PPSM Mission
The PPSM mission is to create fundamental, definitive, but agile PPSM standards (defined in reference (a)) to maintain strong, secure, uninterrupted access to government resources and critical applications. This shall be accomplished in a manner that promotes network security, data protection, system interoperability, secure configuration management, continuous monitoring (including discovery and analysis), vulnerability management, cybersecurity risk scoring, and baseline configuration compliance verification in support of near real-time command and control of the DODIN and Joint Information Environment (JIE).
Functions
DoD Instruction 8551.01 Ports, Protocols, and Services Management (PPSM) standardizes procedures to catalog, regulate, and control the use and management of protocols in the Internet protocol suite, and associated ports (also known as “protocols, data services, and associated ports” or “ports, protocols, and services”); also referred to as PPS on DoD information networks (DODIN) including the connected information systems, platform information technology (IT) systems, platform IT (PIT), and products based on the potential that unregulated PPSM can damage DoD operations and interests and applies to all PPS used throughout planned, newly developed, acquired, and existing DODIN (whether used internal or external to the enclave), which include DoD Information Technology (IT).
Implementation of 8551.01 support requirements for configuration management and continuous monitoring to include discovery and analysis of PPS to support near real time command and control (C2), of the DODIN and Joint Information Environment (JIE).
PPSM conducts vulnerability assessment to document the operational risk and security implementation strategies of PPS based on its capability, functionality, and exploitability.
PPSM maintains a PPSM Registry capability that is used to declare all PPS for DoD Components; and is made available to DoD mission partners connected to DODIN for their discretionary use. The Registry provides a mechanism designed to capture relevant data about DoD IT (e.g., applications and their underlying PPS).
For questions regarding PPSM, contact the PPSM Secretariat by phone at (301) 225-2904, DSN 312-375-2904 or send messages to dod.ppsm@mail.mil (NIPRNET) or ppsm@disa.smil.mil (SIPRNET).
PPSM References
Websites |
Information Assurance Support Environment (IASE) on NIPR
PPSM IASE on SIPR: http://iase.disa.smil.mil/ppsm |
For additional information about Ports, Protocols, and Services Management, please visit the PPSM page on IASE. |
PPSM Read Board on NIPR
PPSM Read Board on SIPR: https://intelshare.intelink.sgov.gov/sites/dod-ppsm/SharedDocuments/External/Knowledge%20Service/Read%20Board |
PPSM has developed a Read Board in an effort to enhance the Program's communication and community involvement. The Read Board will be distributed at the end of each month and will provide details of the latest policy updates, PPSM PM comments and the results of that month's eVote. |
Processes and Policies |
Component Local Services Assessment (CLSA) Process on NIPR
|
The Component Local Services Assessment (CLSA) Process Is to be used by Department of Defense (DoD) Components and Mission Partners to generate an assessment for Local Services in order for it to be it added to the Category Assurance List (CAL) by the PPSM office. A Local Service is a Data Service that operates solely within the Site's Enclave boundary; the Authorizing Official (AO) acceptance of risk is required and boundary protection mechanisms must be configured to prevent traffic from traversing the Defense Information Network System (DISN) or traverse a PPSM approved tunnel where both enclaves are controlled by the same AO (i.e. Boundary 16). A Local Service is prohibited from exiting the enclave to traverse the DISN. |
Exception Management Process on NIPR
Exception Management Process on SIPR:
https://intelshare.intelink.sgov.gov/sites/dod-ppsm/SharedDocuments/External/Knowledge%20Service/excpt%20mgt%20pro/
|
The PPSM Exception Management Process provides the community with a mechanism to request the use of a Banned protocol or service for an operational need. The DSAWG reviews the exception request and makes a determination whether to accept or deny the shared risk to DoD Networks. |
DoD Instruction 8551.01 on NIPR
DoDI 8551.01 on SIPR:
https://www.dtic.smil.mil/whs/directives/
corres/pdf/855101p.pdf
|
PPSM operates under the authority of the DoDI 8551.01, Ports, Protocols, and Services Management (PPSM). |
Additional Documentation |
Category Assurance List (CAL) on NIPR
CAL on SIPR:
https://intelshare.intelink.sgov.gov/sites/dod-ppsm/SharedDocuments/External/Knowledge%20Service/CAL/ |
The Category Assurance List (CAL) provides a collective list of all IP Protocols, Data Services, and associated Ports (that have been approved by the PPSM CCB) for use within the DoD on classified and unclassified networks. The CAL also contains the network boundary and assurance designations of each protocol or data service, which can be different on classified and unclassified networks. |
Vulnerability Assessment (VA) Report on NIPR
VA Report on SIPR:
https://intelshare.intelink.sgov.gov/sites/dod-ppsm/SharedDocuments/External/Knowledge%20Service/Vulnerability%20Assessment/VA%20Report |
Vulnerability Assessment (VA) reports documents the relative strength and weaknesses of the security features of an applications's data service; and identifies required DoD Network implementation strategies for:
- Acquisition and Development processes (Program Manager and engineering)
- Certification and Accreditation processes (Component/Enclave)
- Organization, System, and Enterprise DAA
- Connection approval processes (UCAO/CCAO/DSAWG/DISN PAA)
- Perimeter and boundary defense engineering and analysis
|
PPSM Registry User Guide on NIPR
PPSM Registry User Guide on SIPR:
https://pnp.cert.smil.mil/pnp/docs
/PnP_UserGuide.pdf
|
This guide provides instructions for performing functions associated with initiating, submitting, and updating a Department of Defense Information System (DoD IS) registration in the PPSM Registry. |
PPSM Network Boundaries on NIPR
|
This folder provides links to the latest PPSM Network Boundaries definitions document and PPSM Network Boundaries map for reference. |
CCB/TAG |
CCB/TAG Meeting Minutes on NIPR
CCB/TAG Meeting Minutes on SIPR:
https://intelshare.intelink.sgov.gov/sites/dod-ppsm/SharedDocuments/External/Knowledge%20Service/CCB%20and%20TAG/Minutes/ |
The PPSM Configuration Control Board (CCB) and Technical Advisory Board (TAG) Meeting Minutes |
Configuration Control Board (CCB) on NIPR
CCB on SIPR:
https://intelshare.intelink.sgov.gov/sites/dod-ppsm/SharedDocuments/External/Configuration%20Control%20Board/ |
MEMBERSHIP ONLY ACCESS. |
Technical Advisory Group (TAG) on NIPR
TAG on SIPR:
https://intelshare.intelink.sgov.gov/sites/dod-ppsm/SharedDocuments/External/Technical%20Advisory%20Group/ |
MEMBERSHIP ONLY ACCESS. |