Enterprise Connection Division: The Power to Connect

DSN / UNIFIED CAPABILITIES PRODUCTS

PRINT PAGE Add This

This appendix provides the necessary steps and information to process a Defense Switched Network (DSN) telecommunication switch and UC product connection to the DISN provided transport (including data, voice and video). It is intended to supplement the detailed information provided in the Partner Profile sections of this guide with DSN unclassified voice switch specific information. Any deviations from those steps or additional requirements are identified in this appendix.

DSN Connection Process

Follow steps in the appropriate Partner Profile Section of this guide.

Process Deviations and/or Additional Requirements

All DSN telecommunication switches and UC Products that connect to the DISN provided transport, to include data, voice and video, must be registered in SNAP to include the upload of the DIACAP executive package artifacts in order to obtain connection approval. (Ref CJCSI 6211.02D).

Connection of a DSN telecommunication switch or UC product to the DISN requires procurement of interfacing hardware and/or software components that are identified on the DoD UC Approved Products List (APL). All items on the APL are required to be certified and accredited for interoperability and information assurance. If the intended product is not on the APL, it will either need to be JITC IO and IA tested and certified and placed on the APL, or authorized for purchase via DoD Chief Information Officer (ASD DCIO) policy waiver before the product can be purchased and connected to the DISN Ref. DoDI 8100.4.

For information on APL products and the APL process for getting equipment added to that list, refer to the links below:

 

Criteria for determining connection approval requirement of an UC APL approved DSN telecommunication switch and/or UC product connected to the DISN:

  • Voice soft switches connected to the DISN shall be registered in SNAP DSN and obtain connection approval. (i.e., LSC, MFSS, WANSS)

 

NOTE: IAW Department of Defense (DoD) Unified Capabilities Master Plan (UC MP); Section 5.d.(1)(h) and (i); Pg. 28,29 NOTE: IAW Department of Defense (DoD) Unified Capabilities Master Plan (UC MP); Section 5.d.(1)(h) and (i); Pg. 28,29

(h) Circuit switched based services shall begin migrating to IP-based non-assured/assured services over DoD Component ASLANs/Intranets and UC transport using products from the DoD UC APL (except DRSN, which is discussed in paragraph 5.f). During this implementation timeframe, both converged and non-converged UC shall be provided by TDM/IP hybrid technologies. The VoSIP, DVS, STEP/Teleport, and deployable programs shall upgrade respective infrastructures using products from the DoD UC APL. The phase out of circuit switched technologies shall be based on the following individual conditions:

  1. New Circuit Switched Products. New circuit switched products shall no longer be tested and certified for placement on the UC APL as of January 2011.
  2. Existing UC APL Circuit Switched Products. Existing circuit switched products on the UC APL may be purchased until certification expires and removed from the APL.
  3. Installed UC Circuit Switched Products. Existing circuit switched products already installed, UC APL products procured before the UC APL expiration date, or on the Retired UC APL List may remain until business case or mission need dictates replacement, or vendor is no longer willing to support. Continued testing and certification for software patches is allowed for these components while in use, however this testing and certification shall not result in renewed UC APL status.

(i) During this period, DISA shall deploy MFSSs and WAN SSs, allowing DoD Components to implement UC employing IP while maintaining backward interoperability with the remaining circuit-switch/TDM technologies. DISA's enterprise voice and video services, with collaboration capabilities (IM, presence, and chat), shall be evaluated during UC Pilot Spiral 2 and shall begin operations in select geographic regions during this timeframe.

  • VoIP capable soft switches that are configured to function as a PBX1 and connected behind the local user's installation DSN EO/SMEO do not require a SNAP registration or connection approval; unless, directed as a MAJCOM, COCOM or Theater Command requirement. The PBX1 voice switch shall be identified on the partner's host installation enclave topology for the associated DSN EO/SMEO voice switch DIACAP.
  • All TDM/DSN voice switches connected to the DSN as a servicing voice switch (Ref 6211.02D) will be registered in SNAP DSN and obtain connection approval.
  • ALL b/p/c/s TDM/DSN voice switches connected behind the local user's installation DSN EO/SMEO do not require a SNAP registration or connection approval; unless; directed as a MAJCOM, COCOM or Theater Command requirement (e.g., PBX1, PBX2, NE(SHOUTS), RSU). These type of switches will be identified and depict the interconnection to the host installation DSN EO/SMEO in the enclave topology diagram.
  • ALL b/p/c/s TDM/DSN voice switches that connect via a TANDEM/NODAL connection to the MFS will be registered in SNAP and obtain a waiver to policy or have a completed Tailored ISP for connection approval (e.g., PBX1, NE-SHOUTS, SMU, IMUX).
  • New/additional TDM trunk connections to a operational legacy DSN switch for growth requirements will be allowed, but the legacy switch must be registered in SNAP and obtain connection approval, if they have not previously obtained formal connection approval.
  • Partners requesting connection approval for a legacy switch that has fallen off the UC End of Sale list are required to register the voice switch in SNAP DSN and obtain a waiver to policy.
  • Partners that procure a legacy voice switch that is on the UC APL End of Sale list are required to register the voice switch in SNAP DSN and obtain a waiver to policy.
  • PBX2 switches can only be procured or implemented after being granted a waiver for MUF requirements by the Joint Staff.

 

DSN Connection Process Checklist

 

This checklist provides the key activities that must be performed by the Partner/sponsor during the DSN connection approval process.

ItemDoD Partner Non-DoD Partner
NewExistingNewExisting
Obtain OSD approval for Non-DoD connection  

 

1

Obtain APL approval for voice equipment not currently on the APL list

 

 

Provision the connection

 

1

Perform the C&A process

Obtain an accreditation decision (ATO/IATO)

Register the connection

2

1

Register in the SNAP database

2

1

Register in the PPSM database

2

1

Register in the DITPR database

2

1

Complete the CAP Package

DIACAP Executive Package (or equivalent)

DIACAP Scorecard

System Identification Profile (include switching equipment—i.e., vendor model and software)

Plan of Actions and Milestones, if applicable

DAA Appointment current in database

Network/Enclave Topology Diagram

Consent to Monitor

Proof of Contract

 

 

ASD DCIO Approval Letter

 

 

Complete ATC Submittal form (see 1.4)

Submit the CAP Package to the CAO

Receive DSN ATC/IATC

1 This step is not required for existing Non-DoD Partner connections unless there has been a change in Sponsor, mission requirement, contract, or location, or the connection has not been registered.
2 This step is not required for existing connections that are already registered and where all information is current. 

 

Points of Contact

Unified Capabilities Certification Office (UCCO)
Unclassified email disa.meade.ns.list.unified-capabilities-certification-office@mail.mil

 

Connection Approval Office (CAO)
Connection Approval Office for DSN Connections

disa.meade.ns.mbx.cao-dsn@mail.mil (NIPRNet)

and

disa.meade.ns.mbx.cao-dsn@mail.smil.mil
(SIPRNet)

 

Classified Connection Approval Office (CCAO)

disa.meade.ns.mbx.ccao@mail.mil (NIPRNet)

and

Disa.meade.ns.mbx.ccao@mail.smil.mil (SIPRNet)

Phone (Commercial) 301-225-2900, 301-225-2901
Phone (DSN) 312-375-2900, 312-375-2901
Address Defense Information Systems Agency
ATTN: NSC1
PO Box 549
Fort Meade, MD20755-0549

 

DISN Global Support Center (DGSC)
Unclassified email DGSC@csd.disa.mil
Classified email DGSC@cols.disa.smil.mil
Phone (Commercial) 800-554-DISN (3476), 614-692-4790
Phone (DSN) 312-850-4790

 

Additional Policy and Guidance Documents

PolicyName
DoDI 8100.4 Department of Defense Instruction (DoDI) DoD Unified Capabilities (UC), 9 December 2010

 

Topology Diagram Requirements

 

Click here for sample topology diagram

Network Topology Diagram – this diagram depicts the network topology and security posture of the partner IS or network enclave that will be connecting to the DISN.  The Network Topology Diagram should:

 

  • Be dated
  • Clearly delineate accreditation boundaries
  • Identify the CCSDs of all connections to the DISN
  • Identify equipment inventory (to include the most recent configuration including any enclave boundary firewalls, Intrusion Detection Systems (IDS), premise router, routers, switches, backside connections, Internet Protocol (IP) addresses, encryption devices, Cross Domain Solutions (CDS).
  • Other SIPRNet connections (access points) must be shown; the flow of information to, from, and through all connections, host IP addresses, and CCSD number, if known must be shown.
  • Identify any other IA or IA-enabled products deployed in the enclave
  • Identify any connections to other systems/networks
  • Identification of other connected IS/enclaves must include:
    -    The name of the organization that owns the IS/enclave
    -    The connection type (e.g., wireless, dedicated point-to-point, etc.)
    -    IP addresses for all devices within the enclave
    -    The organization type (e.g., DoD, federal agency, contractor, etc.)

 

Identify Internetworking Operating System (IOS) version:

  • Include the model number(s) and IP's of the devices on the diagram; diagram must show actual and planned interfaces to internal and external LANs or WANs (including backside connections)

 

NOTE: It is important to note that in accordance with DoD and DISA guidance, firewalls, IDSs and Wireless-IDSs (where applicable) are required on all partner enclaves. Private IP addresses (non-routable) are not permitted on SIPRNet enclaves. Indicate and label all of the devices, features, or information; minimum diagram size: 8.5" x 11

All TDM/IP DSN topologies must include:

 

  • Topology date
  • Function, vendor, model, and software version of the voice switch (preferably near the voice switch)
  • All CPE or Terminating type equipment used behind the voice switch (Analog, Digital, VoIP, VTC, etc..)
  • The function and location of the DSN source switch providing connection to the DSN backbone (preferably near the DSN cloud)
  • Trunk type used for DSN connection (i.e., T1/E1 PRI, T1/E1 CAS, ISDN, etc..)
  • VTC and Network Elements (NE) as applicable

Addendum for voice switches connecting to ASLAN or ASVLAN:

  • Depict vendor, model and IP address of all Media Gateway (MG) routers used for Ethernet/IP connection
  • Depict NIPRnet CCSD(s) providing the Ethernet/IP connection  within the enclave (preferably near the ASLAN cloud or CER)

Addendum for voice Soft Switch connections to the DISN:

  • Depict the function and location of the source soft switch providing connection to the DISN backbone (preferably near the DISN cloud)
  • Depict function, vendor, model, soft ware version and IP address  of all Edge Boundary Controllers (EBC)
  • Depict NIPRnet CCSD(s) providing the Ethernet/IP connection  within the enclave (preferably near the CER)

 

SNAP DSN Switch Registration and DIACAP Submittal Process

 

Example Installation Configurations

  • Create SNAP DSN profile: https://snap.dod.mil/gcap/request-account.cfm
  • Upload of your completed DD Form 2875 (SAAR).  The 2875 can be downloaded from the SNAP website.
  • Complete your profile data, asterisked items are required fields
  • Submit the account for approval

Once the account is approved, proceed with the creation/registration of the voice switch to include the submittal/upload of the DIACAP executive package artifacts once your local DIACAP C&A is completed:

  • Logon to SNAP DSN: https://snap.dod.mil/gcap/home.cfm
  •  Hover the mouse over :Defense Switched Network" and select "New Registration" 
  • Complete all sections (e.g., Sections 0-10) and required fields identified by an asterisks
  • Upload Attachments for your DIACAP executive package artifacts in Section 11.1 through 11.12. 

NOTE:   Only Sections 11.1 through 11.5 require the upload of the respective attachment; thus, Sections 11.6 through 11.12 do not require attachment upload of document(s) in order to complete the registration.

  • Once all sections are completed, with the exception of Section 10 and Section 11.12; A Submit button at the bottom of the screen will be available in order to submit the entire registration for "Validator Approval".

SNAP DSN Validator Role

  • The SNAP DSN validator reviews the contents of all submitted connection requests within his or her agency or subagency and either approves or rejects the registration based on conformity, completeness, and correctness.
  • If the validator rejects a request, the reason is captured in the comment and the POC's identified in the registration are notified via an automated email. The requestor or one of the POC's in the registration must update and complete the rejected sections and resubmit the registration.
  • Once all individual applicable sections of the registration are approved, the validator may "Validate Approve" the entire registration for the next step of the approval process, CAO review. The validator may also reject the request even though all sections of the request are approved.

 

NOTE: For 24/7 SNAP assistance; contact the DISN Global Support Center – (800) 554-3476