AFP Vision 2028: A World-class Armed Forces, Source of National Pride
RESTRICTED
GENERAL HEADQUARTERS
ARMED FORCES OF THE PHILIPPINES — UOD/mzg/6141
Camp General Emilio Aguinaldo, Quezon City
OTAGIOJ6 27 December 2017
LETTER DIRECTIVE
NUMBER 65
SUBJECT: Enhancement of the AFP Network Connectivity, Security and
Administration #
TO: See Distribution
1. REFERENCE:
AFP Joint Communications, Electronics, and Information Systems
Board (JCEISB) Resolution Number: 001-2017.
x BACKGROUND:
The Joint Communications, Electronics, and Information Systems
Board (JCEISB) was created in CY 2000 as a forum and coordinative body on joint
‘Armed Forces of the Philippines (AFP) policy issues and concerns pertaining to CEIS.
The existence of JCEISB evolved through time with the rapid development on
information and Communications Technology (ICT). The JCEISB is mandated to look
into the interoperability and security policies of the AFP’s Command and Control,
Communications, and Cyber (C4) systems with in the purview of DOTMPLF.
The DCS for CEIS, J6, as the Chairperson of JCEISB, presided the
JCEISB meeting on 251400H September 2017. It was attended by Major Service's
6s, Commander, CEISSAFP, Commander, Army Signal Regiment, and Commander,
NICTC. The issues that were discussed in the said meeting are as follows:
a. The AFP Units are heavily reliant on commercial
telecommunications (TELCOs) for voice, data and messaging:
b. TELCOs are basically classified as an open network and prone
to eavesdropping and intercept;
ce In the absence of AFP communications network in some areas
of operations, the internet is the medium being used for collaboration of some AFP
units;
id. The Internet
Page 1 of 5 pages
AFP Gore Values: Honor, Service, PatriotismAFP Vision 2028: A World-class Armed Forces, Source of National Pride
ESTRICTED
r 6 FP. 2017, cont'n:
The Intemet is presumably a compromised network, and must
not be used as a transport medium for confidential information so as not to
compromise national security;
e. The GHQ and Major Services are not interconnected in a closed
network; and
f. _Non-repudiation and authentication of users is not being strictly
implemented in the existing closed networks of the AFP, thus weakens AFP's ability
to monitor activities occurring within its network.
3. PURPOSE:
The purpose of this letter directive sets the guidelines to enhance the
AFP network connectivity, security and administration.
4. SCOPE:
This directive is intended to pursue the interconnection of the
respective networks of the Major Services and the GHQ to comprise one fully
integrated AFP network in order to harness its full potentials for the improvement of
‘Command and Control (C2) in the AFP, the development of common tactical picture
(CTP) and common operational picture (COP) that is urgently needed by the
operational commanders at all levels of commands, and promote the security of the
AFP communications and IT networks.
5. DEFINITION OF TERMS:
For the purpose of this directive, the following ‘terms are hereby
defined:
a. AFP Network — an AFP controlled and managed network
including AFP Wide Area Network (WAN), CAGNET, PANET, PN IP-VPN, PAFNET
and Unified Command Local Area Network.
b, Internet - a global computer network providing a variety of
information and communications facilities, consisting of interconnected networks
using standardized communications protocol
¢. Connectivity - Measure to which the components of a network
oF networks are connected to one another in order to transfer data back and forth
d. Network Security — is the process of taking physical and
software preventive measures to protect the underlying networking infrastructure
from unauthorized access, misuse, modification, destruction, or unauthorized
disclosure, thereby creating a secure platform for computers, users and programs to
perform their permitted critical functions within a secure environment.
@. —_ Open-Network ~ also known as unsecured network that require
no special login or password. It is also a uncontrolled network that operates in
unsecured environment.
ff. TELCO.
Page 2 of 5 pages
RESTRICTED
AFP Core Values: Honor, Service, PatriotismAFP Vision 2028: A World-class Armed Forces, Source of National Pride
RESTRICTED
Ltr Dir Nr 65, GHQ, AFP did 27 December 2047, cont’n:
{TELCO - a telecommunications company that provides
telephony and data communications services to both private and public individuals or
interties,
9. Network Administrator — also known as systems administrator,
is responsible in managing an organization's network infrastructure up to date and
effectively maintained. Responsibilities include network security, installing new
hardware and applications, monitoring software upgrades and daily activity,
enforcing licensing agreements, developing a storage management program and
providing for routine backups
h. Sensors — a device that detects and responds to some input
from the physical domain such as: Radars; EO/iRs; Target Acquisition Devices;
Tactical Data Links; and the likes.
6. | GENERAL GUIDELINES:
a. The GHQ Camp Aguinaldo Network (CAGNET) shall be
separated from the Internet connectivity and shall be deciared as a closed network,
thereby isolate same from the risk of being compromised through hackers from the
Internet (open network);
b. The AFP shall establish the integrated AFP "Closed-Network’ to
isolate from presumed compromised Intemet;
c. The AFP shail have an interconnected and integrated networks
consisting of networks of the GHQ and Major Services;
d. The Major Services shall transport the information derived from
its respective “sensors” to the operational commands through the AFP Closed
Network for the building of common tactical picture (CTP) and common operational
picture (COP);
e. The Major Services shall take the role in cybersecurity in
protecting and securing its respective networks;
if Civilian entity shall not be allowed to add and/or administer any
network devices and information systems without proper authorization;
9. The Major Services and GHQ shall strictly implement the “Active
Directory Domain Services (ADDS)" for non-repudiation and authentication of
connected workstations and users in the integrated AFP closed network;
h. The CAGNET shall be renamed as the AFPNET; and
i The CEISSAFP shall take the role and task for the integration of
communications and IT networks of the GHQ and the Major Services.
17. (MPLEMENTATION
Page 3 of 5 pages
REST
AFP Core Values: Honor, Service, Patriotism