R 051903Z APR 18
FM COMNAVRESFORCOM NORFOLK VA
TO NAVRESFOR
INFO COMNAVRESFORCOM NORFOLK VA
COMNAVRESFOR NORFOLK VA
BT
UNCLAS
ALNAVRESFOR 003/18 //
MSGID/GENADMIN/COMNAVRESFOR NORFOLK VA//
SUBJ/NAVY RESERVE FORCE SECRET INTERNET PROTOCOL ROUTER (SIPR)
TOKEN DISTRIBUTION POLICY AND RESPONSIBILITIES//
REF/A/DOC/DODINST 8520.02/24MAY11//
REF/B/NAVADMIN/CNO/051443ZFEB16//
REF/C/GENADMIN/COMNAVRESFORCOM/092111ZNOV12//
REF/D/GENADMIN/COMNAVRESFOR/161732ZJUL13//
REF/E/CNO LETTER FROM DCIO/5000 SER N2N6BC/6U120055 OF 24MAR16//
REF/F/ORDER/USCYBERCOM/122355ZOCT16//
NARR/REF A PROVIDES POLICY, RESPONSIBILITIES, AND PROCEDURES FOR
PUBLIC KEY INFRASTRUCTURE (PKI) AND PUBLIC KEY ENABLING FOR DOD
INFORMATION SYSTEMS. REF B PROVIDES IMPLEMENTATION GUIDANCE FOR
PKI ENFORCEMENT ON NAVY NONSECURE INTERNET PROTOCOL ROUTER NETWORKS
AND SECRET INTERNET PROTOCOL ROUTER (SIPR) NETWORKS. REF C DIRECTS
ECHELON IV, V, AND VI ACTION AND ASSIGNS RESPONSIBILITY FOR SIPRNET
TOKEN DISTRIBUTION TO ALL NAVY RESERVE FORCE SIPRNET ACCOUNT
HOLDERS. REF D ESTABLISHES COMNAVRESFOR AS NAVY RESERVE FORCE'S
SIPRNET LOCAL REGISTRATION AUTHORITY. REF E PROVIDES NAVY SIPRNET
TOKEN PROCUREMENT AND HANDLING GUIDANCE. REF F ESTABLISHES ACCOUNT
DISABLEMENT/DELETION TIMEFRAMES.//
POC/CDR ERIC PERLE/COMNAVRESFOR ISSM/TEL: 757-322-6649/
EMAIL: ERIC.PERLE(AT)NAVY.MIL//
RMKS/1. THIS GENADMIN CANCELS REFERENCES C AND D.
2. PURPOSE: THIS MESSAGE PROVIDES GUIDANCE FOR SIPR ACCOUNT
CREATION AND TOKEN DISTRIBUTION TO NAVY RESERVE FORCE SERVICE
MEMBERS, GOVERNMENT CIVILIANS, AND CONTRACTORS, HEREAFTER KNOWN AS
RESERVE FORCE MEMBERS.
3. BACKGROUND: MANY RESERVE FORCE MEMBERS USE THE TERMS
"SIPR ACCOUNT" AND "SIPR TOKEN" INTERCHANGEABLY. THIS HAS CAUSED
CONFUSION FOR OUR RESERVE FORCE MEMBERS AND SIPR ACCOUNT
PROVIDERS/FACILITATORS. FOR CLARIFICATION, AN ACCOUNT IS THE ACTUAL
REQUESTED, ASSIGNED, AND PROVIDED PERMISSION FOR A RESERVE FORCE
MEMBER TO ACCESS ELECTRONIC/NETWORKED SIPR MEDIA. A TOKEN IS THE
PHYSICAL PIECE OF HARDWARE (AN ACCESS CARD) REQUIRED FOR
AUTHENTICATION TO ACCESS AN ACCOUNT. NOT ALL NAVY RESERVE FORCE
MEMBERS HAVE A REQUIREMENT FOR SIPR ACCESS. HOWEVER, IF A MEMBER
HAS BEEN IDENTIFIED AS HAVING A NEED TO KNOW, AND HAS THE REQUISITE
CLEARANCE, A REQUEST FOR A NMCI SIPR ACCOUNT MAY BE SUBMITTED.
REQUESTS MUST BE MADE WITH A COMPLETED SYSTEM AUTHORIZATION ACCESS
REQUEST (SAAR) FORM. ACCOUNT CREATION TYPICALLY TAKES NMCI BETWEEN
ONE AND FIVE BUSINESS DAYS ONCE AN OFFICIAL REQUEST HAS BEEN
SUBMITTED BY THE ECHELON V NAVY RESERVE ACTIVITY (NRA)
(NOSC, SQUADRON, ETC.). PER COMMANDER, NAVY RESERVE FORCES
COMMAND (CNRFC) GUIDANCE, UPON NRA REPRESENTATIVE RECEIPT OF THE
ACCOUNT CREATION NOTIFICATION EMAIL FROM NMCI, THE RESERVE FORCE
MEMBER HAS 60 CALENDAR DAYS TO MEET IN PERSON (THE  MEMBER MUST
BE PHYSICALLY PRESENT) WITH A LOCAL REGISTRATION AUTHORITY (LRA)
OR TRUSTED AGENT (TA) TO HAVE A TOKEN ISSUED. IF THE 60 DAYS
ELAPSE WITHOUT TOKEN ASSOCIATION/ACCOUNTCREATION, NMCI WILL
AUTOMATICALLY DELETE THE ACCOUNT. SERVICE MEMBERS MUST THEN
REQUEST A NEW ACCOUNT AND REINITIATE THE PROCESS. THE NAVY RESERVE
FORCE IS A GEOGRAPHICALLY DISPERSED, PART-TIME FORCE WHICH CAN
PRESENT A CHALLENGE FOR ECHELON V NRA'S TO MEET WITH RESERVE FORCE
MEMBERS ON A PREDICTABLE SCHEDULE. AS SUCH, NMCI SIPR ACCOUNT
FINALIZATION WILL REQUIRE PLANNING AND COORDINATION BETWEEN
SUPPORTED COMMANDS, OPERATIONAL SUPPORT OFFICERS (OSOs), ECHELON
IV RESERVE COMPONENT COMMANDS (RCCs) AND ECHELON V NRAs TO
COMPLETE THE ACTIONS ABOVE WITHIN THE DELINEATED TIME CONSTRAINTS.
PER REFERENCE B, NAVY RESERVE FORCE MEMBER TOKENS SHOULD BE
ISSUED TO NEW PERSONNEL AT ACCESSION SOURCES. ONCE A TOKEN IS
ISSUED, THE MEMBER WILL RETAIN THE ASSIGNED TOKEN CARD WHILE
TRANSITIONING BETWEEN COMMANDS AND DIFFERENT NETWORK ENCLAVES.
MEMBERS WILL ALSO RETAIN THEIR TOKENS UNTIL SEPARATION FROM THE
SERVICE. IF A TOKEN IS RETURNED AND IS NOT DAMAGED, IT SHOULD BE
REUSED. DUE TO THE MINIMUM CLEARANCE REQUIREMENTS AND A NEED TO
KNOW, NOT ALL MEMBERS RECEIVE TOKENS AT ACCESSION. IF A MEMBER DID
NOT RECEIVE A TOKEN FROM THEIR ACCESSION COMMAND, AND SUBSEQUENTLY
REQUIRES ONE FOR A SIPR ACCOUNT, THEN IT WILL BE THE RESPONSIBILITY
OF THE MEMBER'S SUPPORTING NRA OR LOCAL NAVY RESERVE FORCE COMMAND
TO ISSUE THE TOKEN.
4. ACTION: IN ORDER TO SUPPORT RESERVE FORCE MEMBER SIPR ACCESS,
REQUIREMENTS NEED TO BE COMMUNICATED FROM SUPPORTED COMMANDS, VIA
THEIR DESIGNATED OSO, TO ECHELON V NRAs AND THE IDENTIFIED RESERVE
FORCE MEMBER. IT IS THE SUPPORTED COMMAND OSOs RESPONSIBILITY TO
INCLUDE THESE REQUIREMENTS IN OFFICIAL ORDERS (ADSW, RECALL, AT, OR
ADT) AND TO ENSURE MEMBERS HAVE FULFILLED THOSE REQUIREMENTS PRIOR
TO ORDER EXECUTION. THIS INCLUDES RESERVE MEMBERS WHO TYPICALLY
WOULD NOT REQUIRE SIPR ACCESS BUT DO REQUIRE ACCESS TO SUPPORT
AN EXERCISE (AT) OR MOBILIZATION REQUIREMENT. FOR IDT BILLETS
REQUIRING SIPR ACCOUNTS FOR PERFORMANCE OF DUTIES, SUPPORTED
COMMAND OSOs SHALL LIST THE SIPR REQUIREMENTS IN THE BILLET
DESCRIPTION IN CAREER MANAGEMENT SYSTEM - INTERACTIVE DETAILING
(CMS-ID) FOR ENLISTED BILLETS, OR LIST THEM IN THE SUPPORTED
COMMAND COMMENTS IN RESERVE FORCE MANPOWER TOOLS (RFMT) FOR OFFICER
BILLETS.  NMCI SIPR ACCOUNT CREATION AND TOKEN ISSUING/DISTRIBUTION
WILL BE THE RESPONSIBILITY OF THE MEMBER'S SUPPORTING NRA OR LOCAL
NAVY RESERVE FORCE COMMAND. NRAs SHOULD HAVE THE MEANS TO OBTAIN
SIPR TOKENS AND ASSOCIATE THEM TO MEMBER NMCI SIPR ACCOUNTS. FUTURE
EXPECTATIONS ARE FOR RCCs TO PROVIDE LRA SERVICES FOR NMCI SIPR
ACCESS FOR ALL ECHELON V NRAs. ROLLOUT WILL CONSIST OF A PILOT WITH
ONE RCC EXECUTING LRA DUTIES, FOLLOWED BY ALL REMAINING RCCs.
EXPECT ALL RCCS TO BE LRA QUALIFIED AND EQUIPED BY THE END OF FY18.
5. EXCEPTIONS: ONLY A LIMITED NUMBER OF RCCs AND NRAs CURRENTLY
HAVE THE MEANS TO COMPLETE THE ENTIRE PROCESS OF NMCI SIPR ACCOUNT
CREATION THROUGH TOKEN DISTRIBUTION/ASSOCIATION. CNRFC IS IN THE
EARLY STAGES OF STANDING UP ALL RCCs AS LRAs. ONCE COMPLETE,
RCCs WILL PROVIDE THE NECESSARY LRA SUPPORT FOR ALL ECHELON V
NRAs. IF THE RCC OR NOSC DOES NOT CURRENTLY HAVE THE MEANS TO
FINALIZE AN NMCI SIPR ACCOUNT (TO INCLUDE SIPR TOKEN ASSOCIATION)
ORGANICALLY, OR THROUGH A FORMALIZED AGREEMENT WITH A LOCAL
COMMAND, CNRFC, AS THE GOVERNING LRA BODY FOR THE NAVY RESERVE
FORCE, CAN SUPPORT ON A LIMITED BASIS. DUE TO THE RESTRICTED TOKEN
SUPPLY PER COMMAND DESCRIBED IN REFERENCE E, CNRFC CANNOT PROVIDE
TOKENS FOR THE ENTIRE NAVY RESERVE FORCE. IF A SUPPORTED COMMAND
REQUIRES A MEMBER TO HAVE A SIPR ACCOUNT FOR A NON-NMCI NETWORK
(E.G., ONE-NET), IT WILL BE THE SUPPORTED COMMAND?S RESPONSIBILITY
TO CREATE/FACILITATE THE ACCOUNT.
6. NAVY RESERVE FORCE SERVICE MEMBER ASSIGNMENTS AND MISSION
REQUIREMENTS CAN BE COMPLEX AND DYNAMIC. THIS MESSAGE DOES NOT
INTEND TO COVER EVERY POTENTIAL SCENARIO FOR SIPR ACCOUNT CREATION
AND TOKEN ASSOCIATON/DISTRIBUTION. IF CIRCUMSTANCES ARISE WHERE
THE NAVY RESERVE FORCE LRA/TA CANNOT SUPPORT, ACTIVE COMPONENT
LRA/TA QUALIFIED COMMANDS ARE ENCOURAGED TO ASSIST IF ABLE AND
WITH PRIOR COORDINATION.
7. THIS GENADMIN WILL REMAIN IN EFFECT UNTIL CANCELLED OR
SUPERSEDED.
8. RELEASED BY RADM T. W. LUSCHER,DEPUTY COMMANDER,NAVY
RESERVE FORCE.//
BT
#0015
NNNN