MARADMINS : 397/14
R 112359Z AUG 14
MARADMIN 397/14
MSGID/GENADMIN,USMTF,2007/CMC WASHINGTON DC C4(UC)/F002//
SUBJ/MCBUL 5234 MARINE CORPS ENTERPRISE NETWORK MICROSOFT COMPUTER OPERATING SYSTEMS POLICY//
REF/A/MSGID:DOC/SECNAV/YMD:20090410//
REF/B/MSGID:DOC/DISA/YMD:20100426//
REF/C/MSGID:DOC/CMC WASHINGTON DC C4/061806ZJUL2011//
REF/D/MSGID:DOC/NATIONAL ARCHIVES/YMD:20100401//
REF/E/MSGID:DOC/DOD/YMD:20140314//
REF/F/MSGID:DOC/DOD/YMD:20140312//
REF/G/MSGID:DOC/CJCS/YMD:20110209//
REF/H/MSGID:DOC/HQMC C4/YMD:20121207//
REF/I/MSGID:DOC/SECNAV/YMD:20120501//
REF/J/MSGID:IRM/HQMC C4/YMD:20131204//
REF/K/MSGID:IRM/HQMC C4/YMD:20131204//
REF/L/MSGID MCENMSG/HQMC C4/YMD:20140418//
REF/M/MSGID:DOC/CMC WASHINGTON DC C4/190009ZJUL2014//
REF/N/MARADMIN 254/11//
NARR/REF A IS DEPARTMENT OF NAVY POLICY FOR FIELDING COMMERCIAL OFF THE SHELF (COTS) SOFTWARE. REF B RELEASES THE WINDOWS 7 SECURITY TECHNICAL IMPLEMENTATION GUIDE (STIG)(VER 1/REL 1) FOR USE AS A DOD-APPROVED SECURITY CONFIGURATION GUIDELINE. REF C IS MARADMIN 375-11 WHICH CLARIFIES AND UPDATES THE INFORMATION TECHNOLOGY (IT) PROCUREMENT REQUEST/REVIEW AND APPROVAL SYSTEM (ITPRAS)PROCESS. REF D IS A NATIONAL ARCHIVES GENERAL RECORDS SCHEDULE THAT DEFINES THE DISPOSITION OF FILES AND OR RECORDS RELATING TO THE CREATION, USE, AND MAINTENANCE OF COMPUTER SYSTEMS, APPLICATIONS, OR ELECTRONIC RECORDS USED ON COMPUTER HARDWARE. REF E IS DODI8500.01, THE DOD POLICY ON INFORMATION ASSURANCE (IA) IMPLEMENTATION. REF F IS DODI8510, THE DOD INSTRUCTION THAT ESTABLISHES A CERTIFICATION AND ACCREDITATION PROCESS TO MANAGE THE IMPLEMENTATION OF IA CAPABILITIES. REF G IS THE CJCSI 6510.01F INFORMATION ASSURANCE (IA) AND SUPPORT TO COMPUTER NETWORK DEFENSE (CND). REF H IS THE USMC ENTERPRISE CYBERSECURITY DIRECTIVE 018, MARINE CORPS CERTIFICATION AND ACCREDITATION PROCESS. REF I IS SECNAV M-5210.1 RECORDS MANAGEMENT MANUAL JANUARY 2012, REV 1. REF J IS THE IRM FOR ITSM CHANGE MANAGEMENT PROCESS GUIDE. REF K IS THE IRM FOR ITSM CONFIGURATION MANAGEMENT PROCESS GUIDE. REF L IS MCENMSG-UNIFICATION 013-14 CLARIFICATION FOR THE EMPLOYMENT OF SYSTEM CENTER CONFIGURATION MANANGER, CAE RADIA AND BIG FIX ON THE MCEN. REF M IS MARADMIN 354-14 WHICH LIFTS THE STRATEGIC PAUSE ON THE PROCUREMENT OF COTS SOFTWARE PRODUCTS AVAILABLE ON ENTERPRISE LICENSE AGREEMENTS AND OUTLINES THE FUNDING POLICY FOR SOFTWARE PROCUREMENTS.//
POC/HANK COSTA/CIV/UNIT: HQMC C4CP/NAME:WASHINGTON DC/TEL:(571)256-9081//
POC/STEPHEN CABRIAN/CIV/UNIT:MCSC PG-10/NAME:QUANTICO VA /TEL:(703)432-7473//
POC/TREVOR DANIEL/CIV/UNIT:HQMC C4CP/NAME:WASHINGTON DC /TEL:(571)256-9082//
POC/CLET ERICKSON/CWO5/UNIT:HQMC C4CY/NAME:WASHINGTON DC/TEL:(571)256-8862//
GENTEXT/REMARKS/1. PER REF A, THIS MESSAGE IS PROVIDED FOR PLANNING PURPOSES TO PRODUCT GROUPS, PROGRAM MANAGERS,PROJECT OFFICERS, COMMAND INFORMATION AND G6 OFFICERS, ANDSYSTEMS ARCHITECTS CONCERNING THE OPERATING SYSTEMS (OS) AUTHORIZED FOR USE ON THE MARINE CORPS ENTERPRISE NETWORK (MCEN) AND ASSOCIATED MCEN CONTROLLED NETWORKS. REFS B THROUGH N INCLUDES RELEVANT BACKGROUND INFORMATION AND GUIDANCE PERTENANT TO DOD, DON, AND USMC OPERATING SYSTEMS USAGE.
2. BACKGROUND. WINDOWS 7 (64 BIT) IS CURRENTLY THE STANDARD WINDOWS OS ON THE MCEN. AS OF 01 JANUARY 2012,ALL WINDOWS VISTA OS OR EARLIER VERSIONS AND ALL WINDOWS SERVER 2003 OR EARLIER VERSIONS, AND MICROSOFT EXCHANGE 2003, ARE NO LONGER AUTHORIZED FOR PROCUREMENT OR NEW INSTALL ON COMPUTERS OR SERVERS CONNECTED DIRECTLY TO THE MCEN.
3. GUIDANCE
3.A. THE MARINE CORPS HAS COMPLETED MIGRATION TO THE WINDOWS 7 ENTERPRISE 64-BIT OS. BASED ON THE SECURITYTECHNICAL IMPLEMENTATION GUIDE (STIG) AUTHORIZATION IN REF B, EXCEPTIONS TO THE WINDOWS OS ARE ALLOWED ON A CASE-BY-CASE BASIS ONCE APPROVED BY THE MARINE CORPS AUTHORIZING OFFICIAL (AO) VIA THE LOCAL INFORMATION SYSTEMS SECURITY MANAGER (ISSM) CHAIN.
3.B. THE FOLLOWING IS A LIST OF APPROVED SOFTWARE FOR BOTH MCEN SECRET INTERNET PROTOCOL ROUTER NETWORK (MCEN-S), MCEN NON-CLASSIFIED INTERNET PROTOCOL ROUTER NETWORK (MCEN-N), AND MCEN NON-CLASSIFIED INTERNET PROTOCOL ROUTER NETWORK LEGACY (MCEN-L):
(1) MICROSOFT WINDOWS 7 ENTERPRISE 64-BIT WITH SERVICE PACK 1 (SP1)
(2) MICROSOFT OFFICE PROFESSIONAL 2010
(3) INTERNET EXPLORER 11.0
(4) MICROSOFT SERVER 2008 R2 AND 2012 R2
(5) MICROSOFT EXCHANGE 2010
(6) BELMANAGE VERSION 8.2M OR HIGHER MUST BE INSTALLED ONALL COMPUTERS CONNECTED TO THE MCEN.
3.C. WINDOWS 8.1 X64 WITH INTERNET EXPLORER 11 AND OFFICE 2013 IS NOW THE STANDARD FOR ALL TOUCH SCREEN TABLETS ANDULTRA BOOKS. MARCORSYSCOM ENTERPRISE ENGINEERING AND VERIFICATION ENVIRONMENT (EEVE) CLIENT ENGINEERING TEAM (FORMER SAM TEAM) IS AUTHORIZED TO START WINDOWS 8.1 X64 /OFFICE 2013 MARINE CORPS ENTERPRISE DESKTOP STANDARD (MCEDS) IMAGE TESTING WITH THE INCLUSION OF MICROSOFT BITLOCKER AS THE AUTHORIZED HARD DRIVE ENCRYPTION SOFTWARE.
3.D. PER REF L, MICROSOFT SCCM 2012 HAS BEEN APPROVED AS THE ENTERPRISE ELECTRONIC SOFTWARE DELIVERY SOLUTION FOR MANAGING DEPLOYMENT OF OPERATING SYSTEMS, SOFTWARE APPLICATIONS, SOFTWARE UPDATES AND WILL FULLY REPLACE HP'S RADIA/CAE SYSTEM IN FY-15. IBM ENDPOINT MANAGER - (BIGFIX) HAS BEEN APPROVED AS THE ENTERPRISE ELECTRONIC VULNERABILITY REMEDIATION AND PATCHING SOLUTION FOR THE MCEN. HOWEVER, REMEDIATION DOES NOT INCLUDE UPGRADE OR MIGRATION TO A NEWER PRODUCT LINE OR PRODUCT FAMILY UNLESS NO OTHER REMEDIATION SOLUTION IS AVAILABLE WITHIN THE CURRENT PRODUCT FAMILY. EXAMPLE: REMEDIATION OF JAVA 1.7.0_XX DOES NOT REQUIRE UPGRADE TO JAVA 1.8.0_XX.
3.E. APPLICATION MANAGERS AND OWNERS ARE REQUIRED TO WORKWITH EEVE CLIENT ENGINEERING TEAM TO ENSURE USMC CLIENT APPLICATIONS ARE TESTED AND READY FOR USE ON WIN-8.1 X64 OS.
3.F. THE ENGINEERING OF DEPLOYMENT SOLUTIONS FOR THEAPPROVED SOFTWARE LISTED IN PARA 3.B IS TO BE PERFORMED BY THE MARCORSYSCOM EEVE TEAM. THOSE SOFTWARE PRODUCTS AFFECT THE ENTIRE ENTERPRISE, THEREFORE A STANDARDIZED ENTERPRISE SOLUTION DEVELOPMENT AND VALIDATION PROCESS IS NEEDED TO AVOID UNINTENDED NEGATIVE IMPACTS TO ENTERPRISE SYSTEMS AND USERS. WINDOWS 7, SERVER 2008R2, AND SERVER 2012 R2 DEPLOYMENT SOLUTIONS ARE MANAGED UNDER THE MCEDS PROJECT WITHIN THE EEVE TEAM. THE DEPLOYMENT SOLUTION FOR INTERNET EXPLORER 11 IS CURRENTLY IN WORK BY THE EEVE CLIENT ENGINEERING TEAM. OFFICE 2010 AND EXCHANGE 2010 ARE ALREADY FIELDED.
3.G. THE FOLLOWING GUIDANCE APPLIES TO ALL COMPUTERSPURCHASED WHETHER FOR USE ON THE MCEN OR STAND ALONE IN ACCORDANCE WITH REF M.
(1) NEW HARDWARE MUST BE PURCHASED THROUGH THE MARINE CORPSCOMMON HARDWARE SUITE (MCHS) PROGRAM CONTRACT VEHICLES.
(2) COMPUTERS PROCURED THROUGH THE MCHS PROGRAM WILL BEINITIALLY ACTIVATED AND IMAGED WITH THE CURRENT APPROVED SOFTWARE (WIN-7), UNLESS PRIOR EXCEPTION AS DESCRIBED IN PARAGRAPH 3A HAS BEEN OBTAINED VIA THE MCEN AO.
(3) ENTERPRISE SOFTWARE APPLICATION ACQUISITIONS SHALL BE SUPPORTED VIA THE USMC MICROSOFT ENTERPRISE SOFTWARE LICENSE AGREEMENTS MANAGED BY THE MARINE CORPS SOFTWARE ENTERPRISE LICENSE MANAGEMENT SYSTEM (MCSELMS) PROGRAM.
(4) CORE CLIENT ACCESS LICENSES AND BASIC OFFICE AUTOMATION SOFTWARE MUST BE PROCURED THROUGH THE MCSELMS PROGRAM.
(5) NO COST UPGRADES ARE AVAILABLE FOR MICROSOFT SOFTWARE PREVIOUSLY PURCHASED THROUGH THE MCSELMS PROGRAM.
(6) ENTERPRISE WIDE IMPLEMENTATION OF WINDOWS 8.1 X64 WILL BE PROVIDED VIA SEPCOR.
(7) SECNAV RECORDS MANAGEMENT GUIDELINES SHALL BE ADHEREDTO FOR ALL VERSIONS OF OS SOFTWARE REMOVED FROM OR INSTALLED ON COMPUTER HARDWARE OPERATING ON THE MCEN PER REF I.
(8) REF J AND K SHALL BE USED AS THE PROCESS GUIDES FOR CHANGE AND CONFIGURATION WITHIN THE MCEN ENVIORNMENT.
(9) PER REF N, EFFECTIVE 08 APRIL 2014, WIN XP OS IS NO LONGER ALLOWED TO CONNECT TO THE MCEN-N/S NETWORK. TACTICAL OR INTEL MACHINES THAT REQUIRE WIN-XP BEYOND THE ABOVE DATE MUST OBTAIN A WAIVER APPROVAL VIA THE MARINE CORPS ACCREDITATION OFFICIAL (C4).
(10) ALL OS IN USE ON THE MCEN WILL ADHERE TO REFS E AND F.
4. RELEASE AUTHORIZED BY BGEN K. J. NALLY, DIRECTOR, C4.//