Protected Distribution System (PDS) Construction

Protected Distribution System (PDS) Construction - Alarmed Carrier

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-33456	CS-04.01.08	SV-43876r2_rule	DCSR-3 ECCT-2 PESS-1	High

Description
A PDS that is not constructed and configured as required could result in the covert or undetected interception of classified information.

STIG	Date
Traditional Security	2013-07-11

Details

Check Text ( C-41605r19_chk )
An Alarmed PDS is one of three types of Hardened Distribution Systems allowed IAW the NSTISSI 7003. The other two types are Hardened Carrier or Continuously Viewed Carrier. Use this check where the unencrypted SIPRNet cable must be installed in a PDS and the site indicates it is an alarmed PDS. Check to ensure SIPRNet data cables are installed in a carrier properly configured as an "Alarmed Carrier" IAW the following guidelines: 1. Ideally the carrier will be constructed of solid electrical metallic tubing (EMT), ferrous conduit or pipe, or rigid-sheet steel ducting, utilizing elbows, couplings, nipples, and connectors of the same material. Connectors need not be permanently sealed in an alarmed carrier. As a minimum the carrier may consist of of any material equal to or better than standards for a "Simple PDS" (e.g., wood, PVT, EMT, ferrous conduit. The key to determining the appropriateness of a PDS carrier is its suitability for supporting the functionality of the approved alarm sensor, which provides a means to detect tampering and/or breach of the actual PDS carrier - *not a breach of the space surrounding the carrier. An IDS sensor capable of detecting changes in carrier air pressure is an example of an acceptable detection methodology. (CAT I) 2. The alarm system sensor employed must be approved by the cognizant COMSEC and/or physical security authorities. Documentation must exist to support this approval. (CAT II) 3. The alarm system and signal transmission must be in an IDS meeting the requirements of the Appendix to Enclosure 3 of DoD Manual 5200.01. (CAT I) 4. The alarm signal must be sent to a 24/7 monitor station that is supervised continuously by U.S. citizens who have been subjected to a trustworthiness determination according to DoD 5200.2-R. (CAT I) 5. PDS alarm functionality and performance must be verified on at leasts a weekly basis IAW Table B-4 of the NSTISSI 7003. (CAT I) Alarm functionality tests performed less than weekly, but at least once every 3-months can be reduced to a CAT II severity level finding. 6. A Standard Operating Procedure (SOP) must be available, which is approved by the facility security officer or security manager and commander/director, and the PDS approval authority. (CAT III) This SOP must include procedures to: a. Verify the alarm functionality and performance on at leasts a weekly basis IAW Table B-4 of the NSTISSI 7003. b. Ensure response by security personnel in the area of possible attempted penetration, within 15 minutes of discovery; c. Provide for inspection of the PDS to determine the cause of the alarm; d. Define action to be taken regarding the termination of transmission; e. Initiate investigation of actual intrusion attempt, etc. IMPORTANT NOTE: A properly installed and functional alarmed PDS that is successfully tested at least weekly need not be installed so that it is completely visible.

Check Text ( C-41605r19_chk )

An Alarmed PDS is one of three types of Hardened Distribution Systems allowed IAW the NSTISSI 7003. The other two types are Hardened Carrier or Continuously Viewed Carrier.

Use this check where the unencrypted SIPRNet cable must be installed in a PDS and the site indicates it is an alarmed PDS.

Check to ensure SIPRNet data cables are installed in a carrier properly configured as an "Alarmed Carrier" IAW the following guidelines:

1. Ideally the carrier will be constructed of solid electrical metallic tubing (EMT), ferrous conduit or pipe, or rigid-sheet steel ducting, utilizing elbows, couplings, nipples, and connectors of the same material. Connectors need not be permanently sealed in an alarmed carrier. As a minimum the carrier may consist of of any material equal to or better than standards for a "Simple PDS" (e.g., wood, PVT, EMT, ferrous conduit. The key to determining the appropriateness of a PDS carrier is its suitability for supporting the functionality of the approved alarm sensor, which provides a means to detect tampering and/or breach of the actual PDS carrier - *not a breach of the space surrounding the carrier. An IDS sensor capable of detecting changes in carrier air pressure is an example of an acceptable detection methodology. (CAT I)

2. The alarm system sensor employed must be approved by the cognizant COMSEC and/or physical security authorities. Documentation must exist to support this approval. (CAT II)

3. The alarm system and signal transmission must be in an IDS meeting the requirements of the Appendix to Enclosure 3 of DoD Manual 5200.01. (CAT I)

4. The alarm signal must be sent to a 24/7 monitor station that is supervised continuously by U.S. citizens who have been subjected to a trustworthiness determination according to DoD 5200.2-R. (CAT I)

5. PDS alarm functionality and performance must be verified on at leasts a weekly basis IAW Table B-4 of the NSTISSI 7003. (CAT I)
Alarm functionality tests performed less than weekly, but at least once every 3-months can be reduced to a CAT II severity level finding.

6. A Standard Operating Procedure (SOP) must be available, which is approved by the facility security officer or security manager and commander/director, and the PDS approval authority. (CAT III)

This SOP must include procedures to:

a. Verify the alarm functionality and performance on at leasts a weekly basis IAW Table B-4 of the NSTISSI 7003.

b. Ensure response by security personnel in the area of possible attempted penetration, within 15 minutes of discovery;

c. Provide for inspection of the PDS to determine the cause of the alarm;

d. Define action to be taken regarding the termination of transmission;

e. Initiate investigation of actual intrusion attempt, etc.

IMPORTANT NOTE: A properly installed and functional alarmed PDS that is successfully tested at least weekly need not be installed so that it is completely visible.

Fix Text (F-37378r2_fix)
An alarmed PDS is one of three types of Hardened Distribution Systems allowed IAW the NSTISSI 7003. The other two types are Hardened Carrier or Continuously Viewed Carrier. Ensure unencrypted SIPRNet data cables are installed in a carrier properly configured as an "Alarmed Carrier" IAW the following guidelines: 1. Ideally the carrier will be constructed of solid electrical metallic tubing (EMT), ferrous conduit or pipe, or rigid-sheet steel ducting, utilizing elbows, couplings, nipples, and connectors of the same material. Connectors need not be permanently sealed in an alarmed carrier. As a minimum the carrier may consist of of any material equal to or better than standards for a "Simple PDS" (e.g., wood, PVT, EMT, ferrous conduit. The key to determining the appropriateness of a PDS carrier is its suitability for supporting the functionality of the approved alarm sensor, which provides a means to detect tampering and/or breach of the actual PDS carrier - *not a breach of the space surrounding the carrier. An IDS sensor capable of detecting changes in carrier air pressure is an example of an acceptable detection methodology. 2. The alarm system sensor employed must be approved by the cognizant COMSEC and/or physical security authorities. Documentation must exist to support this approval. 3. The alarm system and signal transmission must be in an IDS meeting the requirements of the Appendix to Enclosure 3 of DoD Manual 5200.01. 4. The alarm signal must be sent to a 24/7 monitor station that is supervised continuously by U.S. citizens who have been subjected to a trustworthiness determination according to DoD 5200.2-R. 5. PDS alarm functionality and performance must be verified on at leasts a weekly basis IAW Table B-4 of the NSTISSI 7003. 6. A Standard Operating Procedure (SOP) must be available, which is approved by the facility security officer or security manager and commander/director, and the PDS approval authority. This SOP must include procedures to: a. Verify the alarm functionality and performance on at leasts a weekly basis IAW Table B-4 of the NSTISSI 7003. b. Ensure response by security personnel in the area of possible attempted penetration, within 15 minutes of discovery; c. Provide for inspection of the PDS to determine the cause of the alarm; d. Define action to be taken regarding the termination of transmission; e. Initiate investigation of actual intrusion attempt, etc. IMPORTANT NOTE: A properly installed and functional alarmed PDS that is successfully tested at least weekly need not be installed so that it is completely visible.

Fix Text (F-37378r2_fix)

An alarmed PDS is one of three types of Hardened Distribution Systems allowed IAW the NSTISSI 7003. The other two types are Hardened Carrier or Continuously Viewed Carrier.

Ensure unencrypted SIPRNet data cables are installed in a carrier properly configured as an "Alarmed Carrier" IAW the following guidelines:

1. Ideally the carrier will be constructed of solid electrical metallic tubing (EMT), ferrous conduit or pipe, or rigid-sheet steel ducting, utilizing elbows, couplings, nipples, and connectors of the same material. Connectors need not be permanently sealed in an alarmed carrier. As a minimum the carrier may consist of of any material equal to or better than standards for a "Simple PDS" (e.g., wood, PVT, EMT, ferrous conduit. The key to determining the appropriateness of a PDS carrier is its suitability for supporting the functionality of the approved alarm sensor, which provides a means to detect tampering and/or breach of the actual PDS carrier - *not a breach of the space surrounding the carrier. An IDS sensor capable of detecting changes in carrier air pressure is an example of an acceptable detection methodology.

2. The alarm system sensor employed must be approved by the cognizant COMSEC and/or physical security authorities. Documentation must exist to support this approval.

3. The alarm system and signal transmission must be in an IDS meeting the requirements of the Appendix to Enclosure 3 of DoD Manual 5200.01.

4. The alarm signal must be sent to a 24/7 monitor station that is supervised continuously by U.S. citizens who have been subjected to a trustworthiness determination according to DoD 5200.2-R.

5. PDS alarm functionality and performance must be verified on at leasts a weekly basis IAW Table B-4 of the NSTISSI 7003.

6. A Standard Operating Procedure (SOP) must be available, which is approved by the facility security officer or security manager and commander/director, and the PDS approval authority. This SOP must include procedures to:

a. Verify the alarm functionality and performance on at leasts a weekly basis IAW Table B-4 of the NSTISSI 7003.

b. Ensure response by security personnel in the area of possible attempted penetration, within 15 minutes of discovery;

c. Provide for inspection of the PDS to determine the cause of the alarm;

d. Define action to be taken regarding the termination of transmission;

e. Initiate investigation of actual intrusion attempt, etc.

IMPORTANT NOTE: A properly installed and functional alarmed PDS that is successfully tested at least weekly need not be installed so that it is completely visible.