MCENMSG: INTERIM GUIDANCE FOR THE USE OF WIRELESS LOCAL AREA NETWORKS (WLAN)
Date Signed: 8/22/2017
MARADMINS Number: 463/17
R 221325Z AUG 17
MSGID/GENADMIN/CMC C FOUR CP WASHINGTON DC//
SUBJ/MCENMSG: INTERIM GUIDANCE FOR THE USE OF WIRELESS LOCAL AREA NETWORKS (WLAN)//
REF/A/DOC/CMC C FOUR WASHINGTON DC/01JUL16/ECSM 005//
REF/B/MCO/CMC C FOUR WASHINGTON DC/05NOV2015/MCO 5239.2B//
REF/C/MCO/CMC C FOUR WASHINGTON DC/03OCT2012/MCO 5230.21//
REF/D/MSG/CMC C FOUR WASHINGTON DC/06JUL2011/MARADMIN 375/11//
REF/E/MCO/CMC WASHINGTON DC/07OCT2009/MCO 2400.2A//
REF/F/DOC/DON WASHINGTON DC/30NOV2006/SECNAVINST 2075.1//
REF/G/DOC/DOD WASHINGTON DC/03NOV2009/DODI 8420.01//
REF/H/DOC/IEEE/07DEC2016/IEEE STD 802.11-2016//
REF/I/DOC/DOD WASHINGTON DC/1/20NOV2007/DODD 5000.1//
REF/J/MCO/CMC L WASHINGTON DC/08SEP2014/MCO 11000.12//
REF/K/MCO/CMC L WASHINGTON DC/03JUN2016/MCO 11000.5//
REF/L/MCO/CMC WASHINGTON DC/19APR2013/MCO 5400.54//
REF/M/DOC/DOD WASHINGTON DC/1JUN2016/UFC 3-580-01//
REF/N/DOC/DOD WASHINGTON DC/01JUN2016/DOD MANUAL 5105.21//
REF/O/DOC/DCID WASHINGTON DC/26MAY2010/ICD 705//
REF/P/LTR/CMC WASHINGTON DC CDI/28MAR2016/MOU//
NARR/REF A IS THE USMC ENTERPRISE CYBERSECURITY MANUAL 005 FOR PORTABLE ELECTRONIC DEVICES AND WIRELESS LOCAL AREA NETWORK TECHNOLOGIES VERSION 3.0. REF B IS THE MARINE CORPS ORDER (MCO) ON CYBER SECURITY. REF C IS THE MCO ON INFORMATION TECHNOLOGY (IT) PORTFOLIO MANAGEMENT. REF D IS THE IT FUNDING, APPROVAL, AND PROCUREMENT POLICY. REF E IS THE MCO ON MANAGEMENT AND USE OF THE ELECTROMAGNETIC SPECTRUM. REF F IS THE DEPARTMENT OF THE NAVY (DON) INSTRUCTION CONCERNING USE OF COMMERCIAL WLAN DEVICES, SERVICES, AND TECHNOLOGIES. REF G IS THE DEPARTMENT OF DEFENSE (DOD) INSTRUCTION CONCERNING COMMERCIAL WLAN DEVICES, SYSTEM, AND TECHNOLOGIES. REF H IS THE IEEE STANDARD FOR WLAN MEDIUM ACCESS CONTROL (MAC) AND PHYSICAL LAYER SPECIFICATION. REF I IS THE DOD DEFENSE ACQUISITION SYSTEM DIRECTIVE. REF J IS THE REAL PROPERTY FACILITIES MANUAL, FACILITIES PLANNING, AND PROGRAMMING. REF K IS THE FACILITIES SUSTAINMENT, RESTORATION, AND MODERNIZATION PROGRAM. REF L IS THE MCO ON MARINE CORPS INSTALLATIONS COMMANDS (MCICOM) ROLES AND RESPONSIBILITIES. REF M PROVIDES REQUIREMENTS FOR DESIGNING AND IMPLEMENTING INTERIOR TELECOMMUNICATIONS INFRASTRUCTURE FOR MILITARY CONSTRUCTION. REF N IS THE DOD MANUAL FOR THE EXECUTION AND ADMINISTRATION OF THE DOD SENSITIVE COMPARTMENTED INFORMATION (SCI) PROGRAM. REF O IS THE DOD DIRECIVE ON THE PHYSICAL AND SECURITY REQUIREMENTS OF INTELLIGENCE COMMUNITY (IC) SENSITIVE COMPARTMENTED INFORMATION FACILITIES (SCIF). REF P IS THE MEMORANDUM OF UNDERSTANDING BETWEEN DEPUTY CHIEF OF NAVAL OPERATIONS FOR INFORMATION DOMINANCE AND DEPUTY COMMANDANT FOR COMBAT DEVELOPMENT AND INTEGRATION.//
POC1/B. C. LEATHERBURY/CAPT/HQMC C4/-/TEL: COMM 571-256-9069/EMAIL: BENJAMIN.LEATHERBURY@USMC.MIL//
POC2/T. H DANIEL/CIV/HQMC C4/-/TEL: COMM 571-256-9082/EMAIL: TREVOR.DANIEL@USMC.MIL//
POC3/J. A. ONG/CIV/MCSC/-/TEL: COMM 703-784-4606/EMAIL: JONI.ONG@USMC.MIL//
POC4/C. R. FAULK/CIV/MCICOM G6/-/TEL: COMM 703-604-4698/EMAIL: CHARLES.R.FAULK@USMC.MIL//
GENTEXT/REMARKS/1. Purpose. To provide guidance for the use of the Wireless Local Area Networks (WLAN) Institute of Electrical and Electronics Engineers (IEEE) 802.11 family of standards in support of wireless transport for networks in accordance with (IAW) references (a) through (h). This message also outlines the standard enterprise offering, defines WLAN related terms for unity of effort, and establishes the roles and responsibilities for each supporting command in the implementation of WLAN across the USMC. This applies to all Marine Corps commanders, advocates, proponents, and program managers who have procured an IEEE 802.11 standards-based solution throughout the Marine Corps Enterprise Network Non-Secure Protocol Routing Network (MCEN-N).
2. Background. Deputy Commandant for Aviation (DC for AVN) identified an emerging requirement for a WLAN capability to support maintenance tasks and increase readiness in garrison, while underway, and forward deployed in a pending Deliberate Universal Needs Statement (D-UNS). In response to the requirement for WLAN capabilities, the Director, Headquarters Marine Corps (HQMC), Command, Control, Communications, and Computers (C4) directed the Chief, Network Plans and Policy C4 (CP) Division to convene a Wireless Operational Planning Team (OPT) to develop a policy and plan that facilitates wireless activity while maintaining sufficient network security. HQMC C4 and Marine Corps Systems Command (MCSC), through the use of data collected from other services WLAN implementations as well as current USMC initiatives will designate a singular enterprise WLAN offering as the MCEN-N enterprise solution IAW references (a) through (h). The following is the interim guidance for the use of WLAN networks across the MCEN-N.
3.a. Concept of Operations. The deployment of a singular enterprise wireless offering across the MCEN will consist of four phases. These phases will be executed in sequential order but planning and coordination for all phases will overlap to ensure contracting, funding, and installations are scheduled and accounted.
3.a.1. Phase I is the planning, installation, and testing of Installation WLAN pilot programs across the Marine Corps. This phase is currently underway, with the WLAN technology insertions occurring within 2nd Marine Aircraft Wing (MAW) hangars at Marine Corps Air Station (MCAS) New River Combat Logistics Regiment (CLR) 25 facilities at Marine Corps Base (MCB) Camp Lejeune the Marine Corps Systems Command (MCSC) facility at MCB Quantico the 1st Marine Logistics Group (MLG) at MCB Camp Pendleton and the EMSS POR wireless tests at II Marine Expeditionary Force (MEF), I MEF, and III MEF. The data collected and lessons learned from these pilots will inform the Enterprise of the wireless services and required activities across the Marine Corps, and will continue to help mature the effectiveness and efficacies of utilizing WLAN services.
3.a.2. Phase II is the scheduling, project planning, and enterprise WLAN technology insertions for the 20 prioritized sites as identified by the Deputy Commandant for Aviation (DC for AVN) and Deputy Commandant for IL (DC for IL). Phase II begins in Fiscal Year 2018 (FY18) upon contract award. Lessons learned and development of the WLAN will continue to be implemented during this phase.
3.a.3. Phase III is the identification, scheduling, project planning,and enterprise WLAN technology insertion for the next 54 prioritized sites. Phase III is anticipated to be executed in FY19 and FY20 and is based on contracting and funding levels.
3.a.4. Phase IV is the scheduling, project planning, and enterprise WLAN technology insertion for additional approved wireless sites beyond the initial 74 sites from FY18 through FY20. A formal Program of Record (POR) will be established during this phase. This program will be responsible for the total lifecycle management of each of the WLAN environments. Existing WLAN initiatives outside of the POR that are providing MCEN-N services may remain operation IAW references (a) through (m) until the enterprise WLAN solution is fielded.
3.b. Roles and Responsibilities. This section provides a framework for the implementation of the WLAN offering and delineate roles and responsibilities for the units and organizations involved in this process.
3.b.1. Director, C4 shall:
3.b.1.a. Develop and maintain the Marine Corps 802.11 WLAN wireless policy IAW reference (a). HQMC C4 will establish the governance model for managing WLAN environments outlined in this policy and IAW references (c) and (d) for capital planning investment controlled decisions.
3.b.1.b. Effective immediately, shall suspend approval of any new Information Technology Procurement Requests (ITPR) and Interim Authority to Test (IATT) requests for wireless initiatives independent of HQMC C4 and MCSC enterprise offering. Existing wireless initiatives outside the WLAN will retain their existing Authority to Operate (ATO) and Authority to Connect (ATC). Extensions beyond their current ATO/ATC lifespan will be approved on a case-by-case basis by Authorizing Official (AO). Units are still responsible for the sustainment of existing wireless initiatives outside WLAN solution (e.g., non-802.11).
3.b.1.c. Provide guidance IAW reference (a), as needed to align with industry changes, DoD/USMC wireless/mobile initiatives and cybersecurity directives.
3.b.2. Deputy Commandant for Combat Development and Integration (CDI) shall:
3.b.2.a Identify and register WLAN capability requirements and align to existing acquisitions program(s).
3.b.2.b. Include wireless requirements in the Program Objectives Memorandum (POM) 20 Capabilities Based Assessment (CBA) and align programs of record affected by the WLAN capability.
3.b.2.c. Identify and register future shipboard WLAN requirements within the Advocates POM 20 capability gap list.
3.b.3. Deputy Commandant for Installations and Logistics (IL) shall:
3.b.3.a. Develop and register the Installation WLAN (802.11) support requirements for each of the approved facilities/sites within the Advocates Marine Corps POM 20 capability gap list.
3.b.3.b. IAW references (j) through (m), MCICOM has the responsibility for providing and managing facilities and training areas for tenants, to include permanent telecommunications transport services (i.e., communications utility) that connect, distribute and deliver various network services to authorized users. This responsibility will extend to WLAN.
3.b.3.c. Ensure proper coordination of site specific project insertion of any Installation WLAN initiative with MCICOM, HQMC C4, MCSC, and MCCOG.
3.b.4. Commander, Marine Forces Cyberspace Command (MARFORCYBER) shall:
3.b.4.a. Validate cybersecurity requirements of the MCEN-N enterprise levering WLAN solution.
3.b.4.b. Plan and engineer the WLAN offering IAW references (a) and (b) and all other DOD policies and directives pertaining to this subject matter.
3.b.5. Commander, Marine Corps Forces Command (MARFORCOM) shall identify and register the MARFORCOM WLAN requirements within the Advocates POM 20 capability gap list.
3.b.6. Commander, Marine Corps Forces, Pacific (MARFORPAC) shall identify and register the MARFORPAC WLAN requirements within the Advocates POM 20 capability gap list.
3.b.7. Commander, Marine Corps Forces Reserves (MARFORRES) shall:
3.b.7.a. Identify and register the MARFORRES Installation WLAN requirements within the Advocates POM 20 capability gap list.
3.b.7.b. Provide and manage telecommunications transport services to Reserve facilities not located on a Marine Corps base or station.
3.b.8. Commander, Marine Corps Systems Command (MARCORSYSCOM) shall:
3.b.8.a. Plan and design the MCEN-N enterprise solution and manage the implementation of the WLAN offering.
3.b.8.b. Develop and provide WLAN training.
3.b.8.c. Coordinate a review of all future training products with wireless stakeholders (installation, shipboard, and deployed) prior to signature and publication.
3.b.8.d. Coordinate all implementations and Installation WLAN project site specific insertions with MCICOM.
3.b.8.e. Coordinate with MCICOM to produce and publish an integrated master schedule, to include facility support requirements for all aspects of Installation WLAN projects for FY18 and beyond.
3.b.9. Unit Commanders shall:
3.b.9.a. Cease all new procurement and installation of installation, shipboard, and deployed WLAN solutions to be connected to the MCEN-N.
3.b.9.b. For MCEN-N: Ensure only approved devices are connected to WLAN configured for MCEN-N use, IAW references (a) and (h). This include devices supporting existing WLAN efforts, other than the Marine Corps approved 802.11 WLAN offering that have a current ATO/ATC until the ATO/ATC expires or the enterprise 802.11 WLAN offering can be installed.
3.b.9.c. Establish unit policies to ensure users are knowledgeable of installation and deployed WLAN connection, utilization, and operations from their end user device.
3.c. Coordinating Instructions
3.c.1. Spectrum Supportability
3.c.1.a. Program managers, commanders, and others who are developing or acquiring WLAN 802.11 spectrum-dependent devices or systems within any of the above environments shall coordinate with appropriate spectrum management personnel to ensure reasonable assurance of spectrum supportability consistent with reference (e).
3.c.1.b. Efforts to obtain spectrum supportability for spectrum-dependent devices or systems being developed shall be initiated as early as possible during the technology development phase of the acquisition lifecycle per reference (i).
3.c.1.c. The DoD requires non-licensed devices operating in the United States and its territories to be registered with the local spectrum management office. This includes WLAN 802.11.
3.c.1.d. Users operating within a WLAN environment (installation, shipboard, or deployed) have no vested or recognized right to continued use of the device in any part of the radio frequency spectrum within the 802.11 standard. As 802.11 operates within non-licensed spectrum, any devices and their operations must accept any interference from any federal or non-federal authorized radio systems, other non-licensed devices, or industrial, scientific, and medical equipment. Additional information on non-licensed devices can be found in reference (e).
3.c.2. Access Control. IAW references (a) and (g), enabling the wireless capability on MCEN-N government-furnished equipment (e.g., MCEN-N laptops, 2-in-1 devices, tablets, and smartphones) is authorized.
3.c.3. Wireless Basic Input/Output System (BIOS)/Unified Extensible Firmware Interface (UEFI) settings will be enabled for users with a wireless capability requirement. Once the WiFi network connection is established, the user must use the SSL-VPN gateways and ensure the VPN is established with the Pulse Secure VPN client.
3.c.4. Wireless capability will be turned off in Government Secure Access work spaces where a direct MCEN-N Ethernet connection is available. The users can turn off the wireless Network Interface Card (NIC) by using Airplane Mode in Windows 10 or a Hot Key/switch on the device. The Marine Air-Ground Task Force (MAGTF) Information Technology Support Centers (MITSC) are authorized to use the Control WLAN Radio settings in the BIOS/UEFI firmware for the hardware that supports it (i.e., Dell devices) to disable wireless when directly connected to the MCEN-N via Ethernet. If the laptop or device does not support the Control WLAN Radio functions, then the user will continue to use Airplane Mode in Windows 10 or a Hot Key/switch on the device to turn off the WiFi/Wireless NIC when directly connected to the MCEN-N viaEthernet.
3.c.5. Network access with Public Key Infrastructure (PKI) will be granted through 802.1x authentication standards, except where security conditions prohibit the use of portable electronic devices/wireless technology in Sensitive Compartmented Information Facilities (SCIF). Use of wireless capabilities within SCIFs require separate approval through the special security officer per references (n) and (o). (DoD Manual 5105.21 and Intelligence Community Directive/Intelligence Community Standard 705.
3.c.6. Installation of all wireless capabilities will adhere to the requirements for planning, design, and construction contained in references (j) through (m).
3.c.7. Connections and Installation WLAN access to MCEN-N are managed by the Installation Commander (Base AC/S G6), who provides authorized users temporary access (while in garrison) to the facility and/or training area. Coordination with MCICOM, HQMC C4, MARFORRES and MARFORCYBER is required. The Installation WLAN access points are considered permanent to the facility and will be managed, serviced, and updated as required by the local base/station/reserve center S6.
3.c.8. The following are standardized definitions for the WLAN environment.
3.c.8.a. WLAN. Devices, systems, and technologies developed by commercial industry in compliance with references (g) and (h) for the international operational environment that are used to store, process, receive or transmit unclassified and classified information. WLAN implementations must comply with all security requirements, to include 802.1x network access control and encryption.
3.c.8.b. Installation WLAN Environment. The Installation WLAN Environment consists of various WLANs that are established, either as permanent or temporary, within each of the Marine Corps Installation base, post, or station facilities or training areas.
3.c.8.c. Shipboard WLAN Environment. Wireless operations aboard Navy amphibious vessels using deployable systems. Any WLAN requirements must be sourced IAW reference (p).
3.c.8.d. Deployed WLAN Environment. Wireless operations conducted outside of installation and shipboard environments (e.g., field environments and exercises). This environment uses deployable systems to provide wireless telecommunication transport services. Deployed WLAN environments external to Deployed MCEN (D-MCEN) will require the use of DoD non-person entity (NPE) certificates to support 802.1x network access control.
3.c.8.e. Non-Licensed Devices. Low-powered devices categorized as spectrum-dependent that do not require a federal license or national frequency assignment to operate. Examples include wireless (Wi-Fi) technology-enabled devices such as Bluetooth devices, cordless phones, and some handheld radios.
3.c.8.f. Electronic Maintenance Device (EMD). A rugged, lightweight, one-man portable maintenance device maintainer can employ at the point of repair to interface with the equipment/system undergoing repair, technical data, and document maintenance actions. The Electronic Maintenance Support System (EMSS) MARCORSYSCOM is a USMC POR for EMDs.
3.c.8.g. Portable Electronic Maintenance Aid (PEMA). An unclassified, common support equipment hardware device used by maintenance personnel in direct support of a weapons system to perform maintenance, inspection, fault diagnosis, and repair tasks. PEMA devices are managed by Naval Air Systems Command (NAVAIR), Program Manager Air (PMA-260).
4. Applicability. This message is applicable to the Marine Corps Total Force.
5. Release authorized by BGen D. A. Crall, Director, Command, Control, Communications, and Computers (C4) Department/DON Deputy Chief Information Officer (Marine Corps).//