AFP Vision 2028: A World-class Armed Forces, Source of National Pride RESTRICTED GENERAL HEADQUARTERS ARMED FORCES OF THE PHILIPPINES — UOD/mzg/6141 Camp General Emilio Aguinaldo, Quezon City OTAGIOJ6 27 December 2017 LETTER DIRECTIVE NUMBER 65 SUBJECT: Enhancement of the AFP Network Connectivity, Security and Administration # TO: See Distribution 1. REFERENCE: AFP Joint Communications, Electronics, and Information Systems Board (JCEISB) Resolution Number: 001-2017. x BACKGROUND: The Joint Communications, Electronics, and Information Systems Board (JCEISB) was created in CY 2000 as a forum and coordinative body on joint ‘Armed Forces of the Philippines (AFP) policy issues and concerns pertaining to CEIS. The existence of JCEISB evolved through time with the rapid development on information and Communications Technology (ICT). The JCEISB is mandated to look into the interoperability and security policies of the AFP’s Command and Control, Communications, and Cyber (C4) systems with in the purview of DOTMPLF. The DCS for CEIS, J6, as the Chairperson of JCEISB, presided the JCEISB meeting on 251400H September 2017. It was attended by Major Service's 6s, Commander, CEISSAFP, Commander, Army Signal Regiment, and Commander, NICTC. The issues that were discussed in the said meeting are as follows: a. The AFP Units are heavily reliant on commercial telecommunications (TELCOs) for voice, data and messaging: b. TELCOs are basically classified as an open network and prone to eavesdropping and intercept; ce In the absence of AFP communications network in some areas of operations, the internet is the medium being used for collaboration of some AFP units; id. The Internet Page 1 of 5 pages AFP Gore Values: Honor, Service, PatriotismAFP Vision 2028: A World-class Armed Forces, Source of National Pride ESTRICTED r 6 FP. 2017, cont'n: The Intemet is presumably a compromised network, and must not be used as a transport medium for confidential information so as not to compromise national security; e. The GHQ and Major Services are not interconnected in a closed network; and f. _Non-repudiation and authentication of users is not being strictly implemented in the existing closed networks of the AFP, thus weakens AFP's ability to monitor activities occurring within its network. 3. PURPOSE: The purpose of this letter directive sets the guidelines to enhance the AFP network connectivity, security and administration. 4. SCOPE: This directive is intended to pursue the interconnection of the respective networks of the Major Services and the GHQ to comprise one fully integrated AFP network in order to harness its full potentials for the improvement of ‘Command and Control (C2) in the AFP, the development of common tactical picture (CTP) and common operational picture (COP) that is urgently needed by the operational commanders at all levels of commands, and promote the security of the AFP communications and IT networks. 5. DEFINITION OF TERMS: For the purpose of this directive, the following ‘terms are hereby defined: a. AFP Network — an AFP controlled and managed network including AFP Wide Area Network (WAN), CAGNET, PANET, PN IP-VPN, PAFNET and Unified Command Local Area Network. b, Internet - a global computer network providing a variety of information and communications facilities, consisting of interconnected networks using standardized communications protocol ¢. Connectivity - Measure to which the components of a network oF networks are connected to one another in order to transfer data back and forth d. Network Security — is the process of taking physical and software preventive measures to protect the underlying networking infrastructure from unauthorized access, misuse, modification, destruction, or unauthorized disclosure, thereby creating a secure platform for computers, users and programs to perform their permitted critical functions within a secure environment. @. —_ Open-Network ~ also known as unsecured network that require no special login or password. It is also a uncontrolled network that operates in unsecured environment. ff. TELCO. Page 2 of 5 pages RESTRICTED AFP Core Values: Honor, Service, PatriotismAFP Vision 2028: A World-class Armed Forces, Source of National Pride RESTRICTED Ltr Dir Nr 65, GHQ, AFP did 27 December 2047, cont’n: {TELCO - a telecommunications company that provides telephony and data communications services to both private and public individuals or interties, 9. Network Administrator — also known as systems administrator, is responsible in managing an organization's network infrastructure up to date and effectively maintained. Responsibilities include network security, installing new hardware and applications, monitoring software upgrades and daily activity, enforcing licensing agreements, developing a storage management program and providing for routine backups h. Sensors — a device that detects and responds to some input from the physical domain such as: Radars; EO/iRs; Target Acquisition Devices; Tactical Data Links; and the likes. 6. | GENERAL GUIDELINES: a. The GHQ Camp Aguinaldo Network (CAGNET) shall be separated from the Internet connectivity and shall be deciared as a closed network, thereby isolate same from the risk of being compromised through hackers from the Internet (open network); b. The AFP shall establish the integrated AFP "Closed-Network’ to isolate from presumed compromised Intemet; c. The AFP shail have an interconnected and integrated networks consisting of networks of the GHQ and Major Services; d. The Major Services shall transport the information derived from its respective “sensors” to the operational commands through the AFP Closed Network for the building of common tactical picture (CTP) and common operational picture (COP); e. The Major Services shall take the role in cybersecurity in protecting and securing its respective networks; if Civilian entity shall not be allowed to add and/or administer any network devices and information systems without proper authorization; 9. The Major Services and GHQ shall strictly implement the “Active Directory Domain Services (ADDS)" for non-repudiation and authentication of connected workstations and users in the integrated AFP closed network; h. The CAGNET shall be renamed as the AFPNET; and i The CEISSAFP shall take the role and task for the integration of communications and IT networks of the GHQ and the Major Services. 17. (MPLEMENTATION Page 3 of 5 pages REST AFP Core Values: Honor, Service, Patriotism