. Jobs can be created from trouble tickets when the open trouble ticket transfers from the original data collection point (the CFP) to the production work center. For example, a trouble ticket becomes a job if the CFP cannot resolve the issue and the trouble ticket is passed to a work center (i.e., back shop, production work center) for further assistance, investigation, troubleshooting, and/or repair. Jobs can be opened

STUDENT TEXT (ST) E3AQR3D132 01AC

31

directly by the owning/production work center when required.

Control Number (CN) A CN is a combination of alpha-numeric characters used to track and retrieve trouble tickets and/or job information from an AF-approved Automated Information System (AIS). The CN is used to report, control, and identify each action required to satisfy the trouble ticket/job. The same CN assigned to the trouble ticket will be utilized by all work centers to track status of work being accomplished (i.e., the job).

Mission Capabilities In order to perform maintenance actions including some PMIs, the equipment must be degraded to a point where it can no longer meet its mission requirements. All trouble tickets/jobs must indicate at what level the equipment can perform its mission, so they are assigned a mission capability. These mission capabilities can be Fully, Partial, or Non-Mission Capable. Fully Mission Capable (FMC) FMC refers to systems/equipment functioning as required in technical order/ technical data specifications and capable of performing its assigned peacetime or wartime missions, its mission requirements. FMC is also referred to as “green.” Partial Mission Capable (PMC) PMC refers to systems/equipment functioning in such a way that it can perform at least one, but not all, of its missions/functions. The system/equipment is impaired but usable. PMC is also referred to as “amber.” Not Mission Capable (NMC) NMC refers to the system or equipment that does not meet the technical order/technical data specifications, therefore, is unable to perform any of its assigned missions or functions. The system/equipment is unusable (neither in use nor available for use). NMC is also referred to as “red.”

Use Publications When Performing Work AF instructions and technical publications are essential for production organizations to function properly and to provide the communications/cyber activity with accurate information. Technical publications include: Technical Orders (TOs) The Air Force Technical Order system provides clear and concise instructions for the safe and effective operation and maintenance of centrally-acquired and managed Air Force military systems and end items. Ordered to be utilized while performing any type of work or maintenance on AF equipment.

STUDENT TEXT (ST) E3AQR3D132 01AC

32

Commercial Off The Shelf Manuals (COTS) COTS Manuals are the technical guidance provided from the COTS equipment manufacturer. Some systems, especially electronic components (such as a Cisco Router), are bought COTS and do not have PMIs published in the TO System. In this event, follow manufacturer’s recommended maintenance schedules provided in the technical guidance or complete PMIs per flight commander’s/chief’s direction. Local work-cards may be developed.

Standard Operating Procedure (SOP) SOPs are self-generated documents utilized to streamline processes if T.O. or COTS documentation is unavailable for reference. They allow for ease of use with various technical procedure requirements.

Use Tracking Software Familiarization Technicians must familiarize themselves with tracking software to ensure proper navigation for specific requirements pertaining to outages, change requests and maintenance documentation.

Corrective actions Indicates the actual action taken to restore the service.

SUMMARY In this objective you learned some general maintenance terminology and the fundamentals of utilizing technical data to perform maintenance procedures. You also learned that when performing maintenance actions, documentation needs to take place utilizing some type of tracking software. This will better prepare you for your job as Air Force Cyber Transport Technicians.

STUDENT TEXT (ST) E3AQR3D132 01AC

33

EXERCISE 1-3 1) Why are PMIs performed? 2) How can a trouble ticket become a “job”? 3) What is a Control Number? 4) What color is used to designate a system that is Not Mission Capable (NMC)? 5) What is a COTS Manual?