1 / 9

NAVY FTP POLICY

NAVY FTP POLICY. September 06. CDR Dave Pashkevich CNMOC N64. NAVY FTP POLICY. Background: Provided in Air Force brief Anticipated Action: JTF-GNO will issue a Warning Order (WARNORD) within 60-90 days for closure actions to take place

lauren
Download Presentation

NAVY FTP POLICY

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. NAVY FTP POLICY September 06 CDR Dave Pashkevich CNMOC N64

  2. NAVY FTP POLICY • Background: Provided in Air Force brief • Anticipated Action: JTF-GNO will issue a Warning Order (WARNORD) within 60-90 days for closure actions to take place • A "Temporary Exception“ policy will be implemented; however, the exception will only be sufficient to complete required action to comply with the WARNORD

  3. FNMOC Plan to Mitigate JTF-GNO CTO 06-02 FTP Port Closure • Notify all non-DOD customers and data providers of 15 December deadline • Convert existing software to FTP-SSL • Transition to http(s) options as available

  4. FNMOC FTP Data Providers and Customers Non-DOD Data Providers to FNMOC: FTP pull NWS - ncep mrf forecast data, TAF data, MTR data, all GTS data NHC - Pick up hurricane and tropical cyclone data NOAA - hurricane and TC data. UKMetoffice - UKMET forecast data NESDIS - pick up AIRS and AMSR data University of Wisconsion - Wind data. FTP push NESDIS - Processed Satellite data Non-DOD Data Customers of FNMOC: FTP pull NWS - Hurricane track data FTP push NHC - Hurricane/TC track data. NSA - Selected field of almost all of out forecast data. Lawrence Livermore - Most of our forecast data. NCEP - NOGAPS for backup. Processed Satellite data. Several NOAA sites - TC and Hurricane track data. UKMET - Forecast data. University of Wisconsin - Most of our forecast data. John Hopkins APL - some of our forecast data.

  5. Convert existing Distributed Processing System (DPS) to FTP-SSL • requires passwords • ( CTO 06-01 (PKI) non-compliant ) • quickest solution, but temporary?? • (unknown when passwords will be disallowed) • consider both open source and commercial • (may require $$) • requires FTP-SSL service at data provider or customer • (external dependency)

  6. FNMOC Transition to HTTPS Options • No passwords required • Customer pull from passive cache, no PKI • (already existing for some pull) • Customer pull from active cache with PKI • (CAGIPS IOC 20 September, but FOC > 15 Dec) • FNMOC pull from data providers, no PKI • (working version has been developed) • requires HTTPS service at data provider or customer • (external dependency)

  7. FNMOC Summary • short term: FTP-SSL, some http(s) • long term: http(s) with PKI • dependency on external customers • and data providers service changes FNMOC POC: Chuck Skupniewicz, IT-DM chuck.skupniewicz@fnmoc.navy.mil, (831) 656-5104

  8. NAVO Plan to MigrateJTF-GNO CTO 06-02 FTP Port Closure • Impacts • Unclassified LAN • External: Will require completing transition to SFTP/SSH • Internal: Will require some production codes to modify scripts/software used for data transfers • Classified LAN • Will require changes to data transfer methods between NAVO and MSRC • Will require DPS customer base to discontinue accepting connections, i.e. DPS will no longer be an effective method to deliver products. • Actions Required • Migration of existing FTP to SFTP/SSH on DMZ FTP servers (external users) • Installation of MSRC SSH kit on classified systems • Notification of customer base of FTP changes • Modification of data transfer scripts/software by production codes

  9. NAVO Plan to MigrateJTF-GNO CTO 06-02 FTP Port Closure • Unknown • Suspect there are FTP processes that we are not aware of, plan is to monitor firewall Port 21 connections and notify users. • POR systems (Surf Eagle IPL, etc). • Requested Exclusions • Some devices require telnet/ftp accesses. • Specifically we require Telnet/FTP access to SAN fiber-channel switches which are located on the isolated management network. (NAVOCEANO POC – David Hasenkampf at 229-688-5427, david.hasenkampf @navy.mil)

More Related