STANDARD FEATURES
System Administration (SA): IBM technical support including, but not limited to, the following. DISA will:
- Tune the OS.
- Monitor system logs: DISA provides auditing services of operating system level log files via the Log Aggregation-Single Service Environment (LA-SSE) program. LA-SSE provides automated auditing and notification of events identified as warranting investigation per established cyber assurance threat signature patterns. Signature patterns and criticality of events are determined by DISA cyber assurance and DISA subject matter experts. LA-SSE provides capability for immediate notification as well as historical recaps of auditable events. Actionable events are escalated to the Global Service Desk monitoring views and routed to appropriate command and control (C2) groups for action. C2 assignees determine if an audit event warrants notification to the mission partner cyber assurance group for informational purposes and action. Historical notifications are routed to the DISA site security element for informational purposes and pattern/trending analysis.
- Install software and associated patches.
- Provide after-hours support for incidents and authorized service interruptions (ASIs).
- Configure and manage replication and/or cluster environment software.
- Provide performance management.
- Assist vendor as required during troubleshooting/hardware repair.
- Schedule backups for file systems.
- Coordinate with application/database/storage/web administration.
- Review backup reports daily.
- Manage file systems.
- Update technical leads and management on incidents or incident status.
- Work with service desk personnel.
- Manage and update assigned tickets (Information Technology Service Management [ITSM]/Global Trouble Management System [GTMS]).
- Provide system and component information for data calls.
- Document and obtain approval for all changes.
- Develop/maintain system recovery plans.
- Coordinate with other support entities as required.
- Ensure Enterprise System Management (ESM) tools are installed and configured.
- Monitor production systems.
- Secure the OS.
- Implement CyberCom Communications Tasking Order (CTO)/Fragmentary Order (FRAGO)/Information Operations Conditions (INFOCON) requirements.
- Resolve vulnerability scan results.
- Perform annual Security Readiness Reviews (SRRs).
- Participate in audits for partner/site accreditation.
- Create and update plan of action and milestones (POA&Ms).
- Manage user accounts at the OS level.
- Ensure admin/root passwords are changed/maintained.
- Manage certificates.
- Perform root cause analysis for problem management.
Security:
- DISA's DECCs benefit from the high level of physical security afforded by their location on military installations. DISA also provides a superior information assurance (IA) environment. Through the DoD IA Risk Management Framework (DIARMF) certification and accreditation process, DISA has accepted Inherited Controls for a wide range of IA responsibilities and functions.
Data Communications:
- This covers the communications infrastructure – the hardware, software, firmware, and labor – that allows our partners' users around the world to connect to the partners' data and DISA's computers. Once the request for information leaves the user's locale (base, office building, home, etc.), DISA will handle the traffic and expedite the response back to the user.
Enterprise System Management (ESM) Software:
- These are the tools DISA uses to monitor the health and well-being of our partners' information systems and data and to manage problems when, or before, they occur. ESM software alerts DISA when conditions are favorable for problems to occur, so DISA can ensure the appropriate technicians are available to resolve any potential problems before they occur.
Level 2 Service Desk Support
Storage:
- Storage in the IBM computing environment consists of tape backup and the associated communication infrastructure. IBM storage services are currently billed within one cumulative rate that includes disk and tape. DISA now offers, at a reduced rate, long term tape storage for partners who are required to keep data for long periods of time. To qualify for this rate the data must be older than 400 days and written to tape.
Assured Computing/IT Service Continuity:
- Our partners who purchase IBM mainframe with unclassified processing will receive, at no additional charge, the use of a shared COOP processor at a remote site for disaster recovery. In addition, the storage infrastructure required for data replication and utilizing the Assured Computing Environment (ACE) will automatically be assigned to the partner for use at the recovery site. The normal charges for this storage service will apply. The end result is that our partners will be protected by the COOP/Service Continuity program through documented recovery procedures and pre-positioned infrastructure and will automatically gain access to the DISA COOP exercise program.
Mainframe Internet Access Portal (MIAP):
- MIAP is the enterprise solution for interactive Telnet users accessing applications running on DISA hosted IBM z/OS mainframes. MIAP utilizes CAC authentication using the Attachmate Reflections for the Web software and the DoD DMZ Extension architecture to provide secure PC-to-Web-to-Host access for local and remote users from a web browser, thereby protecting the mainframe from unauthorized access.
Capacity Management:
- Capacity reporting is used to monitor and validate system resource trends. DISA collects and retains this usage data to use in the analysis of current and projected resource consumption. With this information, decisions about system capacity changes can be made proactively and economically.
OPTIONAL FEATURES
The following features are available upon request and charged directly to the partner, in addition to any costs associated with rate-based services. Optional features include:
Application Support:
- This feature applies to our partners' production information systems and databases, not to the processing environment's OS or other executive software. The application support function maintains production processing. Using instructions developed by technical support and Application Support, DISA manages database and application environments, including recovery procedures. Please note that Application Support does not include a subject matter expert (SME). The following list identifies some of the functions our technicians perform on the partners' behalf. Our partners may choose from the functions listed:
- Application tuning
- Monitor application logs (Not including application IA: application-level security logs, violations or audit records; see below for Application Security Services.)
- Install application software and associated patches
- After-hours support for incidents and ASIs (No support for application-level IA after hours; see below for Application Security Services.)
- Performance management
- Assist vendors as required during troubleshooting
- Build, maintain, and monitor job schedules
- Resolve job abends and other application errors
- Coordinate with database/systems/storage/web administration
- Update technical leads and management of incident or incident status
- Configure and provide input on application structure and requirements
- Work with service desk personnel
- Manage and update assigned tickets
- Provide information for data calls (Not including application IA; see below Application Security Services.)
- Document and obtain approval for all changes
- Develop/maintain system recovery plans (Not including application IA; see below Application Security Services.)
- Coordinate with other support entities as required
- Monitor production systems
- Resolve vulnerabilities detected by network scans
- Participate in DISA-approved audits
- Manage user accounts for workload/application support (For DISA personnel user accounts only to support the "application support" requirements. For application user accounts, see below Application Security Services.)
- Perform root cause analysis for problem management
- IA/Security Services (the following IA/security services are part of Application Support and are included in the rate): The functions listed here are not all-encompassing; partners may select from the list or inquire about additional IA/Security Services available for their specific mainframe application.
Note: Many of these items will require the partner to provide well-written documentation concerning application-level IA controls, resource names, functions and requirements; without such documentation DISA would be severely hampered from performing these responsibilities.
- Monitor application security log events – violations, audit records, etc.
- Provide after-hours application-level IA support for incidents and ASIs
- Provide information for data calls involving application IA
- Document and obtain approval for all formal application IA required changes
- Develop/maintain system recovery plans at application IA level
- Coordinate with other support entities to address application issues as required
- Secure application environment
- Implement application-level CyberCom CTO/FRAGO/INFOCON requirements
- Resolve application-level vulnerabilities detected during network scans
- Perform applicable application SRRs at least annually, including Security Requirements Guides (SRGs) and/or vendor specific Security Technical Implementation Guides (STIGs)
- Participate in DISA-approved audits that include application-level review
- Implement DIARMF, Federal Information System Controls Audit Manual (FISCAM), and/or National Institute of Standards and Technology (NIST) controls and procedures for application
Note: Controls and procedures must be written by the partner for application
- Create and update POA&Ms involving application-level findings
- Perform lifecycle management for application users and user accounts (create, delete, modify, update, change, add, remove, suspend, unsuspend, resume, etc.)
- Manage and control application resource level access
- Manage all supporting controls for DIARMF, FISCAM, etc. within application layer
- Ensure application privileged accounts are properly documented and maintained
- Manage all security controls for application and application users
- Manage certificates at the application layer
- Perform root cause analysis for problem management concerning application IA issues
- Perform application-level audit
- Perform annual comprehensive review and validation of all application security controls
- Reset user accounts – password resets and unsuspending of users
Database Administration (DBA):
- These rates consist of (1) the labor costs of DBA support for any database management systems that run on Mainframe and (2) the costs of database management tools that improve their productivity. Access is carefully monitored to ensure partners access only their respective data. Partners are restricted from accessing catalog tables or administration types for storage areas of the database. The following list identifies some of the functions that DISA database administrators perform on our partners' behalf:
- Tune the database
- Monitor database logs
- Install software and associated patches
- Install database and patches
- After hours support for incidents and ASIs
- Configure and manage replication and/or cluster environment software
- Performance management
- Assist vendors as required during troubleshooting
- Manage database backups
- Coordinate with application/storage/systems/web administration
- Review database backup reports daily
- Analyze usage and project data capacity
- Update technical leads and management of incident or incident status
- Allocate table spaces for database requirements
- Create/modify/delete database instances
- Work with service desk personnel
- Manage and update assigned tickets
- Provide information for data calls
- Document and obtain approval for all changes
- Develop/maintain system recovery plans
- Coordinate with other support entities as required
- Monitor production systems
- Secure database environment
- Implement CyberCom CTO/FRAGO/INFOCON requirements
- Resolve vulnerability scan results
- Perform annual Security Readiness Reviews
- Participate in audits for customer/site accreditation
- Create and update POA&Ms
- Manage user accounts for workload/database support
- Ensure privileged database passwords are changed/maintained
- Perform root cause analysis for problem management
Web Administration:
- This feature refers to the labor to administer a web server and its associated software. Web administration does not include creating or designing web sites, nor does it apply to managing content on the web servers. The following list identifies some of the functions that DISA web administrators perform on our partners' behalf:
- Tune web software
- Monitor web logs
- Install web software and associated patches
- After hours support for incidents and ASIs
- Performance management
- Assist vendors as required during troubleshooting
- Configure, manage, and provide input on web server configuration
- Manage URLs
- Coordinate with systems/storage/database/application administration
- Update technical leads and management of incident or incident status
- Configure and provide input on web server structure and requirements
- Work with service desk personnel
- Manage and update assigned tickets
- Provide information for data calls
- Document and obtain approval for all changes
- Develop/maintain system recovery plans
- Coordinate with other support entities as required
- Secure web environment
- Implement CyberCom CTO/FRAGO/INFOCON requirements
- Resolve vulnerability scan results
- Perform annual Security Readiness Reviews
- Participate in audits for customer/site accreditation
- Create and update POA&Ms
- Manage user accounts for workload/web support
- Ensure privileged web related passwords are changed/maintained
- Certificate management
- Perform root cause analysis for problem management
Note: This service only applies to the OEs that are functioning as web servers, not to application servers, database servers, domain name servers, etc.
Dedicated Logical Partition (LPAR):
- When our partner's application runs in a shared partition on a mainframe, the partner will be charged standard mainframe rates. If the partner requires a dedicated partition on a mainframe, that service will be a surcharge to compensate for the inefficiencies.
Dedicated IBM Mainframe:
- When our partner's application runs in a shared partition on a mainframe, the partner will be charged standard mainframe rates. If the partner requires an entire dedicated mainframe, that service will be a surcharge to compensate for the inefficiencies.
Classified COOP/Service Continuity