United States Office of Administration EPA/208/B-92/001
Environmental Protection and Resources Management March 1992
Aaencv National Data Processing Division
9 7 Research Triangle Park, NC 27711
NDPD
Operational Policies
Manual
-------�
00
C5--
EPA/208/B-92/001
NDPD Operational
Policies Manual
Office of Administration and Resources Management
U.S. Environmental Protection Agency
Washington, DC 20460
U.S. ui»»r::-•;__.,„. _1?n
xri_ J-'- , n 0^u p|nnr
-------�
-------�
U.S. ENVIRONMENTAL PROTECTION AGENCY
NDPD OPERATIONAL POLICIES MANUAL
TITLE: TABLE OF CONTENTS DATE: 9/30/91
100.00 MANAGEMENT POLICIES
100.01 Introduction to NDPD Operational Policies Manual (8/1/87)
100.02 Contracts for Third Party Software Packages (11/22/88)
100.03 EPA Voice Communications (8/1/87)
100.04 NDPD Policies Manual Review (8/1/87)
100.05 Production Control Services (8/1/87)
100.06 Submission of Requests for New or Revised NDPD Operational Policy
(3/16/89)
100.07 NDPD Rate Charges (2/22/89)
100.08 Retention of Sperry Tapes (Deleted)
100.09 Preparation and Issuance of Formal NDPD Correspondence (10/17/88)
100.10 NDPD Prepared Papers (10/20/89)
IOQJ1 Floor Tile Handling Safety Re
-------�
NDPD OPERATIONAL POLICY NO.: Table of Contents Page 2 of 4
130.03 Development ADABAS Environment Availability Policy (9/12/90)
130.04 Central Environment Review Performance Policy (9/12/90)
140.00 RTP Information Centers
140.01 RTP PC User Support (Pending)
140.02 RIC Operations/Production Support (5/2/90)
140.03 PC Technology Assessment Program (5/2/90)
140.04 RTP LAN Support (5/2/90)
200.00 OPERATIONAL POLICIES
200.01 Archiving Tapes and Data Sets (7/24/91)
200.02 NDPD Records Management (7/1/91)
210.00 NCC IBM Mainframe
210.01 System Management (8/1/87)
210.02 Service Levels (9/19/90)
210.03 Performance Management (5/11/89)
210.04 Change Management (8/1/87)
210.05 Problem Resolution (8/1/87)
210.06 Timeshare Accounting (8/1/87)
210.07 User Registration (8/1/87)
210.08 Security (6/5/90)
210.09 Data Management (5/22/90)
210.10 Configuration Management (5/22/90)
210.11 Started Tasks (10/17/88)
210.12 ADP Capacity Planning (10/22/90)
220.00 Logical Mainframe
220.01 System Management (5/2/90)
220.02 Maintenance (8/1/87)
220.03 Performance & Capacity Monitoring (8/1/87)
220.04 Change Management (8/1/87)
220.05 Problem Resolution (5/22/90)
220.06 Timeshare Accounting (8/1/87)
220.07 User Registration (8/1/87)
220.08 Security (8/1/87)
220.09 Data Management (8/1/87)
220.10 Configuration Management (8/1/87)
230.00 NCC VAX Cluster
230.01 System Management (8/1/87)
230.02 Service Levels (8/1/87)
230.03 Performance & Capacity Monitoring (8/1/87)
230.04 Change Management (8/1/87)
230.05 Problem Resolution (8/1/87)
230.06 Timeshare Accounting (8/1/87)
230.07 User Registration (8/1/87)
230.08 Security (3/7/90)
indicates change.
-------�
NDPD OPERATIONAL POLICY NO.: Table of Contents Page 3 of 4
230.09 Data Management (8/1/87)
230.10 Configuration Management (8/1/87)
£3&! I "Tape Management/Maintenance on tne VAX (10/10/92)
240.00 Prime
240.01 System Management (9/12/90)
240.02 System Maintenance (9/12/90)
240.03 Networks & Communications (5/2/90)
240.04 Change Management (5/2/90)
240.05 Problem Resolution (9/12/90)
240.06 Software (5/22/90)
240.07 User Registration (5/2/90)
240.08 Security (2/1/90)240.00
240.09 Non-Local Support Roles (9/12/90)
240.10 Configuration Management (9/12/90)
250.00 Image Processing Systems (IPS)
250.01 System Management (Pending)
250.02 Maintenance (2/12/91)
250.03 Performance & Capacity Monitoring (2/1/91)
250.04 Change Management (2/5/91)
250.05 Configuration Management (Pending)
250.06 Problem Resolution (2/5/91)
250.07 Software (Pending)
250.08 User Registration (2/5/91)
250.09 Security (2/5/91)
250.10 Data Management (2/5/91)
260.00 Geographic Information Systems (CIS)
260.01 System Management (Pending)
260x02 System Maintenance (Pending)
260.03 Networks & Communications (Pending!
260.04 Cixange Ma aagemen t (Pend i ng)
260.05 Problem Resolution (Pending)
260.06 Software (Pending)
• 260.07 User Registration (Pending)
260.08 Security (Pending)
260.09 Non-Local GIS Support Roles (Pending)
260.10 Configuration Management (Pending)
300.00 TELECOMMUNICATIONS POLICIES (8/1/87)
300.01 Voice and Data Service Level Escalation (3/25/89)
300.02 Installation Requirements for Common Use Telecommunications Equip-
ment (9/11/89)
300.03 IBM SNA Network Performance and Capacity Management (10/20/89)
300.04 Telecommunications Inventory Control (Pending)
300.05 Change Management (7/2/90)
300.06 Disaster Recovery (9/12/90)
300.07 EPA Telecommunications Access for International Travelers (9/19/90)
Redline indicates change.
-------�
NDPD OPERATIONAL POLICY NO.: Table of Contents Page 4 of 4
300,08 sia to Uata Comm«j»ea tCoas ConaectMiy to the EFA (Peoding)
300,09 Telecommunication X^ondderatioas for Facilities Modifications (Pend-
ing) * - » » , ,
300,10 NDPD TelecomaiumcaHoruf Support fot National Conferences and
Demonstrations {Pending)
300, J I Network
310.00 Local Area Network (LAN)
310.01 Local Area Network (LAN) Planning (6/21/91)
310.02 Supported LAN'Hardware and Software (6/21/91)
310.03 LAN System Management (6/21/91)
310.04 LAN Problem Determination and Resolution (6/21/91)
310.05 LAN Data Management (6/21/91)
310.06 LAN Performance Capacity & Monitoring (6/21/91)
310.07 LAN Naming Conventions (6/21/91)
310.08 LAN Communication Gateways and Interconnectivity (6/21/91)
310.09 LAN Security (6/21/91)
310.10 LAN Change Management (6/21/91)
310.1 1 LAN Timeshare Accounting (6/21/91)
310.12 Wiring and Optical Fiber Cabling for Voice and Data Telecommunica-
tions (6/21/91)
310.13 Use of Remote Access to EPA LANs (Pending)
320.00 Email
320.01 System Management (2/23/89)
320.02 Service Levels (2/23/89)
320.03 Problem Resolution (2/23/89)
320.04 Usage Accounting (2/23/89)
320.05 User Registration (5/2/90)
320.06 System Security (2/23/89)
320.07 Data Management (2/23/89)
320.08 Support Services (2/23/89)
Redline indicates change.
-------�
U.S. ENVIRONMENTAL PROTECTION AGENCY
NDPD OPERATIONAL POLICIES MANUAL
TITLE: INTRODUCTION TO NDPD OPERATIONAL POLICIES MANUAL NO.: 100.01
APPROVAL; £^)g7C«ut^ Q ^^MJQl£t DATE: 8/1/87
1.0 PURPOSE
The NDPD Operational Policies Manual establishes a framework for defining and
publishing senior management direction related to the operation of Agency
timesharing resources under the jurisdiction of the National Data Processing
Division.
2.0 SCOPE & APPLICABILITY
Policies contained in this manual are applicable to all EPA and contractor
staff personnel who manage the operation of NDPD computer systems, or who
operate computer systems controlled by NDPD.
3.0 RESPONSIBILITIES
OMB and GSA require that each Federal agency establish internal policies and
procedures for the efficient management of ADP resources.
NDPD, under the authority of the Office of Information Resources Management,
through the Office of Administration and Resources Management - RTP, provides
the following:
a. Computing and telecommunications services to agency allowance holders
at a predetermined level as defined in general or specific Service
Level Agreements (SLA's).
b. Implementation of oversight, management, operation, and acquisition
of all automatic data processing resources in the Agency.
c. Assessment and introduction of new computing and telecommunications
resources as required to maintain effective and efficient delivery
of automatic data processing services.
Under this authority, the NDPD is responsible for appropriate distribution
and use of ADP resources within the Agency. It is responsible for the full
costing associated with this equipment and for addressing issues associated
with the management of these resources, both within the Agency an3 with other
government oversight agencies.
-------�
NDPD OPERATIONAL POLICY NO. 100.01 Page 2 of 3
4.0 MANUAL CONTENTS
The maintenance of an NDPD Operational Policies Manual is an ongoing process.
Procedures will be added or amended to meet changing requirements. This
manual consists of the following sections:
100.00 Management Policies
200.00 Operational Policies by System
300.00 Telecommunications Policies
Where applicable, individual policies for each system are prepared in accor-
dance with the following outline:
System Management
Service Levels
Performance and Capacity Monitoring
Change Management
Problem Resolution
Timeshare Accounting
User Registration
Security
Data Management
Configuration Management
5.0 DEFINITIONS
Automatic Data Processing (ADP) resources are defined as any of the following:
a. Mainframe, large-scale computers located at the National Computer
Center.
b. Minicomputers located anywhere in the Agency.
c. Microcomputers used as desktop computing resources located anywhere
in the Agency.
d. Data telecommunications equipment, including switching, concentration,
and front-end processors, located anywhere in the Agency.
e. Data circuits used as intraoffice, interoffice, or broadband, back-
bone network circuits.
f. Operating system software, telecommunications software, and multiuser
third party applications software, including standard minicomputer
and microcomputer software.
-------�
NDPD OPERATIONAL POLICY NO. 100.01 _ P5I5 3 of
6.0 ACRONYMS
ADP Automatic Data Processing
ASM2 Automated Space Management
ASRL Atmospheric Sciences Research Laboratory
CMC Change Management Council
CPU Central Processing Unit
DASD Direct Access Storage Device
DPSS Data Processing Support Staff
FM Facility Management (Contractor)
FMS Financial Management System
GSA General Services Administration
LMF Logical Mainframe
NDPD National Data Processing Division
OMB Office of Management and Budget
PC's Personal Computers
RACF Resource Access Control Facility
TSO Timesharing Option
TSR Telecommunications Service Request
TSSMS Timesharing Services Management System
WIC Washington Information Center
-------�
-------�
U.S. ENVIRONMENTAL PROTECTION AGENCY
NDPD OPERATIONAL POLICIES MANUAL
TITLE: Contracts for Third Party Software Packages NO.: 100.02
APPROVAL: yO jQ/t\ /I I 0 DATE: 11/22/88
1.0 PURPOSE
This policy provides guidelines for the acquisition of software packages and for the
prevention of unauthorized use of licensed software packages
2.0 SCOPE & APPLICABILITY
This policy applies to all EPA personnel and EPA contractor staff personnel responsible
for purchasing or otherwise obtaining software for use on the NCC-supported
(maintained) general purpose computer systems.
3.0 RESPONSIBILITIES
It is the responsibility of all individuals tasked with the preparation of documents
relating to specifications or procurement of third party software to conform to this
policy.
Project managers for software migration projects are subject to items detailed in this
policy.
4.0 POLICY
The NCC Software Review Council will review all recommendations submitted for the
procurement of software. Special consideration will be given to source of funding,
annual maintenance fees, types of service required, approximate number of users, and
existing NCC software which performs similar functions.
The Director, NDPD,' will be notified in writing of intent to procure and must,
subsequently, approve procurement of system level software that is to be installed on
any NCC-maintained computer system.
Software contracts will contain the following provisions:
a. EPA retains the right to permit the use of this software to any internal
or external organization authorized by EPA provided that the software
is resident on the designated CPU or designated site (designated site for
site license, designated CPU for licenses by CPU).
b. EPA retains the right to move this software to any other computer system
managed by EPA at no extra cost provided a prior notice for such
migration is given to the vendor.
Exceptions to the above policy due to vendor negotiations will be noted in the NDPD
contract file and in Interagency Agreements.
-------�
NDPD OPERATIONAL POLICY NO. 100.02 Page 2 of 2
Software migration notification will be a separate line item in any implementation plan
when a CPU upgrade occurs. The notification to vendor will be issued prior to actual
migration.
Software will be installed on designated CPU's only unless the license is by site type.
Individually designated CPU software will not be copied except for disaster/backup
CPU's. The backup CPU's software will be destroyed as soon as operation returns to
the designated CPU. This item will become part of the procedures/checklists for
disaster recovery/restore.
Copyright protection of software package documentation will be honored.
In accordance with contract requirements, old releases/versions of software and
documentation will be destroyed after new releases/versions are installed.
A contract file control system will be developed and maintained to include, at a
minimum, copies of the contract, subsequent modifications, and a checklist of
documents to be maintained in each contract file.
5.0 DEFINITIONS
System level software is defined as software requiring support from the NDPD staff.
-------�
U.S. ENVIRONMENTAL PROTECTION AGENCY
NDPD OPERATIONAL POLICIES MANUAL
TITLE: EPA VOICE COMMUNICATIONS N0': 100.03
APPROVAL: lO
-------�
NDPD OPERATIONAL POLICY NO. 100.03 Page 2 of 2
b. Review and coordinate with the National Telecommunications and
Information Administrative Frequency Assignment Subcommittee all
requirements for use of radio frequencies, including purchases of
radio equipment or changes in use of any frequency.
c. Maintain a central telephone number inventory for Headquarters.
d. Coordinate with the GSA Authorization staff all system and service
procurements requiring GSA approval. (Actions requiring approval
are detailed in EPA Manual 4820-1, Telecommunications.)
-------�
U.S. ENVIRONMENTAL PROTECTION AGENCY
NDPD OPERATIONAL POLICIES MANUAL
TITLE: NDPD POLICIES MANUAL REVIEW N°-: 100.04
APPROVAL :£)o~/jgO^A/rJ2 DATE: 8/1/8?
1.0 PURPOSE
This policy provides guidance and information for reviewing and updating the
NDPD Operational Policies Manual.
2.0 SCOPE & APPLICABILITY
This policy is applicable to the NDPD Technical Manager and/or FM contractor
supporting the Policies Manual Coordinator.
3.0 RESPONSIBILITIES
The Technical Manager assigned duties as Policies Manual Coordinator is
responsible for ensuring manual reviews and updates as defined.
Necessary deviations from this policy will be reported to the NDPU Director
through the Technical Manager's Branch Chief for approval.
All requests for policy changes or new policy development will be coordinated
through the Technical Manager responsible for Policies Manual coordination.
The Technical Manager for each respective operational area is responsible for
assuring that policies for his/her area are accurate.
4.0 POLICY
a. An independent review of the Policies Manual will be made biannually.
b. An internal review of the Policies Manual will be conducted on an
annual basis to ensure that procedures accurately follow policy.
c. Significant policy changes will be posted as a News Alert and/or
E-Mail and will become effective when signed by the NDPD Director.
d. Updates to the on-line Policies Manual will be made as changes are
approved•
e. The NDPD Operational Policies Manual will be reprinted and distributed
to selected managers/supervisors/coordinators on an annual basis.
-------�
-------�
U.S. ENVIRONMENTAL PROTECTION AGENCY
NDPD OPERATIONAL POLICIES MANUAL
TITLE: PRODUCTION CONTROL SERVICES NO.: 100.05
APPROVAL: ]Q r**~tJl U^^lAX? DATE: 8/1/87
1.0 PURPOSE
Production control service is a negotiated service. The primary service
offered to the user community by the Production Control group is monitoring
and controlling the production-oriented use of the NCC computer systems.
2.0 SCOPE & APPLICABILITY
This policy applies to all individuals/organizations that apply for and are
subsequently approved for production control services. It further details
responsibilities of the Production Control group.
3.0 RESPONSIBILITIES
The Technical Manager of Production Control, NDPD, is responsible for
approving production control requests.
4.0 POLICY
To receive production control services, a user must clearly state in writing
what services are required. Upon receipt of a request, it will be evaluated
in terms of manpower, resources, and job or task complexity. When the request
is approved, the user will be contacted to initiate a runbook, the official
guide to production control services. The runbook will be clear and
understandable both to the user and Production Control personnel.
a. The initial runbook produced by the user will be forwarded to
Production Control for review, comments, and suggestions. Several
updates to the runbook may be necessary before it is acceptable
to Production Control and the user.
b. Once the runbook is accepted by Production Control, any changes to
the runbook must be provided by the user.
c. Authorization for access to a user's account must be given to Pro-
duction Control so that personnel can log on to the system for job
processing.
d. All charges for the processing of production jobs will be billed to
the appropriate user account as specified in the runbook.
-------�
NDPD OPERATIONAL POLICY NO. 100.05 Page 2 of 2
e. Continuation of current production control services will be negotiated
annually during the last quarter of the fiscal year. Any deviation
from established runbook procedures must be negotiated and "billinc
accounts" established.
Timeshare chargeback for services provided by the Production Control staff
will be determined annually and expressed as a dollar/hour rate in monthly
TSSMS management reports that detail the total time and dollars changed to
each production control billing account. A special "production control
billing account" wil.1 be established by the TSSMS office for each user group
requesting production control services. Costs for services, such as runbook
preparation, time spent in negotiation, status reporting, job setup, and file
maintenance, will be charged to this special account.
5.0 DEFINITIONS
Production control jobs are defined as those jobs that are scheduled and
executed on a timely basis as agreed to by both parties. In addition to the
negotiated routine processing of production jobs, other services include:
a. Production and distribution of reports.
b. Creation of reports (i.e., status reports, statistical reports, and
performance reports).
All specialized unscheduled jobs must be negotiated to ensure resource and
manpower availability.
-------�
U.S. ENVIRONMENTAL PROTECTION AGENCY
NDPD OPERATIONAL POLICIES MANUAL
TITLE: Submission of Requests for New or Revised NDPD No.: 100.06
Operational Policy
APPROVAL: DATE: 3/16/*9
1.0 PURPOSE
This policy provides a common format for requesting issuance of a new policy or revision to
an existing policy.
2.0 SCOPE & APPLICABILITY
This policy applies to all persons/groups submitting suggestions/requests for new NDPD
policies or requesting changes to existing policies.
3.0 RESPONSIBILITIES
It is the responsibility of the preparcr to conform to this policy in submitting requests for
NDPD consideration.
The NDPD Branch Chiefs and the Information Management Branch of OIRM are responsible
for reviewing the policies before issuance.
The Chief, Program Management Support Branch, is responsible for reviewing and submitting
new or revised policies to the Director, National Data Processing Division.
4.0 POLICY
a. All requests for a new policy will be submitted in the following format:
- Required Paragraphs:
Title
1.0 Purpose
2.0 Scope & Applicability
3.0 Responsibilities
4.0 Policy
- "As Needed" Paragraphs:
5.0 Definitions
6.0 Acronyms
7.0 (Other Headings as Required)
b. Revisions or changes to current policy will be submitted in the format
specified in Item 4.a. A copy of the current policy will be attached to the
recommended policy.
-------�
NDPD OPERATIONAL POLICY NO. 100.06 ~ Page 2 of 2
c. All requests will be submitted under cover letter to the following address for
review and forwarding to the Director, NDPD:
Chief, Program Management Support Branch
National Data Processing Division
MD-34
Research Triangle Park, NC 27711
d. Policy review is established to include the following:
Internal - Each NDPD Branch Chief will review policies and return
comments within 2 weeks.
External - Policy personnel of the Information Management Branch,
Information Management and Services Division, OIRM, will coordinate the
review for OIRM and return comments within 2 weeks.
If no comments are received during the 2-weck review period, approval is
assumed.
The requirement for an additional review of any submitted policy will be at
the discretion of the Chief, Program Management Support Branch, and/or the
Director, NDPD.
e. The NDPD Policy Coordinator will provide the review comments to the
submitter for possible revision/modification of the policy.
f. The NDPD Policy Coordinator will notify the submitter of approval/dis-
approval once the request has been reviewed by the Director, NDPD.
-------�
U S. ENVIRONMENTAL PROTECTION AGENCY
NDPD OPERATIONAL POLICIES MANUAL
TITLE: NDPD Rate Charges No" 100-07
APPROVAL: DATE; 2/22/89
1.0 PURPOSE
In accordance with guidelines established in OMB Circular A-130, a full cos ting .of all
personnel, hardware, software, and physical facility costs is performed yearly for all computer
systems operated or managed by EPA. The NDPD must account for the full cost of op ranng
the data processing facilities and allocate these costs to users according to the services they
receive.
2.0 SCOPE & APPLICABILITY
This policy applies to the following cost centers at the National Computer Center:
o IBM System (WIC 4381, Regional LMFs, IBM 3090s, Cincinnati 4381)
o NCC VAX Cluster
o CBI IBM 4381
o ASRL VAX
o Telecommunications . t „
o Support Services (Prime, ORD VAX, MicroVAX II (optional), LANs, LIMS,
STARS)
3.0 RESPONSIBILITIES
The Chief, Program Management Support Branch, is responsible for the review and submission
nf new or changed policy to the Director, National Data Processing Division.
4.0 POLICY
The major source of data for full costing is created by the automated NDPD
Budget Planning System. This system provides information concerning yearly
lease and maintenance costs for hardware and software, estimated costs for
purchases planned for the fiscal year, yearly contractor services costs, and data
center personnel costs. Categorization by service area within computer systems
is used to determine the yearly operating costs for each computer system.
There is a formal NDPD approval process that identifies each budget item as
either mandatory or discretionary. Mandatory items are included in the
budget Discretionary items are categorized into the following priorities: high,
medium, or low. Discretionary items are included in the budget only if money
is available. This budget process must be completed by March 15.
Indicates revision.
-------�
NDPD OPERATIONAL POLICY NO. 100.07 Page 2 of 3
b. Based upon data obtained from the full costing process, NDPD annually
performs the cost center analysis for each computer system/ADP service. This
process determines the costs of individual service provided for each system and
establishes the charge rates to recover these costs. Charge rates for the various
services provided are established as follows:
o Rates are to be structured to reflect the full cost of providing a service.
o To ensure equity in chargeback, users only pay for services received.
o Flat rate charges are used for services where usage is not directly
measurable.
o Services provided by commercial vendors are charged back to Agency
users at cost plus administrative handling fee.
o The Agency's capacity to provide requested service consistent with
"service level goals" is incorporated in the Agency pricing policies and
rate setting procedures.
c. NDPD input to the OIRM timeshare budget guidance memo is prepared by
April 15.
d. An RPIO timeshare impact analysis will be performed to determine the likely
impact of certain rate changes and/or rates for new services. The suggested
timeshare chargeback rate structure for all cost centers is presented to the
Director, NDPD, for review, comment, and approval by June 15.
e. The NDPD approved timeshare chargeback rate structure for all cost centers
is presented to the Director, OARM-RTP, for review, comment, and approval
by July 1.
f. The OARM-RTP approved timeshare chargeback rate structure for all cost
centers is presented to the Director, OIRM, and his staff for review, comment,
and approval by July 15.
g. The approved chargeback is published in a User Memo no later than August
31.
h. The approved chargeback is published in the WIC Connection no later than
September 1.
i. Management reports are prepared and distributed to the OIRM no later than
the 5th working day of the following month. The TSSMS and management
reports are also sent to the Responsible Program Implementation Officers
(RPIOs) and ADP Coordinators the next day.
j. Once timeshare chargeback rates are approved and a User Memo announcing
rates has been issued, there will be no changes to the chargeback rate structure
for the upcoming fiscal year.
Indicates revision.
-------�
NDPD OPERATIONAL POLICY NO. 100.07 Pa8« 2 of 3
k If a new timeshare chargeback service is to be implemented at any time during
the fiscal year, the rate for this service must be approved by NDPD
management and a 30-day user notice issued prior to the effective date for the
chargeback.
Indicates revision.
-------�
-------�
U.S ENVIRONMENTAL PROTECTION AGENCY
NDPD OPERATIONAL POLICIES MANUAL
TITLE- Preparation and Issuance of Formal NDPD Correspondence NOj 100.09
1.0 PURPOSE
This policy reaffirms NDPD directives that all formal correspondence adhere to the
policies, procedures, standards, and formats contained in the EPA Cprresppndence
Manual. EPA Transmittal 1320.
2.0 SCOPE & APPLICABILITY
This policy applies to all NDPD staff personnel who write, edit, review, sign, type,
file, or control formal NDPD correspondence. Formal correspondence is defined as
written forms of communication issued to individuals outside of NDPD. The author will
determine whether correspondence will be formal or informal (E-Mail).
3.0 RESPONSIBILITIES
The author and reviewer are responsible for the contents of the correspondence while
the secretarial staff is responsible for the grammar, spelling, format, and all other
characteristics associated with professionally acceptable correspondence. The Division
Director's secretary is responsible for advising, monitoring, coordinating, and otherwise
ensuring adherence to this established policy.
4.0 POLICY
a. All formal correspondence will adhere strictly to the guidelines contained in
the EPA Correspondence Manual.
b. Formal correspondence to individuals within EPA will be issued in memoran-
dum form while other correspondence, including that to other government
agencies, will be issued in letter format.
c. All correspondence prepared for the Director's signature will receive a
minimum two-level review.
d. Excerpts from the EPA Correspondence Manual containing some of the most
relevant features governing correspondence will be issued and updated as a
reference for the secretarial staff.
e. The secretarial staff is encouraged to meet at least quarterly to discuss issues
and practices that will improve the correspondence program.
-------�
NDPD OPERATIONAL POLICY NO. 100.09 Page 2 of 2
f. The only acceptable exception to the EPA Correspondence Manna! guidelines
is that the Director's Office will maintain a record of all outgoing formal
correspondence by subject rather than by the Division level reading file
-------�
U.S. ENVIRONMENTAL PROTECTION AGENCY
NDPD OPERATIONAL POLICIES MANUAL
TITLE: NDPD Prepared Papers y NO.: 100.10
APPROVAL: ± J^^JJ Ur\ ,.J/J
-------�
NDPD OPERATIONAL POLICY NO. 100.10 page 2 of 8
All papers requested from the FM contractor by the NDPD Director will be reviewed
by the FM contractor Project Director before being forwarded to the NDPD Deputy
Director. The Branch Chief(s) who would benefit from this information will be
provided with a copy of the paper.
Two copies of each paper will be submitted to the Director. One copy will be filed in
a central file in the Director's office.
The original, or repro copy, of each paper will be catalogued and filed in the FM
Contractor's Technical Library for future reference and reproduction. This copy
should be submitted to the Supervisor of Publications and Reproduction (MD-34A).
50 TYPES AND FORMATS OF ACCEPTABLE PAPERS (Mandatory Element^
The format of the two types of papers defined by this policy are presented below.
Note that subelements that relate to an element must immediately follow that element
and must be identified with the element number (i.e., 3.0 for Background with
subelement numbers 3.1, 3.2, 3.3, etc., as necessary).
Additional information not related to an existing subelement will be presented as a new
element. This new element will take the next available number after the last
mandatory number or the previous new element number.
o INFORMATION PAPER
1.0 TOPIC
2.0 EXECUTIVE SUMMARY
3.0 BACKGROUND
4.0 INFORMATION
5.0 REFERENCES
o DECISION PAPER
1.0 REQUIREMENT/PURPOSE/ISSUE
2.0 EXECUTIVE SUMMARY
3.0 BACKGROUND
4.0 ASSUMPTIONS
5.0 CRITERIA FOR EVALUATION OF ALTERNATIVES
6.0 ALTERNATIVES
7.0 RECOMMENDATIONS
6.0 REPORT COVERS
If the length of a report warrants, the author may include a cover, title page, and table
of contents; however, one will not be used without the other. Covers will conform to
I Indicates change.
-------�
NDPD OPERATIONAL POLICY NO. 100.10 P«I« 3 of 8
the requirements of the EPA Graphics Standards System manual. Covers will be
printed in black ink on white or colored bond unless distribution is limited (10 copies
or less); in which case, one color ink (blue or green) may be used. A sample cover from
the EPA manual is shown in Figure 1. Explanatory remarks concerning the basic cover
format requirements have been added. Another sample cover is illustrated in Figure
2, indicating type face and point size.
Figure 3 contains sample covers prepared at the NCC. While the presentation of
information contained above Line A is mandatory, data below this line is at the
author's discretion.
A sample title page is illustrated in Figure 4. Note that reports prepared by the FM
contractor will carry the contractor's EPA contract number in compliance with EPA
regulations.
7.0 REPORT PREPARATION AND DISTRIBUTION
Personnel are encouraged to utilize the services provided by the FM contractor's
Publications and Reproduction Section. These services include editorial, illustration,
typing, reproduction, and distribution assistance.
Indicates change.
1USEPA Graphic Standard* Syitem, U.S. Government Printing Office: 19770-247-563, Stock No. 055-000-00169-3.
-------�
NDPD OPERATIONAL POLICY NO. 100.10
Page 4 of 8
Column 1. Agency Iden-
tifier. Logotype and
symbol are treated as
one unit.
Column 2. Full name
of Agency, title and
subtitle, if required.
Column 3. Office/-
Region, if applicable,
with address.
Column 4. Index
number, date of issue,
and special identi-
fication (Draft,
Final, etc.), if
applicable.
•&EPA Monitoring Series
Rationale and Methodology
for Monitoring Groundwater
Polluted by
Mining Activities
Figure 1. Sample Report Cover with Column Identification
-------�
NDPD OPERATIONAL POLICY NO. 100.10
Page 5 of 8
9 pt Univvrc 55
30 pt Uniwrs 65
30 pt Univvrs 55
oERA
Environmental Draft
Impact Statement
Sacramento
Regional Wastewater
Management
Program
1
6 pt
30 pt
30 pt
30 Dt
30 pt
Figure 2. Sample Report Cover with Type Specifications
-------�
NDPD OPERATIONAL POLICY NO. 100.10 Page 6 of 8
Line A
UnrlM SttM Office c< Admlntatratton Ml/001
En»(ronmwrt»l Protection .nd to«ourc«* M*rwo*m*nt f«punu»r I 1M*
«««»«rch Trtoflgt* f «m, NC ZT71 1
4MEPA Decision Paper
Evaluation of
dBASE IV, Version 1.0
in Multi-User Mode
Figure 3. Sample NDPD Report Cover (Page 1 of 2)
-------�
NDPD OPERATIONAL POLICY NO. 100.10
Page 7 of 8
Ltn« A
» of Adm*Mn«on
•nd MMOUFCM M«n««»m«fit
Notional Data »rqcinlr»g OlvMon
< Titengw Perk. NC 2771 1
*M/001
&EPA Decision Paper
Evaluation of
dBASE IV, Version 1.0
in Multi-User Mode
Question: Should EPA adopt dBASE IV LAN as the
Agency standard, replacing dBASE III PLUS?
Recommendation: Yes.
Figure 3. Sample NDPD Report Cover (Page 2 of 2)
-------�
NDPD OPERATIONAL POLICY NO. 100.10 P.ge 8 of 8
EVALUATION OF dBASE IV, VERSION 1.0.
IN MULTI-USER MODE
September 6, 1989
Prepared for
Architectural Management I Planning Branch
Contract No. 68-01-7437
U.S. ENVIRONMENTAL PROTECTION AGENCY
NATIONAL DATA PROCESSING DIVISION
RESEARCH TRIANGLE PARK, NORTH CAROLINA
Figure 4. Sample Report Title Page
-------�
U.S. ENVIRONMENTAL PROTECTION AGENCY
NDPD OPERATIONAL POLICIES MANUAL
TITLE: Floor Tile Handling Safety Requirements NO.: 100.11
APPROVAL: /) /) fl I r\ M (] DATE: 4/17/89
1.0 PURPOSE
The raised flooring in the National Computer Center (NCC) and the Washington
Information Center (WIC) represents a major investment by the EPA and, if not
handled properly, the flooring can become a safety hazard. The following guidelines
should be followed when removal and/or replacement of floor tiles at NCC and WIC
is required.
2.0 SCOPE & APPLICABILITY
This policy is applicable to all NDPD, contractor, and vendor personnel. Any deviation
from this policy must be approved in writing by the Director of NDPD.
3.0 RESPONSIBILITIES
The Chief, ADP Operations Management Branch, is responsible for all alterations to
the NDPD computer facilities, including the removal and placement of floor tiles.
4.0 POLICY
The following procedures will be observed whenever floor tiles are removed or
replaced:
a. Always place orange caution cones near the floor tiles that are being
removed to alert personnel.
b. Always use floor pullers to remove floor tiles. Use of any other tool will
lead to edge damage.
c. When lifting a panel, place the floor puller near one corner of the panel.
Support the panel with one hand while lifting with the other to protect
yourself from injury and to prevent panel damage should the puller come
loose.
d. When placing a removed floor tile on top of other flooring, ensure that
the metal backing does not damage the surface of other tiles.
e. Never remove the screws from the bolt-in stringer system.
f. Always ensure that the rubber pedestal head pad is in place before
replacing a floor tile.
g. Do not drop or bump panels on their edges. This can damage the pedestal
heads so that proper attachment is no longer possible.
-------�
NDPD OPERATIONAL POLICY NO. 100.11 Page 2 of 2
h. If a piece of edging detaches, take time to replace it prior to reinstalling
the panel. Otherwise, gaps are left which allow movement, thus creating
an unsafe and unsightly condition.
i. If a panel must be cut for access, never request a corner cut. Always
ensure that the cut is from 1 inch to 2 inches from a corner. The floor
system is considered a non-weight-bearing stringer system, meaning that
the corners support all of the load.
j. Return damaged and excess panels to their proper storage areas.
Should the need for floor tile repair become apparent, contact NDPD Facility Support
at Extension 4127 or 3437.
-------�
U.S. ENVIRONMENTAL PROTECTION AGENCY
NDPD OPERATIONAL POLICIES MANUAL
TITLE: Transfer ofComputer Accounts among EPA Users NO.: 100.12
APPROVAL: X^^X/6^_ DATE: 4/17/89
1.0 PURPOSE
This policy will ensure that the transfer of computer accounts among EPA organiza-
tions is accomplished in a consistent and orderly manner.
2.0 SCOPE & APPLICABILITY
This policy is applicable to all computer accounts registered with the Time Sharing
Services Management System (TSSMS) Office at the EPA National Computer Center.
3.0 RESPONSIBILITIES
FM Contractor personnel at the NCC are responsible for updating and maintaining
necessary files and for monitoring procedures to implement this policy.
4.0 POLICY
Transfer of computer accounts from one EPA organization to another will be
accomplished as follows:
a. YTD charges will be transferred with the account.
b. Budget ceiling will be transferred with the account. The OIRM Office
(FTS 382-2415) will be contacted by the ADP Branch Chiefs with budget
transfer information.
A few Interagency Agreements (lAG's) specify that when an account has exceeded its
stated expenditure limit, EPA will cover any additional costs out of the EPA timeshare
budget. In this instance, the Regional ADP Branch Chiefs will ensure that the
following is accomplished when a computer account is transferred:
a. Establish a new account and delete the old account. (Complete TSSMS
forms N251 and N258.)
b. Change the JCL of existing jobs to reflect the new account.
c. Rename data sets with the new account within 45 days or the data sets
will be deleted.
d. Reassign tapes to the new account within 45 days or the tapes will be
released to the scratch pool.
-------�
-------�
U.S. ENVIRONMENTAL PROTECTION AGENCY
NDPD OPERATIONAL POLICIES MANUAL
TITLE: SOFTWARE REVIEW COUNCIL NO . = 100.13
APPROVAL: /s/ Donald W. Fulford DATE: 6/30/89
1.0 PURPOSE
This policy establishes the EPA NCC Software Review Council (SRC)
and provides guidance for the review of software recommended for
procurement.
2.0 SCOPE £ APPLICABILITY
This policy applies to all EPA personnel and EPA contractor staff
responsible for purchasing or implementing software for use on
the NCC-supported (maintained) general purpose computer systems.
This policy specifically exempts:
a. Operating system software.
b. Upgrades to installed software that will not require
additional support or training.
c. Software which is not installed, maintained, or
supported by the NCC.
3.0 RESPONSIBILITIES
The Director, NDPD, will establish and maintain a Software Review
Council consisting of six permanent members. The SRC will
control the commitment to and termination of NCC software.
Individuals tasked with the procurement of software which is to
be installed, supported, or maintained by the NCC must seek the
advice and consent of the SkC prior to procurement.
M.O POLICY
Software Review Council members will be appointed by the NDPD
Director. Membership will include the NDPD Deputy Director, who
will serve as Chairman, two EPA employees, two Primary Support
Contractor (PSC) employees, and a non-voting Executive Secretary.
-------�
-------�
NDPD OPERATIONAL POLICY NO. 100.13 Page 2 of 2
The SRC must be notified of the intent to procure software that
is to be installed on any NDPD-maintained computer system. It is
the responsibility of those tasked with the preparation ->±
procurement documents to notify the Council of such ir-tent to
purchase. In addition, NCC User Services may, from time to time,
notify the Council of any unsupported or undersupported software
which has generated user inquiries.
The SRC will perform the following activities:
a. Conduct a review of existing third party software. This
review will generate an up-to-date list of NCC software
and assist in the determination of an appropriate level
of support. In addition, the Council will periodically
review software packages to compare their respective
benefits and costs, and to determine if it is in the
best interest of EPA to retain such software. Reviews
will be scheduled semiannually.
b. Assinn to each new software acquisition a level of
support that is to be maintained for the package.
c. Notify the FM contractor and NDPD staff in writing of all
decisions which affect NCC software.
d. Approve plans for support, user notification, and implemen-
tation of all software acquisitions before they are brought
to the attention of the Change Management Council or
installed on the NCC-supported computer systems.
e. Negotiate with the FM contractor a date of availability for
each new software package and ensure that the user community
is informed of this date and the associated level of support.
(The level of support may require internal training, specific
testing, review of provided documentation, or preparation of
on-line documentation.)
-------�
-------�
U.S. ENVIRONMENTAL PROTECTION AGENCY
NDPD OPERATIONAL POLICIES MANUAL
TITLE: Submission Timeframes: Planning and
Funded Purchase Requisitions
APPROVAL: f) / A / t \ /I O
L.'f
-------�
-------�
U.S. ENVIRONMENTAL PROTECTION AGENCY
NDPD OPERATIONAL POLICIES MANUAL
TITLE: NCSC SUPERCOMPUTER USAGE NO. 100.17
APPROVAL: lC\ /n t ^ /» I P DATE: /0 -
./_> C^I^JL^ \^ ) A -t^-x^i- _ . - -
-
1.0 PURPOSE
This policy establishes procedures for obtaining computer time at the North Carolina
Supercomputer Center (NCSC).
2.0 SCOPE AND APPLICABILITY
This policy applies to all services available to EPA from the NCSC, including computer time,
visualization services, user consultations, etc. This policy is applicable to all EPA and
contractor staff personnel who manage the operation of NDPD computer systems, or who
operate computer systems controlled by NDPD.
Any deviation from this policy must be approved in writing by the Director of NDPD.
3.0 RESPONSIBILITIES
The NDPD Head of Scientific Computing is responsible for the review and submission of new
or changed policies for supercomputer usage.
4.0 POLICY
Users wishing to use the Cray Y-MP or Convex at the NCSC should submit a proposal of the
research they wish to conduct and the estimate of computer time needed. This proposal must
contain an endorsement from the researcher's Division Director, and should be directed to
NDPD Head of Scientific Computing for approval.
Once a project has been approved, NDPD will contribute $20,000 (equivalent to approximately
40 CPU hours of Cray Y-MP time) to have the researcher explore the technical and budgetary
feasibility of a full-scale effort to port his application to the supercomputer. Once the $20,000
grant has been depleted, the researcher's organization must assume full responsibility for
funding the project.
Researchers are encouraged to compare the costs of using the Cray Y-MP and the Convex in
order to determine the appropriate computer for their particular applications.
-------�
-------�
US ENVIRONMENTAL PROTECTION AGENCY
NDPD OPERATIONAL POLICIES MANUAL
TITLE: At-Home Use of Agency-Owned NO- 100-18
Personal Computers
DAT*/->y-y/
1.0 PURPOSE
This policy establishes conditions under which EPA employees and contractors may install
government-owned personal computers and peripherals in their homes.
2.0 SCOPE & APPLICABILITY
This policy applies to all employees of the EPA National Data Processing Di^sio"; ancl to
employees of NDPD's contractors. It is applicable in all instances where such employee
remove government-owned microcomputers and/or peripherals from government facilities for
use at their homes.
3.0 RESPONSIBILITIES
The Deputy Director, NDPD, has authority to approve/disapprove requests bV employees to
relocate government-owned equipment under the provisions of this policy. NDPD Branch
Chiefs are responsible for administering this policy within their respective organizations.
fndTv duals wh'o transfer government-owned equipment to their homes under ,|Je Provisions
of this policy are responsible for the care of that equipment, and for returning it to NDPD
upon demand.
4.0 POLICY
NDPD recognizes that under some circumstances it is in the government's interest that certain
employees have access to microcomputer equipment when those employees are away from their
offices. Such circumstances may include, but are not limited to, the following:
a An employee is on call during other than normal business hours, and having
telecommunications access through a microcomputer enables the individual to
provide the needed service or assistance without traveling to his/her office.
b The nature of an employee's duties lends itself to occasional work offsite, and
the employee's manager approves the performance of those duties in the
employee's home.
A flexible work schedule has been approved for the employee, and having
equipment available in the home contributes to the individual's productivity.
The employee is physically unable to come to work because of injury or illness,
but is able to perform work on a limited basis at home.
It becomes necessary to limit an employee's travel to and from work in the
interest of energy conservation, or because of circumstances arising from severe
weather or other natural causes.
c.
e.
-------�
NDPD OPERATFONAL POLICY NO. 100.18 Page 2 of 2
Accountability for microcomputers and peripherals removed from government facilities under
the provisions of this policy will be maintained through existing procedures. In cases where
equipment will be used off government premises for a period of not more than 90 days,
property passes will be issued and the Property Control Office will be notified via Form N354^
Report of Status of Government Property. When equipment will be off government premises
in the possession of an employee for longer than 90 days, property records will be changed to
show the employee as the person responsible.for the government-owned equipment.
-------�
U.S. ENVIRONMENTAL PROTECTION AGENCY
NDPD OPERATIONAL POLICIES MANUAL
TITLE- NDPD PC Bulletin Board Services NO- l '
APPRQVAL:
1.0 PURPOSE
This policy specifies the support to be provided by NDPD in the use of Agency-wide electronic
Personal Computer Bulletin Board Services (PC BBS).
2.0 SCOPE & APPLICABILITY
This policy applies to all levels of NDPD's data processing support organization and to all PC
bulletin board services that EPA and its contractors operate.
3.0 pBSPnNSIBlLITIES
NDPD is responsible for providing data processing support services to customers throughout
The A«ncy Within NDPD, the Information Centers Branch (ICB) and the Telecommunication
Branch 0-CB) are respons Die for computer support activities most directly affected by this
policy All employees of EPA, EPA contractors, and EPA grantees are responsible for
compliance with the provisions of this policy.
4.0 POLICY
Various EPA offices support over thirty electronic bulletin board services These BBSs fulfill
Tn essential need for communication throughout the Agency, keeping BBS customers updated
on strategic information Agency BBSs provide services such as electronic distribution of
documentation nXes of melting's, electronic conferencing and 1 messaging or, £™™™%
areas of study, software updates, and computer programs. As the interest in BBSs has grown
wfthin the Agency so has the need for better PC BBS communications. Advertising he
existence of specialized BBSs is difficult for EPA offices Various offices have requested
NDPD to provide BBS EPA network access and advertising for PC BBbs.
defines the NDPD PC BBS network strategy and describes the management
uirement assocTated with connecting a PC BBS to the EPA network. Software and hardware
components necessary to provide PC BBS telecommunications services are enumerated. This
ooHcv outlines procedures for applying for networked PC BBS connections and announces
NDPD advening Support for PC BBSs This policy defines NDPD BBS system manager and
operator support.
Branch.
-------�
NDPD OPERATIONAL POLICY NO. 100.19 Page 2 of 5
4.1 PC BBS MANAGEMENT
NDPD requires that an EPA employee (BBS system manager) sponsor a proposed PC BBS for
connection to the EPA network. This employee will apply for an EPA network connection by
completing an NDPD Telecommunications Service Request (TSR). The TSR will be submitted
to the NDPD Telecommunications Branch with a memo stating whether the proposed network
PC BBS is available for public access. Refer to Section 4.3 for a detailed description of public
access PC BBS issues. The public access BBS system manager will ensure that there is no BBS
posting of EPA network access directions or telephone numbers. System managers converting
to public access will notify NDPD Telecommunications Branch 30 days before conversion
occurs. Public access through the EPA network to the BBS is prohibited and will be blocked
electronically. Public access through the PC BBS to the EPA network is also prohibited.
Duties of the BBS system manager include:
• Managing the availability of the BBS.
• Enforcing practices to ensure that the message and file information available to
BBS customers is appropriate and virus-free.
• Maintaining and upgrading the BBS hardware and software as necessary.
• Acting as "central point of contact" for NDPD management to resolve procedural
problems that may arise.
The technical operations of the BBS can be provided by the system manager or a system
operator who is sometimes a contractor. The system operator's duties include:
Creating bulletin board categories.
Working with NDPD technical staff to troubleshoot telecommunications
problems.
Providing regularly scheduled tape backups fcr the PC BBS.
Running virus checker programs to maintain a virus clean PC BBS.
Purging old information.
Performing other PC BBS software and system-related duties.
4.2 PC BBS EPA NETWORK ACCESS
Bona fide EPA employees, state agency representatives, other government agency representa-
tives, EPA contractors, and EPA grantees will gain access to EPA PC BBSs through the EPA
network. NDPD Telecommunications Branch will support an X.25 synchronous communica-
tions connection to a PC BBS, giving customers 9.6 kb or 19.2 kb access through EPA's packet
switched network. The X.25 PC BBS communications link can, theoretically, provide service
for up to 64 concurrent customers. Network service levels will vary with the speed of the
bulletin board service PC, the number of simultaneous customers, and the type of network
traffic generated by the customers (i.e., file transfer vs. reading BBS Email).
-------�
NDPD OPERATIONAL POLICY NO. 100.19 P«ie 3 of 5
4.3 PUBLIC ACCESS TO EPA PC BBSs
This policy defines public access to a BBS as totally unrestricted access to an Agency-sponsored
PC BBS Typical customers who are not classified as public access include EPA personnel,
EPA-related contractors, EPA-specified grantees, and members of EPA-associated state and
government organizations.
Public access to the PC BBS using the EPA network is prohibited. A system manager of a
public access BBS must service these customers by request from NDPD for dial-m lines or toll-
free number lines to the BBS. Toll-free lines will be directly connected to the BBS and paid for
by the system manager's organization. Public access PC BBSs will be blocked from using toll-
free exchanges that permit direct access to the EPA network.
The technology connecting a public access BBS to the EPA network simultaneously provides
service to customers from the EPA network without interfering with dialup public access. The
BBS can service both types of customers at the same time since the telecommunication trai i ic
is not being mixed between dialup and EPA network access. It is the responsibility of the PC
BBS system manager that public access users do not gain access to EPA network dialup
procedures or telephone numbers, but remain limited to the direct dialup services of the PC
BBS.
4.4 HARDWARE AND SOFTWARE REQUIRED FOR EPA NETWORK ACCESS
NDPD is certifying standard BBS telecommunications hardware, PC hardware, and PC BBS
software for EPA BBSs. Galacticomm is the only vendor whose BBS communications hardware
and software have been certified and approved with NDPD.
Certification of other BBS hardware and software configurations is possible. The requesting
office must set up a working PC BBS at the RTP National Computer Center and invest several
days testing a proposed configuration onsite with the Telecommunications Branch support
staff. BBS system managers can obtain more information about the certification program by
contacting the NDPD Telecommunications Branch. It is anticipated that from two to five
certified configurations will be supported in FY1992.
The difference between a certified and noncertified PC BBS is that NDPD will provide
software, telecommunications, and hardware system operator support only for certified BBSs.
Noncertified PC BBSs can be connected to the network, but the Telecommunications Branch
will support telecommunications up to the PC. PC hardware and software troubleshooting will
not be provided for noncertified BBSs.
Noncertified PC BBS configurations will be studied when an office submits a BBS TSR. NDPD
Telecommunications Branch will develop the best technical solution for connecting the BBS to
the EPA network.
Reference Section 4.8 for further information about NDPD PC BBS support.
-------�
NDPD OPERATIONAL POLICY NO. 100.19 Page 4 Of 5
4.5 RESPONSIBILITIES FOR FUNDING PC BBS NETWORK ACCESS
The Telecommunications Branch will decide whether connecting a specific BBS to the EPA
network will result in a telecommunication savings to the Agency. This analysis will be based
on usage data for grandfathercd BBSs, projected usage for proposed BBSs, number of
simultaneous EPA customers, and projected BBS longevity. This information must be submitted
with the BBS Telecommunications Service Request.
If placing a BBS on the EPA network is not a substantial savings to the Agency, the owner of
the BBS system must fund (non-timeshared funds) all telecommunication costs for connecting
the BBS to the network. The owner will fund NDPD-supplied modems and a dedicated line for
the EPA network connection. If the BBS is available for public access, the owner will always
fund all telephone dial-in lines and any toll-free requested lines. The BBS system manager can
contact the NDPD Telecommunications Branch for an estimate of the costs associated with
network access.
The BBS system manager will purchase the BBS PC hardware and software.
4.6 PROCEDURE FOR APPLYING FOR BBS NETWORK ACCESS
The BBS system manager must complete a BBS TSR and a memo stating whether or not the
proposed BBS will be made available for public access. The TSR must be signed by the system
manager's EPA ADP coordinator or IRM chief. The TSR must include a BBS deployment
schedule, software and hardware configuration, and information requested in Section 4.5.
NDPD Telecommunications Branch will process the BBS TSR and provide the installation cost
and yearly cost estimate to the submitting office. The office will then furnish NDPD with a
reimbursing purchase requisition.
4.7 ADVERTISING BBS ACCESS TO EPA CUSTOMERS
At the discretion of the system manager, the appropriate user communities will be notified of
each newly established BBS service. Each Region will have BBS as a telecommunication service
selection on the EPA network. NDPD will include a listing of the BBS in the National Locator
System and telephone directories.
4.8 SOFTWARE/HARDWARE/TELECOMMUNICATIONS SUPPORT
NDPD Telecommunications Branch will provide network and dial-in line troubleshooting
support in cooperation with the BBS system manager. NDPD Information Centers Branch will
provide BBS system operator support for each certified software configuration. BBS system
operator support is NDPD Information Centers Branch (ICB) provided telephonic support for
BBS system operators who need certified software setup, troubleshooting, and/or consultation
assistance.
When new bulletin board software and hardware is certified by the NDPD Telecommunications
Branch, NDPD Information Centers Branch will obtain the software, hardware, and training
necessary to support the new certified BBS system operators.
-------�
NDPD OPERATIONAL POLICY NO. 100.19 Page 5 of S
4.9 SYSTEM OPERATOR/SYSTEM MANAGER SPECIAL INTEREST GROUP
NDPD will establish an Agency MAIL-based BBS (named PCBBS) for system managers and
system operators. 1CB will be responsible for the management of the PCBBS Email bulletin
board PCBBS will provide improved communications among BBS system managers, system
operators, Information Centers Branch software support, and TelecommJettons Branch
support staff. PCBBS will provide such services as announcing scheduled network mainte-
nance, status of network problems, availability of new software releases, and information on
common points of interest.
NDPD Telecommunications Branch will notify NDPD Information Centers Branch when a new
PC BBS joins the EPA network. This notification will alert NDPD Information Centers Branch
thaitat, additionaTsystem manager is to be added to the PC BBS MAIL system. The notification
will indicate the type of bulletin board software used by the new BBS.
4.10 DEFINITIONS
BBS Svstem Manager EPA employee legally responsible for management of an Agency
BBS as described under Section 4.1. A contractor may not be a
BBS system manager.
BBS System Operator EPA or contractor technical support employee who provides day-
to-day BBS operational, troubleshooting, and user support. The
BBS system manager may be the BBS system operator.
-------�
-------�
U.S. ENVIRONMENTAL PROTECTION AGENCY
NDPD OPERATIONAL POLICIES MANUAL
TITLE: MACINTOSH SUPPORT NO. 100.20
APPROVAL: fi^J ^^J^ "*™ ,.„.*,
1.0 PURPOSE
This policy delineates the position of the National Data Processing Division with respect to
providing direct support related to the use of Macintosh microcomputers.
2.0 SCOPE & APPLICABILITY
This policy is Agency-wide in scope, and applies to all levels of NDPD's data processing support
organization.
3.0 RESPONSIBILITY
The Director, NDPD, is responsible for providing data processing support services for users
throughout EPA. Within NDPD, the Information Centers Branch and the Telecommunications
Branch are responsible for computer support activities most directly affected by this policy.
However, all employees of NDPD and its contractors are responsible for compliance.
4.0 POLICY
Within EPA, ihe Apple Macintosh (Mac) has been a supported computing platform for specific
applications for several years. Macintosh equipment has been available to EPA offices through
contracts administered by NDPD, and the Mac has become an integral part of the workplace
in some offices. NDPD will continue to provide limited support for Macintosh computers, but
only when those computers are being used for scientific applications for which solutions are
not available in the MS-DOS environment, or when those computers are being used as desktop
publishing systems. This policy is based on economies of scale and the dominance of available
DOS-compatible products for computing and telecommunications, and not on the merits of
Macintosh versus MS-DOS computer architecture.
4.1 VIABILITY OF ONGOING SUPPORT
A trend has been identified in requests for support from the Macintosh user community that
indicates Macintosh computers are being used for purposes other than those for which they
were intended. Requests for support and services reveal a growing use of Macs for general
office computing. These requests have been accompanied by petitions for networking and file
transfer capabilities comparable to those available to MS-DOS users. The resource expenditures
required to satisfy this growing demand for support and services are not justifiable in terms
of the overall percentage of microcomputers in the Agency represented by the Macintosh, as
opposed to the more widely-used MS-DOS PCs.
-------�
NDPD OPERATIONAL POLICY NO. 100.20 Page 2 of 2
4.2 SOURCES OF SUPPORT FOR THE MACINTOSH
Because the delivery of general Macintosh support on a national scale is not cost effective,
NDPD will provide centralized direct support for the Mac only insofar as it is being used as
a scientific workstation or as a desktop publishing system. Requests for such support should
be directed to NDPD.
4.3 FILE EXCHANGE BETWEEN THE MACINTOSH AND OTHER COMPUTING
ENVIRONMENTS
NDPD supports hardware and software tools that enable MS-DOS users to conveniently
transport files across hardware and geographic boundaries. The duplication of file transfer
mechanisms, or the addition to in-place mechanisms of a Macintosh/MS-DOS file transfer
capability, is not cost justifiable. Therefore, when individual users and groups who elect to use
Macintosh computers rather than MS-DOS machines need to transfer files across platforms, the
responsibility for providing and maintaining that capability lies with those individuals or
groups.
4.4 NETWORKING OF MACINTOSH COMPUTERS
The fundamental differences between Apple Macintosh architecture and MS-DOS architecture
impede easy networking between those environments. NDPD fully supports connectivity to the
national telecommunications network for MS-DOS computers. Complete duplication of
supported telecommunications services for the Macintosh is not cost justifiable. However,
VAX/PCSA, a connectivity link to the DEC VAX environment for both MS-DOS and
Macintosh microcomputers, is fully supported. This se/vice is cost-effective, since Macintosh
support is bundled into the product along with support for MS-DOS computers.
The NDPD Telecommunications Branch will not assist with the installation or maintenance of
Apple local area networks. Based on available expertise and resources, individual information
centers may elect to support local Macintosh networks at their respective sites. Offices at
Headquarters and in RTF must obtain prior approval from NDPD before installing wiring for
any local area network.
-------�
U.S. ENVIRONMENTAL PROTECTION AGENCY
NDPD OPERATIONAL POLICIES MANUAL
TITLE: NDPD Customer Support Services NO.: 110.01
APPROVAL:
1.0 PURPOSE
This policy establishes operational conditions and objectives for the Customer Support group.
2.0 SCOPE & APPLICABILITY
This policy applies to all NDPD and FM contractor staff personnel responsible for the
management and operation of the Customer Support group.
3.0 RESPONSIBILITIES
The FM contractor will develop, update, and monitor procedures to implement this policy.
The FM contractor will adhere to NDPD policies and perform the tasks necessary to meet
policy objectives.
The FM contractor will establish and maintain a source of assistance for customers in meeting
their computer needs. This customer support will be available for walk-in customers as well
as for customers telephoning for assistance.
FM contractor management personnel will ensure that staffing of the Customer Support group
is in compliance with the Government's direction.
4.0 POLICY
a. Hours of operation will be from 8:00 a.m. to 7:00 p.m. (Eastern time), Monday
through Friday (except for holidays and declared emergency shutdowns).
b. Appropriate customer calls/requests will be entered into a problem management
system and assigned a tracking number.
c. A matrix of skill levels for the Customer Support group will be maintained,
denoting the capabilities of individual staff members.
d. Customer Support personnel will be responsible Tor updating assigned problem
management records.
e. The Customer Support Supervisor will ensure that customers whose jobs were
canceled the previous day are contacted and timeshare refund procedures are
explained.
f. The Customer Support Supervisor will ensure that News Alerts are properly
prepared, installed, and maintained.
Indicates revision.
-------�
Page 2 of 2 NDPD OPERATIONAL POLICY NO. 110.01
g. The Customer Support Supervisor will monitor response time by contacting selected
customers on a regular basis.
h. The Customer Support group will strive to resolve customer problems as soon after
identification as possible in order to provide the highest level of service to the
customer community. Problems will be escalated in accordance with Problem
Management procedures.
i. Customers reporting problems will be contacted within 24 hours, except on
weekends and holidays, and advised of the progress made in seeking a solution to
their problems.
Indicates revision.
-------�
U.S. ENVIRONMENTAL PROTECTION AGENCY
NDPD OPERATIONAL POLICIES MANUAL
TITLE: NDPD TECHNICAL TRAINING SERVICES NO. 110.02
APPROVAL: ^^DATE:
-------�
NDPD OPERATIONAL POLICY NO. 110.02 Page 2 of 2
g. If a class has not been canceled 5 working days prior to the scheduled date of
the class, the class will be taught regardless of the number of students in
attendance. If only one person appears for the class, the instructor will have the
option of teaching the class from his/her office rather than in the classroom.
h. Registration should be received 2 weeks (10 working days) in advance.
i. Cancellations are accepted up to the day before a class starts.
j. Student evaluation forms will be distributed in instructor-led training classes.
Indicates change.
-------�
U.S. ENVIRONMENTAL PROTECTION AGENCY
NDPD OPERATIONAL POLICIES MANUAL
TITLE: Customer Memo Preparation and Dissemination
APPROVAL:
NO.:
DATE:
110.03
1.0 PURPOSE
This policy provides guidance for the preparation and dissemination of Customer Memos and
includes clarification of the approvals required.
2.0 SCOPE & APPLICABILITY
This policy applies to all EPA NDPD and contractor personnel who either create, process,
and/or approve Customer Memos. This applies to IBM, Prime, VAX, PC, and LAN services
provided by NDPD.
3.0 RESPONSIBILITIES
Author
• Prepares memo.
• Completes Form N406, Draft Checklist for Customer Memos: staples
the form to the memo; and delivers or forwards both the form and
memo to his immediate supervisor.
• Makes changes as directed throughout the process, annotating Form
N407, Approval Checklist for Customer Memos.
Immediate
Supervisor
• Reviews/revises memo to ensure that information is necessary,
timely, detailed (to the appropriate level), technically accurate, and
complete.
• Completes Forms N406 and N407 as appropriate.
Security
Officer
• Reviews memo to determine if it contains sensitive data and denotes
findings on Form N406.
Publications
Supervisor or
Technical
Writer/Editor
• Reviews/revises memo to ensure that memo is organized, coherent,
clear, and concise, and that it is free of grammatical, punctuation,
and spelling errors.
• Revises memo as necessary. -
• Delivers final memo with attached Forms N406 and N407 to Memo
Specialist.
• Proofreads final copy, checks it against approved version, and
verifies that all changes have been made accurately.
Indicates revision.
-------�
Page 2 of 3
NDPD OPERATIONAL POLICY NO. 110.03
Memo
Specialist
Follows established procedures for entering memo into Customer
Memo system and for obtaining approval copy (logging memo,
creating input and output files, proofing and correcting data entry,
etc.).
Files draft memo and Form N406.
Prints approval copy of memo, attaches Form N407, and forwards to
author.
When received from NDPD Branch Chief, revises memo and forwards
final copy to Publications.
When received from Publications, follows established procedures for
processing and distributing Customer Memos in the Customer Memo
system.
Files approval version of memo and Form N407.
NDPD Technical
Manager
Reviews memo for technical/informational accuracy and conformity
to NDPD policy; alters memo as necessary.
Completes Form N407 as appropriate.
NDPD Branch
Chief
• Verifies that appropriate Unisys and NDPD staff Chief have
reviewed the memo and approves or disapproves the memo for final
edit and distribution.
• Completes Form N407 as appropriate.
4.0 POLICY
a. Customer Memos identify significant data processing events that will have an impact
on the NCC customer community.
b. The author monitors the progress of the Customer Memo through the system.
c. Normal processing time (ready for mailing) for Customer Memos is 2 weeks. The
approving NDPD Branch Chief will be notified immediately by the author if
processing exceeds the 2-week limit.
d. Emergency Customer Memos will be prepared, approved, and ready for mailing
within 4 work days. The author facilitates the process.
e. When a memo has completed the approval process, no changes will be made to it
unless those changes are in writing and are approved by the appropriate NDPD
Branch Chief.
f. Customer Memos are distributed to the following:
(1) Registered customers who have indicated their desire to receive Customer Memos
through their established profiles.
(2) Project Managers/ADP Managers/ADP Coordinators.
(3) Personnel identified as "need to know" but not registered as customers on NCC
systems.
Indicates revision.
-------�
NDPD OPERATIONAL POLICY NO. 110.03 Page 3 of 3
g. Customer Memos will be prepared and distributed as separate, hardcopy documents.
However, after June 11, 1991, only those customers who have returned the Interest
Key form (Customer Memo 762) will continue to receive hard copies.
h. Customer Memos will be available for retrieval and customer site printing from on-
line data files.
i. Applicable information published in Customer Memos will be incorporated in the on-
line Customer's Reference Guide within 30 days from mailing.
w
j. Personal computer information will be disseminated through PC Site Coordinators via
the EPA Email system.
k. LAN information will be disseminated through the LAN Administrator via the EPA
Email system.
1. All Emails used to communicate with PC Site Coordinators and LAN Administrators
will be posted to the PC Bulletin Board maintained by the Washington Information
Center for a period of 1 year.
m. The LAN technical guidelines will be updated with information from the LAN
Administrators' Emails as appropriate.
5.0 DEFINITIONS
Examples of items that would require a Customer Memo are as follows:
a. A 30-day change notice (see NDPD Policies 210.04, 220.04, 230.04, and 240.04).
b. A change in scheduled operations.
c. Advertisements/changes to training offerings.
d. Rate/policy changes which directly affect customers.
Indicates revision.
-------�
-------�
U.S. ENVIRONMENTAL PROTECTION AGENCY
NDPD OPERATIONAL POLICIES MANUAL
TITLE: Electronic Broadcasts of Customer Information NO.: 110.04
APPROVAL: £)^/x^JL O ^-^JU(*-&^ DATE: ?^£3
1.0 PURPOSE
This policy provides guidance for the preparation and processing of Electronic Broadcasts of
customer information on NCC computer systems. This information is of short-term duration,
time critical, or a reminder to the customer of important issues (i.e., Customer Memo).
2.0 SCOPE & APPLICABILITY
This policy applies to all EPA NDPD and contractor personnel, and to all customers with
interactive access to NCC computer systems.
3.0 DEFINITION
Electronic Broadcasts are informational messages whose titles appear at a customer's terminal
when he signs on to NCC computer systems. In addition, the Broadcast titles appear on header
pages of all printed output. (Also known as News Alerts.)
4.0 RESPONSIBILITIES
The author of an Electronic Broadcast is responsible for conforming to established formats and
procedures as issued by Customer Support.
Customer Support, as the broadcast issuing party, is responsible for monitoring and controlling
Electronic Broadcasts.
In addition, Customer Support is responsible for developing and supplying authors and other
qualified personnel with procedures for implementing this policy.
5.0 POLICY
a. Only time-critical information or notification to customers of important issues will
be approved for Electronic Broadcast.
b. Authors must conform to established formats and procedures.'This information is
available from Customer Support. In general, the procedures for Electronic
Broadcasts are as follows:
Indicates revision.
-------�
Page 2 of 2 NDPD OPERATIONAL POLICY NO. 110.04
(1) Author creates an on-line data set containing the desired information. He is
responsible for the data set's contents and for identifying the length of time
it is to remain on the system. He must provide a contact name and telephone
number where customers can call for clarification or additional information.
(2) Customer Support reviews the information for any conflict with NDPD
policy.
(3) Customer Support issues an Electronic Broadcast to point the customer to the
appropriate on-line data set.
(4) Customer Support will not respond to requests for clarification of informa-
tion in Electronic Broadcasts submitted by Application System Managers, but
will refer the customer to the contact provided in the on-line data set.
c. The time that the customer may be able to access the information will depend on
the nature of the information. Customer Support is responsible for the maintenance
and enforcement of information availability.
d. Non-Application System Managers may also use the Electronic Broadcast
mechanism for time-critical information in accordance with Customer Support
procedures.
| Indicates revision.
-------�
U.S. ENVIRONMENTAL PROTECTION AGENCY
NDPD OPERATIONAL POLICIES MANUAL
TITLE: Micro/Minicomputer-to-Mainframe File Transfer NO.: 110.05
APPROVAL: /D «T*-*j£jl ^ ^•-*-~M^r*-^— DATE: 9-Z3-?(
1.0 PURPOSE
Commonality among hardware and software components is required to operate the National
Computer Center network and to adhere to EPA's existing and planned computer architectural
strategy for compatibility of applications and connectivity. This policy ensures consistency
in the selection and use of software in the EPA environment.
This policy was designed to:
a. Prevent software acquisitions that threaten EPA's ability to provide quality
support to the customer community.
b. Provide a compatible environment for applications.
c. Preserve the stability and performance of the Agency's telecommunications
network.
d. Avoid new procurements of software packages that provide capabilities already
supported.
2.0 SCOPE & APPLICABILITY
This policy is applicable to all EPA organizations and their employees, and to personnel of
agents (including State agencies, contractors, and grantees) of EPA who are involved in the
design, development, acquisition, operation, and maintenance of the Agency's network.
The following file transfer software packages have been approved by NDPD and will be fully
supported by EPA:
a. KERMIT: This software is used for asynchronous ASCII data connections.
b. SEND/RECEIVE Compatibles: PC 3270 board software packages that operate with
the IBM Host program INDSFILE are installed and supported on all Agency IBM
mainframes.
c. ARBITER: This software is used for a micro-to-mainframe link.
Items b. and c. above are also supported on Agency token-ring LAN's via LAN SNA gateways.
Indicates revision.
-------�
Page 2 of 3 NDPD OPERATIONAL POLICY NO. 110.05
Two additional file transfer packages are supported with some restrictions:
a. Software AG's NATURAL Connection is supported for ADABAS/NATURAL
applications by Data Base Support Services. Prior written approval must be
obtained from the NDPD Central Data Base Administrator.
b. SAS CONNECT is supported by Customer Support Services with written approval
from the NDPD Customer Services Technical Manager.
3.0 RESPONSIBILITIES
NDPD is responsible for policy maintenance and enforcement. NDPD will annually review
policies for needed modification and/or enhancement, and will provide technical support for
all Agency file transfer software.
NDPD will provide access to the Agency file transfer capabilities from anywhere within the
Agency's telecommunications network.
NDPD will provide customer support for problem determination and resolution relating to file
transfer packages.
NDPD will coordinate, maintain, and inform customers of all revisions to file transfer
packages installed on Agency PC's, gateways, and mainframes.
NDPD will maintain and support file transfer packages in a manner that provides acceptable
performance and throughput levels.
4.0 POLICY
a. To receive NDPD operations support, all file transfer software other than those
Agency-approved packages mentioned above must be approved in writing by the
NDPD Director.
b. Each customer request for file transfer software package support will be reviewed
on a case-by-case basis by the NDPD to determine compatibility and an appropriate
level of support. Requests must be submitted in writing to the Director, NDPD, in
the form of a Telecommunications Service Request (TSR), or a memorandum. The
NDPD "Decision Paper Process" will be used to document and formulate a support
decision for all new packages.
Indicates revision.
-------�
U.S. ENVIRONMENTAL PROTECTION AGENCY
NDPD OPERATIONAL POLICIES MANUAL
TITLE: WIC TECHNICAL CENTER OPERATION NO.: 120.01
APPROVAL; |Q
-------�
NDPD OPERATIONAL POLICY NO. 120.01 Page 2 of 2
d. Produce a monthly publication to keep users abreast of current events
as they pertain to the Agency's policies and procurement of office
automation equipment.
e. Hours of operation will be from 8:00 a.m. to 5:00 p.m., Monday through
Friday, except for holidays or declared emergency shutdowns.
f. Provide conference space for computer-related meetings.
g. Host an annual open house and a hardware/software show.
h. Maintain a library of technical manuals covering Agency standard
hardware and software.
i. Provide assistance to EPA and contractor facilities personnel in the
start-up and operation of field information centers.
j. Provide access to various terminals, PC's, graphics and optical
scanner equipment on a limited basis.
-------�
U.S. ENVIRONMENTAL PROTECTION AGENCY
NDPD OPERATIONAL POLICIES MANUAL
TITLE: WIC Weekend Processing NO.: 120.02
APPROVAL: A I fl I f \ ///7 DATE: 10/17/88
1.0 PURPOSE
This policy specifies weekend services provided by the Washington Information Center
(WIC).
2.0 SCOPE & APPLICABILITY
This policy applies to all personnel at the Washington Information Center. Services
described are for EPA and contractor personnel using the WIC computing facilities.
3.0 RESPONSIBILITIES
The FM contractor is responsible for adequately staffing the WIC in order to provide
users with weekend processing support. All personnel at the WIC will be instructed in
weekend processing procedures. An updated list of on-call personnel will be maintained
and readily available.
4.0 POLICY
a. Production Services will be provided to all EPA and EPA contractors at the
I/O window until 4:30 p.m. on Saturday. The I/O window will reopen for
service at 10:00 a.m. on Sunday and remain open until 6:00 p.m.
b. Telephone support from the Computer Operations group will be available from
7:00 a.m. to 5:00 p.m. on Saturday, and from 10:00 a.m. until 6:00 p.m. on
Sunday.
c. All print and special forms requests submitted to the WIC will be printed by
end-of-day processing.
d. Telecommunications user support will be provided via telephone.
e. The Technical Center will provide telephone user support between the hours
of 9:00 a.m. and 5:00 p.m. on Saturday, and from 10:00 a.m. until 6:00 p.m. on
Sunday.
f. The Technical Center and the Terminal Room will be open on Saturday until
4:30 p.m. and on Sunday until 6:00 p.m. for use by EPA and contractor
personnel.
I Indicates revision.
-------�
NDPD OPERATIONAL POLICY NO. 120.02 Page 2 of 2
g. The WIC will be closed from 5:00 p.m., Saturday, until 10:00 a.m., Sunday It
will be closed again at 6:00 p.m. (or upon completion of end-of-day pro-
cessing) until 7:00 a.m., Monday.
Indicates revision.
-------�
U.S. ENVIRONMENTAL PROTECTION AGENCY
NDPD OPERATIONAL POLICIES MANUAL
TITLE: WIC FINANCIAL MANAGEMENT SYSTEM (FMS) PROCESSING NO.: 120.03
APPROVAL:W*J? 0-4. vr7 PATE: 8/1/87
1.0 PURPOSE
These policies specify processing requirements for the Financial Management
System (FMS) at the Washington Information Center.
2.0 SCOPE & APPLICABILITY
These policies apply to all personnel at the Washington Information Center
and all EPA personnel involved with processing.the Financial Management
System.
3.0 RESPONSIBILITIES
WIC Production Services personnel are responsible for printing all jobs
routed to "N3" from the NCC-IBM 3090. WIC Production Control personnel
coordinate all micrographic processing and ensure delivery of all FMS reports,
4.0 POLICIES
a. The processing cycle of the FMS will normally begin on the fourth
workday of each month.
b. NCC Production Control will contact the WIC when the Headquarters'
report jobs (S99 and CVS) are submitted.
C. All FMS microfiche tapes will be sent to the WIC Micrographic
Coordinator for processing by an outside contractor.
d. The WIC will deliver FMS printed reports to the appropriate office.
-------�
-------�
U.S. ENVIRONMENTAL PROTECTION AGENCY
NDPD OPERATIONAL POLICIES MANUAL
TITLE: WIC PAYROLL PROCESSING N°-: 120.04
APPROVAL: A^yJ? C/A<^*J? DATE: 8/1/87
1.0 PURPOSE
These policies specify processing requirements for the EPA payroll at the
Washington Information Center.
2.0 SCOPE & APPLICABILITY
These policies apply to all personnel at the Washington Information Center
and all EPA payroll officers and contractors.
3.0 RESPONSIBILITIES
The WIC processes payroll for the EPA on a biweekly schedule on Tuesday night
between 1600 and 2AOO hours. Four tapes containing payroll (EFT, Bond,
Treasury, and Awards) information are transmitted from the NCC-IBM to the
4381 at the WIC. The Chief, WIC, will maintain the IBM 4381 as a disaster
backup site for the Payroll system on the mainframe computer.
4.0 POLICIES
a. The NCC-IBM operator will call and give the WIC operator job numbers
for the EFT, Bond, Treasury, and Awards tapes.
b. The WIC second shift operator will reconfigure the 4381 for proces-
sing the payroll on scheduled nights.
c. The WIC operator will log on to the NCC-IBM 3090 to track the payroll
tapes.
d. The WIC operator will mount, copy, and scan the tapes for errors.
e. The payroll tapes will be forwarded to WIC I/O Control for distribu-
tion to the payroll bin located at the WIC.
-------�
-------�
U.S. ENVIRONMENTAL PROTECTION AGENCY
,O« i^l^ T M. iXV^l ^l»**-ii^ •»••»•—• — —
NDPD OPERATIONAL POLICIES MANUAL
TITLE- WIC PC User Support for Offices without OSA NO. 120.06
1.0 PURPOSE
These policies identify the primary services provided by the PC User Support Group at the
Washington Information Center (WIC).
2.0 SCOPE & APPLICABILITY
This oolicv establishes support requirements which are to be made available to all EPA and
eontrae or personnel whose offices are not participating in the WIC's Operational Service
Agreement (OSA) program. Support to be provided will be within the confines of sound
and security practices as defined in other NDPD policies and directives.
3.0 PFSPONSIBILITIES
The Information Center's Branch Chief is responsible for defining the services to be offered
by WIC User Support personnel are responsible for providing microcomputer, word
processing, and PC/mainframe data access support.
4.0 POLICY
Personnel in the User Support Group will:
a Direct users to available equipment in the WIC's bay area. The equipment will
be available on a non-reservation, first come/first served basis from 6:00 a.m.
to 6-00 p.m., Monday through Saturday, and from 10:00 a.m. until 6:00 p.m. on
Sunday The analyst monitoring the equipment between 8:00 a.m. and 5:00 p.m.,
Monday through Friday, will not provide any type of assistance to the user other
than troubleshooting malfunctioning equipment and software.
b Provide telephonic "hotline" assistance from 8:00 a.m. to 5:00 p.m., Monday
through Friday. All incoming calls received from an office participating in the
OSA will be prioritized ahead of any calls received from a non-participating
office.
c Provide data access support for users attempting to upload or download
information from the NCC mainframe (e.g., Arbiter, Kermit, etc.) through the
Headquarters data switch.
d Coordinate the activities of various user group meetings. Meetings will be
scheduled and agenda topics developed based on interest areas identified by the
user community. A minimum of five user group meetings will be conducted on
a monthly basis.
-------�
NDPD OPERATIONAL POLICY NO. 120.06 " " Page 2 of
e.
Produce a monthly publication to keep users abreast of current issues pertinent
to the Agency's policies and procurement of office automation equipment.
Host an annual open house and hardware/software vendor show.
-------�
U S ENVIRONMENTAL PROTECTION AGENCY
'NDPD OPERATIONAL POLICIES MANUAL
TITLE: WIC PC Systems Support NO- 120'
,--\
APPROVAL: ' ' " " ' r ~* "" ^ DATE: ^"
1.0 PURPOSE
This policy identifies the primary functions of the PC Systems Support Group at the
Washington Information Center (WIC).
2.0 SCOPE & APPLICABILITY
This policy establishes support requirements which are to be made avaigblc to aU EPA and
contractor personnel whose offices are participating » the WIC sO^«^l systems
Aereement (OSA) program. Offices not participating in the OSA do not receive systems
fupporTfrom the W?C. Provided support will be within the confines of sound operational and
security practices as defined in other NDPD policies and directives.
3.0 RESPONSIBILITIES
The Information Center's Branch Chief is responsible for defining the services to be offered
by WIC and for overseeing the implementation of the OSA that is signed by Headquarters
offices. Systems Support personnel are responsible for providing support for microcomputer
equipment and software.
4.0 POLICY
Personnel in the Systems Support Group will:
a Respond to incoming calls for installation and troubleshooting assistance in
support of Agency approved/purchased hardware and sof tware..,The Group will:
(1) Monitor the dispatch desk from 8:00 a.m. to 5:00 p.m., Monday through
Friday.
(2) Maintain a log of all incoming calls, assign "ticket numbers" to each call,
and route the calls to appropriate members in the Group.
(3) Respond to hardware and software troubleshooting calls within 2 working
hours after a request is received.
(4) Complete hardware installation calls within 3 working days after a
request is received.
(5) Complete software installation calls for Agency approved/purchased
software within 5 working days after a request is received.
(6) Maintain a data base of resolutions to problems, parts replaced, etc.
-------�
NDPD OPERATIONAL POLICY NO. 120.07
Page 2 of
(7) Analyze the data base on a quarterly basis to identify recurrent problems
Advertise problems through training classes or other methods of
communication (e.g., newsletters, user memos, etc.).
b. Serve as the liaison between Headquarters offices and third party maintenance
vendors who need to be contacted to repair equipment. The Group will contact
the vendor, report a suspected problem, and monitor the performance of the
vendor to ensure that service calls are responded to within 8 working hours
after a call has been placed. If equipment is not repaired within 16 working
hours after a service call is received, the WIC will coordinate the installation
of loaner equipment (provided by the third party vendor) to replace the
hardware experiencing problems. cpi«u,c me
c. Maintain the EPA PC Bulletin Board Service (BBS):
(1 ) The Bulletin Board will remain operational 95 percent of the time during
a 24-hour period.
(2) New files for the Bulletin Board will be tested for viruses and uploaded
to the system within 10 working days after their receipt.
-------�
U S ENVIRONMENTAL PROTECTION AGENCY
NDPD OPERATIONAL POLICIES MANUAL
TITLE: WIC PC Satellite Support
APPROVAL: (p, /, r> c \
srn^-*-l^ '•O —~J
1.0 PURPOSE
This policy identifies the primary functions of the PC Satellite Support Group at the
Washington Information Center.
2.0 SCOPE & APPLICABILITY
This policy establishes support requirements which are to be made available to iall f ^ and
contractor personnel whose offices are participating in the WICs Operational Service
Agreement (OSA) program. Offices not participating in the OSA do not receive satellite
support from the WIC. Provided support will be within the confines of sound operational and
security practices as defined in other NDPD policies and directives.
3.0 RFSPONS1BIL1TIES
The Information Center's Branch Chief is responsible for defining the services to be offered
and for overseeing the implementation of the OSA that is signed by Headquarters offices.
PC Satellite Support Group personnel are responsible for providing onsite assistance to
Headquarters offices in the areas of microcomputers, word processing, local area networks,
PC graphics, and PC/mainframe data access support.
4.0 POLICY
PC Satellite Support Group personnel provide assistance in the areas requested by their
Program Office sponsors. Therefore, the scope of work performed by these individuals varies
from person to person. Exclusive of applications programming, virtually any task can be
performed by the assigned Satellite Support staff member. Tasks generally performed by
personnel in the group are listed below. These are subject to change, however, based on the
demands of the Program Office sponsor.
a. Serve as liaison between the NDPD and the EPA Program Office.
b. Respond to incoming hardware and software calls within 4 working hours after
receipt of call.
c. Determine whether a call should be referred to the WIC and contact the WIC for
assistance as necessary.
d. Complete hardware installations within 3 working days after receipt of
equipment.
c. Complete software installation within 5 working days after a request is received.
f. Resolve software troubleshooting calls within 8 working hours after the initial
response is made.
-------�
NDPD OPERATIONAL POLICY NO. 120.08 Page 2 of
g. Complete hardware calls within 16 working hours after the initial response is
made.
h. Provide one-on-one and informal seminar training within 4 weeks after a request
is received from an office.
i. Conduct an informal meeting with a user within 2 weeks after an individual
within the office attends a full-day WIC training course.
j. Establish and maintain a PC inventory for the EPA office. This entails
determining serial numbers for hardware, determining the software installed on
all PC systems within the office, and entering inventory information into an
automated PC inventory tracking system.
k. Completing procurement requests within 2 weeks after they are requested by the
Program Office. Based on guidance provided by the office, the specialist will
determine a purchasing mechanism for the hardware or software desired,
gather necessary pricing information, and provide the Program Office with
complete ordering information. The analyst will also be responsible for tracking
all outstanding procurements, using an automated tracking system developed for
the office.
1. Provide assistance or complete Telecommunications Service Requests (TSR's)
whenever th^y are required. Specialists serving as LAN System Administrators
in particular, will ensure that all the necessary paperwork is completed as the
LAN plan and installation proceed.
m. Perform hardware and software evaluations as requested by the Program Office.
These evaluations will encompass both new and upgraded products. A written
report will be provided to the Program Office and the Technology Assessment
Program as each evaluation is completed.
-------�
U S ENVIRONMENTAL PROTECTION AGENCY
NDPD OPERATIONAL POLICIES MANUAL
TITLE: WIC Outreach Meeting NO" 120'09
APPROVAL:
1.0 PURPOSE
The Washington Information Center (WIC) provides the user community with a variety of
services Scheduled Outreach meetings are conducted to allow the users to express their views
on the quality and scope of these services.
The objectives of the Outreach program are to:
a. Provide a mechanism for users to rate the quality of the service they receive.
b. Raise issues that need to be addressed.
c. Enhance the users' awareness of existing and new services.
d. Provide feedback to users' inquiries.
e. Enhance the users' awareness of security concerns and issues.
Adherence to this policy will provide management with an insight into the needs of the users
and how the users perceive the services they receive.
2.0 SCOPE AND APPLICABILITY
This policy is applicable to all WIC personnel providing services to the user community.
3.0 PFSPONSIBILITIES
WIC is responsible for policy enforcement and will annually review policies for needed
modifications and/or enhancement, as well as monitor adherence to these policies by WIC
personnel. Other duties and responsibilities are outlined below.
4.0 POLICY
a. WIC Operations will schedule a minimum of four outreach meetings a month.
b. Department managers or their designees will attend these meetings at the request
of the user or the Operations Manager.
c Designated WIC personnel attending the meetings will submit a written report
with responses to users' questions and requests to the Operations Manager.
d The Operations Manager will prepare a consolidated report with WIC responses
to user inquiries and distribute the report to management, the user, and all
attendees within 2 weeks after the meeting is conducted.
Indicates revision.
-------�
-------�
U S ENVIRONMENTAL PROTECTION AGENCY
NDPD OPERATIONAL POLICIES MANUAL
TITLE: Central Data Base Administration NO-: 130.01
DATE: "%'lS-yo
APPROVAL:
1.0 PURPOSE
This policy governs the administration of the Central Data Base Management Environment,
which includes CICS and ADABAS, mainframe R^BMS. and any accesses to these environ-
ments (e.g., through CICS, TSO, Batch, FOCUS, Extract/A, PC LAN's, APPC, and GUI).
2.0 SCOPE & APPLICABILITY
This policy establishes the responsibilities of individuals and organizations using or providing
central data base management environments: end-users, ad hoc users, and developers;
Application. Data Base Administrators; Application System Managers; Data Administrators;
CICS System Administrator; Data Base Administration; and the Central Data Base Ad-
ministrator.
3.0 RESPONSIBILITIES
Central Data Rase Administrator (CDBA). The CDBA is responsible for the establishment,
operation, performance, maintenance, and security of the central data base management
environment.
Technical Consultant (TC/DBSS). The TC/DBSS supports the CDBA function as support staff
bv performing all required central environment reviews. Through telephone consultations and
reviews the TC's help the ADBA's develop applications that meet the performance
requirements and standards of the Central Environment in a cost-effective manner.
Data Administrator (DA). The DA function is performed under the general direction of the
Office of Information Resources Management (OIRM) and is directed toward managing data
as an Agency information resource and ensuring the appropriate use of DBMS technology.
Annlication Data Base Administrator (ADBA). Each application using a central DBMS
environment will be supported by an ADBA. The ADBA serves in a role similar to that of
the DA and the CDBA, except that he/she focuses on individual applications.
CICS Svstem Administrator (SA). The SA supports the CDBA in fulfilling his/her respon-
sibilities with regard to CICS.
Annlication Svstem Manager (ASM). The ASM is responsible for those functions ordinarily
performed in the context of computer application system development. For new applications,
this includes the feasibility study, general and detailed system design, program development,
system testing, acceptance testing, and implementation. For production applications, this
includes testing and implementing changes, corrections, and enhancements.
Users. Users are responsible for adhering to all policies, procedures, and security require-
ments, and for using the central environment in an efficient and responsible manner.
Indicates change.
-------�
NDPD OPERATIONAL POLICY NO. 130.01 Page 2 of 4
4.0 POLICY
4.1 CENTRAL DATA BASE ADMINISTRATOR
a. Operates the development and production environments during normal NCC-
IBM production hours, except for periods of unscheduled maintenance due to
hardware or software problems, and periods of scheduled maintenance due to
the unavailability of timely nonproduction test time. The goal for availability
is that scheduled and unscheduled maintenance will not exceed 5 percent of
production time during any quarter.
b. Establishes and maintains up-to-date procedures governing access and use of the
central environment, including ad hoc use and access.
c. Tests, implements, and maintains all central environment software and
configurations, including data bases, data base files, disk space, and accesses.
ASM's, ADBA's, DA's, and users will be notified before changes which impact
them are made. Notification will normally occur 30 days prior to the change
being implemented.
d. Approves or disapproves the use of the central environment for each application
system.
e. Serves as principal contact and resolves all central environment issues and
technical problems.
f. Removes, corrects, or prevents the introduction of any application system that
unacceptably degrades the performance of the central environment or threatens
the integrity of data.
g. Provides technical consultation to ASM's, ADBA's, users, and DA's on the central
environment.
h. Establishes and maintains review requirements for the entire Software
Development Life Cycle (SDLC) for logical design, physical design, and test and
acceptance for application systems.
i. Schedules, reviews, and recommends acceptance, conditional acceptance, or
rejection of logical designs to the DA.
j. Schedules, reviews, and accepts, conditionally accepts,or rejects physical designs.
k. Schedules, reviews, and accepts, conditionally accepts, or rejects application
systems for production operation through test and acceptance reviews.
1. Establishes security requirements for the central environment and minimum
security requirements for application systems within the central environment.
m. Establishes procedures for monitoring the performance of the central
environment.
n. Controls the central environment and its configuration.
Indicates change.
-------�
NDPD OPERATIONAL POLICY NO. 130.01 P«EC 3 of 4
o Controls and operates on behalf of the ADBA's and ASM's utilities that are not
released to them because of security or data integrity considerations.
p. Establishes policies and procedures related to the use of ancillary software and
hardware products that interface with the central environment.
q. Establishes and maintains a test environment for testing software and
environmental configurations.
r. Establishes and chairs a standards committee for the preparation and approval
of standards for the central environment.
Note. The entire SDLC reviews for those applications or systems developed using I-Case,
upp^r-case, and or lower-case tools may vary from the reviews provided in Items 4.1.i. through
4.2 DATA ADMINISTRATOR
a. Collects, controls, and manages information about the Agency's data.
b. Serves as a focal point for identifying and coordinating development of ADP
policies and procedures relating to Agency data and data sharing issues.
c. Establishes criteria relating to information required fo. an Agency dictionary.
d. Coordinates the establishment of naming conventions and of data element
editing and validation standards.
e. Ensures adherence to Agency data policies and standards.
f. Controls the Agency's central table system.
g. Establishes criteria relating to the appropriate use of data base technology.
h. Provides consultation support in the areas of feasibility study and logical data
base design.
i. Assists and reviews all studies and approves or disapproves feasibility studies
requesting the use of central environment resources.
j. Reviews all logical data base designs, taking into consideration the CDBA's
critique of the designs.
4.3 APPLICATION DATA BASE ADMINISTRATOR
a. Serves as the lead technical resource to assist the ASM's, developers, and end
users of the applications.
Ib. Reviews application requirements analyses. Evaluates the use of data base
technology in general and ADABAS or a RDBMS in particular.
| Indicates change.
-------�
NDPD OPERATIONAL POLICY NO. 130.01 Page 4 of 4
c. Assists and guides the Application Developers in the preparation of logical and
physical designs.
d. Reviews and approves logical and physical designs before they are sent to the
DA and CDBA for review and acceptance, consulting with the DA on Agency
data standards and potential data sharing.
e. Ensures the appropriate use of data base techniques in application design and
implementation, consulting with the CDBA.
f. Reviews and approves user acceptance test plans and CDBA Test and Acceptance
plans.
g. Reviews, approves, and enforces application quality assurance plans.
h. Monitors the performance efficiency of the application, investigates potential
areas for improvement, and guides the developers in implementing improve-
ments.
i. Serves as the principal application technical liaison among the ASM, DA, and
Vx \J D /\,
j. Ensures that the application is developed in compliance with all applicable ADP
and CDBA policies, procedures, and standards.
4.4 APPLICATION SYSTEM MANAGER
a. Recommends and justifies the use of data base technology in general and
ADABAS or a RDBMS in particular in the feasibility study.
b. Develops the logical and physical designs under the guidance of the ADBA DA
and CDBA.
c. Develops the user acceptance test plan and the CDBA Test and Acceptance plan.
d. Develops the application, making appropriate use of data base techniques.
e. Monitors performance and improves efficiency.
f. Ensures that the application is developed in compliance with all applicable ADP
and CDBA policies, procedures, and standards.
4.5 USER
a. Uses the central environment in accordance with policies, procedures and
standards.
b. Uses the central environment in an efficient and responsible manner.
Indicates change.
-------�
UJS. ENVIRONMENTAL PROTECTION AGENCY
NDPD OPERATIONAL POLICIES MANUAL
TITLE: Production ADABAS Performance Policy NO.: 130.02
APPROVAL: / ) , f\ , \ /, /) (~) DATE: 10/17/88
1.0 PURPOSE
This policy establishes performance requirements for the Production ADABAS.
2.0 SCOPE A APPLICABILITY
This policy establishes Production ADABAS usage performance requirements for on-line
and batch programs in order to maintain consistent, acceptable response times for
concurrent Production ADABAS usage.
All Production application programs will comply with the performance requirements
defined herein. Programs failing to comply are not subject to standard response time
goals for on-line and batch transactions. Furthermore, if extreme noncompliance is
detected, the execution of the offending program is subject to cancellation.
3.0 RESPONSIBILITIES
It is the responsibility of the Application Data Base Administrator (ADBA) and the
Application System Manager to ensure that all pertinent application programs adhere to
NDPD policy. When Test and Acceptance reviews are performed, the Central Data Base
Administrator (CDBA) will indicate any policy violations. These violations must be
corrected before the program(s) can be placed into the Production environment.
Thereafter, the CDBA will monitor all ADABAS program executions and advise the
ADBA of any program(s) in violation of this policy. If the violations were not
discovered during the CDBA Test and Acceptance review, a 30-day grace period will be
allowed for the ADBA to correct the offending program(s).
4.0 POLICY
ON-LINE PROGRAMS/TRANSACTIONS:
a. Production On-Line Transaction ADABAS Command Volume. In an on-line
environment, no more than 100 ADABAS commands may be issued per full-
screen terminal I/O (hit of the enter key). If an on-line transaction needs to
process more commands than this, the transaction should be done in batch,
preferably before or after prime time on-line periods (10:00 a.m. to 12:00
noon, and 2:00 p.m. to 4:00 p.m., Eastern Standard Time).
-------�
NDPD OPERATIONAL POLICY NO. 130.02 " Page 2 of 2
b- Production On-Line Transaction ADABAS Command I/O Volume. In an on-line
environment, no ADABAS command(s) should be issued that regularly cause
more than 50 ADABAS physical I/O's. If a transaction must issue commands
that will cause more than 50 I/O's, then the transaction should be done in
batch, preferably before or after prime time on-line periods (10:00 a.m. to
12:00 noon, and 2:00 p.m. to 4:00 p.m., Eastern Standard Time).
5.0 RATIONALE
Two major performance problems involving an on-line ADABAS environment are
command volume and command complexity. Command volume is the number of
consecutive commands issued to ADABAS without an interruption (usually caused by
terminal I/O). A large uninterrupted command volume tends to monopolize the
ADABAS buffer pool and other CICS resources. Command complexity is the amount of
work ADABAS must do to service a given command. A good measure of complexity is
the number of physical I/O's that a single command initiates. Complex commands tend
to cause a large number of blocks to be read into the ADABAS buffer pool. These are
usually accessed only once. Non-complex or simple commands tend to use a small
number of blocks repetitively. Examples of complex commands are S2 (FIND SORTED)
and S1/S4 (FIND with multiple search criteria or highly skewed descriptor values). An
example of non-complex commands is SI (FIND with a single descriptor). Although
there are many valid uses for complex commands, real time retrieval during prime time
shifts is not one of them. The biggest problem with complex command structures is
that the end user must wait beyond the normal 2 to 5 second range. Studies have
shown that excessive response time leads to user dissatisfaction with the system and
lost of productivity.
6.0 ENFORCEMENT
The CDBA has the authority to deny Production ADABAS environment access to any
program that does not comply with NDPD policy. Any program which does not
conform is subject to removal from the environment after a 30-day grace period
allowing for correction. Any Production interactive session or Production batch job
which violates this policy excessively (such as consuming more than 25 percent of
ADABAS resources) is subject to immediate cancellation.
-------�
TITLE:
APPROVAL:
U.S. ENVIRONMENTAL PROTECTION AGENCY
NDPD OPERATIONAL POLICIES MANUAL
Development ADABAS Environment
Availability Policy
U
NO.:
DATE:
130.03
-AZ-;
1.0 PURPOSE
This policy establishes the availability of the NCC's ADABAS Development environment.
2.0 SCOPE & APPLICABILITY
This policy applies to all Development regions and Development activities within the NCC
ADABAS central environment.
Any deviation from this policy must be approved in writing by the Director, NDPD.
3.0 RESPONSIBILITIES
It is the responsibility of the Central Data Base Administrator (CDBA) and the CDBA's
Data Base Support Services (DBSS) staff to adhere to and enforce this policy. It is the
responsibility of Application System Managers, Application System Project Officers,
Application Data Base Administrators (ADBA), and application developers to adhere to this
policy.
4.0 POLICY
a.
b.
c.
The Development environment will be used for general ADABAS develop-
ment activities. Other regions may be available for special activity
groups/applications.
The Development environment will normally be available during scheduled
production hours of the NCC-IBM. Planned maintenance that requires
bringing the environment down will be announced to the user community
via User Memos and/or News Alerts.
The data bases and NATURAL libraries will be backed up nightly and
recovered automatically when system software or hardware problems com-
promise the data or libraries. Upon request from the ADBA, data base files
and libraries will be restored from a prior date if feasible. Restoration will
normally be accomplished within two working days.
Indicates change.
-------�
NDPD OPERATIONAL POLICY NO. 130.03 Page 2 of 2
d. Unless written agreement is obtained from the CDBA, application systems
or subsystems may be removed from the Development environment and
archived after 60 days of inactivity. The application will be reinstalled
when a written request justifying the need is received from the ADBA.
The request must indicate the approval of the CDBA. Artificial activities
to avoid archiving will be monitored and rejected.
Applications may not be run for Production purposes.
f. NDPD will provide sufficient ADABAS files and disk space to ensure that
the user community at all times has space available within the Development
environment to develop, modify, and maintain ADABAS applications. To
achieve this:
(1) An application system or subsystem may not have data base files until
the logical design has been recommended, or conditionally recom-
mended, for acceptance to the Data Administrator by the CDBA. The
ADBA must also indicate that development is ready to begin.
(2) The number of files assigned to the application will be determined by
the CDBA based upon the number of unused files available and the
apparent number of files that will result from the approved physical
design. The number of files allowed will be adjusted at the time of
the physical design review.
(3) Normally, no more than two cylinders of data per file will be allowed.
Exceptions may be approved by the CDBA. A need for table files and
system testing are examples of exception requirements. Requests for
exceptions should be made in writing two months prior to the time of
need. The availability of disk space is not guaranteed.
(4) Prototyping of an application system or subsystem may be done.
Written notification justifying the need for prototyping and the
duration of the prototyping must be submitted to the CDBA for
approval. Prototyping will not be allowed until a conceptual design
defining, describing, and normalizing all data has been accepted by
the CDBA. Only the minimum number of files to fulfill the needs of
the prototype will be provided; normally this will be one file. If
multiple files are needed to demonstrate efficiency or cost, the results
of the efficiency or cost analysis must be submitted to the CDBA.
Indicates change.
-------�
U.S. ENVIRONMENTAL PROTECTION AGENCY
NDPD OPERATIONAL POLICIES MANUAL
TITLE: Central Environment Review Performance Policy NO.: 130.04
APPROVAL:
1.0 PURPOSE
This policy establishes procedures and goals for processing central environment review
requests. Performance goals for processing these requests have been established to help
maintain consistent and acceptable turnaround times.
2.0 SCOPE AND APPLICABILITY
This policy is applicable to all reviews conducted by the Central Data Base Administrator
(CDBA). The reviews are specified in the ADABAS and CICS Application Development
Procedures manuals.
The types of reviews in ADABAS are:
o Logical Design Review (LDR)
o Physical Design Review (PDR)
o Test and Acceptance Review (TAR)
o Change Enhancement Test and Acceptance Review (C/ER)
The types of reviews in CICS are:
o System Design Review (SDR)
o Program Design Review (ProDR)
o Test and Acceptance Review (TAR) '
3.0 RESPONSIBILITIES
The CDBA will enforce adherence to this policy and report the status of review requests to
NCC management each month. His report will include the number and type (LDR, PDR, etc.)
of requests received, completed, and active at the time of the report. He will identify each
exception to expected turnaround times by type of request and by application system. Similar
information will be kept current and on-line in the Data Base Environment Support Tracking
(DBEST) system. Upon request by the Application Data Base Administrator (ADBA), the
CDBA will appraise established schedules of reviews.
The Data Base Support Services (DBSS) group will log, schedule, review, and track the status
of each review request and keep this information current in DBEST. The DBSS group will
prepare the required monthly reporting data and submit it to the CDBA within 2 workdays
following the end of each month. The information will be submitted via Email or other
automated means.
The ADBA's and/or System Managers will ensure that each review request is properly
documented and has met all the requirements given in the Application Development
Procedures manuals, central environment standards, and other applicable standards or
guidelines. Each ADBA and/or System Manager will be able to access information in DBEST
related to his application.
-------�
NDPD OPERATIONAL POLICY NO. 130.04 page 2 of 4
4.0 POLICY
The purpose of these written reviews is to provide positive feedback to the user application
groups that requested the reviews. Reviews can be on new applications (initial reviews); on
existing applications (subsequent reviews) for the purpose of clarification, correction] or
modification; and on dated applications for discontinuance.
a. Initial Reviews. All new applications in ADABAS and CICS will be reviewed.
DBSS will enter information into DBEST on the status of the review when a
complete and acceptable request is received, when the review is scheduled, and
when the write-up of the review is completed. Data entry will be completed
within 1 workday of the event.
Initial reviews will be processed by type as follows:
0) Logical. Physical. System, and Program Design Reviews. The goal is for
the Technical Consultant to begin his reviews within 8 workdays of
receiving the request and all required documentation. Each review will
be completed within 5 workdays from the start date. Written results of
the review will be forwarded to the CDBA, who will evaluate the review,
resolve any differences with the DBSS Technical Consultant, and publish
their joint findings within 4 workdays.
At the option of the ADBA, a developer can submit a draft of Logical,
Physical, System, and Program Design Reviews. These reviews will be
processed in a manner similar to that outlined above. The goal is for the
Technical Consultant to review these drafts within 12 workdays of
receiving the draft and required documentation. Written comments made
by DBSS on the review will be entered in the DBEST system with an
Email copy forwarded to the CDBA and the developer. Comments on the
review will be completed within 4 workdays.
(2) Test and Acceptance Reviews. The goal is for the Technical Consultant
to begin these reviews within 8 workdays of receiving the request and
all required documentation. The amount of time needed for these
reviews is governed by the size and complexity of the application and the
quality of the documentation. A nominal goal is 1 month. The review
is then sent to the CDBA, who will publish his findings within 5
workdays.
(3) Special Consideration during Test and Acceptance Reviews. During the
Test and Acceptance Review, programs will be reviewed in consideration
of the environment in which they will be operating. Special considera-
tion will be given during the review process to those program(s) that
have already been reviewed as part of an existing application, system,
or subsystem (e.g., a common Batch Retrieval subsystem).
Indicates change.
-------�
NDPD OPERATIONAL POLICY NO. 130.04 Page 3 of 4
(4) Initial Production. After the Test and Acceptance Review has been
completed and approved, several critical events must occur before an
application can be placed into production status. These events are (a) all
production files must be established, (b) the initial production data must
be loaded, (c) NATURAL Security and ADABAS Security profiles must
be established for each file, user, and group of the application, and (d)
initial tests must be performed by the Technical Consultant to verify
that the application will execute as expected. This process may take from
3 to 8 days depending on the complexity of all security requirements and
the size and nature of the application user base. This time must be
considered in the implementation plans/schedules prepared by the
application owner or manager.
b. Subsequent Reviews. A request for a review goes through the ADBA. The
reviews are written by the CDBA and returned to the requestor. The process can
be repeated for further changes. All changes and/or additions to production
applications must be reviewed. Proper and complete review request documents
shall be submitted to the CDBA and DBSS Technical Consultant before a formal
review can be undertaken. Reviews will be processed by type as follows:
(1) Routine Changes. Routine changes will be accepted no more than once
a week per application system on a schedule set by the DBSS Technical
Consultant and the ADBA. The reviews will be completed within 1
workweek, and data entry will be made within 1 workday following
completion of the review.
(2) Urgent Changes. Urgent changes are those needed to make an application
usable. They will be given priority over all other reviews and, if possible,
reviews will be completed via Email or phone. DBEST data entry will
be completed within 1 workday.
(3) Enhancements. Small or non-complex enhancements may be processed
as routine changes if agreed upon between the DBSS Technical
Consultant and the ADBA. Enhancements not processed as routine
changes will be processed as Test and Acceptance Reviews.
(4) Cumulative Changes. A DBSS review write-up is required when:
o A Logical or Physical Data Base Design is changed by adding a
new file or deleting an existing file.
o A series of small independent changes have cumulatively changed
the composition of the file design since the last formal review and
write-up.
o Moderate changes are made to program or program groups.
Examples are the addition of a regional reporting subsystem, a
new or greatly changed batch retrieval system, a new set of
complex search criteria reporting program, or when an existing
application is converted from one major language level to another.
Indicates change.
-------�
NDPD OPERATIONAL POLICY NO. 130.04 " " Page 4 of
c- Discontinuance of Review. Reviews may have to be discontinued because
further progress cannot be made until additional action is completed by the
ADBA. For example, if all the programs abend, then performance efficiency
cannot be determined. The ADBA will be informed of the needed action via
Email or phone within 1 workday. The schedule will be reevaluated when the
ADBA has completed the action. The delay and its cause will be entered into
the comments field of DBEST. These discontinuances will not be reported as
exceptions.
-------�
U.S. ENVIRONMENTAL PROTECTION AGENCY
NDPD OPERATIONAL POLICIES MANUAL
TITLE: RIC Operations/Production Support NO.: 140.02
APPROVAL: ,O .Q A ,.Q DATE: 5/2/90
-------�
-------�
U.S. ENVIRONMENTAL PROTECTION AGENCY
NDPD OPERATIONAL POLICIES MANUAL
TITLE: PC Technology Assessment Program (TAP) NO.: 140.03
APPROVAL:
1.0 PURPOSE
This policy outlines the mission of the PC Technology Assessment Program of the Information
Center Branch (ICB).
2.0 SCOPE & APPLICABILITY
This policy applies to all technology assessment activities performed with the ICB by the PC
Technology Assessment Program staff. Technology will be assessed as to impacts on the
security and operation of the overall environment in which the PC will function or interface.
3.0 RESPONSIBILITIES
The Information Centers Branch Chief defines the parameters for NDPD's technology
assessment mission and sets the operational limits within which it is carried out. The PC
Technology Assessment staff is charged with carrying out that mission as specified by the ICB
Chief.
4.0 POLICY
The PC Technology Assessment Program is based on these tasks:
a. Maintain a list of active technology assessment projects, revise project list three
times a year, publish the revised list, and solicit additions and comments from
the PC TAP user community.
b. Research subject areas to determine the scope and content of at least six major
projects each year. Obtain the hardware and/or software required to complete
major projects and contact users to request their participation.
c. Prepare and distribute study materials to participants in major projects.
Compile and analyze participant results.
d. Write reports of major TAP projects and publish them in PC TAP Consumer
Reports at least six times a year.
e. Publicize the PC TAP program. Write the "PC Answer Man" column for the
CONNECTION at least eight times a year, promote PC TAP at meetings and
conferences at least three times a year, and distribute a progress report to the
PC TAP user community three times a year.
-------�
-------�
U.S. ENVIRONMENTAL PROTECTION AGENCY
NDPD OPERATIONAL POLICIES MANUAL
TITLE: RTF LAN Support NO.: 140.04
APPROVAL: «,tN A* Q DATE: 5/2/90
C ; ^ . iJ>Srt^L -- _
1.0 PURPOSE
This policy identifies the primary functions of NDPD's and OARNTs LAN Administrator.
2.0 SCOPE & APPLICABILITY
This policy establishes LAN support requirements for all EPA and contractor personnel using
LAN's at the NDPD, OARM, and RIC 2.
3.0 RESPONSIBILITIES
The Information Centers Branch Chief is responsible for defining the services to be offered
by the Information Centers; RIC 2 will provide the LAN Administrator.
4.0 POLICY
The RIC LAN Support Specialist will:
a. Act as LAN Administrator of all LAN's at RIC 2, RTP-NDPD, and RTP-OARM.
As Administrator, the Specialist will:
1. Perform backups as needed on RTF RIC 2, back up RTP-OARM on a
weekly basis, and monitor the full backup of RTP-NDPD on a biweekly
basis. (An incremental backup of RTP-NDPD is performed daily). RTP-
OARM will move to a similar backup schedule when the number of users
increases.
2. Provide software support on a timely basis for all LAN users. This
support includes all LAN-based applications software, as well as
operating system support for those users requesting it.
3. Provide installation support for LAN users. This includes the installation
of token ring boards in PC's, diagnosis of hardware problems with LAN
workstations, and assistance to the TSR group in running and building
token ring cables.
4. Provide LAN users with LAN-oriented materials, such as keyboard
overlays, manuals, and supplies for the LAN printers and plotters.
b. Evaluate and test LAN hardware and software for use by other LAN users.
c. Support other LAN Administrators as requested. This includes basic
troubleshooting and software configuration.
-------�
NDPD OPERATIONAL POLICY NO. 140.04 " Page 2 of 2
d. Provide RIC software assistance as time permits.
Provide onsite PC hardware and software troubleshooting and light servicing
as time permits. This includes the diagnosis of hardware problems, installation
of basic PC hardware (drives, boards, etc.), and software support.
e.
-------�
U S. ENVIRONMENTAL PROTECTION AGENCY
NDPD OPERATIONAL POLICIES MANUAL
Archiving Tapes and Data Sets NO.: 200.01
TITLE:
1.0 PURPOSE
This policy establishes procedures and goals for archiving tapes at the National Computer
Center (NCC). Adherence to these procedures will ensure that archived tapes are utilized to
the maximum degree possible at the NCC.
2.0 SCOPE & APPT-TCABILITY
This policy assigns responsibilities to those individuals who archive tapes.
Any deviation from this policy must be approved in writing by the Director of the NDPD.
3.0 RESPONSIBILITIES
The FM Contractor wilMevelop, update, and monitor procedures to implement this policy.
The customer community will comply with the provisions of this policy and EPA Policy 200.02,
NDPD Records Management, when archiving tapes.
4.0 POLICY
a The NCC will provide a secure and environmentally correct archival facility for
the storage of tapes containing data that must be maintained but has no
immediate processing need. This policy is applicable to both cartridge and reel
tapes.
b NDPD has developed procedures and maintains the necessary software for
automatic archiving of customer disk data sets. (Customers should archive data
sets from disk whenever possible.) Data set archives are processed by the storage
management subsystem and utilize overhead tape volumes to their maximum
potential. Customers should copy tapes to disk data sets and mark the data sets
for archive- the system will process the archival of data from this point.
Archived data sets are normally retained for 1 year, but the customer may
request retention for up to 3 1/2 years.
Customers who archive tapes are required to utilize at least 70 percent of a tape.
Customers may telephone, Umail, Email (K. Strickland), or submit a written
request to Data Management for physical tape archival.
c If the request is for a cartridge tape, Data Management will approve and
forward the request to Data Processing Support Services (DPSS). DPSS will issue
a preassigned tape number (D number) to the tape and notify the customer. The
customer will then copy the data to the preassigned labeled tape.
I Indicates change.
-------�
NDPD OPERATIONAL POLICY NO. 200.01 " Page 2 of 2
d. The customer will be given 5 workdays to copy data to tape. Upon successful
completion, DPSS will store the tape offsite in the archive vault.
e. Customers requesting that round tapes be archived must follow the same
guidelines outlined in Step b. Once the tape is approved for archiving, Data
Management will forward the request to DPSS. When a round tape is archived,
it loses its former tape number; DPSS will assign a "C" (DEC) or "D" (IBM)
number to the tape. Archived tapes are in "inactive" status and are file-
protected and labeled NO WRITE RING on the face and back of the tape to
ensure the data is not overwritten.
f. A tape may be archived for up to 3 1/2 years. When this timeframe has been
met, the tape is automatically released to the customer.
g. Customers will receive a monthly tape list of all archived tapes.
h. Customers may request that tapes be returned or dearchived. Upon receipt of
the request, DPSS will return the tape within 24 hours. A $10.00 retrieval fee
will be charged to the customer account. (Customers are charged $10 00 per trio
not per tape.)
i. Only the owner of a tape or the appropriate Account Manager or ADP Coordina-
tor will receive the services outlined above.
j. All archived tapes will be rewound before being returned to the customer at
expiration time.
k. Annually, a statistical sample (384 tapes) will be read by the data center to
ensure that the tapes are in good condition and are readable.
1. The FM contractor will ensure that all tapes containing sensitive information
and released for destruction are degaussed on an approved degausser.
| Indicates Change.
-------�
U S ENVIRONMENTAL PROTECTION AGENCY
NDPD OPERATIONAL POLICIES MANUAL
TITLE: NDPD Records Management NO-: 200.02
DATE: 7- /-
APPROVAL: £)
1.0 PURPOSE
This policy provides customers of NDPD resources and contractor staff with guidance on the
management of files and records, both temporary and permanent, to ensure that the EPA meets
all requirements outlined in the National Archives and Records Administration Articles.
This NDPD policy provides procedures for the following:
a. Scheduling records for disposition.
b. Inventorying electronic records.
c. Applying General Records Schedules (GRS) containing disposition instructions
for temporary electronic records common to many agencies..
d. Scheduling records not covered by the GRS.
e. Identifying potentially permanent electronic records.
f. Transferring permanent and/or temporary records to the local EPA archive
vault.
g. Transferring permanent records to the National Archives.
h. Maintaining and using electronic records.
2.0 SCOPE & APPLICABILITY
This policy applies to all NDPD and FM contractor staff personnel and to all customer
personnel who are responsible for the management, maintenance, and disposition of magnetic
media.
Any deviation from this policy must be approved in writing by the Director of the NDPD and
the Records Officer of the EPA.
3.0 RFSPONSIBILITIES
The FM contractor will develop, update, and monitor procedures and provide utilities and
facilities for the archival of Agency records.
The customer will comply with the provisions of this policy in the management, maintenance,
and disposition of Agency records.
-------�
NDPD OPERATIONAL POLICY NO. 200.02 „ , ,,
. , "age 2 of 2
4.0 POLICY
t TTX. W«-^.
responsible for inventorying and scheduling all records,
c.
,
no longer needed V "^ imp°rtant data and dcletes disposable data when
JhJKiJ? ilWent°ry> the Agencv Records ^nager will determine whether
ssued bvtlc Nat" ^ S/StK™ " COVCrCd by disP°sition instructions in the GRS
issued by the National Archives and Records Administrator (NARA).
d. NDPD will provide a secure, environmentally appropriate facility for the
archival of machine readable records identified in the GRS
Wi." Pr°vide techn^al and administrative
to the
f.
ide labeling guidelines for all records scheduled for
o nri^ <» rxyf * • 11 •
ISIAPA-C.^!! r.ac.for w ™aintain the archival facility in compliance with the
NARA s regulations on Electronic Records Management.
h' ^"ej^M con^actor will provide a policy for archiving tapes and data sets (See
NDPD Operational Policy 200.01. Archiving Tan.. agd Data s«t, i ( '
-------�
U.S. ENVIRONMENTAL PROTECTION AGENCY
NDPD OPERATIONAL POLICIES MANUAL
TITLE: NCC IBM MAINFRAME SYSTEM MANAGEMENT NO.: 210.01
APPROVAL: ' »- * " ' •-*-- •'-!' DATE:
1.0 PURPOSE
The NCC IBM Mainframe System Management policy establishes:
a. Objectives for managing the system.
b. Functions which will be managed to meet the objectives.
2.0 SCOPE & APPLICABILITY
This policy applies to all NDPD and FM contractor staff personnel responsible
for the management, operation, or maintenance of the NCC IBM mainframe system.
Any deviation from this policy must be approved in writing by the Director of
NDPD.
3.0 RESPONSIBILITIES
The FM contractor will develop, update, and monitor procedures to implement
this policy.
The FM contractor will adhere to NDPD policies and perform the tasks necessary
to meet policy objectives.
4.0 POLICY
a. The NCC IBM mainframe system will be managed in a manner which
provides cost-effective service to the user community.
b. The NCC IBM mainframe will be managed to meet the service levels
defined by the Director of NDPD.
c. While the organizational structure of NDPD and the FM contractor may
change from time to time, the following major areas of responsibility
will be managed:
(1) System operations.
(2) System software maintenance.
(3) Data communications facilities support.
-------�
NDPD OPERATIONAL POLICY NO. 210.01
Page 2 of 2
d.
(4) System Performance Tuning.
(5) Capacity Planning.
(6) User Service Activities.
(7) Contract Administration for System Components.
(o) Data Management.
The FM Contractor will, in concert with NDPD technical managers
ensure that NDPD operational policies are implemented for each of
the areas identified above.
5.0 DEFINITIONS
System Operations consists of console and peripheral equipment
operation, physical facilities management, data storage management
preventive and remedial hardware maintenance scheduling, change
management, and production control.
System Software Maintenance consists of installing and maintaining
all vendor-supplied software. This includes IBM system and program
products, as well as software supplied by third party vendors.
Data Communications Support consists of installing, maintaining, and
PerfOrmanCe °f a11 datd Li*ks ™* associated equipment
f.
Performance Tuning consists of all activities required to ensure
that the goals defined in the service level policy are met on a
daily basis.
Capacity Planning consists of all activities required to predict
future workload and to identify resources which must be acquired to
meet the service level policy objectives in the future.
User Services consists of user support activities for problem reso-
lution user registration and billing, training, and central data
base administration.
Contract Administration Services consists of all activities required
*" A"~ and maintain the hardware and software components of the
mainframe system.
-------�
U.S. ENVIRONMENTAL PROTECTION AGENCY
NDPD OPERATIONAL POLICIES MANUAL
TITLE: NDPD IBM Mainframe Service Levels NO.: 210.02
APPROVAL: L PATE: f -. /
1.0 PURPOSE
The NDPD Service Level policy establishes:
a. Scheduled hours of operation.
b. Service level goals for each class of work.
c. System stability goals.
2.0 SCOPE & APPLICABILITY
This policy applies to all NDPD and FM contractor staff personnel responsible for the
management, operation, or maintenance of the NCC IBM mainframe system.
Any deviation from this policy must be approved in writing by the Director of the
NDPD.
3.0 RESPONSIBILITIES
The FM contractor will develop, update, and monitor procedures to implement this
policy.
The FM contractor will adhere to NDPD policies and procedures to ensure that service
level objectives are met. The FM contractor will also advise NDPD of potential
problems which might have an adverse impact on the NCC IBM mainframe system.
4.0 POLICY
All times listed in this policy are Eastern Standard Time (RTP local).
a The full system is available to the user community 24 hours each day of the
week from 7:00 a.m., Monday, through 8:00 p.m., Sunday, with the following
exceptions.
(1) The system will be unavailable when maintenance or equipment
installation must be performed on Sunday. Users will be given
as much advance notice as possible before the system is taken
down.
(2) ADABAS will be unavailable on Sunday from noon until 8:00 p.m.
for data base reorganizations, software maintenance, and DASD
defragmentations, when required.
(3) Telecommunication interruptions will occur on Thursdays from
4:00 a.m. until 6:00 a.m. for software maintenance.
-------�
NDPD OPERATIONAL POLICY NO. 210.02 Page 2 of 4
b. IBM user support services will be available from 8:00 a.m. until 7:00 pm
Monday through Friday only. ' '*
c. The response time goals for interactive processing are:
(1) Complete 90% of short TSO transactions within 1 second.
(2) Complete 90% of medium TSO transactions within 5 seconds.
(3) Complete 90% of long TSO transactions within 1 minute.
(4) Complete 90% of all TSO transactions within 5 seconds.
(5) Complete 90% of all CICS transactions within 2 seconds. (Service
level objectives apply to Production CICS regions only.)
(6) Response times for TSO and CICS will be measured between the
hours of 10:00 a.m. until noon, and from 2:00 p.m. until 4:00 p.m.
d. The job completion goals for batch processing are:
(1) Batch performance will be measured during two time periods:
8:00 a.m. to 5:00 p.m. and 5:00 p.m. to 9:00 p.m.
(2) Batch performance measurements will include all jobs not delayed
by user actions within each class, regardless of the job priority.
(3) The following user induced delays will cause a batch job to be
excluded from the batch service level measurement computations:
(a) The presence of a /*AFTER statement in the job stream.
(b) The presence of a /*BEFORE statement in the job stream.
(c) Duplicate job names submitted before the previous job
completes execution.
(d) The presence of a /*CNTL statement requesting exclusive
resource control.
(e) A job requesting exclusive access to a data set held by
another job.
(f) A job placed in HOLD status.
If any of the above criteria are met, the job in question will be
reported in the total job count, but will not be reported as either
having met or missed the service level objective.
-------�
NDPD OPERATIONAL POLICY NO. 210.02
Page 3 of 4
(4) The batch service level objectives are:
.ASS
Q
A
V*
X**
B
E
W*
Y**
H
U*
z**
D
F
F
G
G
MAX CPU TIME
3 seconds
15 seconds
15 seconds
15 seconds
30 seconds
2 minutes
2 minutes
2 minutes
5 minutes
5 minutes
5 minutes
5 minutes
20 minutes
20 minutes
None
None
PRIORITY
2
2
2
2
2
2
2
2
2
2
2
1
2
1
2
1
OBJECTIVE
10 minutes
30 minutes
1 hour
1 hour
1 hour
4 hours
4 hours
4 hours
6 hours
6 hours
6 hours
6:00 a.m.,next day
6:00 a.m.,next day
6:00 a.m. .Monday
6:00 a.m.,next day
6:00 a.m.,Monday
* PADABAS
**DADABAS
e. NCC IBM mainframe stability goals are:
(1) A quarterly up-time percentage of at least 99 percent
scheduled production time for the processor complex.
of
(2) A quarterly up-time percentage of at least 99 percent of
scheduled production time for each major telecommunications
circuit.
(3) Stability goals will be computed for only the scheduled hours
of service listed previously.
The following service levels will apply to data set retrieval from HSM
migration volumes. In every instance, the goals apply to 90 percent of data sets
being recalled. The goals are in effect during extended prime shift (8:00 a.m.
to 8:00 p.m.) only. No goals have been established during other time periods
due to low data set recall activity and delays induced by mandatory data
management functions.
(1) TSO originated Migration Level 1 (ML1) recalls on the TSO
system. ML1 is data set migration to disk.
Data sets < 0.5 MB in size will be recalled in 30 seconds.
Data sets < 20 MB in size will be recalled in 60 seconds.
Data sets > 20 MB in size will be recalled in 120 seconds.
(2) TSO originated Migration Level 2 (ML2) recalls on the TSO
system. ML2 is data set migration to tape.
Data sets < 0.5 MB in size will be recalled in 3 minutes.
Data sets < 20 MB in size will be recalled in 4 minutes.
Data sets > 20 MB in size will be recalled in 10 minutes.
Indicates revision.
-------�
NDPD OPERATIONAL POLICY NO. 210.02
Page 4 of 4
(3) No goals have been established for TSO originated recalls on
the ADABAS system since TSO is not available to the general
user community on this system.
(4) Batch originated ML1 recalls on the TSO and ADABAS
systems:
Data sets < 0.5 MB in size will be recalled in 30 seconds
Data sets < 20 MB in size will be recalled in 60 seconds
Data sets > 20 MB in size will be recalled in 240 seconds.
(5) Batch originated ML2 recalls on the TSO and ADABAS
systems:
Data sets < 0.5 MB in size will be recalled in 3 minutes.
Data sets < 20 MB in size will be recalled in 4 minutes.
Data sets > 20 MB in size will be recalled in 10 minutes.
Periodic reports will be submitted to NDPD management to verify compliance
with this policy.
Indicates revision.
-------�
U.S. ENVIRONMENTAL PROTECTION AGENCY
NDPD OPERATIONAL POLICIES MANUAL
TITLE: NCC IBM Mainframe Performance Management NO.: 210.03
APPROVAL:
_*_
1.0 PURPOSE
The NCC IBM Mainframe Performance Management policy is intended to establish procedures
for the measurement, evaluation, and reporting of mainframe systems performance.
Performance management objectives include the following:
a. Regular performance management data collection and reporting to document the
utilization of key system resources and service levels provided to major
workloads and/or users.
b. Systems tuning to improve and/or maintain overall performance.
c. Configuration analyses and planning to support the most efficient and effective
use of systems resources.
d. Performance prediction studies to assess the impact of workload balancing and
data placement on overall performance.
e. Regular systems monitoring and analyses to prevent and/or correct performance
problems.
2.0 SCOPE AND APPLICABILITY
This policy applies to all NDPD staff, facilities management (FM) contractor, and periodic
expert consultant personnel responsible for the NCC IBM mainframe performance management
activities. Any deviation from this policy must be approved in writing by the Director, NDPD.
3.0 RESPONSIBILITIES
The Automatic Data Processing Operations Management Branch (ADPOMB) is responsible
for the development, implementation, and management of performance management activities
for the NCC mainframe systems. The FM contractor and consultant contractors will assist
ADPOMB in developing, updating, and monitoring procedures to implement this policy and
alert NDPD management to potential performance problems.
4.0 POLICY
Performance management activities include, but are not limited to, the following:
a
Systems performance and resource utilization monitoring to ensure compliance
with the objectives of Policy 210.02, NDPD IBM Mainframe Service Levels.
within systems capability. Data will be routinely collected to highlight the
utilization and performance of key systems resources, analyze the effects of
system workload levels, report the average service levels, and analyze/correct
performance problems. Consideration and allowances are given for performance
issues resulting from system capacity shortages.
-------�
NDPD OPERATIONAL POLICY NO. 210.03 Page 2 of 3
b. Systems performance data will be captured and analyzed with commercially
available software. Local code, written to support this effort, will be minimized
to the greatest degree possible consistent with the objectives of this policy.
c. Systems performance, stability, availability, and resource utilization statistics
will be summarized and reported to NDPD management daily. Average service
levels compared with service level agreements and systems workload trends will
be summarized and reported monthly.
d. Deficiencies in systems performance, stability, or resource availability will be
corrected as soon as possible consistent with the provisions of Policy 210.04,
NCC IBM Mainframe Chance Management. Systems tuning analyses will be
performed as necessary to reduce systems contention for resources due to
input/output (I/O) subsystem bottlenecks, paging configuration, Direct Access
Storage Device (DASD) contention, or data set placement.
e.
Modifications and/or adjustments to systems configurations will be performed
as necessary to improve overall systems performance. These activities include
workload balancing on Central Processing Units (CPU's) and channels, shared
DASD management, and switching. Performance prediction studies will be
conducted to assess the impact of any configuration changes and/or workload
migration prior to implementation.
f. Applications that use any central data base facility will be reviewed before
going into production to guard against practices that adversely affect system
performance.
g. ADPOMB is primarily responsible for performance management, while AMPB
is primarily responsible for capacity planning (as described in NDPD
Operational Policy 210.12. NCC IBM Mainframe ADP Capacity Planning). The
relationship of these responsibilities requires a high degree of cooperation and
communication. The interactions required by ADPOMB are summarized below:
(1) ADPOMB will be responsible for monitoring and analyzing trends in the
major NCC workloads (i.e., TSO, batch, CICS, ADABAS) and for assisting
the Architectural Management and Planning Branch (AMPB) in
evaluating the overall system impacts of these continuing trends.
(2) ADPOMB will work with AMPB to define and analyze the potential
resource utilization, performance, and capacity impact of major new
applications.
(3) ADPOMB will routinely advise AMPB of any strategies and planning
information pertinent to performance and capacity issues (e.g., planned
modifications to system parameters and/or data collection routines that
might impact AMPB's analytic modeling efforts).
-------�
NDPD OPERATIONAL POLICY NO. 210.03
Page 3 of 3
5.0 REPORTING
ADPOMB will produce monthly performance reports that document the average levels of
service provided by the NCC mainframe systems during both prime and non-prime processing
periods. At a minimum, these performance reports should include the following:
o Overall processor utilization.
o Processor utilization by major subsystem.
o Batch turnaround statistics.
o Interactive response times.
o Major workload levels and trend highlights (i.e., batch jobs, TSO transaction
volume, CICS transaction volume).
o Any performance problems, causes, and resolutions.
Graphical presentation will be used to the greatest extent possible.
6.0 DEFINITIONS
Performance management is one of two components (the other being capacity planning)
comprising capacity management. The following definitions are included to distinguish these
terms and related activities:
Capacity Management
Performance Management
Capacity Planning
The activity that controls, measures, and plans the
configuration required to meet the organization's current
and future information processing requirements. Capacity
management is composed of two components: performance
management and capacity planning.
The function that measures, evaluates, and reports data
processing performance, and prevents or corrects
performance problems. Performance management deals
with the tactical issue of providing acceptable data
processing service to the user community.
The process of determining the hardware, software,
features, organization, and facilities required for the
continuous delivery of acceptable service to users.
Capacity planning primarily deals with the strategic issue
of forecasting the necessary resources required to support
future data processing demand.
-------�
-------�
U.S. ENVIRONMENTAL PROTECTION AGENCY
NDPD OPERATIONAL POLICIES MANUAL
TITLE: NCC IBM MAINFRAME CHANGE MANAGEMENT NO.: 210.04
APPROVAL. f*UJLV £^j* DATE: 8/1/87
1.0 PURPOSE
The NCC IBM Mainframe Change Management policy establishes:
a. Change management objectives.
b. System components and types of changes subject to this policy.
c. Review process required for hardware or software changes.
d. User notification requirements for system changes.
This policy is designed to ensure that all changes are applied in a timely
manner without disrupting system stability or performance.
2.0 SCOPE & APPLICABILITY
This policy applies to all NDPD and FM contractor staff personnel responsible
for the management or implementation of hardware and system software changes
to the NCC IBM mainframe system.
The following system components are subject to this policy:
a. The processor complex.
b. All peripheral devices attached to the processor either through
a channel or a front-end processor.
c- Electrical, air conditioning, and chilled water systems vital to the
operation of the processor or any of its peripheral devices.
d. All IBM system products or program products Installed on the NCC IBM
mainframe.
e. All third party and user-developed software available to the general
user community.
f. The batch initiator structure.
g. The domain multiprogramming levels.
h. The system dispatching priority structure.
-------�
NDPD OPERATIONAL POLICY NO. 210.04 Page 2 of 3
Any deviation from this policy must be approved in writing by the Director of
the NDPD.
3.0 RESPONSIBILITIES
The FM contractor will develop, update, and monitor procedures to implement
this policy, and will review stability reports to assess compliance with this
policy.
The FM contractor will adhere to NDPD policies and procedures to ensure that
the terms of Policy 210.02, NDPD IBM Mainframe Service Levels, are met.
4.0 POLICY
a. Local code development will be approved by NDPD betore the task is
initiated. This approval will be in writing either through formal
memorandum or by utilizing the software checklist. System software
changes requiring local code changes will be specifically noted in
Change Control.
Local code implementation into production will be with the approval
of Change Control. This approval requires complete testing,
documentation, and supervisory level code review. These requirements
can only be waived in emergencies by NDPD.
b. A Change Management Council representing the FM contractor and NDPD
will review and approve changes to the components listed above.
c. All emergency changes must be approved by the FM contractor's
managers: Technical Sevices, User Services, Data Center Operations,
and Production Services. The ADP Operations Management Branch Chief
must grant approval for emergency changes if the FM contractor's
department managers specified above cannot be reached. Approval for
emergency changes can be obtained in writing, in person, or over the
telephone.
d. All required changes will be submitted to the Change Management
Council for review and approval before installation. The impact of
proposed changes on system stability and performance must be con-
sidered before approval is granted.
e. All IBM and third party software products will be maintained at a
release level which is no more than one level behind the current
release level supported by the vendor unless there is a known stabil-
ity, performance, or functional problem with the new release. The
Director of NDPD must approve all cases of delayed maintenance.
-------�
NDPD OPERATIONAL POLICY NO. 210.04 Page 3 of 3
f. A user memorandum will be issued 30 days prior to the performance of
any non-emergency maintenance activity which is not transparent to
the user community.
5.0 DEFINITIONS
Local code is considered system level code not written by the vendor that
either utilizes the vendor supplied exits in the software or modifies the
vendor source code.
System changes are classified either as "required" or as "emergency." Hardware
or system software maintenance not needed to correct a current stability
problem constitutes a required system change. Stability includes the consid-
erations of availability, reliability, serviceability, and security. Activi-
ties required to correct a current stability or performance problem are
classified as emergency system changes.
-------�
-------�
U~.S. ENVIRONMENTAL PROTECTION AGENCY
NDPD OPERATIONAL POLICIES MANUAL
TITLE: NCC IBM MAINFRAME PROBLEM RESOLUTION NO.: 210.05
APPROVAL; &<*~*JL
-------�
NDPD OPERATIONAL POLICY NO. 210.05 Page 2 of 2
c. All problems will be entered into the Problem Management System by
close of business on the day the problem was encountered.
d. The Central Problem Administrator will report to NDPD management
the status of unresolved problems on a daily basis.
e. The Central Problem Administrator will post news alerts for any
problem which may result in user job failures or user data loss.
f. The User Support staff will serve as the point of contact for re-
solving user reported problems. User Support staff personnel will
forward problems which they cannot resolve to a central problem
management contact. Users may not call the FM contractor technical
staff directly to obtain assistance.
g. The Central Problem Administrator will submit monthly reports to NDPD
identifying the number and nature of problems addressed during the
reporting period.
h. The Director of NDPD will be immediately notified by the Technical
Manager of User Support of any data loss experienced by the user
community.
i. Users reporting problems will be called within 24 hours, excluding
weekends and holidays, to advise them of progress being made in
seeking a solution.
j. Closed problem reports will be archived for a period of 3 years from
the date the problem was logged.
-------�
U.S. ENVIRONMENTAL PROTECTION AGENCY
NDPD OPERATIONAL POLICIES MANUAL
TITLE: NCC IBM MAINFRAME TIMESHARE ACCOUNTING NO.: 210.06
APPROVAL :J$V«*jUL^£
-------�
NDPD OPERATIONAL POLICY NO. 210.06 Page 2 of 2
b. Charges for data processing services will be applied in the following
areas:
(1) Processor Utilization.
(2) Printing.
(3) Telecommunications.
(4) DASD and Tape Utilization.
(5) Production Control Support.
c. The rate for services rendered will be reviewed and adjusted annually
to reflect changes in the cost of providing these services. The
rate for the new fiscal year will be published in the last quarter
of the current fiscal year.
d. Each system transaction will be charged for the actual resources
consumed if the data can be captured accurately and the cost of
capture does not outweigh the cost recovery of the resource.
e. NDPD may apply premiums or discounts for certain processing priorities
or techniques in order to encourage efficient resource utilization.
f. Charges will be refunded if a transaction fails due to console
operator error, system hardware failure, or system software error.
Jobs using more than 2 hours of CPU time must be checkpointed to be
eligible for a refund. The refund will not exceed charges greater
than those incurred during 2 hours of CPU utilization.
g. NDPD will provide a summary of each month's timeshare charges by the
5th day of the following month to ADP Coordinators and IAG contacts.
h. TSSMS management reports will be distributed monthly by the 5th day
of the following month to ADP Coordinators and Senior Budget Officers.
-------�
U.S. ENVIRONMENTAL PROTECTION AGENCY
NDPD OPERATIONAL POLICIES MANUAL
S'
TITLE: NCC IBM MAINFRAME USER REGISTRATION NO.: 210.07
APPROVAL: ^^UjjU^^^i DATE; 8/1/87
1.0 PURPOSE
The NCC IBM Mainframe User Registration policy establishes:
a. Policy objectives.
b. User registration requirements.
c. Reporting requirements for managing the user registration process.
2.0 SCOPE & APPLICABILITY
This policy applies to all NDPD and FM contractor staff personnel responsible
for the management or operation of the NCC IBM mainframe system, and to the
NCC IBM mainframe user community.
Any deviation from this policy must be approved in writing by the Director of
NDPD.
3.0 RESPONSIBILITIES
The FM contractor will develop, update, and monitor procedures to implement
this policy.
The FM contractor will adhere to NDPD policies and procedures in performing
the tasks necessary to implement this policy.
The TSSMS Office will be responsible for conducting user registration services.
The user community will follow the NDPD procedures derived from this policy
to gain access to the NCC IBM mainframe system.
Every EPA ADP Coordinator and Account Manager will be responsible for ensuring
that users are registered on the NCC IBM mainframe for the purpose of con-
ducting legitimate Agency business only.
Every EPA ADP Coordinator and Account Manager will be responsible for ensuring
user identification termination for all EPA, contractor, or subcontractor
employees upon the termination of a project or resignation of employees under
his jurisdiction.
-------�
NDPD OPERATIONAL POLICY NO. 210.07 Pa e 2 of 2
Every ADP Coordinator and Account Manager will receive a periodic report
identifying the accounts and user identification codes for which he is
responsible.
Users are responsible for changing passwords every 90 days.
4.0 POLICY
a. User registration procedures will conform to the objectives of this
^^in^rV116 termS °f Policies 210.06, Timeshare Accounting,
and 210.08, Security.
b. System utilization will be recorded for authorized individual users
for accounts which may include multiple users, and for F1MAS codes '
which may include multiple accounts.
c. New accounts may be created by EPA ADP Coordinators only.
d. Each user will be assigned a unique user identification code and
will be associated with one or more accounts as requested by the EPA
ADP Coordinator or EPA Account Manager.
e. User identification codes previously assigned to a user no longer
registered on the NCC IBM mainframe may be reassigned to another user.
f. Telephone requests for account or user registration will be honored,
but signed hardcopy verification of all requests are required within
2 weeks to retain the registration.
g. The ID of a user terminating employment will be removed from the
system. All resources associated with this user identification code
must be assigned to another user or deleted at the discretion of the
ADP Coordinator or Account Manager.
h. Accounts and user identification codes which have not been accessed
for 1 year may be deleted from the system. Users and Account Mana-
gers will be notified at least 30 days prior to deletion of an
account or user identification code.
i- Passwords not changed every 90 days will be revoked and can only be
reset by request from the responsible ADP Coordinator or Account
Manager.
-------�
U.S. ENVIRONMENTAL PROTECTION AGENCY
NDPD OPERATIONAL POLICIES MANUAL
TITLE: NCC IBM Mainframe Security NO.: 210.08
APPROVAL: C] _ /! (7 / . \ fi\ fi DATE:
(/. / tfr^-o^-f^ s. J
1.0 PURPOSE
The NCC IBM Mainframe Security policy establishes:
a. Security objectives.
b. Security facilities implemented on the NCC IBM mainframe.
c. Disaster recovery requirements.
d. Security enforcement requirements.
2.0 SCOPE & APPLICABILITY
This policy applies to all NCC IBM mainframe users and to NDPD and FM contractor
staff personnel responsible for the management and operation of the NCC IBM
mainframe system.
Any deviation from this policy must be approved in writing by the Director of NDPD.
3.0 RESPONSIBILITIES
The FM contractor will develop, update, and monitor procedures to implement this
policy.
The FM contractor will perform the tasks necessary to meet the objectives of this
policy.
The Facilities Management and Services Division (FMSD) is responsible for granting
Data Center area access via the badge reader system in conformance with this policy.
NDPD will conform to the requirements of statutes, oversight Agency publications, and
OIRM directives in administering security on the NCC IBM mainframe system.
Central version data base administrators will be responsible for developing data base
security requirements for inclusion in this policy and for developing procedures to
implement those requirements.
Users are responsible for adhering to this policy.
-------�
NDPD OPERATIONAL POLICY NO. 210.08 Page 2 Of 7
4.0 POLICY
4.1 USE OF NCC IBM MAINFRAME
The NCC IBM mainframe will be used for official EPA sanctioned business only.
4.2 RACF
a. The Resource Access Control Facility (RACF) provided by IBM will be used
to control batch and interactive access to the system.
b. The RACF data sets will be protected against unauthorized alteration
access, and destruction.
c. RACF privileges (e.g., RACF SPECIAL) will not be allowed for any User-
ID without prior approval of the NCC Security staff. Users with such
requests should forward them to the NCC Security staff.
d. RACF parameters will be used to enforce password change intervals
password rules, and syntax to limit the number of allowable unsuccessful
access attempts and to control disposition of unused User-ID's. The NCC
Security staff will determine values for the parameters which are subject to
normal NDPD review processes. Values currently used are:
- Logon attempts: 4
- Password interval: 90 days.
- Password rule: Minimum length of six characters, maximum of 8.
Password must contain at least one alpha and one
numeric character.
- Password History: 10
- Unused User-ID's: Revoked by RACF after 99 days.
e. RACF account numbers, User-ID's, and passwords will be required for
system access.
4.3 USER-ID'S, ACCOUNTS, AND PASSWORDS
4-3-1 Authentication of Users and Updates to User Information
a. To be authenticated, an NCC user must be able to supply his registered User-
ID, name, telephone number, and account number.
b. A newly registered user is not a valid NCC user until he/she has ack-
nowledged compliance with all new user registration requirements, including
an initial change of his/her assigned password. Assistance in logging on and
changing password can be provided to a new user if requested.
c. Updates to the Time Sharing Services Management System (TSSMS) user
information (e.g., telephone number) may only be provided to TSSMS by
ADP Coordinators and Account Managers. TSSMS will protect this data
from unauthorized access, alteration, and destruction.
-------�
NDPD OPERATIONAL POLICY NO. 210.08 Pa8e 3 of 7
d TSSMS will refer concerns regarding the authenticity of a user and requests
for updates to user information to the appropriate ADP Coordinator or
Account Manager.
e Registration of User-ID's will be allowed for personnel requiring Data
Center services exclusive of system access. Such User-ID's will not be
entered into system access files.
4.3.2 Assignment nf User-IP's. Account Numbers, and Passwords
a. TSSMS is solely responsible for the assignment and tracking of User-ID's and
accounts.
b. TSSMS will notify all newly registered users and will track compliance with
NCC's new user registration requirements.
c Passwords assigned to new User-ID's or passwords generated for password
resets will be randomly derived and will conform to NCC's password rules
and syntax.
d Only the registered owner of the User-ID may request reassignment of
passwords (password reset). ADP Coordinators or Account Managers
responsible for a User-ID may request reassignment of its password for a
user who is unable to make the request. Such requests will be honored for
2 weeks. At the end of the 2-week period, the ADP Coordinator or the
Account Manager must provide TSSMS with written justification for
extended use of the User-ID. TSSMS will code affected User-ID's with
RACF parameters to revoke the User-ID after 2 weeks. Users notified of
reassigned passwords will be subject to user authentication as described in
Paragraph 4.3.1.
e. TSSMS will remove previously assigned User-ID's from RACF access lists
before assigning the User-ID to another user.
f TSSMS will remove any User-ID which has not accessed the system within
a year from system access files. TSSMS will establish a schedule at least
annually for removing affected User-ID's.
g All system started tasks will be associated with a User-ID. Started task User-
ID's will be configured without privileges in RACF. Passwords for started
task User-ID's will not be disseminated, and password resets for them will
be referred to the NCC Security staff.
h The NCC Security staff will review exceptions to User-ID, account number,
and password policy items for special case User-ID's required for system or
application operation.
-------�
NDPD OPERATIONAL POLICY NO. 210.08
Page 4 of
4'3'3 Use of User-IP's. Arrm.nf Numbers, ,nd
a. Only one User-ID per user will be allowed. Requests for an exception to this
SecurVv IfT^ *"*"** •? Writing with fu" Justification 'o the NCC
Security staff. Exception will only be granted with the concurrence of
NDPD management and the NCC Security staff.
k H!S?1C rfSCrS Shar?Dg 3 User'ID is not allowed' A shared User-ID situation
is defined as any time user authentication is not met. (Paragraph 4.3 1)
TSSMS will deny system access for shared User-ID's and will notify the
appropriate ADP Coordinator(s) or Account Manager(s). After 2 business
%r^6U~8^h 'If A°P Co°rdina
-------�
NDPD OPERATIONAL POLICY NO. 210.08 Page 5 of 7
4.5 NON-DATA BASE DATA SECURITY
a. User data sets will be protected through RACF at the user's option.
Password protection of data sets is discouraged. Data designated as sensitive
by Agency oversight directives and officials will be protected through
RACF.
b. When RACF is used to protect a data set, generic RACF data set profiles are
the preferred method.
c. RACF profiles for user data sets should notify the owner of who attempted
to access the data.
d. Users of sensitive applications will protect job output with NDPD
mechanisms developed for that purpose.
Owners of sensitive data will use the ERASE ON SCRATCH option in the
data file's RACF profile and will establish degaussing procedures with Data
Processing Support Services (DPSS) for tapes containing sensitive data.
f The ADP Coordinator or Account Manager for a deleted User-ID must
determine disposition for all RACF profiles owned by the User-ID, usually
at the time of the request for the deletion of the User-ID if it is known or
suspected that the User-ID owns RACF profiles. If a disposition is not
provided and TSSMS determines that the User-ID owns RACF profiles,
TSSMS will supply the Account Manager or ADP Coordinator with a list of
the User-ID's RACF profiles. The ADP Coordinator must respond to the list
with a disposition of the RACF profiles before the User-ID can be deleted.
Pending receipt of a disposition, TSSMS will revoke the User-ID.
e.
4.6 SYSTEM AND FM CONTRACTOR DATA SET PROTECTION
a. All system level files will be protected through RACF generic profiles. Each
FM Contractor department will designate a person in each department who
is responsible for protecting and maintaining the RACF protection of system
level data sets. A level of protection will be maintained to ensure against
compromise of system and application security, integrity, and operation.
b Job Control Language (JCL), programs, and CLIST's for production control
applications, and job schedulers for their execution, will be protected
through RACF at a level sufficient to prevent their unauthorized access or
destruction, as well as to prevent unauthorized changes to their RACF
profiles.
c. Personnel responsible for maintaining automated job schedulers will develop
procedures to prevent exploitation of identified and inherent security
exposures.
-------�
NDPD OPERATIONAL POLICY NO. 210.08 ' - Page 6 of 7
4.7 PROVISION OF NCC SERVICES
The NCC Computer Security Officer will determine who may obtain the NCC Security
Manual or the NCC Disaster Recovery Manual. octumy
4.8 PHYSICAL ACCESS TO THE DATA CENTER
a. Access to Data Center areas will be controlled through a badge access reader
system maintained by FMSD.
b. All access to the OTS 4381 computer area must be approved by the NCC CBI
Document Control Officer and will not be granted prior to his/her approval.
°* £!?£? 'management is responsible for identifying to FMSD those NDPD and
OARM personnel requiring computer area access.
d. FMSD is responsible for controlling access to Data Center computer areas bv
Facility and Facility Support personnel.
e. Production Services is responsible for controlling access to computer areas
by hardware and software maintenance vendors.
f. Unrestricted, full-time access to Data Center areas containing computer
equipment will be limited to personnel whose duties require daily access to
those areas, Facility and Facility Support personnel, and hardware
maintenance vendors. I/O Control will grant access to other personnel on
an as required" basis with temporary badges. I/O Control will develop and
maintain procedures for the use of these temporary badges.
g. After hours access to controlled non-computer room areas will be granted
only to personnel with offices in those areas. NDPD, OARM, FM Contractor
management, or managers of the affected areas may request exceptions from
the managers responsible for the areas.
h. Operations will maintain a list of personnel allowed to open the Data Center •
during periods of unattended operation.
i. Data Center areas containing computer support utilities (e.g., water chillers)
will be protected from unauthorized access.
4.9 VULNERABILITY ASSESSMENTS
Security vulnerability assessments will be performed periodically as required bv
Agency oversight directives.
-------�
NDPD OPERATIONAL POLICY NO. 210.08 P«ie 7 of 7
4.10 DISASTER RECOVERY PLAN
a A disaster recovery manual will be maintained to provide a mechanism for
processing critical Agency applications in the event of extended system
unavailability.
b Functional managers are required to develop workable procedures and plans
and to update the manual at least annually and prior to each drill to ensure
the success of the overall recovery effort.
c NDPD will conduct at least one complete test of the disaster recovery
capability annually, and will establish periodic paper drills to ensure that
disaster recovery plans and procedures are adequate.
-------�
-------�
U.S. ENVIRONMENTAL PROTECTION AGENCY
NDPD OPERATIONAL POLICIES MANUAL
TITLE: NCC IBM Mainframe Data Management NO.: 210.09
APPROVAL: Ut DATE: 5/22/9°
1.0 PURPOSE
The NCC IBM Mainframe Data Management policy establishes:
a. Data management objectives.
b. Data storage requirements.
c. Data storage media performance and capacity requirements.
2.0 SCOPE & APPLICABILITY
This policy applies to all NCC IBM mainframe users and to NDPD and FM contractor
staff responsible for the management or operation of the NCC IBM mainframe system.
Any deviation from this policy must be approved in writing by the Director of NDPD.
3.0 RESPONSIBILITIES
The FM contractor will develop, update, and monitor procedures to implement this
policy.
The FM contractor will perform the tasks necessary to meet the objectives of this
policy.
The user community will rely on the terms of this policy to manage their data storage
requirements.
NDPD will manage the data storage devices of the NCC IBM mainframe to meet the
storage requirements of the user community in a secure and cost-effective manner.
Data storage devices will also be managed to enhance system performance.
4.0 POLICY
a. All data sets not catalogued or not conforming to NCC naming conventions
will be deleted from the NCC IBM mainframe system.
b DASD data sets which are unused for a designated number of days are
routinely archived to tape for 1 year. The number of days of nonuse is
determined by the DASD management staff and may be lengthened or
shortened depending upon DASD usage and space availability to ensure
sufficient DASD space to meet user requirements.
-------�
NDPD OPERATIONAL POLICY NO. 210.(
DAPsrn°Hd?re WiH £C provided to enable users to archive to tape their
DASD data sets. Data sets may be archived for 2 to 7 ears
own
years
d. A procedure wi^ be provided to enable users to restore DASD data sets
C. i>\_\^ will nerf nrm mohtl,, K •./.!. _/• DA^D A
«
WH1 be rctned or 3da an8Cd dUri°E «
"•
and procedures. Private volumes are discouraged.
L m ?n^?^tand ^ ,utj'lization rePort will be submitted monthly to NDPD
to indicate available data storage capacity. "uru
j. Channel and device utilization will be monitored daily to prevent system
performance degradation. Data sets or volumes will be relocated when
necessary to provide optimal system performance. All proposed relocaTions
tak sbp,a°ce inathd "^ thef IBMf P"^ ™ance Grou'p before re?oc S
DASD ionn CVernr °0nfllCt betWCCn system Performance and
DASD economy, every effort will be made to favor system performance.
pe ata sets created on the NCC IBM mainframe will be controlled bv
a software tape management system to prevent accidental erasure of data
1. The default retention period for tape data sets created on the NCC IBM
Periods3™ W ^ 5 dayS' USCrS may cxPlicitlv specify other retention
m. Foreign tapes can be used interchangeably from system to system A file
guard ring will always be placed in a foreign tape unless otherwise
instructed by the user. If the user instructs DPSS to allow writ ngOn a
tape a write ring w,l always be placed in a foreign tape when it is called
«,-. V J??' regardlejs .of which computer system the foreign tape is
assigned Users are advised that NO protection exists for accidentally
overwriting a tape that is not file guard protected accidentally
Indicates revision.
-------�
U.S. ENVIRONMENTAL PROTECTION AGENCY
NDPD OPERATIONAL POLICIES MANUAL
TITLE: NCC IBM Mainframe Configuration NO.: 210.10
Management
APPROVAL: ft^ U PATE: 5/22/9°
1.0 PURPOSE
The NCC IBM Mainframe Configuration Management policy establishes:
a. Configuration management objectives.
b. Activities required to meet configuration management objectives.
c. Review requirements to ensure compliance.
2.0 SCOPE & APPLICABILITY
This policy applies to all NDPD and FM contractor staff personnel responsible for the
management or operation of the NCC IBM mainframe system.
Any deviation from this policy must be approved in writing by the Director of NDPD.
3.0 RESPONSIBILITIES
The FM contractor will develop, update, and monitor procedures to implement this policy.
The FM contractor will perform the tasks necessary to meet the objectives of this policy.
4.0 POLICY
a. The IBM mainframe system will be managed in a manner which provides:
(1) A current inventory of all system components.
(2) A current system hardware and software configuration.
(3) A current system telecommunications configuration.
(4) A mechanism for processing hardware, software, and maintenance
procurement requests in a timely manner.
b An on-line data base containing the information required to meet policy
objectives will be maintained and updated within 5 working days of any system
configuration change.
The on-line data base will contain sufficient detail to enable technical personnel
to obtain system hardware and software configurations or parameters necessary
for the customary performance of their duties.
c.
Indicates revision.
-------�
NDPD OPERATIONAL POLICY NO. 210.1
d.
e.
certify thc accuracy °f
ion
JK
Management Branch. In the context of this policy the NCC IBM
f.
comrnun.ty. I, also includes all system control and monitoring softwa'e p S
^^^
^
Indicates revision.
-------�
U.S. ENVIRONMENTAL PROTECTION AGENCY
NDPD OPERATIONAL POLICIES MANUAL
TITLE: NCC IBM Mainframe Started Tasks _ NO- 210-n
APPROVAL: ' ' - - - " • ' DATE: 10/17/88
1.0 PURPOSE
The NCC IBM Mainframe System Management policy establishes:
a. Guidelines for determining started tasks.
b. Oversight responsibility for new and routine started tasks.
c. Maximum, effective use of the Common Storage area (CSA).
2.0 SCOPE & APPLICABILITY
This policy applies to all NDPD and FM contractor staff personnel responsible for the
management, operation, or maintenance of the NCC IBM mainframe system.
Any deviation from this policy must be approved in writing by the Director of NDPD.
3.0 RESPONSIBILITIES
The FM contractor will develop, update, and monitor procedures to implement this
policy.
The FM contractor will adhere to NDPD policies and perform the tasks necessary to
meet policy objectives.
4.0 POLICY
a No test mode started tasks (CICS, ADABAS, S2K, JES2, etc.) are to run on
the IBM system on a production day without NDPD approval.
b The normal production started tasks will be identified by Technical Services.
NDPD will receive a new copy of a production started task list whenever a
change is made. The list will explain the purpose of each started task
address space.
c No new started tasks will be put into production without approval of
Technical Services. All requests for new started tasks must include an
estimate of CSA requirements.
d. Console operators will not use the FORCE command to terminate started
tasks without the permission of Technical Services.
-------�
NDPD OPERATIONAL POLICY NO. 210.11 Page 2 pf 2
S2K developers can ask the console operators to start or stop the S2K
address space. However, console operators must use the standard procedures
in performing these activities. If normal procedures fail, the operators will
contact Data Base Support Services (BBSS) for additional instructions to solve
the problem Under no circumstances will console operators take additional
instructions from the S2K development group.
-------�
U S ENVIRONMENTAL PROTECTION AGENCY
'NDPD OPERATIONAL POLICIES MANUAL
TITLE: ADP Capacity Planning NO" 21 '
APPROVAL: /U^' < A '•' " DATE: /a'"'
——
1.0 PURPOSE
The NCC ADP Capacity Planning policy is intended to ensure that sufficient ADP resources
Le continuously available to accomplish the Agency's mission. Capacity planning objectives
include the following:
Production of capacity planning reports to document anticipated
growth, ADP resource requirements and justification, and
configuration forecasts and delivery schedules.
b. Effective management of long-term hardware contracts.
Input and support for an Agency information resources management strategic
c.
plan.
d. Improved accuracy, consistency, and timeliness of capacity analyses to support
hardware planning and decision-making.
2.0 srOPE AND APPLICABILITY
This policy applies to all NDPD staff, Facilities Management contractor, and Periodic: expert
consultant personnel responsible for the NCC hardware capacity managemenand' P^nmng
activities. Any deviation from this policy must be approved in writing by the Director, NDPD.
3.0 RESPONSIBILITIES
The Architectural Management and Planning Branch (AMPB) is responsible for the
development, implementation, and management of capacity Planning activities for the NCC
mainframe systems, scientific processors (when implemented) and backbone networks^ The
?M contractor and consultant contractors will assist AMPB in defining appropriate capacity
planning analyses; determining necessary staffing levels technical requirements and
risibilities* conducting capacity planning activities as described below; and evalualng
alternatives to capacity planning issues and recommending the most efficient and effective
solutions.
4.0 POLICY
Capacity planning activities include, but are not limited to, the following:
a Developing a strategic hardware capacity plan to define NCC hardware
requirements over a 2-year time span, which will require updates every 6
months, at a minimum, or as required by changes to the Agency s business plan .
Indicates Change.
-------�
NDPD OPERATIONAL POLICY NO. 210.12 " Page 2 pf 4
b. Conducting workload analyses and trending.
c. Soliciting user communication and involvement to determine more accurate
workload growth projections and service requirements.
d. Evaluating capacity impacts and conducting alternatives analyses.
e. Analyzing new technology impacts to ADP capacity.
f. Assisting Regional Offices with technical capacity analyses as required.
g. Participating in specialized technical studies as required to support the research
and analysis of capacity planning issues.
h. Communicating all pertinent information to Agency personnel responsible for
the development of Agency information resources management (IRM plans).
i. AMPB is primarily responsible for capacity planning, while the Automatic Data
Processing Operations Management Branch (ADPOMB) is primarily responsible
lor performance management of mainframe systems (as described by NDPD
Operational Policy 210.03. NCC IBMMainfran,e Performance Man«Mm»nM and
the Telecommunications Branch (TCB) is primarily responsible for performance
management of the network (as described by NDPD Operational Policy 300 03
IBM SNA Network Performance and Canacitv Management! The relationship
of these responsibilities requires a high degree of cooperation and communica-
tion. The interactions required by AMPB are summarized below:
(1) AMPB will assist ADPOMB and TCB in defining and analyzing the
potential resource utilization, performance, and capacity impact of ma ior
new applications.
(2) AMPB will monitor and analyze trends in major NCC user applications
(both existing and emerging) and assist ADPOMB and TCB in evaluating
the overall system impacts of these continuing trends.
(3) AMPB will consult with ADPOMB for review and concurrence with its
draft quarterly capacity reports on mainframe systems.
(4) AMPB will consult with TCB on the development and implementation of
a network capacity planning policy.
5.0 REPORTING
AMPB will regularly analyze capacity of the NCC systems to determine (1) the consistency
of actual workload growth with user forecasts, and (2) the current NCC mainframe systems
reserve capacity. The following reports are planned:
a. AMPB will produce a quarterly capacity forecast for each NCC mainframe
system to define the capacity requirements for three distinct time periods' the
balance of the current Fiscal Year (FY), the following FY or operating budget
year (FY+1), and the next FY or planning budget year (FY+2).
Indicates Change.
-------�
NDPD OPERATIONAL POLICY NO. 210.12 . Page 3 °f 4
This forecast will include a complete description of the analyses performed and
all assumptions contributing to the capacity predictions. Graphical presentation
will be used to the greatest extent possible to show:
(1) Current capacity in use.
(2) Amount of reserve capacity.
(3) Anticipated timeframe of system saturation.
(4) Alternatives to resolving and/or delaying capacity problems.
b AMPB will develop hardware equipment forecasts to assist the management and
execution of the multi-year mainframe contract. These forecasts will be
produced at least 4 months prior to the required delivery of the equipment.
c AMPB will produce special capacity reports as required to support long-term
budget planning and/or to assess the impact of new or changing ADP
requirements. These reports may include detailed workload characterizations
special analytic modeling scenarios to evaluate hardware alternatives, or studies
to answer specific "what if" capacity questions from NDPD management.
6.0 DEFINITIONS
Caoacitv planning is one of two components (the other being performance management)
%w&*Z££*&******™**-The following def initions arc included to distmguish thcsc
terms and related activities:
Caoacitv Management The activity that controls, measures, and plans the
Capacity Management configuration required to meet the organization's cyrrenj
and fjLtHie. information processing requirements. Capacity
management is composed of two components: performance
management and capacity planning.
Performance Management The function that measures, evaluates, and reports data
Performance Management processing performance, and prevents or corrects
performance problems. Performance management deals
with the tactical issue of providing acceptable data
processing service to the user community.
Caoacitv Planning The process of determining the hardware software,
Capacity Planning features, organization, and facilities required for the
continuous delivery of acceptable service to users.
Capacity planning primarily deals with the strategic issue
of forecasting the necessary resources required to support
future data processing demand.
-------�
NDPD OPERATIONAL POLICY NO. 210.12 " Page 4 pf
Master Facility Planning Capacity planning data is used to produce a Master Facility
Plan, which is intended to ensure that facility support
equipment is in place to accommodate the growth of the
NCC.
Indicates Change.
-------�
U.S. ENVIRONMENTAL PROTECTION AGENCY
NDPD OPERATIONAL POLICIES MANUAL
TITLE: LMF SYSTEMS MANAGEMENT NO- 220-01
APPROVAL: DA™ 5/2/90
1.0 PURPOSE
There must be commonality between hardware and software in order to operate remote nodes
in an integrated network. The purpose of this policy is to ensure consistency in the selection
and use of hardware and software in the EPA LMF environment.
The objectives of the EPA LMF operations policy are to:
a. Define the major operational tasks covered by this policy.
b. Define responsibilities of NDPD and LMF remote site personnel.
c. Identify documentation to be furnished by NDPD.
Adherence to this policy will ensure that the EPA Logical Mainframes are in good operating
order.
2.0 SCOPE & APPLICABILITY
This policy is applicable to all NDPD and LMF personnel who provide services to the EPA
Logical Mainframe.
3.0 RESPONSIBILITIES
NDPD is responsible for policy enforcement and will annually review policies for needed
modification and/or enhancement, as well as monitor adherence to these policies by the LMh
sites. Other duties and responsibilities are outlined below.
The LMF Systems Manager is responsible for providing an operations staff trained and
experienced in the operation of all site hardware.
The LMF Systems Manager is responsible for scheduling operations tasks in a manner that
provides the level of service required at each LMF site.
4.0 POLICY
a NDPD will provide each LMF facility with an Operations Manual covering the
major tasks to be performed. Any updates that are necessary as a result of
system software changes will be provided by NDPD.
b NDPD will provide the necessary hardware and software maintenance. Remote
operations by NCC personnel will be provided only in cases involving remote
diagnostics of software/hardware problems.
-------�
NDPD OPERATIONAL POLICY NO. 22001 " " Page 2 pf
5.0 DEFINITIONS
LMF Operations include the following major tasks:
a. Operation of all system hardware components. At the Washington Information
Center (WIC), this consists of the following:
(1) One IBM 4381 computer.
(2) Two Datagraphics (Siemens) laser printers.
(3) All Prime computer systems.
b. Site security.
c. Execution of end-of-day jobstreams for data collection and backup.
d. Local I/O control and printout distribution.
e. Management of LMF tape library.
f. Management of supplies inventory.
g. Hardware maintenance (reporting, scheduling repairs, PM).
h. Performance monitoring.
i. Assistance with annual equipment inventory.
Indicates revision.
-------�
U.S. ENVIRONMENTAL PROTECTION AGENCY
NDPD OPERATIONAL POLICIES MANUAL
TITLE: LMF MAINTENANCE N0': 220.02
APPROVAL:
1.0 PURPOSE
Hardware and software require regular maintenance in order to operate effec-
tively. The purpose of this policy is to ensure consistent maintenance of
the entire EPA Logical Mainframe.
The objectives of the EPA LMF Maintenance policy are to-:
a. Define how hardware and software maintenance is obtained.
b. Identify responsibilities of LMF and NDPD personnel for providing
maintenance.
This Maintenance policy will ensure that the EPA Logical Mainframe is main-
tained in good operating condition.
2.0 SCOPE & APPLICABILITY
This policy is applicable to all NDPD and LMF personnel providing services
for the EPA Logical Mainframe.
3.0 RESPONSIBILITIES
NDPD is responsible for policy enforcement and will annually review policies
for needed modification and/or enhancement, as well as monitor adherence to
these policies by LMF sites. Other duties and responsibilities are outlined
below.
Each LMF System Manager is responsible for direct contact with vendors
regarding the reporting of hardware malfunctions and the scheduling of
repairs.
The LMF System Manager is responsible for scheduling all preventive
maintenance.
The LMF System Manager is responsible for the development and maintenance of
procedures for recording and tracking all hardware malfunction incidents.
-------�
NDPD OPERATIONAL POLICY NO. 220.02 Pa e 2 of 3
4.0 POLICY
a. Software:
(1) LMF sites are not authorized to obtain maintenance for system
software. NDPD maintains all system software and applies all
new releases or modifications.
(2) NDPD will fund all software maintenance contracts and will
serve as Project Officer for all such contracts.
b. Hardware:
(1) NDPD will fund all hardware maintenance contracts and will
serve as Project Officer for all such contracts subject to
the following:
(a) NDPD will assume responsibility for the LMF computer
system and for all cluster controllers attached to it,
whether channel attached or link attached and regardless
whether or not the cluster controllers were originally
funded by NDPD.
(b) NDPD will not fund or otherwise provide maintenance
for terminals, printers, and similar equipment attached
to cluster controllers.
(2) No modifications will be allowed to any hardware components
unless approved via the Change Control process.
(3) Any LMF maintenance problem that cannot be resolved via the
local vendor representative will be reported to NDPD for esca-
lation to the appropriate vendor management level.
5.0 DEFINITIONS
a. Software is defined as operating system software and any program
product or application software that affects the performance or
configuration of the system.
b. Hardware maintenance includes the following:
(1) Preventive maintenance performed on a routine, scheduled basis.
(2) Repairs as a result of a hardware malfunction report by the LMF
System Manager.
-------�
NDPD OPERATIONAL POLICY NO. 220.02 ^^ _Page 3 of 3
(3) Scheduled modifications or replacements of hardware units,
hardware features, or hardware microcode.
-------�
-------�
U.S. ENVIRONMENTAL PROTECTION AGENCY
NDPD OPERATIONAL POLICIES MANUAL
TITLE: LMF PERFORMANCE & CAPACITY MONITORING NO.: 220.03
APPROVAL; Qe^^J^-^JfJ? DATE: 8/1/87
1.0 PURPOSE
The large capital investment for the LMF requires that it be managed to
provide maximum performance and to minimize required upgrades. The purpose
of this policy is to ensure that these goals are met.
The objectives of this policy are as follows:
a. Establish a guideline for a methodology of routine performance
monitoring.
b. Define regional responsibilities.
c. Define NDPD responsibilities.
d. Identify software tools available for this task.
Implementation of these policies will enable EPA to monitor the efficient
performance of the Logical Mainframe.
2.0 SCOPE & APPLICABILITY
This policy is applicable to all NDPD and LMF personnel providing services
for the EPA Logical Mainframe.
3.0 RESPONSIBILITIES
NDPD is responsible for policy enforcement and will annually review policies
for needed modification and/or enhancement, as well as monitor adherence to
these policies by LMF sites. Other responsibilities are outlined below.
4.0 POLICY
a. NDPD will provide a jobstream to generate Resource Management
Facility (RMF) reports on a periodic basis. These reports will
contain data on key system performance indicators.
b. The remote site System Manager will monitor the system's components
and determine if the components are inside or outside the tolerance
levels set by NDPD.
-------�
NDPD OPERATIONAL POLICY NO. 220.03
------
Pa o f 0
"age i or 2
c. The monitoring frequency will be determined by the System Manager
unless a specific frequency is requested by NDPD to resolve problems.
d. NDPD will tailor system tuning parameters to meet the performance
requirements of each LMF site. The LMF sites will control the number
of batch initiators and Time Sharing Option (TSO) users running on
their system at any given time.
e. The System Manager will notify NDPD when system components are out-
side the tolerance levels and NDPD will investigate this situation
and provide support in accordance with Policy 220.05, Problem
Resolution.
f. RMF will be the only performance monitoring software installed on
the LMF's.
g. A workload performance data base will be defined and compiled on a
monthly basis by NDPD.
-------�
U.S. ENVIRONMENTAL PROTECTION AGENCY
NDPD OPERATIONAL POLICIES MANUAL
TITLE: LMF CHANGE MANAGEMENT NO.: 220.04
APPROVAL: jQoc^£j?O"A»-^W DATE; 8/1/87
1.0 PURPOSE
Hardware and software commonality must be maintained in order for remote
nodes to be operated in an integrated network. The purpose of this policy is
to ensure consistency and commonality in the EPA LMF network environment.
The objectives of the EPA LMF Change Control policy are to:
a. Ensure that necessary changes to the LMF systems are made with
minimum disruption to users.
b. Provide a formal structure for effective and stable LMF changes.
c. Define the NDPD and LMF responsibilities for Change Control.
This Change Control policy will provide EPA with an effective method of
monitoring and controlling all changes to the LMF systems.
2.0 SCOPE & APPLICABILITY
This policy is applicable to all NDPD and LMF personnel involved in the EPA
Logical Mainframe project.
3.0 RESPONSIBILITIES
NDPD is responsible for policy enforcement and will annually review policies
for needed modifications and/or enhancements, as well as monitor adherence to
these policies by LMF sites.
NDPD is responsible for developing procedures required for the management of
LMF Change Control.
The LMF System Manager is responsible for coordination of Change Control
activities between NCC support personnel and the LMF site.
The LMF System Manager is responsible for monitoring and reporting
the stability impact of system changes to NCC support personnel.
The LMF System Manager is responsible for developing procedures to
be used by LMF operators to monitor and report on software or hard-
ware changes.
-------�
NDPD OPERATIONAL POLICY NO. 220.04 Page 2 of 2
LMF System Managers are responsible for user notification of changes
to their system.
4.0 POLICY
a. Software is defined herein as operating system software and any
program products or applications that require or cause changes to
the system configuration or performance.
b. No changes to software, hardware, or telecommunications configura-
tions or features will be made unless approved via the Change Control
process.
c. Software changes installed on any LMF system will be duplicated on
all systems within 60 days.
d. Local code is considered system level code not written by the vendor
that either utilizes the vendor supplied exits in the software or
modifies the vendor source code.
Local code development will be approved by NDPD before the task is
initiated. This approval will be in writing either through formal
memorandum or by utilizing the software checklist. System software
changes requiring local code changes will be specifically noted in
Change Control.
Local code implementation into production will be with the approval
of Change Control. This approval requires complete testing,
documentation, and supervisory level code review. These requirements
can only be waived in emergencies by NDPD.
e. NDPD manages the Change Control process.
f. A Change Control teleconference meeting will be conducted weekly
between NCC and all LMF sites. All LMF System Managers or their
appointed representatives are invited to participate.
-------�
U.S. ENVIRONMENTAL PROTECTION AGENCY
NDPD OPERATIONAL POLICIES MANUAL
TITLE: LMF PROBLEM RESOLUTION NO. 220.05
APPROVAL: ,C] /rf / , A //O DATE: 5/22/9°
rf^Jrt
-------�
NDPD OPERATIONAL POLICY NO. 220.05 page 2 of 2
c. All problems critical to end user production will be referred to NDPD if the
problems remain unresolved after 24 hours (not including weekend hours).
d. NDPD support personnel will be available to the LMF Systems Manager from
7:30 a.m. to 4:30 p.m., EST, Monday through Friday.
e. Standard NCC user support is available to LMF users through the LMF Systems
Manager. Centralizing problem determination at the LMF site is the
responsibility of the LMF Systems Manager. This will reduce resolution delay
time.
f. NDPD will provide, via the Operations Manual, procedures for operators to use
in resolving common problems that would be categorized as Level One.
g. NDPD's automated problem logging/tracking system will be used to document
problem histories. The LMF site will be required to use this facility on the NCC
mainframe to log all Level Two problems and the actions taken to resolve them.
The following goals have been established for the WIC:
a. At least 75% of all user and system-related problems will be resolved within 8
work hours. Problems will be reviewed for possible fault patterns and needed
system changes in an aggressive manner.
b. The IBM 4381 and laser printers will run 99% of the time.
c. Laser printouts will be distributed to bins within 1/2 hour of printing 99% of
the time.
d. Printouts will be distributed to the correct bins 99% of the time.
e. Discrepancies discovered with printouts will be resolved within 2 working hours
95% of the time.
f. Sufficient supplies of laser paper will be maintained at all times.
g. Micrographics activities will be performed correctly 99% of the time.
h. Mailings will be performed correctly 99% of the time.
i. Supply inventories will be up-to-date 99% of the time.
j. Reproduction requests will be completed accurately 99% of the time.
5.0 DEFINITIONS
Normal performance parameters arc contained in Policy 220.03, LMF Performance and
Capacity Monitoring, and will be used in determining if LMF system performance indicates
that a problem exists.
Indicates revision.
-------�
U.S. ENVIRONMENTAL PROTECTION AGENCY
NDPD OPERATIONAL POLICIES MANUAL
TITLE: LMF TIMESHARE ACCOUNTING N0-: 220.06
APPROVAL: ^Jru*/jZ U^-U^l DATE; 8/1/87
1.0 PURPOSE
OMB Circular A-130 states that all government agencies shall establish and
implement policies and procedures to:
a. Account for the full cost of operating data processing facilities.
b. Allocate all costs to users according to the service they receive.
The purpose of this policy is to comply with Circular A-130 and to promote
the effective and efficient use of EPA centrally- and regionally-located data
processing facilities.
The objectives of the LMF Timeshare Accounting policy are to:
a. Create and maintain an ADP environment where decisions concerning
the location of an application are made independently of processing
costs. This will avoid biasing application design based on proces-
sing costs associated with a particular site.
b. Allocate timesharing costs of each LMF in order to comply with OMB
Circular A-130.
c. Provide region/NEIC users and management with accurate utilization
statistics and monthly billing reports to support data processing
planning and control.
Enforcement of this policy will provide effective management of EPA's Logical
Mainframe.
2.0 SCOPE & APPLICABILITY
This policy is applicable to all personnel who are providing and/or using
timesharing services via the EPA Logical Mainframe.
3.0 RESPONSIBILITIES
OIRM is responsible for policy enforcement, and for periodically reviewing
policies for needed modification and/or enhancements.
-------�
NDPD OPERATIONAL POLICY NO. 220.06 Page 2 Qf
"r°Cedures> utilization, statistics, and
requirements to OIRM
4.0 POLICY
Chargeback will be accomplished by applying appropriate charges in four basic
o Machine Utilization
o Printing
o Communications
o Disk and Tape
Each of these is further explained as follows:
a. Processing Charges (Machine Utilization):
(1) Each LMF site will be charged for connect time, CPL time, and
EXCP counts for each job run on its LMF.
(2) CPU, connect time, and EXCP rates will be revised on an annual
basis using NCC's established "full costing" procedures.
(3) Rates will be established at the beginning of each fiscal year
and will be effective for the entire fiscal year. To provide a
stable charging mechanism, every effort will be made to ensure
that these rates are constant throughout the year. In case of
a policy change, users will be notified 30 days in advance of
the effective date of the revised policy.
(4) Rates will be established in a manner that ensures that job
costs will be approximately the same whether the job is pro-
cessed on the NCC IBM mainframe or on the LMF.
b. Printing:
(1) Jobs run at the NCC and printed at the LMF site will not be
billed for print charges.
(2) Jobs run and printed at the LMF site will not be billed for
print charges.
-------�
NDPD OPERATIONAL POLICY NO. 220.06
Page 3 of 3
(3) To recover NCC printing costs, jobs run at the LMF site and
printed at NCC will be billed according to NCC print rates in
effect at that time.
(4) Jobs run at NCC and printed/plotted at NCC will be billed
according to NCC print/plot rates in effect at that time.
c. Communications:
To replace the current print charges to cover RJE line costs, charges
for the MSNT/RJE will be billed at a flat monthly rate for data
links between NCC and the LMF sites.
d. Disk and Tape:
(1) DASD charges will be billed at a flat monthly rate for the
local LMF rather than for each user data set. This rate will
be determined annually via "full costing" procedures established
on April 1, 1986.
(2) Local tape will be purchased and maintained by each LMF site.
There will be no charge for tape utilization at the LMF site.
e. LMF Budget and Billing Process:
An LMF site's timesharing budget will be adjusted in accordance
with their annual submissions.
SMF data required for billing purposes will be captured at each LMF
site and transferred to NCC and processed daily. However, management
reports will be distributed on a monthly basis, usually by the 5th
of the following month.
-------�
-------�
U.S. ENVIRONMENTAL PROTECTION AGENCY
NDPD OPERATIONAL POLICIES MANUAL
TITLE: LMF USER REGISTRATION N0>: 220.07
APPROVAL••jQgK*jULLrr*L*JLii{i-D DATE: 8/1/87
1.0 PURPOSE
All users must be registered in order for EPA to properly manage data proces-
sing at the National Computer Center. This policy specifies required security
and accounting functions which will allow EPA to successfully accomplish this
goal.
The objectives of the EPA LMF User Registration Policy are to:
a. Provide guidelines for the development of.user registration pro-
cedures for each LMF site.
b. Define site and NDPD responsibilities for user registration.
c. Maintain critical accounting and security functions at the same
level of effectiveness at LMF sites as at the National Computer
Center.
d. Ensure that every user of a distributed node (43XX) is registered on
the NCC system.
Adherence to this policy will provide effective and efficient management of
the LMF resource.
2.0 SCOPE & APPLICABILITY
This policy is applicable to all personnel providing services for and/or
using the EPA Logical Mainframe.
3.0 RESPONSIBILITIES
NDPD is responsible for policy enforcement and will annually review policies
for needed modification and/or enhancement, as well as monitor adherence to
these policies by LMF sites.
The LMF System Manager will designate one person and a backup who will be
responsible for user registration and for coordinating communications to NCC
regarding registration matters.
-------�
NDPD OPERATIONAL POLICY NO. 220.07 Pa 2 of 2
The LMF System Manager is responsible for determining which of the standard
NCC fj,0 logon PROC's will be used by individual users.
4.0 POLICY
a. User registration will initially be performed by the TSSMS Office
upon receipt of an E-Mail request from the LMF site or through the
standard NCC registration procedure. Registration on both NCC/IBM
and LMF will be completed within 24 hours of receipt of the request.
b. NDPD has established procedures and software to enable the LMF
Manager to register new users on-line on the NCC mainframe, which
will then automatically register new users onto the specific LMF
system.
c. Any changes to these standard NCC ISO logon PROC's must be performed
in user CLIST's.
d. NDPD will provide each LMF site with procedures for ensuring that
new users are registered in the NCC Name and Address System (NADS)
for receipt of user memos and other technical communications.
-------�
U.S. ENVIRONMENTAL PROTECTION AGENCY
NDPD OPERATIONAL POUCILS MANUAL
TITLE: LMF SECURITY N0': 220.06
APPROVAL: £)f*^JJ?
-------�
NDPD OPERATIONAL POLICY NO. 220.08 P ,~ V o"
f. Of 2
c. The LMF System Manager is responsible for developing procedures and
policies to cover the following areas:
(1) Limiting facility access to authorized personnel only.
(2) Developing procedures to be followed during physical emergencies
such as fire or bomb threats. '
(3) Establishing user data set protection and use through RACF
profiles.
d. NDPD will provide each LMF site with initial training for adminis-
tration and maintenance of LMF security.
e. Persons in the following categories are required to read and sien
the Privacy Act disclosure statement:
(1) Those having authorized access to the LMF facility.
(2) Those having any level of access to a system console.
(3) Those having system privileges.
-------�
U.S. ENVIRONMENTAL PROTECTION AGENCY
NDPD OPERATIONAL POLICIES MANUAL
TITLE: LMF DATA MANAGEMENT N0>: 220.09
1.0 PURPOSE
Data must be managed so that it is available when needed. However, due to
the finiteness of DASD on the LMF configurations, it is necessary to remove
infrequently used data. Good management practices are demanded by the eco-
nomics of DASD and its maintenance and operation.
The objectives of the EPA LMF Data Management policy are as follows:
a. Provide guidelines for ongoing management of all data sets residing
on LMF DASD's.
b. Define the DASD management responsibilities of LMF and NDPD
personnel.
c. Provide LMF and NDPD personnel with guidelines for DASD allocation
and use.
d. Identify software packages and products available for use in DASD
management•
Compliance with this policy will provide effective and efficient management
in this area.
2.0 SCOPE & APPLICABILITY
This policy is applicable to all personnel providing services for and/or
using the EPA Logical Mainframe.
3.0 RESPONSIBILITIES
NDPD is responsible for policy enforcement and will annually review policies
for needed modification and/or enhancement, as well as monitor adherence to
these policies by LMF sites. Other duties and responsibilities are outlined
below.
NDPD is responsible for installing and maintaining ASM2, which is^the primary
software tool for LMF DASD management.
-------�
NDPD OPERATIONAL POLICY NO. 220.09 Pa e 2
4.0 POLICY
a. The DASD configuration for each LMF site is specified by NDPD.
b. All LMF data sets on all volumes will be identified by NCC standard
names and will be catalogued.
management problem resolution is the responsibility of the
LMF Technical Manager. When assistance is required from NCC support
personnel, the LMF Technical Manager will act^s the single poiTof
contact for all such assistance requests.
d. NDPD will develop and maintain the necessary software and procedures
for automatic and "per request" archiving of user data sets. The
procedures will include the following provisions:
(1) Aromatic Archiving. DASD data sets which are unused for 90
days will be routinely archived to tape and held an additional
365 days, at which time the tapes will be scratched. At the
time the data sets are archived to tape, they are scratched
from DASD.
(2) Restoration of Data Sets. During the 365 day archive retention
period an LMF user will be able to restore an archived data
set using the appropriate ASM2 reload command via TSO.
(3) Archiving Per User Request. If an LMF user desires to have an
LMF DASD data set archived to tape for periods longer than the
automatic archive, he or she must copy that data set to NCC
DASD and use established NCC procedures for explicit or perma-
nent archive. yenud
e. As part of DASD management, the LMF Technical Manager is responsible for
identifying and storing critical backup tapes for disaster recovery.
NDPD is responsible for developing the jobstreams and procedures
required to run Saves/Backups, Scratch, and Compress. These pro-
cedures will include provisions for the following activities:
(1) Incremental Backups. These should be done nightly on new or
changed data sets. The recommended retention period for these
tapes is 31 days, at which time the tapes are scratched. LMF
users may reload data sets from incremental backup tapes by
using the appropriate ASM2 command via TSO.
(2) Full Volume Backups. These should be done biweekly on stand-
alone time. Biweekly backups will be retained for a minimum of
4 weeks.
f.
-------�
NDPD OPERATIONAL POLICY NO. 220.09
Scratch Policy. This involves the daily scratching of certain
types of user data sets. Currently these data sets are those
that are uncatalogued and have a creation date not equal to the
current date, and data sets containing no organization and
which are unused for 7 days.
Additional data sets that are involved in the scratch process
are:
(a) Empty data sets unused for 7 days.
(b) QRELOAD "MAIL" data sets unused for 5 days.
(c) Non-standard data sets with a creation date less than the
current date.
(d) "COMPRESS" data sets unused for 3 days.
(A) Purge. The JES spool is purged nightly. Any job over 5 calen-
dar days old will be purged from the system.
(5) Compress. This activity is performed once a week on partitioned
data sets that have used more than 10 tracks and have been used
in the last 15 days.
f. Jobstreams needed to perform daily scratching of user work space
will be provided by NDPD.
g. NDPD will identify which system packs are to be backed up along with
procedures for these backups.
h. NDPD will provide the LMF Technical Manager with the Jobstreams
necessary to produce reports on DASD utilization.
-------�
-------�
U.S. ENVIRONMENTAL PROTECTION AGENCY
NDPD OPERATIONAL POLICIES MANUAL
TITLE: LMF CONFIGURATION MANAGEMENT
APPROVAL; jp^/J (J ,
NO.: 220.10
DATE: 8/1/87
1.0 PURPOSE
Compatibility in a large data processing network is mandatory for effective
and efficient use of the facility. The purpose of this policy is to ensure
stability of the LMF resource and to maintain compatibility of network
components.
The objectives of the Configuration Management policy are to:
a. Prevent hardware and software acquisitions which threaten the com-
patibility of network components.
b. Preserve individual LMF stability.
c. Facilitate acquisition and maintenance contract administration.
This policy will enable NDPD to maintain compatible LMF systems capable of
providing an effective and efficient service.
2.0 SCOPE & APPLICABILITY
This policy is applicable to all NDPD and LMF personnel involved in the
acquisition of equipment, software, and maintenance for an LMF site.
3.0 RESPONSIBILITIES
NDPD is responsible for policy enforcement and will annually review policies
for needed modification and/or enhancement, as well as monitor adherence to
these policies by LMF sites. Other specific duties are outlined below.
4.0 POLICY
Hardware:
(1) All hardware acquisitions must be approved by NDPD.^ The pro-
curements will be handled by NDPD even in those cases where the
Regions provide the funding. Sixty days should be allowed for
this process.
-------�
NDPD OPERATIONAL POLICY NO. 220.10 p , e „
" of 2
(2) Modifications or replacement of hardware units, hardware
features, or hardware microcode are explicitly identified as
requiring CMC approval.
b. Software:
(1) NDPD will approve and procure all software regardless of the
funding source.
(2) Software installations will be scheduled through NCC Change
Management.
(3) All other software will be installed by NDPD Technical Services
unless NDPD delegates this responsibility to the local site on
a case-by-case basis.
5.0 DEFINITIONS
a. Hardware:
(1) The standard LMF configuration consists of an IBM 43&1
processor or equivalent, with:
16 megabytes of real storage
1 front-end processor
1 DASD storage director
2 A4 DASD units
1 B4 DASD unit
2 tape drives
The limits on the number of controllers, terminals, and printers
will be subject to local needs and contract specifications.
b. Software:
(1) Software is defined as operating system software and any program
product or application software that affects the performance or
configuration of the system.
(2) The standard LMF system software configuration will initially
consist of:
MVS components
VS/FORTRAN
FOCUS
SyncSort
ASM2
-------�
U.S. ENVIRONMENTAL PROTECTION AGENCY
NDPD OPERATIONAL POLICIES MANUAL
N0': 230.01
TITLE: NCC VAX CLUSTER SYSTEM MANAGEMENT
APPROVAL, Q^USL U * '1-0 »*«= 6/1/67
1.0 PURPOSE
The NCC VAX Cluster System Management policy establishes:
a. Objectives for managing the system.
b. Functions which will be managed to meet the objectives.
2.0 SCOPE & APPLICABILITY
This policy applies to all NDPD and FM contractor staff personnel responsible
for the management, operation, or maintenance of the NCC VAX Cluster.
Any deviation from this policy must be approved in writing by the Director of
NDPD.
3.0 RESPONSIBILITIES
The FM contractor will develop, update, and monitor procedures to implement
this policy.
The FM contractor will adhere to NDPD policies and perform the tasks necessary
to meet policy objectives.
4.0 POLICY
a. The NCC VAX Cluster will be managed in a manner which provides
cost-effective service to the user community.
b. The NCC VAX Cluster will be managed to meet the service levels
defined by the Director of NDPD.
c. While the organizational structure of NDPD and the FM contractor may
change from time to time, the following major areas of responsibility
will be managed:
(1) System operations.
(2) System software maintenance.
(3) Data communications facilities support.
-------�
NDPD OPERATIONAL POLICY NO. 230.01 p ~V * o
— ^^— — "age f. or L
System Performance Tuning.
(5) Capacity Planning.
(6) User Service Activities.
(7) Contract Administration for System Components.
d. The FM Contractor will, in concert with NDPD technical managers
ensure that NDPD operational policies are implemented for each of
the areas of responsibility identified above.
5.0 DEFINITIONS
a- System Operations consists of console and peripheral equipment
operation, physical facilities management, data storage management
preventive and remedial hardware maintenance scheduling, change '
management, and production control.
b' System Software Maintenance consists of installing and maintaining
all vendor-supplied software. This includes DEC system and program
products, as well as software supplied by third party vendors.
C> ^ta Communications Support consists of installing, maintaining, and
monitoring the performance of all data links and associated equipment
in use at NCC. ^ fu"=uu
d- Performance Tuning consists of all activities required to ensure
that the goals defined in the service level policy are met on a
daily basis.
e- Capacity Planning consists of all activities required to predict
future workload and to identify resources which must be acquired to
meet the service level policy objectives in the future.
f. User Services consists of user support activities for problem reso-
lution, user registration and billing, and central data base
administration.
g' Contract Administration Services consists of all activities required
to order and maintain the hardware and software components of the
NCC VAX Cluster.
-------�
U.S. ENVIRONMENTAL PROTECTION AGENCY
NDPD OPERATIONAL POLICIES MANUAL
TITLE: NCC VAX CLUSTER SERVICE LEVELS N0': 230.02
1.0 PURPOSE
The NDPD VAX Cluster Service Level policy establishes:
a. VAX Cluster components.
b. Access rules for Cluster components.
c. Hours of availability.
d. System stability goals.
2.0 SCOPE & APPLICABILITY
This policy applies to all NDPD and FM contractor staff personnel responsible
for the management, operation, or maintenance of the NCC VAX Cluster, and to
users of this computing resource.
Any deviation from this policy must be approved in writing by the Director of
NDPD after consultation with the VAX Cluster Coordinating Committee.
3.0 RESPONSIBILITIES
The FM contractor will develop, update, and monitor procedures to implement
this policy.
The FM contractor will adhere to NDPD policies and procedures to ensure that
service level objectives are met. The FM contractor will also advise NDPD of
potential problems which might have an adverse impact on the NCC VAX Cluster.
The user community will comply with the utilization provisions of this policy.
4.0 POLICY
a. The NCC VAX Cluster consists of multiple VAX processors connected in
a cluster arrangement under the control of the VMS operating system.
Also included are the associated RTF DECNET/ETHERNET local area
network and the EPA DECNET X-25 telecommunications network. The
individual processors in the Cluster will be designated as either
large models or general purpose processors.
-------�
NDPD OPERATIONAL POLICY NO. 230.02 DO,,
"age i of 3
b. The NCC VAX Cluster is dedicated to processing scientific applica-
tions such as environmental modeling, analysis of experimental data
management of scientific data bases, and scientific documentation. '
Scientific applications consistently needing large volumes of data
from the IBM mainframe, or nonscientific applications, must not be
processed on the VAX Cluster.
c. System software consists of VMS, FORTRAN-77, SAS, FOCUS, and DECNET/-
A • £, j j O iN A •
d. The full Cluster will be available to the user community 24 hours a
day, 7 days a week, with the following restrictions:
(1) A console operator will be present from 8:00 a.m. until mid-
night, Monday through Friday.
(2) The Cluster will be unavailable from 5:00 p.m. until 11:00 p.m.
on Mondays. This time is reserved for data management functions,
(3) The system will be unavailable from 11:00 p.m. on Mondays until
8:00 a.m. on Tuesdays. This time is reserved for system testine
and maintenance.
e. Interactive access to the large model processors will, under normal
circumstances, be restricted to Meteorology users from ASRL.
f. Regular batch access to the large model processors will, under normal
circumstances, be restricted to Meteorology users. All other users
of these processors will be granted access to soak-up batch only.
g. All users will, under normal circumstances, be granted interactive
access to the general purpose processor.
h. Three batch queues will be provided on all processors in the Cluster.
The queue assignments for individual batch jobs will be determined
by the job's runtime requirements.
I. In the event of an extended failure of either the large models or
general purpose processors, the batch job queues of the failed
processors will be routed to the remaining processors. Interactive
access will be similarly switched from the failed to the active
processors.
j. User support services will be available from 8:00 a.m. until 5:00
p.m., Monday through Friday.
-------�
NDPD OPERATIONAL POLICY NO. 230.02 p±8j
k. The NCC VAX Cluster stability goals are:
(1) A quarterly up-time percentage of at least 99 percent of sched-
uled production time for the processor complex.
(2) A quarterly up-time percentage of at least 99 percent of sched-
uled production time for each major telecommunications and RTF
local area network circuit.
Stability goals will be computed only for the scheduled hours of
service listed above.
1 In the absence of monitoring software, no goals have been established
for interactive response or batch turnaround times. However, resource
utilization quotas will be established to ensure a level of service
considered to be satisfactory by a majority of the user community.
n. Periodic reports will be submitted to NDPU management and to the VAX
Cluster Coordinating Committee to verify compliance with this policy.
-------�
-------�
U.S. ENVIRONMENTAL PROTECTION AGENCY
NDPD OPERATIONAL POLICIES MANUAL
TITLE: NCC VAX CLUSTER PERFORMANCE & CAPACITY MONITORING NO.: 230.03
APPROVAL: jQ*^tJHS &-4JJ? DATE; 8/1/8?
1.0 PURPOSE
The NCC VAX Cluster Performance and Capacity Monitoring policy establishes:
a. Performance and capacity monitoring objectives.
b. Methodology to support the objectives of this policy.
c. Reporting requirements designed to alert senior management to
potential problems.
NCC VAX Cluster performance and capacity monitoring activities include per-
formance analysis, stability analysis, and capacity planning.
2.0 SCOPE & APPLICABILITY
This policy applies to all NDPD and FM contractor staff personnel responsible
for the management, operation, or maintenance of the NCC VAX Cluster. The
VAX Cluster Coordinating Committee will assist NDPD in the collection and
assessment of mission-based requirements which will affect long-term capacity
planning and system performance.
Any deviation from this policy must be approved in writing by the Director of
NDPD after consultation with the VAX Cluster Coordinating Committee.
3.0 RESPONSIBILITIES
The FM contractor will develop, update, and monitor procedures to implement
this policy, and will alert NDPD to potential performance problems.
The FM contractor will adhere to NDPD policies and offer recommendations
designed to meet the policy objectives.
4.0 POLICY
a. System performance will be monitored to ensure compliance with the
objectives of Policy 230.02, NCC VAX Cluster Service Levels.
-------�
NDPD OPERATIONAL POLICY NO. 230.03
'rage 2 of 2
b. Workload trends will be monitored to identify potential future
resource constraints.
c. The potential resource utilization of major new applications will fa-
assessed to determine their impact on system performance.
d. System performance and capacity data will be captured and analyzed
witn commercially available software. Local code written to support
s^tV,*,h i t minimlzed to th« 8««est Degree possible con-
sistent with the objectives of this policy.
e. System performance, stability, and resource utilization will be
summarized and reported to NDPD management daily and shared with the
VAX Cluster Coordinating Committee.
f- Deficiencies in system performance, stability, or resource avail-
ability will be corrected as soon as possible consistent with the
provisions of Policy 230.04, Change Management.
g. The system's capacity to support projected growth in workload will
be evaluated and reported to NDPD management quarterly. The report
will be shared with the VAX Cluster Coordinating Committee.
-------�
U.S. ENVIRONMENTAL PROTECTION AGENCY
NDPD OPERATIONAL POLICIES MANUAL
TITLE: NCC VAX CLUSTER CHANGE MANAGEMENT N0': 23°'OA
P\ i f\ , C\ A/ tf DATE: 8/1/87
APPROVAL: v/J* U ^~&r*<
1.0 PURPOSE
This policy is designed to ensure that all changes are applied in a timely
manner without disrupting system stability or performance.
The NCC VAX Cluster Change Management policy establishes:
a. Change management objectives.
b. System components and changes subject to this policy.
c. Review process required for hardware or software changes.
d. User notification requirements for system changes.
2.0 SCOPE & APPLICABILITY
This policy applies to all NDPD and FM contractor staff personnel responsible
for the management or implementation of hardware and system software changes
to the NCC VAX Cluster and the associated RTP local area network.
Any deviation from this policy must be approved in writing by the Director of
NDPD after consultation with the VAX Cluster Coordinating Committee.
The following system components are subject to this policy:
a. The processor complex.
b All peripheral devices attached to the network through DECNET via
ETHERNET and X.25 or SNA. Peripheral devices attached to processors
not owr.ed by NDPD are exempt.
c. Electrical, air conditioning, and other components vital to the
operation of the processor or any of its peripheral devices.
d All DEC licensed and third party vendor software products installed
on the NCC VAX Cluster and supported by NCC, or NCC-supported software
products installed on remote VAX systems connected to the Cluster
through DECNET via ETHERNET and X-25 or SNA.
-------�
NDPD OPERATIONAL POLICY NO. 230.04
3-0 RESPONSIBILITIES
4.0
POLICY
b.
.i representing the FM contractor and NDPD
will review and approve changes to the components defined above
Members of the VAX Cluster Coordinating Committee may sit as obser-
vers on the Change Management Council.
All emergency changes must be approved by the FM contractor's depart-
ment manager for User Services and Operations. The EPA ADP Operations
Management Branch Chief must grant approval for emergency ch±es if
reach HC°nAraCt0rS/ePartment mana«ers °^^ above cannot'be
reached. Approval for emergency changes can be obtained in
in person, or over the telephone.
All required changes will be submitted to the Change Management
nronn H I ™ *** a™TOVal bef°" installation. The impact of
proposed changes on system stability and performance must be con-
sidered before approval is granted.
thaf ^ " "nSidered system level code not written by the vendor
mod ff rh rS ^ Vend°r SUppUed exits in the ""wre or
modifies the vendor'. source code.
Local code development will be approved by NDPD before the task is
initiated. This approval will be in writing either through formal
memorandum or by utilizing the software checklist. System
y not.d
Local code implementation into production will be with the approval
of Change Control. This approval requires complete testing
caronlv^011'-^ SUpervis°ry level co^ review. These retirements
can only be waived in emergencies by NDPD.
-------�
NDPD OPERATIONAL POLICY NO. 230.04
Page 3 of 3
All DEC and third party software products will be maintained at a
release level which is no more than one level behind the current
release level supported by the vendor unless there is a known sta-
bility, performance, or functional problem with the new release.
The Director of NDPD must approve all cases of delayed aaintenance.
A user memorandum will be issued 30 days prior to the application of
any software maintenance.
5.0
DEFINITIONS
System changes are classified either as "required" or "emergency." Hardware
or system software maintenance required to correct a stability or performance
problem constitutes an emergency change. Required system changes are routine
activities needed to upgrade the hardware or software configuration.
-------�
-------�
U.S. ENVIRONMENTAL PROTECTION AGENCY
NDPD OPERATIONAL POLICIES MANUAL
TITLE: NCC VAX CLUSTER PROBLEM RESOLUTION NO.: 230.05
APPROVAL; Ar»~^ lA^LP DATE: 8/1/87
1.0 PURPOSE
The NCC VAX Cluster Problem Resolution policy establishes:
a. Problem resolution objectives.
b. Problem classifications.
c. Problem resolution responsibilities.
d. User notification requirements.
2.0 SCOPE & APPLICABILITY
This policy applies to all NDPD and FM contractor staff personnel responsible
for the management or operation of the NCC VAX Cluster and for providing
support to the user community.
Any deviation from this policy must be approved in writing by the Director of
NDPD after consultation with the VAX Cluster Coordinating Committee.
3.0 RESPONSIBILITIES
The FM contractor will develop, update, and monitor procedures to implement
this policy.
The FM contractor will adhere to NDPD policies and procedures to ensure that
problems are resolved expeditiously .
4.0 POLICY
a. NCC will strive to resolve problems with the VAX Cluster as soon
after identification as possible in order to provide the best
possible level of service to the user community.
b. Problems encountered with the NCC VAX Cluster will be cacegorized as
hardware, software, performance, telecommunications, or user problems
-------�
NDPD OPERATIONAL POLICY NO. 230.05 Page 2 of 2
c. All problems with NCC-supported hardware or software will be entered
into the Problem Management System by close of business on the day
the problem was uncovered.
d. The central problem resolution contact will report to NbPD management
the status of unresolved problems on a daily basis.
e. The central problem resolution contact will post news alerts for any
problem which may result in user job failures or user data loss.
f. The User Support staff will serve as the point of contact for re-
solving user problems. The User Support staff will forward user
problems which they cannot resolve to a central problem management
contact. Users may not call the FM contractor Technical Services
staff directly to obtain assistance.
g. The User Support staff will submit monthly reports to NDPD identify-
ing the number and nature of user problems addressed during the
reporting period. The reports will be shared with the VAX Cluster
Coordinating Committee.
h. The Director of NDPD will be immediately notified of any data loss
experienced by the user community.
i. Users reporting problems will be called within 24 hours to advise
them of progress being made in seeking a solution.
j. Closed problem reports will be archived for a period of 3 years from
the date the problem was logged.
-------�
U.S. ENVIRONMENTAL PROTECTION AGENCY
NDPD OPERATIONAL POLICIES MANUAL
TITLE: NCC VAX CLUSTER TIMESHARE ACCOUNTING NO.: 230.06
APPROVAL: ),^Jl u AJ? DATE; 8/1/87
1.0 PURPOSE
The NCC VAX Cluster Timeshare Accounting policy establishes:
a. Timeshare accounting objectives.
b. Methodology for determining the cost of timeshare services.
c. Reporting requirements for advising ADP coordinators and Agency
budget officials of timeshare charges allocated to them.
2.0 SCOPE & APPLICABILITY
This policy applies to all NCC VAX Cluster users, and to all NDPD and FM
contractor staff personnel responsible for the management or operation of the
NCC VAX Cluster.
Any deviation from this policy must be approved in writing by the Director of
NDPD after consultation with the VAX Cluster Coordinating Committee.
3.0 RESPONSIBILITIES
The FM contractor will develop, update, and monitor procedures to implement
this policy.
The FM contractor will perform the tasks necessary to meet the objectives of
this policy.
The user community will rely on the terms of this policy to manage their
timeshare allowance.
4.0 POLICY
a. NDPD will conform to the requirements of OMB Circular A-130 in
accounting for and in full cost allocation of providing data proces-
sing services to the user community.
-------�
NDPD OPERATIONAL POLICY NU. 230.06 Pa e 2
b. Charges for data processing services will be applied in the following
areas: 6
(1) Processor utilization.
(2) Printing.
(3) Telecommunications.
(4) Disk utilization.
c. The rate for the services will be reviewed and adjusted annually to
reflect changes in the cost of providing these services. The rate
for the new fiscal year will be published in the last quarter of the
current fiscal year.
d. Every system transaction will be charged for actual resources con-
sumed if data can be captured accurately and the cost of capture
does not outweigh the cost recovery of the resource.
e. NDPD may apply premiums or discounts for certain processing priori-
ties or techniques to encourage efficient resource utilization.
f. Charges will be refunded if a transaction fails due to console
operator error, system hardware failure, or system software error.
Jobs using more than 2 hours of CPU time must have a user defined
save and restart capability to be eligible for a refund. The refund
Wi iD?,0t GXCeed Char8es Sweater than those incurred during 2 hours
of CPU utilization.
g. NDPD will provide a summary of each month's timeshare charges by the
5th day of the following month.
-------�
U.S. ENVIRONMENTAL PROTECTION AGENCY
NDPD OPERATIONAL POLICIES MANUAL
TITLE: NCC VAX CLUSTER USER REGISTRATION NO.: 230.07
APPROVAL: £X—*J U^4j? DATE: 8/1/87
PURPOSE
The NCC VAX Cluster User Registration policy establishes:
a. User registration objectives.
b. User registration requirements.
c. Reporting requirements for managing the user registration process.
2.0 SCOPE & APPLICABILITY
This policy applies to all NDPD and FM contractor staff personnel responsible
for the management or operation of the NCC VAX Cluster system, and to the NCC
VAX Cluster user community.
Any deviation from this policy must be approved in writing by the Director of
NDPD after consultation with the VAX Cluster Coordinating Committee.
3.0 RESPONSIBILITIES
The FM contractor will develop, update, and monitor procedures to implement
this policy.
The FM contractor will perform the tasks necessary to implement this policy.
The TSSMS Office will be responsible for conducting user registration services.
The user community will follow the NDPD procedures derived from this policy
to gain access to the NCC VAX Cluster system.
Every EPA ADP Coordinator and Account Manager will be responsible for ensuring
that users are registered on the NCC VAX Cluster for the purpose of conducting
legitimate Agency business only.
Every EPA ADP Coordinator and Account Manager will be responsible for ensuring
user identification termination for all EPA, contractor, or subcontractor
employees upon the termination of a project or resignation of employees under
his jurisdiction.
-------�
NDPD OPERATIONAL POLICY NO. 230.07 Page 2 of 2
4.0 POLICY
a. User registration procedures will conform to the objectives of this
document and the terms of Policies 230.06, Tiaeshare Accounting, and
230.08, NCC VAX Cluster Security.
b. ASRL Meteorology and general users will be registered on both the
large models and general purpose processors to allow transfer of
workload as specified in Policy 230.02, NCC VAX Cluster Service Levels
c. System utilization will be recorded for authorized individual users
and for accounts which may include multiple users.
d. New accounts may be created by EPA ADP Coordinators only. Provisions
will be made for group designations and the use of Access Control
List facilities.
e. Each user will be assigned a unique user identification code and
will be associated with one or more accounts as requested by the EPA
ADP Coordinator or EPA Account Manager.
f. User identification codes previously assigned to a user no longer
registered on the NCC VAX Cluster may be reassigned to another user.
g. Telephone requests for account or user registration will be honored,
but signed hardcopy verification of all requests are required within
2 weeks to retain the registration.
h. A user terminating employment will be removed from the system. All
resources associated with this user identification code will be
assigned to another user or deleted at the discretion of the ADP
Coordinator or Account Manager.
i. Accounts and user identification codes which have not been accessed
for 1 year will be deleted from the system. The user and Account
Managers will be notified at least 30 days prior to deletion of an
account or user identification code.
j. Every ADP Coordinator and Account Manager will receive a periodic
report identifying the accounts and user identification codes for
which he is responsible.
-------�
U.S. ENVIRONMENTAL PROTECTION AGENCY
NDPD OPERATIONAL POLICIES MANUAL
TITLE: VAX Security NO" 230-08
P) DATE: 3/7/90
r^
1.0 PURPOSE
The objective of this policy is to provide a secure DEC VAX and MicroVAX operating
environment which is consistent among all EPA local and remote VAX sites.
This policy:
a. Defines VAX management and VAX user responsibilities for physical, software,
and data security of the VAX.
b. Defines NDPD responsibilities for VAX security.
2.0 SCOPE & APPLICABILITY
This policy applies to all EPA personnel and their agents who are providing services for, or
using, EPA owned, operated, or licensed DEC VAX or MicroVAX computers (hereafter
referred to simply as VAX) or connecting to systems from any manufacturer, if supported by
the NCC.
3.0 RESPONSIBILITIES
NDPD is responsible for:
a. Defining policy.
b. Reviewing policies annually for needed modification and/or enhancement.
c. Monitoring adherence to security policies by VAX sites.
d. Distributing, in a timely manner, Agency standard VAX operating system and
NDPD-provided software and documentation to VAX sites.
e. Evaluating requested exceptions to this policy.
VAX site management is responsible for:
a. Implementing and adhering to VAX security policies. VAX sites may implement
more restrictive security policies as required by the site.
b. Reporting detected breaches of the policy to NDPD.
c. Coordinating resolution of security breaches and security issues with NDPD.
-------�
NDPD OPERATIONAL POLICY NO. 230.08 ~~ Page 2 pf g
d. Installing in a timely manner, operating system software and other standard
Agency software distributed by NDPD.
e. Providing default protection for data consistent with the sensitivity and value
of the data and assisting VAX users in determining and implementing additional
levels of protection beyond default protection. The VAX SYSGEN parameter
RMS FILEPROT can be modified to provide tighter default file protection
than that normally provided by the DEC operating system.
f. Obtaining NDPD approval for exceptions to this policy.
4.0 POLICY
a.
NDPD will distribute Agency standard VAX operating systems and any other
software deemed appropriate by NDPD for the implementation and enforcement
of this policy.
b' X™ security Procedures developed by NDPD will be consistent with other
NDPD policies.
c.
Each VAX Site Manager will physically and procedurally provide for a secure
controlled access environment for each VAX computer system to protect it from
loss caused by fire, natural or unnatural acts of man or nature, or machine
failure. Specifically, each VAX Site Manager will:
(1) Establish procedures for evaluating and granting access to the site and
its computers, determining the length of time access is to be granted, and
monitoring the access.
(2) Control access to the site and its computers through GSA and industry
accepted physical control mechanisms (e.g., locks, badge readers).
(3) Protect the physical environment by installing and monitoring GSA and
industry accepted environmental controls and fire suppression systems.
(4) Protect the physical operating environment by establishing procedures
governing the physical safety of the computers, their operators, and their
users.
(5) Safeguard computer and other property assets through procedures
providing for their receipt, tracking, and disposal.
(6) Develop and implement procedures which will ensure that each VAX
computer system is physically secure and protected from unauthorized
access while unattended.
-------�
NDPD OPERATIONAL POLICY NO. 230.08 PaB« 3 of 6
d. Each VAX System Manager will provide for secure logon access to the site's
computer(s). Specifically, each System Manager will:
(1) Enforce the following policies for computer passwords:
(a) All User-ID's will be configured with a password. The minimum
password length will be six characters. The AUTHORIZE
qualifier /PWDMINIMUM will be set equal to 6 through the use
of the AUTHORIZE ADD/MODIFY command.
(b) Passwords for new users and reset passwords will be set as expired
through the use of the AUTHORIZE ADD/MODIFY command
to set the AUTHORIZE qualifier /PWDEXPIRED.
(c) Passwords for new users and reissued passwords will be unique
for each user and non-trivial in nature and will not be set to any
password previously used for that user. The AUTHORIZE
ADD/MODIFY command should be considered to set the
/GENERATE_PASSWORD qualifier of AUTHORIZE.
(d) All passwords will have an expiration period not to exceed 90
days. The AUTHORIZE ADD/MODIFY command will be used
to set the AUTHORIZE qualifier /PWDLIFETIME.
(2) Enforce compliance with the following policies for computer User-ID's
and accounts:
(a) User-ID's will not be shared. Each user must have his/her own
User-ID.
(b) A User-ID will be disabled after four consecutive unsuccessful
logon attempts between session initiations. For this purpose,
attempts independent of the terminal used will be considered. The
following SYSGEN parameter settings will be used:
LGI_BRK_LIM=4
LGI_BRK_TERM=0
LGI_BRK_TMO=300
LGI_BRK_DISUSER=1
(c) All dial-in ports will be configured for modem control and
terminals will be configured with the /MODEM/HANGUP
parameters.
(d) Proxy accounts will be allowed, subject to the following rules and
restrictions:
1. Proxy accounts will not be permitted for User-ID's with
system privileges unless approved by NDPD.
-------�
NDPD OPERATIONAL POLICY NO. 230.08 page 4 Qf
2. Proxy accounts will establish a one-to-one correspondence
between User-ID's and their remote proxies. Multiple
remote User-ID's may not be "proxied" into a single User-
ID on one system, and a single User-ID may not have
multiple proxies on a given remote system.
3. All requests for a proxy account must be signed by both
the applying user and his ADP Coordinator. The
organization implementing the proxy must also verify that
the name of the requesting user is the same in Authoriza-
tion files on both systems.
4. Proxy accounts on the NCC VAX Cluster will be
maintained and verified by the TSSMS Office.
5. An approved exception to the above proxy account
restrictions is between systems at locations where
authorization is controlled by the same organizational unit,
namely the establishment of proxies among members of
a VAX Cluster.
(e) An auto-login account will not be used unless the account is a
captive, nonprivileged account of a process which ensures that
the user is not allowed general system access to the site VAX or
access to any node in the DECnet/ETHERNET environment.
Auto-login accounts must be configured through AUTHORIZE
as /NODIALUP, /NONETWORK, and /NOREMOTE.
(f) User-ID's used by vendors for system hardware or software
maintenance by non-VAX site personnel (e.g., FIELD, SYSTEST)
will be controlled by the VAX System Manager and disabled when
not in use. AUTHORIZE qualifiers /FLAGS=DISUSER and
/FLAGS=LOCKPWD will be used.
(g) Default VAX account (e.g., FAL = File Access Listener) and other
User-lp's/accounts established to aid intermachine communica-
tions will not be established as privileged accounts unless required
for system operation. Privileges, if granted, will be limited to the
minimum required by the system for the User-ID/account to
perform its designated task(s).
In addition to DEC recommendations concerning security for a
DECnet node as described in the Guide to VAX/VMS Security,
the following will be implemented:
1. No device will be connected to the EPA DECnet without
prior approval from NDPD.
2. No VAX or MicroVAX covered under this policy will be
connected to any non-EPA network without prior approval
from NDPD.
-------�
NDPD OPERATIONAL POLICY NO. 230.08 Pa*e 5 of 6
(3)
3. The password for the DECnet User-ID will be changed
after system installation.
4. The DECnet User-ID will be allowed no interactive access.
5 The DECnet User-ID will be removed from the executor
data base. The entry in the data base will be replaced by
a non-used User-ID to assist in problem tracking and
auditing.
6. The DECnet User-ID should be added to the MAIL and
PHONE network data bases.
7. A File Access Listener (FAL) User-ID will be created with
NO WRITE access to its root directory.
8. Open access to the TASK object will be disabled.
9 Network passwords will be enforced for all DECnet dial-
up nodes. Site VAX transmit/receive passwords will not
be revealed to dial-up sites.
(h) All system privileges, with the exception of TMPMBX and
NETMBX, will be restricted to the minimum number of personnel
possible and will be granted based -on a requirement for the
privilege in order to perform assigned tasks.
Enforce the following policies concerning system files and resources:
(a) Default security applied to system files by DEC will be
maintained.
(b) Access to the SYSUAF.DATA, SYSALF.DAT, and NETUAF.DAT
files will be restricted to the System Administrator or those
personnel responsible for user registration.
(c) Write access to the DECnet-VAX data base will be restricted to
the VAX System Manager.
(d) System resources will be protected from unauthorized access which
could result in harm to the VAX operating environment. These
include disk volumes, global section, devices, logical name tables,
and queues.
(c) On-line storage resources will be protected to ensure the integrity
of each user's designated data files.
(f) All operating system files and user data files must be backed up
commensurate with the level of user activity exhibited. The
backup interval cannot be greater than biweekly.
-------�
NDPD OPERATIONAL POLICY NO. 230.08 D f .<
rage o of 6
(4)
Enforce the following policies regarding software installed at the VAX
SI 1C.
(a)
(5)
No software which requires installation as a privileged process
or image or which alters or enhances the security environment will
be installed without notifying NDPD.
(b) Software requiring privileges to function will be granted the
MnroA1^T?privi,1-Cr8.CS rcquircd and wiH be linked with the
NOTRACE qualifier.
(c) All software distributed to each VAX site by NDPD will be
b^NDPD000^1118 t0 tlmC and installation specifications provided
Establish procedures to grant access authorities to any VAX computer
limit assignment of privileges to those required to perform assigned
task(s), and deny access or privileges to that person when his requirement
for access or privileges has expired.
(6) Accept responsibility for auditing critical system events (eg system
access attempts, resource violations, etc.) and for overall security
management of their system. The VAX System Manager will permit a
member of the NCC Computer Security staff to access his VAX system
to audit security policy compliance. The NCC Computer Security staff
member will be given a privileged account for this purpose, but only for
the duration of the review.
e. Each VAX System Manager is responsible for coordinating enforcement of this
policy with the NCC Security Office and will be responsible for coordinating
resolution of security incidents and other security issues with that office.
f. Each VAX System Manager is responsible for disseminating information and for
training local operations staffs and users concerning Agency VAX policv
procedures, and system changes. ^«"^y.
5.0 REFERENCES
™i'/°l10Jing ^gital Equipment Corporation publication was used in the development of this
environment"1 accepted reference for implementation of security in the VAX/VMS
Guide to VAX/VMS System Security. Version 5.1
-------�
U.S. ENVIRONMENTAL PROTECTION AGENCY
NDPD OPERATIONAL POLICIES MANUAL
TITLE: NCC VAX CLUSTER DATA MANAGEMENT N°-: 230.09
APPROVAL: oO^Jt U &jJ^J?_ DATE: 8/1/87
1.0 PURPOSE
The NCC VAX Cluster Data Management policy establishes:
a. Data management objectives.
b. Data storage requirements.
c. Data storage media performance and capacity requirements.
2.0 SCOPE & APPLICABILITY
This policy applies to all NCC VAX Cluster users and to NDPD and FM contractor
staff personnel responsible for the management or operation of the NCC VAX
Cluster.
Any deviation from this policy must be approved in writing by the Director of
NDPD after consultation with the VAX Cluster Coordinating Committee.
3.0 RESPONSIBILITIES
The FM contractor will develop, update, and monitor procedures to implement
this policy.
The FM contractor will perform the tasks necessary to meet the objectives of
this policy.
The user community will rely on the terms of this policy to manage their data
storage requirements.
4.0 POLICY
a. NDPD will manage the data storage devices of the NCC VAX Cluster to
meet the storage requirements of the user community in a secure and
cost-effective manner. Data storage devices will also be managed to
enhance system performance.
b. All data sets not conforming to NCC naming conventions will be
deleted from the NCC VAX Cluster.
-------�
NDPD OPERATIONAL POLICY NO. 230.09
2 of 2
c. All disk data sets not accessed for 45 days will be archived to
tape. The archive tape will be retained for 1 year before beine
reused. s
d. A procedure will be provided to enable users to restore disk data
sets from archive tapes.
e. A procedure will be provided to enable users to archive to tape
their own disk data sets. Data sets may be archived for either
2 years or 7 years.
f. NCC will perform weekly backups of disk data sets which have been
created or changed since the previous backup. Weekly backup tapes
will be retained for 31 days.
g. A procedure will be provided to enable users to restore data sets
from the weekly backup tapes.
h. Full volume disk tape copies will be created biweekly. The weekly
tape copies will be retained for 4 weeks before being reused.
i. A disk and tape utilization report will be submitted weekly to NDPD
and shared with the VAX Cluster Coordinating Committee to indicate
available data storage capacity.
j. Tape data sets created on the NCC VAX Cluster will be controlled by
a software tape management system to prevent accidental erasure of
data.
k. The default retention period for tape data sets created on the NCC
VAX Cluster will be "5 days. Users may explicitly specify other
retention periods.
1. A foreign tape created on systems other than the NCC VAX Cluster and
sent to the NCC will be enabled for write access only upon receipt
of a written or telephone request from the owner of the tape.
m. All references in this policy to "disk" refers to fixed (non-
removable) media, except in this paragraph. The Tape Management
System allows users to perform their own backups of removable disk
volumes on the VAX Cluster. NCC Production Control will back up
removable disk volumes on request by the user who "owns" the volume.
These backup services will be charged as a routine Production Control
service at the then current hourly chargeback rate.
-------�
U.S. ENVIRONMENTAL PROTECTION AGENCY
NDPD OPERATIONAL POLICIES MANUAL
TITLE: NCC VAX CLUSTER CONFIGURATION MANAGEMENT
APPROVAL: JLJt*-~*-Jt U
NO.: 230.10
DATE: 8/1/87
1.0
PURPOSE
The NCC VAX Cluster Configuration Management policy establishes:
a. Configuration management objectives.
b. Activities required to meet the configuration management objectives.
c. Review requirements to ensure compliance.
2.0 SCOPE & APPLICABILITY
Thit, policy applies to all NDPD and FM contractor staff personnel responsible
for the management or operation of the NCC VAX Cluster system and associated
RTF local area network.
Any deviation from this policy must be approved in writing by the Director of
NDPD after consultation with the VAX Cluster Coordinating Committee.
3.0 RESPONSIBILITIES
The FM contractor will develop, update, and monitor procedures to implement
this policy.
The FM contractor will perform the tasks necessary to meet the objectives of
this policy.
4.0 POLICY
a. The VAX Cluster system will be managed in a manner which provides:
(1) A current inventory of all system components.
(2) A current system hardware and software configuration.
(3) A current system telecommunications configuration.
(4) A mechanism for processing hardware, software, and maintenance
procurement requests in a timely manner.
-------�
NDPD OPERATIONAL POLICY NO. 230.10
Page 2 of 2
c.
duties
d.
.
Coordinating Committee on request
-------�
U.S. ENVIRONMENTAL PROTECTION AGENCY
NDPD OPERATIONAL POLICIES MANUAL
TITLE: Tape Management/Maintenance on the VAX
APPROVAL:
1.0 PURPOSE
This policy establishes guidelines and requirements for the management and maintenance of
VAX reel and cartridge tapes at the National Computer Center.
2.0 srOPE & APPLICABILITY
This policy applies to all NDPD staff and facilities management contractor personnel who
require access to the VAX scientific cluster at .the National Computer Center.
3.0 PFSPONS1B1LITIES
Data Processing Support Services at the NCC is responsible for performing the following
activities:
a. Maintaining a scratch pool of reel and cartridge tapes for the customer
community.
b. Updating the status of reel and cartridge tapes in the VAX data base on a daily
basis.
c. Performing necessary maintenance of reel and cartridge tapes, daily and on
demand.
d. Monitoring Problem Management records and daily reports for current and
potential tape problems.
e Informing customers and Customer Support personnel whenever problems have
been encountered with a requested tape. (Tape is unavailable.)
4.0 POLICY
a.
Customers of the VAX scientific cluster may allocate system tapes which will
automatically receive a maximum default expiration date of 13 month*
Customers must contact Data Processing Support Services for expiration date
extensions.
h After a reel or cartridge resident system tape has reached its expiration or
scratch date, the customer may request one of the following actions:
(1) That the tape be archived for a maximum of 3 1/2 years. The request
will be forwarded to Data Management personnel to determine it 70
percent of the tape contains data. If the tape meets that criteria, the
request will be processed. (A tape can be archived at any time before its
scratch date.)
-------�
NDPD OPERATIONAL POLICY NO. 230.11
c.
Page 2 of 2
on n0 " '° '* C°n'rary' the
C- \~uaiuiiicrs win nf nntii /i tri» \r A-v \rin jn ,
ju o&ys prior to a scheduled tape
d.
abrSatOnSerraCtC-nVCS a rCqUeS/ f°na "^ WhlCh ^ 0Ot labclcd' the *>b will be
f«° .? °peratlons Personnel will open a Problem Management record and
transfer it to appropriate personnel (DPSS), if necessary A message will be
logged to the customer, requesting that DPSS be contacted.
fr.f.tn^ rCqUirCS "labelin«- the customer must submit a request to DPSS
(Customers are not allowed to relabel system tapes.) Tapes containing data to be
retrieved at a later date should not be relabeled. The data wH \b< "2t Instead
the customer should contact Customer Support for assistance '
-------�
U.S. ENVIRONMENTAL PROTECTION AGENCY
NDPD OPERATIONAL POLICIES MANUAL
TITLE: Prime System Management NO"
APPROVAL:
1.0 PURPOSE
This System Management policy assigns responsibilities for Prime system management among
the System Manager, System Administrator, and user.
2.0 SCOPE & APPLICABILITY
This policy applies to all EPA and EPA contractor personnel who manage or use an EPA Prime
computer system.
3.0 RESPONSIBILITIES
The System Managers are the link between local policy and Agencywide Policy for Prime
computers. The System Manager is accountable for the management and use of the local Prime
system.
System Administrators are responsible for day-to-day operations. They report directly to their
individual System Manager.
Prime users are responsible for the proper use of the Prime office computers.
4.0 POLICY
4.1 SYSTEM MANAGER
a. Serves as primary manager and representative to OIRM and NDPD.
b. Maintains communications with the EPA Prime Project Office at the WIC on the
status of his/her system.
c Ensures that the local systems conform to NDPD and OIRM guidelines for
hardware, software, and telecommunications configurations. Directs and
supervises the System Administrator in conforming with these guidelines.
d. Ensures that Telecommunications Service Requests (TSR's) are submitted when
required.
Develops a local system management policy to perpetuate a consistent level of
knowledge of the Prime equipment (e.g., its capabilities, usage, operational
procedures, and available applications).
e.
Indicates revision.
-------�
NDPD OPERATIONAL POLICY NO 240 01
' Page 2 of 3
f. Maintains an inventory of all Prime hardware and software installed with the
g-
ssss " f or computer
IBM
4.2 SYSTEM ADMINISTRATOR
a. Receives policy direction from the System Manager.
b. Serves as the first source of technical assistance for the System Manager and
'' system" resp°nsibility for the day-to-day management and operation of the
d. Con tarts Mr>Pr>Pfi'rv,/.c.._ ..-^i .
month to report the status of the
6 AccouVnCtSsatod inStaUS S°ftware uP8rades f™m NDPD Prime Support at the WIC
EPA software releases from ND^oVri'me SupportthC 1DStal!atlC
f. Completes the Prime System Administrator training class.
h. Acts as local rm,,a.t fnr Prime Customer Service for
Indicates revision.
-------�
NDPD OPERATIONAL POLICY NO. 240.01 PaSe 3 of 3
4.3 PRIME USERS
a Reports system problems to System Administrators, properly handles computer
equipment, and uses the Prime computer for Agency-approved applications only.
b. Receives local use directives and technical assistance from the System
Administrator.
-------�
-------�
U.S. ENVIRONMENTAL PROTECTION AGENCY
NDPD OPERATIONAL POLICIES MANUAL
TITLE: Prime System Maintenance NO.: 240.02
APPROVAL: fi^rf ^ ^ jjtf _ DATE:
1.0 PURPOSE
This System Maintenance policy defines Prime maintenance reporting, hardware service, and
maintenance renewal responsibilities.
2.0 SCOPE & APPLICABILITY
This policy applies to all EPA and EPA contractor Prime computer sites.
3.0 RESPONSIBILITIES
This System Administrator will act as the interface (local contact) for local Prime service,
routine maintenance, and hardware installations.
The NDPD Prime Support Staff will provide technical guidance and assistance to the System
Administrator.
The PCMD Project Office will assume responsibility for Prime maintenance renewals.
Prime Support will be responsible for distribution of documentation. The Systems Ad-
ministrator will distribute documentation to users as appropriate.
4.0 POLICIES
4.1 PRIME SUPPORT
a. Prime Support will assist System Administrators reporting hardware failures
within 3 working hours after a call is received.
b. Prime Support will input all bona fide problems into the IBM mainframe Central
Problem Management (CPM) system on a daily basis.
Indicates revision.
-------�
NDPD OPERATIONAL POLICY NO. 240.02 ~~ " page 2 Qf 2
4.2 SYSTEM ADMINISTRATOR
a. The System Administrator will report hardware failures directly to Prime
Service after first consulting Prime Support.
b. The System Administrator, along with Prime Support, will track problems to
ensure timely resolution.
-------�
U.S. ENVIRONMENTAL PROTECTION AGENCY
NDPD OPERATIONAL POLICIES MANUAL
TITLE: Prime Networks & Communications NO» 240.03
APPROVAL: DATE! 5/2/9°
1.0 PURPOSE
This policy identifies the network capabilities and requirements for EPA Prime computer
systems.
2.0 SCOPE & APPLICABILITY
This policy applies to all EPA-supported Prime computer systems connected to all Agency
mainframes, minicomputers, and microcomputers. It also provides standard network features
and optional connectivity links.
3.0 RESPONSIBILITIES
Individual and organizational responsibilities for various aspects of telecommunications,
including need identification and reporting, product testing, procurement, and installation,
are defined in Policies 240.01, System Management, and 240.09, Prime Support Roles.
4.0 POLICIES
All Agency Prime computers will be part of the EPA PRIME network.
NDPD will make available to its users the capability to link Prime computer systems to all
Agency mainframes, minicomputers, and microcomputers.
-------�
-------�
U.S. ENVIRONMENTAL PROTECTION AGENCY
NDPD OPERATIONAL POLICIES MANUAL
TITLE: Prime Change Management NO" 240'04
APPROVAL: ' > '" - * " - DATE: 5/2/9°
1.0 PURPOSE
This Change Management policy provides guidance on change control matters involving the
EPA Prime systems.
2.0 SCOPE & APPLICABILITY
This policy applies to all administration managers and users of the EPA Prime systems located
at the WIC, including telecommunications networks.
Changes reflecting the correction of a system vulnerability will not be detailed in Change
Management. An item of this nature can only be entered in very general and obscure terms
Change Management approvers will be notified either verbally or through conf,dential
memorandum of the specifics of the change and its intent.
3.0 RESPONSIBILITIES
It is the Prime Support Supervisors responsibility to ensure that users are notified of all
changes involving the Prime computer system and that notification procedures are enforced.
4.0 POLICIES
a Local code development will be approved by NDPD before the task is initiated.
This approval will be in writing either through formal memorandum or by
utilizing the software checklist. System software changes requiring local code
changes will be specifically noted in Change Control.
Local code implementation into production will be with the approval of Change
Control This approval requires complete testing, documentation, and
supervisory level code review. These requirements can only be waived in
emergencies by NDPD.
b. Users will be given 5 days notice before a network or gateway system software
or hardware change is implemented.
c Notifying System Administrators and System Managers of a change through the
Agency's electronic mail system will constitute user notification.
d If a System Administrator has a local change that needs to be announced to a
large number of users across the network, he/she can submit the change via
Email to the Prime Support Supervisor for distribution to other System
Administrators and System Managers. The 5-day user notification requirement
should be respected for schedule changes.
Indicates revision.
-------�
NDPD OPERATIONAL POLICY NO. 240.04 Page 2 pf
5.0 DEFINITIONS
"Ot written by thc Vendor that eithcr utilizes the
exits in the software or modifies the vendor source code.
-------�
U.S. ENVIRONMENTAL PROTECTION AGENCY
NDPD OPERATIONAL POLICIES MANUAL
TITLE: NCC Prime Problem Resolution NO.: 240.05
APPROVAL: £),-^jJU^ .. MsJl DATE;
-------�
NDPD OPERATIONAL POLICY NO. 240.05 " Page 2 of 2
d. Prime Support will categorize problems encountered with the Prime systems as
being hardware, software, performance, telecommunications, or user problems.
e. All problems will be entered into the NCC IBM mainframe Central Problem
Management (CPM) System on a daily basis.
f. The CPM Administrator will report the status of unresolved problems to NDPD
management on a daily basis.
g. User and systems related CPM tickets will be closed by Prime Support within
8 working hours 75% of the time.
h. The CPM Administrator will submit monthly reports to NDPD identifying the
number and nature of problems addressed during the reporting period.
i. Closed problem reports will be archived for a period of 3 years from the date
they were closed.
Indicates revision.
-------�
U.S. ENVIRONMENTAL PROTECTION AGENCY
NDPD OPERATIONAL POLICIES MANUAL
TITLE: Prime Software NO.: 240.06
APPROVAL: f\ A 01 r\ .0 Lj/ DATE: 5/22/90
1.0 PURPOSE
This policy establishes the "standard" software configuration for all EPA supported Prime
systems. It also identifies the requirements for upgrading this software.
2.0 SCOPE & APPLICABILITY
This policy applies to all EPA supported Prime computer systems. It includes software testing
and distribution procedures for software update releases.
3.0 RESPONSIBILITIES
Support for all EPA standard software is provided by NDPD Prime Support, the main contact
between Prime sites and vendors for additional (new) software.
4.0 POLICIES
a. Software other than EPA-standard Prime software must be justified to and
approved by NDPD and OIRM (if it affects information systems policy).
b. Local sites must call Prime Support for software user support. For all centrally
supported software packages, PrimeSupport will contact the vendor as necessary.
c. Prime Support will test all upgrades and new releases of non-EPA standard
software before making it available for general use.
d. Installed routines will be tested for clarity by Prime Support. Checklist
procedures for the System Administrator, if appropriate to include final
changes, will be prepared and automated.
e. Software will be distributed by Prime Support in three update/releases a year.
f. Prime Support will install software updates and maintain system functionality
without the need for follow-up 99% of the time.
g. Prime Support will maintain an on-line tracking system at the WIC to document
the various steps in the release, distribution, arrival, update installation, and
updated system availability.
Indicates revision.
-------�
-------�
U.S. ENVIRONMENTAL PROTECTION AGENCY
NDPD OPERATIONAL POLICIES MANUAL
TITLE: Prime User Registration NO.: 240.07
APPROVAL: f) 4/) , \ jj D DATE: 5/2/90
1.0 PURPOSE
The Prime User Registration policy establishes:
a. Policy objectives.
b. Local System Manager responsibilities.
2.0 SCOPE & APPLICABILITY
This policy applies to all local Prime Systems Managers.
3.0 RESPONSIBILITIES
The local Prime System Manager will be responsible for local user registration, which includes
developing, updating, and monitoring appropriate registration procedures. He will be
responsible for following good administration practices, including accurate record-keeping of
all users with a valid User-ID and password to the system.
4.0 POLICY
a. NDPD Prime Support will be available to assist local System Managers in
establishing user registration procedures and providing other registration
assistance.
b. The local System Manager will register all users to the local Prime system. This
registration will include the establishment of user profiles as detailed in
Procedure 240.08, Prime Security.
-------�
-------�
U.S. ENVIRONMENTAL PROTECTION AGENCY
NDPD OPERATIONAL POLICIES MANUAL
TITLE: Prime Security NO: 240.08
APPROVAL: f^ . /, D , , \ ft|\ O DATE: 2/J/90
1.0 PURPOSE
The objective of this policy is to provide a secure Prime operating environment.
This policy:
a. Defines Prime management and Prime user responsibilities for physical,
software, and data security of the Prime.
b. Defines NDPD responsibilities for Prime security.
2.0 SCOPE & APPLICABILITY
This policy is applicable to all EPA personnel and their agents who are providing services for
and/or using EPA Prime computers.
3.0 RESPONSIBILITIES
NDPD is responsible for:
a. Defining policy.
b. Reviewing policies annually for needed modification and/or enhancement.
c. Monitoring adherence to security policies by Prime sites.
d. Distributing to Prime sites, in a timely manner, Agency standard Priine
operating system and NDPD provided software and documentation for its
operation. NDPD will develop and provide to each site a mechanism suitable
for security auditing and for detecting unauthorized access attempts.
e. Evaluating requested exceptions to this policy.
Prime site management is responsible for:
a. Implementing and adhering to Prime security policies. Prime sites may
implement more restrictive security policies as required by the site.
b. Reporting detected breaches of the security policies to NDPD.
c. Coordinating resolution of security breaches and security issues with NDPD.
d. Installing operating system software and other standard Agency software
distributed by NDPD.
-------�
NDPD OPERATIONAL POLICY NO. 240.08 Page 2 of 5
e.
Providing default protection for data consistent with the sensitivity and value
of the data and assisting Prime users in determining and implementing
additional levels of protection beyond default protection.
f. Obtaining NDPD approval for exceptions to this policy.
4.0 POLICY
a. NDPD will distribute Agency standard Prime operating systems and any other
software deemed appropriate by NDPD for the implementation and enforcement
of this policy.
b. Prime security procedures developed by NDPD will be consistent with other
NDPD policies.
c. Each Prime Site Manager will physically and procedurally provide for a secure,
controlled access environment for each prime system to protect it from loss
caused by fire, natural or unnatural acts of man or nature, or machine failure.
Specifically, each Prime Site Manager will:
(1) Establish procedures for evaluating and granting physical access to the
site and its computers and monitoring access.
(2) Control access to the site and its computers through GSA and industry
accepted physical control mechanisms (e.g., locks, badge readers).
(3) Protect the physical environment by establishing and monitoring GSA
and industry accepted environmental controls and fire suppression
systems.
(4) Protect the physical operating environment by establishing procedures
governing the physical safety of the computers, their operators, and their
users.
(5) Safeguard computer and other property assets through procedures
providing for their receipt, tracking, and disposal.
d. Each Prime System Manager will provide for secure logon access to the site's
computers. Specifically, each Prime System Manager will:
(1) Enforce the following policies for computer passwords:
(a) The minimum password length will be six characters. Password
conditioning rules requiring at least one alpha and one numeric
character will be used to prevent trivial and easily guessed
passwords.
(b) Passwords from new users and reissued passwords will be unique
for each user and non-trivial in nature and will not be set to any
previously used password for that user.
Password changes by the owner of a User-ID will not allow any
of the 10 previously used passwords to be used.
-------�
NDPD OPERATIONAL POLICY NO. 240.08 Page 3 of 5
(c) The option to allow a user to enter his/her password on the logon
line will be disabled. A user must be prompted to enter his/her
password.
(d) The system will force each user to change his/her password at 90
day intervals.
(2) Enforce the following policies for computer User-ID's and accounts.
(a) User-ID's will not be shared. Each registered user must have
his/her own User-ID. User-ID's which have not been used to
access the system within a 99 day period will be disabled. A
User-ID will be purged from the system after 1 year if it has not
been used in that time.
(b) An association of a Project-ID with a User-ID may be made to
provide an additional level of login security as described in the
System Administrator's Guide.
(c) No more than 30 minutes of terminal idle time will be allowed
before a user is logged off the system due to inactivity. Only
four unsuccessful logon attempts will be allowed between session
initiations. After four consecutive unsuccessful logon attempts
between sessions, the User-ID will be automatically disabled by
the system and will only be re-established by the Prime Site
Manager after appropriate security follow-up.
(d) An account which allows a user to access the system without
manually adhering to the logon process and its controls will be
restricted such that the account allows access only to a specific
application environment and must be safeguarded against use by
nonapplication users.
(e) User-ID's used by vendors for system hardware or software
maintenance by non-Prime site personnel must be strictly
monitored and controlled. The environment for these User-ID's
will be closely coupled with the minimum privileges required for
the performance of the user's task(s). The User-ID will be
disabled immediately upon departure of maintenance personnel
from the site.
(3) Enforce the following policies concerning system files and resources:
(a) File protection will be applied to all system and user directories
and files commensurate with the harm or loss that would ensue
from unauthorized access to or destruction of the directories or
files. Password protection of user and system directories should
not be used. Access Control Lists (ACL's) provide better
protection.
(b) All operating system files and user data files will be backed up
on a weekly schedule.
-------�
NDPD OPERATIONAL POLICY NO. 240.08 Page 4 of 5
(4) Enforce the following policies regarding software installed at the Prime
site:
(a) Software requiring installation as a privileged process or image
which enhances or alters the security environment of the Prime
will not be installed without NDPD approval.
(b) Software requiring privileges to function will be granted the
minimum privileges required for it to function.
(c) All software distributed to each Prime site by NDPD will be
installed according to time and installation specifications
provided by NDPD.
(5) Establish policies and procedures for sign-on (access) authority to any
Prime, limit assignment of privileges allowed by the system to those
necessary for a person to perform assigned task(s), and deny access or
privileges to that person when his requirement for access or privileges
has expired.
(6) Accept responsibility for auditing computer access and investigate access
incidents as indicated by the audit. The audit must include a daily
review of unsuccessful login attempts and use of sensitive system
commands.
(7) Permit access to the Prime system by a member of the NCC Computer
Security staff who will review computer security policy compliance.
The NCC Computer Security staff member will be given a privileged
account for this purpose, but only for the duration of the review.
(8) Enable display of all unsuccessful login messages at a supervisor terminal.
(9) A user whose terminal or terminal line is disconnected will be logged
out.
(10) Allow 30 minutes as the maximum time for a terminal to remain idle.
After that time, the user will be logged out.
(11) Establish the length of time for a user login to be no more than 3 minutes.
(12) AMLTIM(login time) parameters should remain enabled at recommended
Prime values.
(13) At a minimum, Prime recommendations for a "moderately secure"
environment, as described in the Prime System Administrator's Guide,
should be followed.
e. Each Site Manager will be responsible for coordinating enforcement of this
policy with the NCC Security Office and will be responsible for coordinating
resolution of security incidents and other security issues with that office.
-------�
NDPD OPERATIONAL POLICY NO. 240.08 Pa8e 5 of 5
5.0 REFERENCES
The following Prime documents were used to develop this policy and constitute the accepted
references for implementing security in the Prime environment:
Administrator's Guide. Revision 22
Prime/SNA Administrator's Guide (DQC8908-2LA)
-------�
-------�
U S ENVIRONMENTAL PROTECTION AGENCY
'NDPD OPERATIONAL POLICIES MANUAL
TITLE: Prime Non-Local Support Roles
APPROVAL:
1.0 PURPOSE
This policy identifies Prime non-local support services.
2.0 SCOPE & APPLICABILITY
This policy applies to .11 personnel assigned duties as described below. Services are provided
to all EPA and EPA contractor Prime managers and users.
3.0
The AHm;n;.tr,tive Svst™. Branch (ASB) is responsible for Agency office information
systems policy.
MT.PH P^e Support is located at the WIC and its personnel are responsible for systems and
user support for EPA Prime computer sites.
Prime Service is responsible for all hardware service and technical problem resolution through
a toll-free telephone number.
The i^iiti,* Manasem- «-™» ™"™«
-------�
NDPD OPERATIONAL POLICY NO. 240.09 ~ Page 2 of 4
4.0 POLICIES
a. All system procurements must be approved by OIRM and NDPD.
b. ASB will provide assistance in requirements analyses and feasibility studies
prior to acquisition of a PRIME computer system.
c. ASB will approve all departures from established Agency standards in
application system implementation.
d. NDPD Prime Support will be available from 7:00 a.m. to 5:00 pm Monday
through Friday.
e. After hours Prime service will be available on a per call reimbursement basis.
4.1 NDPD PRIME SYSTEMS PROJECT OFFICER
a. Monitors and provides direction to NDPD Prime Support Services.
b. Provides guidance on and approves all system configurations, including
hardware, software, and communications.
c.
Approves all contract purchase requests and contractor amendment proposals.
d. Deals directly with System Mangers and vendors on policy issues.
e. Advises NDPD and OIRM of system and contract activity and the need for
changes to, or departures from, system and telecommunications policy.
4.2 NDPD PRIME SUPPORT
a. Provides technical support for System Administrators and users.
b. Defines Prime network configurations and performs network maintenance for
all EPA Prime computers.
c. Distributes new software releases to System Administrators.
d. Maintains EPA Prime menus and creates software to provide globally requested
features on Prime computers.
e. Acts as the official contact to Prime Computer, Inc., for technical problem
resolutions.
Indicates revision.
-------�
NDPD OPERATIONAL POLICY NO. 240.09 Page 3 of 4
f. Provides assistance to users in the use of standard application products.
g Documents current software problems and tests for software "logs" before a
software upgrade is released to the System Administrators.
h. Acts as official contact point to third party software vendors.
4.3 PRIME SERVICE
a. Provides assistance at each Prime site through a toll-free telephone number.
b. Provides hardware service and technical problem resolutions.
c Accepts hardware failure reports directly from the System Administrator (after
the Administrator has consulted with the System Support Staff).
4.4 FACILITIES MANAGEMENT SERVICES DIVISION/FIELD EQUIVALENT
a. Approves and supports Prime physical site selection and preparation.
b. Interacts with ASB during feasibility studies.
c. Interacts with Prime Service and System Managers in relocation of Prime
computer equipment.
4.5 ARCHITECTURAL MANAGEMENT AND PLANNING BRANCH (AMPB)
a. Evaluates new hardware that cross computing environments.
4.6 TELECOMMUNICATIONS BRANCH
a. Performs telecommunications planning for NDPD.
b. Evaluates and plans Telecommunication Service Request (TSR) implementations.
Indicates revision.
-------�
NDPD OPERATIONAL POLICY NO. 240.09 Page 4 of 4
4.7 NDPD TELECOMMUNICATIONS MANAGER
a. Acts on TSR submissions from EPA Systems Managers.
b. Coordinates Prime-related requests with NDPD Prime Project Officer.
c. Coordinates problem resolution with Prime Systems Support as appropriate.
4.8 NDPD NCC TRAINING MANAGER
a. Schedules Prime training classes for Headquarters and Regional sites.
b. Acts as control repository for information on various Prime training courses and
Prime seminars.
-------�
U S ENVIRONMENTAL PROTECTION AGENCY
NDPD OPERATIONAL POLICIES MANUAL
TITLE: Prime Configuration Management
APPROVAL:
1.0 PURPOSE
This policy identifies Prime model comparisons for determining the best nardware
LnfiguratYon for individual application, It provides for purchase of Prime hardware not
on the Prime equipment schedule.
2.0 SCOPE & APPLICABILITY
This policy applies to all EPA and EPA contractor personnel who are procuring or upgrading
Prime hardware.
3.0 RESPONSIBILITIES
See Policy 240.02, Support Roles, for a list of areas and their responsibilities.
4.0 POLICIES
a. The Architectural Management and Planning Branch (AMPB) will evaluate new
hardware that crosses computing environments.
b OIRM Administrative Systems Branch (ASB), will provide assistance in
requirements analyses and feasibility studies prior to acquisition of a Prime
computer system.
c. All system procurements must be approved by OIRM and the NDPD.
d The NDPD Prime Systems Project Officer will maintain and approve all Prime
systems hardware configurations. The Project Officer will also assist users when
requested.
Indicates revision.
-------�
-------�
U S. ENVIRONMENTAL PROTECTION AGENCY
NDPD OPERATIONAL POLICIES MANUAL
TITLE: IPS Maintenance NO- 250.02
APPROVAL: ,O 6 0 ( I X M 0 DATE: * - / i - y ,
/Qa-K-,JiLfy vJ -^x^JJraiV- . _
v
1.0 PURPOSE
Hardware and software require regular maintenance in order to operate effectively. This
policy is designed to encourage consistent maintenance of the EPA Image Processing Systems
(IPS) based on AS/400 minicomputers and workstations connected to the AS/400 via a token
ring Local Area Network (LAN).
2.0 SCOPE & APPLICABILITY
This policy is applicable to all EPA and contractor personnel who provide services to the EPA
Image Processing Systems as described above.
Any deviation from this policy must be approved in writing by the Director of NDPD.
3.0 RESPONSIBILITIES
NDPD is responsible for policy enforcement and will annually review policies for needed
modification and/or enhancement, as well as monitor adherence to these policies by IPS sites.
NDPD is responsible for recording and tracking all system software malfunction incidents in
NDPD's Central Problem Management data base, and for contact with vendors regarding
software malfunctions.
The IPS System Administrator is responsible for contact with vendors regarding hardware
malfunction incidents and the scheduling of repairs.
The IPS System Administrator is responsible for scheduling all preventive maintenance.
4.0 POLICY
a The IPS site will fund (or arrange to provide funding for NDPD to do so) and
serve as Project Officers for all hardware and system software maintenance
contracts.
b No modifications will be allowed to any hardware, system software, licensed
program, or application program components unless approved via the NDPD
Change Management process.
-------�
NDPD OPERATIONAL POLICY NO. 250.02 Page 2 Qf 2
5-0 DEFINITIONS
a. Software as used herein refers to operating system software and any program
product or application software that affects the performance or configuration
of the system.
b. Hardware maintenance includes the following:
(1) Preventive maintenance performed on a routine, scheduled basis, such as
modifications or replacements of hardware units or hardware microcode.
(2) Repairs as a result of a hardware malfunction.
-------�
U.S. ENVIRONMENTAL PROTECTION AGENCY
NDPD OPERATIONAL POLICIES MANUAL
TITLE: IPS Performance & Capacity Monitoring NO. 250.03
APPROVAL:
1.0 PURPOSE
The large capital investment for EPA's Image Processing Systems (IPS), based on AS/400
minicomputers and workstations connected to the AS/400 via a token ring Local Area Network
(LAN) requires that they be managed to provide maximum performance and to minimize
required upgrades. Adherence to this policy will encourage the attainment of these goals.
2.0 SCOPE & APPLICABILITY
This policy is applicable to all EPA and contractor personnel who provide services for the EPA
IPS as described above.
Any deviation from this policy must be approved in writing by the Director of NDPD.
3.0 RESPONSIBILITIES
NDPD is responsible for policy enforcement and will annually review policies for needed
modification and/or enhancement, as well as monitor adherence to these policies by IPS sites.
4.0 POLICY
a.
c.
Each IPS site will control the number of batch jobs and interactive users running
on its system at any given time. NDPD will tailor system tuning parameters to
meet the performance requirements of each site.
b NDPD will provide a jobstream to generate performance monitoring reports on
a periodic basis. These reports will contain data on key system performance
indicators.
The IPS System Administrator will monitor the system's components and
determine if the components are inside or outside the tolerance levels set by
NDPD.
d. The monitoring frequency will be determined by the System Administrator
unless a specific frequency is requested by NDPD to resolve problems.
The System Administrator will notify NDPD when system components are
outside the tolerance levels and NDPD will investigate the situation and provide
a resolution.
A workload performance data base will be defined and compiled on a monthly
basis by NDPD.
e.
-------�
-------�
U S ENVIRONMENTAL PROTECTION AGENCY
NDPD OPERATIONAL POLICIES MANUAL
TITLE: IPS Change Management NO- 2 '
APPROVAL:
1.0 PURPOSE
This oolicv is designed to promote consistency and commonality of hardware and software in
7he EPA Image Pfocessing System (IPS) environment based on AS/400 minicomputer, and
workstations connected via token ring Local Area Networks (LANs).
The objectives of the EPA IPS Change Management policy are to:
Ensure that necessary changes to the IPS arc made with minimum disruption to
a.
users.
b. Provide a formal structure for stable IPS changes.
c. Define NDPD and IPS staff responsibilities for Change Management.
This policy will provide EPA with an effective method of monitoring and controlling all
changes to the IPS.
2.0 SCOPE & APPLICABILITY
This policy is applicable to all EPA and contractor personnel who provide services to the EPA
Image Processing Systems as described above.
Any deviation from this policy must be approved in writing by the Director of NDPD.
3.0 RESPONSIBILITIES
NDPD is responsible for policy enforcement, and ™™™mll\rc™™^?£\£tf*
modification and/or enhancement, as well as monitor adherence to these policies .by IPS sites.
Each IPS System Administrator is responsible for coordinating Change Control Activities
between NDPD support personnel and the IPS site, and for notifying users of changes to the
system.
The IPS System Administrator is responsible for monitoring and reporting the stability impact
of system changes to NDPD support personnel.
4.0 POLICY
a.
No changes to software, hardware, or telecommunications configurations or
features will be made unless approved through the Change Management process.
Software is defined as operating system software and any program products or
applications that require or cause changes to the IPS configuration or perfor-
mance.
-------�
NDPD OPERATIONAL POLICY NO. 250.04 Page 2 of 2
b. Software changes installed on any IPS system will be duplicated on all systems
within 60 days.
c. NDPD maintains the Change Management process.
d. A Change Management teleconference meeting is conducted weekly between
NCC and all sites. All IPS System Administrators and their appointed
representatives arc invited to participate. The telephone number is FTS 629-
1591 or (919) 541-1591.
-------�
U.S. ENVIRONMENTAL PROTECTION AGENCY
NDPD OPERATIONAL POLICIES MANUAL
TITLE: IPS Problem Resolution NO. 250.06
APPROVAL: DATE: a
: f] ^J/ (J.\ ^
/
1.0 PURPOSE
Problems will arise in a resource as complex as the Image Processing System (IPS). This policy
establishes a framework for resolving these problems when they occur on EPA IPS based on
AS/400 minicomputers and workstations connected to the AS/400 through a token ring Local
Area Network (LAN).
2.0 SCOPE & APPLICABILITY
This policy is applicable to all EPA and NDPD contractor personnel who provide services for
or use the EPA Image Processing Systems as described above.
Any deviation from this policy must be approved in writing by the Director of NDPD.
3.0 RESPONSIBILITIES
NDPD is responsible for policy maintenance and enforcement in consultation with IPS System
Administrators. NDPD will review policies annually for needed modification and/or
enhancement.
The IPS System Administrator serves as the initial contact with NDPD.
4.0 POLICY
a. The IPS System Administrator and NDPD support personnel will report all
problems involving the IPS. These problems will be classified as to cause:
equipment, telecommunications, system software, or application.
b. NDPD's Central Problem Management data base will be used to track problem
resolution. NDPD systems support personnel and the application support team
will be required to use Central Problem Management to log IPS problems and to
record the actions taken to resolve them.
c. The IPS System Administrator will report hardware problems to the vendor for
correction.
d. System software problems will be resolved by NDPD support personnel.
Application problems will be reported to the support contractor for resolution.
Only the IPS System Administrator or his designated backup may directly call
NDPD personnel or the application support contractor for problem resolution.
e. NDPD support personnel will be available to the IPS System Administrator from
8:00 a.m. to 5:00 p.m., Monday through Friday.
-------�
-------�
U.S. ENVIRONMENTAL PROTECTION AGENCY
NDPD OPERATIONAL POLICIES MANUAL
TITLE: IPS User Registration NO. 250.08
APPROVAL: /O . J/7 / , 1 J)i) () DATE:
rL^M> L-^JUl
f
1.0 PURPOSE
This policy defines NDPD and IPS System Administrator responsibilities for user registration,
and provides guidelines for the development of user registration procedures for each EPA IPS
based on AS/400 minicomputers and workstations connected to the AS/400 through token ring
Local Area Networks (LANs). Adherence to this policy is required for effective management
of the IPS resource.
2.0 SCOPE & APPLICABILITY
This policy is applicable to all EPA and contractor personnel who provide services for or use
the EPA Image Processing Systems as described above.
Any deviation from this policy must be approved in writing by the Director of NDPD.
3.0 RESPONSIBILITIES
NDPD is responsible for policy enforcement, and will annually review policies for needed
modification and/or enhancement, as well as monitor adherence to these policies by IPS sites.
The IPS System Administrator will designate one person and a backup who will be responsible
for coordinating communications to NDPD regarding registration matters.
4.0 POLICY
a. User registration on the AS/400 IPS will be performed by the IPS System
Administrator. If registration of the same user on the NCC host is necessary, it
will be performed by the TSSMS Office upon receipt of an Email request from
the IPS site or through the standard NCC registration procedure. Registration
on NCC hosts will be completed within 24 hours of receipt of the request.
b. Each IPS AS/400 user must have his own User-ID; User-IDs will not be shared.
Users of applications based on the AS/400 Electronic Filing Cabinet must have
their own User-Ids, which are identical to the AS/400 User-ID.
c. User-IDs not used to access the IPS within a 90-day period will be disabled.
User-IDs not used within 1 year will be deleted.
-------�
-------�
U.S. ENVIRONMENTAL PROTECTION AGENCY
NDPD OPERATIONAL POLICIES MANUAL
TITLE: IPS Security NO. 250.09
APPROVAL: / ' //x ' v ///y l ' DATE:
1.0 PURPOSE
Protection of data and the Image Processing System (IPS) resource from theft, damage and
unauthorized use requires specific security measures, and adherence to Federal laws regarding
sensitive data is mandatory. This policy defines security objectives and enforcement
requirements on EPA IPS based on AS/400 minicomputers and workstations connected to the
AS/400 through a token ring Local Area Network (LAN).
2.0 SCOPE & APPLICABILITY
This policy is applicable to all EPA and contractor personnel who provide services for or use
the EPA Image Processing Systems as described above.
Any deviation from this policy must be approved in writing by the Director of NDPD.
3.0 RESPONSIBILITIES
NDPD is responsible for policy determination and will review its policies annually for needed
modification and/or enhancement. NDPD will monitor adherence to these policies by IPS sites.
NDPD is responsible for all IPS system software security, and will provide each IPS System
Administrator with initial training in IPS security.
The IPS System Administrator is responsible for:
Implementing the IPS security policy, which includes training the IPS users in
security, reporting security incidents to NDPD, and coordinating the resolution
of security incidents with NDPD.
Providing default data protection consistent with the value of the data, and for
assisting users in implementing additional protection beyond the established
default upon request.
o
Obtaining NDPD approval for policy exceptions.
4.0 POLICY
a. NDPD will:
(1) Develop and provide each IPS site with a security auditing mechanism
capable of detecting unauthorized computer access attempts and the use
of sensitive system-level commands.
-------�
NDPD OPERATIONAL POLICY NO. 250.09
Pagc 2 pf -
c.
(2) Require a security level (QSECURITY) of thirty for each AS/400-based
IPS to provide both password and resource security. The other two
security levels, ten and twenty, do not provide adequate security for EPA
1* O.
(3) Assume responsibility for the protection of the operating system and
licensed programs supplied by NDPD.
b. Each IPS System Administrator will:
(1) Control access to the site and the IPS through industry-accepted locks
and badge readers, and develop procedures for granting and monitoring
physical access.
(2) Protect the physical environment of the IPS site through installation and
use of industry-accepted environmental controls and fire suppression
devices, and through enforcement of procedures governing the physical
safety of the IPS.
(3) Protect all licensed programs installed by the site according to the
vendors' specifications.
Each IPS System Administrator will enforce the following concerning User-IDs:
(1) Only four unsuccessful logon attempts will be allowed between successful
logons. After four consecutive failures, the User-ID and the terminal
will be automatically disabled by the system.
(2) No more than 30 minutes of terminal idle time will be allowed before a
user is logged off by the system.
(3) Vendor User-IDs used for system hardware or software maintenance
must be strictly monitored and controlled. The minimum number of
privileges needed for a specific task should be granted. These User-IDs
should be disabled immediately after the vendor's activity is completed.
The IPS System Administrator will enforce the following regarding passwords:
(1) Passwords will be a minimum of six characters. Passwords must contain
at least one alpha and at least one numeric character and must not
contain repetitive strings of digits or characters. Passwords should not
be easily guessed. This is an EPA Security Manual requirement.
(2) Passwords must be changed at least every 90 days. Passwords for
privileged User-IDs must be changed at least every 30 days.
(3) A password for a new User-ID will be unique to that User-ID. A
password that has been previously used cannot be reissued.
(4) Valid password changes by the owner of the User-ID will exclude the
previous ten passwords used for the User-ID.
d.
-------�
NDPD OPERATIONAL POLICY NO. 250.09 Page 3 of 3
e. The IPS System Administrator will enforce the-following:
(1) File protection will be applied to all user directories and files commensu-
rate with the harm or loss that would ensue from unauthorized access to,
or destruction of, the directories or files. This is an EPA Security
Manual requirement.
(2) All operating system files and user data files will be backed up on a
weekly schedule. This is an EPA Security Manual requirement.
(3) No software requiring installation as a privileged process or image,
altering the security environment of the IPS, will be installed without
NDPD approval. Software requiring privileges to function will be
granted the minimum privileges required for the function.
(4) If the IPS is based on an AS/400 processor, users will not be allowed
access to programs owned by the Security Officer, SECOFR, or Security
Administrator, SECADM.
(5) The System Administrator will review at least weekly the IPS audit log
for logon and data access problems. Problems will be reported to local
EPA management and NDPD security personnel.
(6) NDPD security staff will be permitted to access the IPS in order to
monitor security policy compliance. The NDPD security staff member
will be given a privileged User-ID for this purpose during the announced
review period.
5.0 REFERENCES
EPA Information Security Manual, December 1989.
AS/400 Programming: Security Concepts and Planning (SC21-8083).
AS/400 Security and Auditing Considerations (GG24-3501).
-------�
-------�
U.S. ENVIRONMENTAL PROTECTION AGENCY
NDPD OPERATIONAL POLICIES MANUAL
TITLE: IPS Data Management NO- 250.10
APPROVAL: DATE;
1.0 PURPOSE
Data must be managed so that it is available when needed. Good management practices are
demanded by the economics of DASD and its maintenance and operation. To meet these
conditions, this policy:
a. Provides guidelines for ongoing management of all data sets residing on Informa-
tion Processing System (IPS) DASDs.
b. Defines DASD management responsibilities of IPS site and NDPD personnel.
c. Provides IPS site and NDPD personnel with guidelines for DASD allocation and use.
2.0 SCOPE & APPLICABILITY
This policy is applicable to all EPA and contractor personnel who provide services for or use
the EPA Image Processing Systems based on AS/400 minicomputers and workstations connected
to the AS/400 through a token ring Local Area Network (LAN).
Any deviation from this policy must be approved in writing by the Director of NDPD.
3.0 RESPONSIBILITIES
NDPD is responsible for policy enforcement and will review policies annually for needed
modification and/or enhancement, as well as monitor adherence to these policies by IPS sites.
NDPD is responsible for installing and maintaining OS400, which is the primary software tool
for IPS DASD management.
4.0 POLICY
a. As part of DASD management, the IPS System Administrator will identify and store
critical backup tapes for disaster recovery.
b. IPS DASD management problem resolution is the responsibility of the IPS System
Administrator. When assistance is required from NCC support personnel, the IPS
System Administrator will act as the single point of contact for all such requests.
c. NDPD will develop the jobstreams and procedures needed to run DASD backups.
These procedures will include provisions for the following activities:
(1) Incremental Backup. This should be done daily and will consist of the
SAVCHGOBJ and SAVSECDTA operations. The tapes created should be
kept for 7 days. Because SAVCHGOBJ saves objects which have changed
since the last SAVLIB, each day's backup contains cumulative changes.
-------�
NDPD OPERATIONAL POLICY NO. 250.10 Page 2 Of 2
(2) Weekly Backup. This activity is performed once each week and consists
of the SAVLIB('NONSYS) and SAVDLO operations. The tapes should
be retained for 14 days.
(3) Full System Backup. This activity is performed through the SAVSYS,
SAVLIB(*NONSYS), and SAVDLO operations. The full system backup
is only necessary after a configuration change or system installation.
d. NDPD will provide the procedures and jobstreams required to perform backup of
data stored on optical storage libraries.
e. The IPS System Administrator will ensure that optical disk backup is performed on
all optical library storage that is unique to the IPS site.
f. NDPD will perform optical backup of image data stored in the optical disk library
of the Superfund Cost Recovery IPS Central Processing Facility.
-------�
U.S. ENVIRONMENTAL PROTECTION AGENCY
NDPD OPERATIONAL POLICIES MANUAL
TITLE: TELECOMMUNICATIONS POLICY NO.: 300.00
APPROVAL: jD/n-LJt Ls \ ^ /J^V DATE: 8/1/87
I
1.0 PURPOSE
The NCC Telecommunications policy defines:
a. Components of the NCC telecommunications system.
b. Responsibilities for operating the telecommunications system.
c. Responsibilities for maintaining the telecommunications system.
2.0 SCOPE & APPLICABILITY
This policy applies to all NDFD and FM contractor staff personnel responsible
for the management or operation of the NCC telecommunications system and to
the ADP Chiefs in the ten EPA Regional Offices and to the EPA Laboratories in
Las Vegas and Cincinnati.
Any deviation from this policy must be approved in writing by the Director of
NDPD.
3.0 RESPONSIBILITIES
The FM contractor will develop, update, and monitor procedures to implement
this policy.
The FM contractor will perform the tasks necessary to implement these policies.
The Regional and Laboratory ADP Branch Chiefs will comply with the terms of
this policy.
The ADP Chief at a major distributed processing site is responsible for the
items in Paragraph c. for any local telecommunications facilities not part of
the National Telecommunications System. He/she is also responsible for funding
the acquisition and maintenance of all such equipment. The NDPD telecommuni-
cations staff may render technical assistance to the local ADP Branch Chief
subject to the availability of staff resources.
The NDPD telecommunications staff is responsible for designing, implementing,
and documenting all changes to the National Telecommunications System.
-------�
NDPD OPERATIONAL POLICY NO. 300.00 Page 2 of 3
The local ADP Chief will be responsible for local implementation of approved
TSR's.
The local ADP Chief will be responsible for the security of all equipment,
including spares, placed at his site as part of the National Telecommunications
System. The local ADP Chief will also inform the NDPD telecommunications
staff whenever spare equipment is placed in or out of service.
The local ADP Chief will assume responsibility for all equipment in his/her
custodial area.
4.0 POLICY
a. Any telecommunications facilities present at a major distributed
processing site, but not fitting the definition under Paragraph 5.0,
will not be considered part of the National Telecommunications System.
b. NDPD will maintain a group of EPA and contractor personnel respon-
sible for the management, operation, problem determination, problem
management, and maintenance of the National Telecommunications System.
c. Since the National Telecommunications System serves a number of
computer systems with different hours of operation, the hours of
telecommunications availability are specified in the Service Levels
policy for each computer system. The National Telecommunications
System will be available 99% of the time scheduled for each computer
system. It must also contribute no more than an average of 1 second
of delay time to any interactive transaction.
d. The local ADP Chief will request approval for all -changes to the
local or national telecommunications facilities via the NDPD Tele-
communications Service Request (TSR) form.
e. The local ADP Chief will provide on standard forms supplied by NDPD
a complete set of documentation and configuration information on all
local telecommunications facilities which are not part of the National
Telecommunications System. This information will be supplied by the
end of January and July of each year.
f. All equipment placed at a remote site as part of the National
Telecommunications System will be transferred to the local custodial
area immediately after installation.
-------�
NDPD OPERATIONAL POLICY NO. 300.00 Page 3 of 3
5.0 DEFINITIONS
The National Telecommunications System consists of hardware, software, and
circuits which provide shared access to services between the National Computer
Center and major distributed processing sites, or between remote sites and
either the National Computer Center or major distributed processing sites.
Telecommunications hardware consists of communications processors or interfaces
connected to computer systems, terminal control units, modems, multiplexers,
port selector switches, and protocol converters. Telecommunications software
consists of executable code and data designed to control telecommunications
hardware and residing in any of the telecommunications hardware components or
in computer systems connected to the telecommunications network.
-------�
-------�
U.S. ENVIRONMENTAL PROTECTION AGENCY
NDPD OPERATIONAL POLICIES MANUAL
TITLE: VOICE AND DATA SERVICE NO.: 300.01
LEVEL ESCALATION
APPROVAL: /s/ Donald W. Fulford DATE: 3/25/89
1.0 PURPOSE
Complex service organizations, especially those with the scope of
services provided by the National Computer Center (NCC), experience
operational problems from time to time. This policy establishes a
hierarchy of personnel to notify when telecommunications problems
occur based on the type of problem and its duration.
2.0 SCOPE £ APPLICABILITY
This policy is applicable to all EPA organizations and their
employees, and to personnel of agents (including State agencies,
contractors, and grantees) of EPA who are involved in the design,
development, acquisition, operation, and maintenance of the NCC
telecommunications network.
3.0 RESPONSIBILITIES
NDPD is responsible for policy maintenance and enforcement. NDPD will
annually review policies for needed modification and/or enhancement,
and will provide technical support for all components of the NCC
telecommunications network.
4.0 POLICY
a. The local Network Control staff of technicians is responsible
for problem reporting and management.
b. Technicians will identify problems and classify them as hard-
ware, system software, or application related. Technicians
will initially attempt to resolve all problems.
c. When appropriate, technicians will identify and report hardwar
problems to the specific hardware vendor for resolution.
-------�
-------�
NDPD OPERATIONAL POLICY NO. 300.01
Page 2 of 5
d. When appropriate, technicians will identify and report appli-
cations software problems to a departmental group or vendor
for resolution.
e. Table 1, Voice and Data Problem and Installation Escalation
Service Levels, will be referenced and will dictate the way
in which a problem is escalated (when and to whom the
problem will be referred).
f. All problems will be tracked via NDPD's Central Problem Manage-
ment (CPU) system in accordance with standard NDPD procedures.
-------�
-------�
NDPD OPERATIONAL POLICY NO. 300.01
Page 3 of 5
Table 1 VOICE AND DATA PROBLEM AND INSTALLATION
SERVICE LEVEL ESCALATION
PROBLEM ESCALATION
TYPE
Major Problem*
Level 1
Level 2
Level 3
ESCALATE AFTER
Immediately
2 Hours
M Hours
8 Hours
SUBMIT TO
Unisys Project Director
EPA Division Director
EPA Deputy Director
Unisys Department Manager
EPA Technical Manager
EPA Branch Chief
Unisys Project Director
EPA Division Director
EPA Deputy Director
*Major Problem = Events that interrupt connectivity for more
than 25 users for less than 30 minutes, or which affect less
than 25 users for more than 30 minutes.
INSTALLATION ESCALATION
TYPE ESCALATE AFTER
Level 1 Install 60 Days
Level 2 Install 120 Days
Level 3 Install 240 Days
Level 4 Install No Commitment
SUBMIT TO
Unisys Department Manager
EPA Technical Manager
Unisys Department Manager
EPA Technical Manager
Unisys Department Manager
EPA Technical Manager
-------�
-------�
NDPD OPERATIONAL POLICY NO. 300.01 Page 4 of 5
5.0 DEFINITIONS
Service Levels are determined by the following criteria:
Service Level 1 Must be an ACS Telecommunications Service
Request (TSR).
User requirements are fully understood.
Cable is installed.
Hardware is in inventory or at customer site
Standard software required.
Faclities requirements are met.
Funding has been approved.
No circuit is required.
Standard technical solution.
No procurement required.
No planning required.
Service Level 2 Any type of TSR.
Minor unresolved issues in terms of usar
requirements.
Cable available or minimal cable order.
Hardware is on current contract.
Software is on current contract.
Facilities can be completed by FM contractor
Funding has been approved.
Circuit required, but less than $50K/year.
Standard technical solution needs minor
modification.
No major procurement required.
Minor planning required.
-------�
-------�
NDPD OPERATIONAL POLICY NO. 300.01
Page 5 of 5
Service Level 3
Service Level
Any type of TSR.
Some unresolved issues regarding user
requirements.
Cable is required and user has agreed to
standards.
Additional hardware required.
Additional software required.
Major facilities changes, but on existing
contract.
Funding approved.
Circuit required, but less than *50K/year.
Non-standard technical solution needs to be
tested.
Major procurement needed, but meets following
requirements=
JOFOC required on GSA and <$50K.
JOFOC required not on GSA and <*25K
(small business) or <*10K (large
business).
PWA mod, new PWA, or EPA additional
budget required.
Minor planning required.
Any type of TSR.
Major unresolved issues regarding user
requirements.
Major cable requirements; no agreement on
standards.
Major additional hardware required.
Major additional software required.
Major facilities changes required.
Funding not approved.
Circuit required >$50K/year.
No current technical solution.
Major procurement required:
JOFOC required on GSA and >$50K.
JOFOC required not on GSA and >*25K.
PWA mod, new PWA, or EPA additional
budget required.
Major procurement, but not on any
contract.
Major planning needed.
-------�
-------�
U.S. ENVIRONMENTAL PROTECTION AGENCY
NDPD OPERATIONAL POLICIES MANUAL
TITLE: Installation Requirements for Common Use NO.: 300.02
Telecommunications Equipment
APPROVAL: - ^ DATE: 9/11/89
\
1.0 PURPOSE
The National Computer Center deploys many types of common use telecommunications
equipment throughout Agency facilities. Providing a proper environment for this equipment
is essential to maintain high network availability and reliability. The purpose of this policy
is to ensure that common use equipment is installed so as to maximize its benefits to the user
community.
2.0 SCOPE & APPLICABILITY
This policy is applicable to all EPA organizations and their employees, and to personnel of
agents (including State agencies, contractors, and grantees) of EPA who use EPA common use
telecommunications equipment at their facilities.
3.0 RESPONSIBILITIES
NDPD is responsible for policy maintenance and enforcement, and will review policies
annually for needed modification and/or enhancement. The NDPD Telecommunications
Branch will develop and implement procedures to ensure that common use telecommunications
equipment installations follow this policy.
4.0 POLICY
All Agency common use telecommunications equipment will be provided with an environment
of adequate power (quantity and quality); heating, ventilation, and air conditioning (HVAC);
security; and environmental monitoring where needed. The equipment will be installed in such
a manner as to ease field maintenance. All common use equipment must, at a minimum, be
installed in compliance with the manufacturers' recommendations, with security and access
procedures to protect the equipment.
The following guidelines have been established to aid in implementation of this policy:
a. NDPD Controlled Space. All necessary facility modifications will be included
in the Telecommunications Service Request (TSR) requesting the installation of
the common use equipment. All needed facility modifications will be completed
before installation of the equipment.
b. Non-NDPD Controlled Space. The planning process will include a facilities
survey of the space designated for the common use equipment. The survey may
be conducted by NDPD or contractor staff, or by local Agency personnel or
contractor staff. If a planned facility does not provide a proper environment,
the NDPD Telecommunications Branch will work with the organization
controlling the space to either select an alternate location that meets
requirements or develop a facilities modification plan to improve the planned
space. All needed facilities modifications must be completed before the common
use equipment is installed.
-------�
NDPD OPERATIONAL POLICY NO. 300.02 ~ Page 2 of 2
c. vanance. If the NDPD Telecommunications Branch finds that it cannot place
common use telecommunications equipment in a proper environment, the
Director, National Data Processing Division, must approve a variance.
The request for a variance shall include:
(1) A copy of the TSR requesting the installation of common use equipment.
(2) The deficiency in the environment.
(3) The costs and schedule to correct the deficiency.
(4) The reason for the request for variance (i.e., why the deficiency is not
being corrected).
(5) A risk/benefit analysis showing the impact to telecommunications
availability, reliability, or stability if the variance is granted. User
needs which will not be met if the variance is not granted.
(6) Alternatives for providing service that will meet environmental
standards.
(7) Any other pertinent information.
5.0 DEFINITIONS
Common Use
Telecommunications Telecommunications equipment used by more than one work group
Equipment or organization. Examples include, but are not limited to, front-
end processors, data switches (port selectors), X.25 switches, PABX
equipment, and multi-organization LAN bridge or gateway servers.
-------�
U.S. ENVIRONMENTAL PROTECTION AGENCY
NDPD OPERATIONAL POLICIES MANUAL
TITLE: IBM SNA Network Performance and Capacity NO.: 300.03
Management
APPROVAL: DATE:
1.0 PURPOSE
This document defines the network performance and capacity management policies and
standard procedures for collecting, reporting, and correcting utilization, response time, and
availability data for the EPA IBM SNA network.
2.0 SCOPE & APPLICABILITY
This policy is applicable to all EPA organizations and their employees, and to personnel of
agents (including State agencies, contractors, and grantees) of EPA who are involved in the
design, development, acquisition, operation, and maintenance of Agency telecommunications
systems.
The EPA SNA network consists of the IBM 3090 mainframe at RTP with remote "major node
sites" in Regions 1 through 10, Headquarters, NEIC-Denver, Cincinnati, and Las Vegas,
including all connections made either directly to the IBM 3090 or with direct connection to
the 3090 via a major node remote front-end processor (FEP).
"Dedicated connections" consist solely of physical unit type 2.X termination or non-EPA Type
4/5 FEP hardware physically connected either directly to the IBM 3090 mainframe at RTP
or via a remote EPA major node site front-end processor.
3.0 RESPONSIBILITIES
NDPD is responsible for policy maintenance and enforcement, and will review policies
annually for needed modification and/or enhancement. NDPD will provide technical support
for all Agency networks.
The Telecommunications Services Department is responsible for planning, installation, and
management of day-to-day operations for the network, including performance and capacity
monitoring and tuning, as well as coordination of related activities between the Technical
Services Department and other support groups and vendors.
4.0 POLICY
a. NDPD will gather and analyze network performance and capacity data on a
daily, weekly, and monthly basis.
b In the event that a performance, capacity, or utilization goal is missed, NDPD
will investigate the source of the problem, isolate the problem, and report its
findings to the Network Control Facility for resolution.
c Any network performance, capacity, or utilization goal that is missed will be
documented in the Central Problem Management system and tracked until a
resolution is realized.
d. Network performance data will be presented to NDPD management in daily and
monthly reports.
-------�
NDPD OPERATIONAL POLICY NO. 300.03 Page 2 Of 2
e. NDPD will keep abreast of changing technologies to ensure that state-of-the-
art capabilities are being utilized to analyze network performance capacity and
utilization.
f. The EPA SNA network will be maintained to perform with an average daily
prime time total network turnaround time of <2 seconds to any dedicated user
connection.
g. Each physical Intermediate Network Node (INN) link in the EPA dedicated SNA
network will be maintained at 70% or less average daily prime time utilization
Each physical Boundary Network Node (BNN) link will be maintained at 50%
utilization or less for the same period.
h. All SNA front-end processors will be maintained at 75% or less average daily
prime time CPU and 80% or less memory utilization with no "slow down" events
during normal daily operations.
i. The EPA dedicated network will be implemented in such a manner that there
will be, at most, one intermediate EPA SNA node between the demarcation point
and the NCC IBM 3090 during normal operations.
j. NDPD will consult with external user organizations who are connected to the
EPA SNA network to improve total network turnaround time. However, EPA
is responsible only for controlling and measuring performance, capacity, and
utilization up to the demarcation point between EPA and non-EPA equipment.
5.0 DEFINITIONS
NCC Interactive Network Turnaround Time Goals.1
Dedicated 3270: 2 seconds
Dial-Up 3270: 3 seconds
Protocol Conversion
(async terminals): 5 seconds
Non-EPA SNA Gateways &
SNI Sites: 2 + X seconds2
Prime Time: 10:00 a.m. until 12:00 noon and 2:00 p.m. until 4:00 p.m., Monday through Friday.
It is assumed that these hours represent peak traffic time periods.
JAs measured by TSO, "Definite Response" from user's PU2.X
controller to the NCC IBM 3090.
The EPA component of the average daily prime time network
turnaround will be maintained at < 2 seconds as measured to a
similarly connected physical unit at the same demarcation point.
The X represents the additional time of the non-EPA component of
the transmission.
-------�
U.S. ENVIRONMENTAL PROTECTION AGENCY
NDPD OPERATIONAL POLICIES MANUAL
TITLE: Telecommunications Change Management NO- 300^05
APPROVAL: (1^0 /J J ** " DATE:
1.0 PURPOSE
This policy defines guidelines and procedures to be followed whenever changes are being
planned for the EPA National Data Communications Network (NDCN).
2.0 SCOPE & APPLICABILITY
This policy is applicable to all EPA, contractor, and vendor personnel who request changes
to the configuration of the national network or to any node on that network. This includes
hardware installation, removal, relocation, and upgrades; software upgrades; and any changes
to a facility's layout or design which affects the network or node.
3.0 RESPONSIBILITIES
NDPD is responsible for the maintenance and enforcement of this policy. NDPD personnel
will conduct an annual review for needed modifications and/or deletions, and will provide
technical support for all procedures and activities. NDPD is also responsible for ensuring
that this policy is updated as needed to concur with changes in NCC procedures affecting this
policy or the ability to enforce this policy.
4.0 POLICY
Requested changes to the EPA NDCN will be made formally and in writing via an existing
Telecommunications Service Request (TSR) process. This process ensures input.-concurrence
and notification to all participants of the requested change. It also provides an automated
method of tracking a request, making changes to it, and reporting its schedule, status, and
final outcome to NDPD.
S.O DEFINITIONS
The TSR is an on-line document that users or any originator of a requested change can use to
identify the nature and desired schedule of a change. It is described in the on-line IBM User s
Guide [JUSD.USERS.REFER(TELECOM)J:
"The TSR is the single document for requesting most types of service changes. Services
and information which must be requested and provided via this form include the
following:
o Full-screen terminal support.
o Graphics terminal support.
o ASCII (TTY terminal support).
-------�
NDPD OPERATIONAL POLICY NO. 300.05 " Page 2 of 2
o Remote job entry registration.
o Terminal relocations.
The TSR will be the only method for requesting these services. Note that the request
^USl^Pr°^d by thC ADP Coordinat°r- Copies of the form are available through
the ADP Coordinator or by telephone request to the Network Support Group Copies
are available as on-line print on the IBM 3090 in the data set JCMT.TSR.FORMS (TSR)."
£Do?va, JS£ iS™ PlCteduand,ent"ed into the system>its originator is notified in writing and
in™m • ^° J DUmubCr £°r future rcfcren«. The letter also contains the FTS1 and
commercial phone number of the person to whom the TSR has been assigned
-------�
U.S. ENVIRONMENTAL PROTECTION AGENCY
NDPD OPERATIONAL POLICIES MANUAL
TITLE: Telecommunications Disaster Recovery NO.: 300.06
APPROVAL: /I A Q / , A /) 1 C)
_ USrtc^LfS UA"U- J\/U^V
1.0 PURPOSE
This document defines the Telecommunications Disaster Recovery policies and procedures to
reinstate access to the EPA NDPD National Computer Center (NCC) at an alternative site in
the event the existing facility at Research Triangle Park (RTF), North Carolina, is rendered
unusable.
2.0 SCOPE & APPLICABILITY
This policy is applicable to all EPA, contractor, and vendor personnel who use the EPA
National Data Communications Network (NDCN). The control facility for this network is
located at the EPA NCC at Research Triangle Park, North Carolina.
Currently, the EPA/NCC network has over 13,000 users located in all 50 states, the District
of Columbia, and Puerto Rico. There is one major node each at the EPA Regional Offices; at
Headquarters in Waterside Mall, Washington, D.C.; and at the Environmental Research Center
in Cincinnati, Ohio. The network also serves all EPA labs and vendor/contractor offices
nationwide.
3.0 RESPONSIBILITIES
The Network Control Facility (NCF) at RTP is responsible for user assistance, problem
recording/tracking, hardware installation/removal, telecommunications hardware operation,
offsite assistance, and telecommunications work orders resulting from Telecommunications
Service Requests (TSR's) from users or NDPD.
NDPD is responsible for policy maintenance and enforcement. NDPD personnel at NCC RTP
will conduct annual policy reviews for needed changes, and will provide technical support
for all steps required to implement this policy. NDPD is.responsible for ensuring that this
policy is updated as needed to concur with the current NCC disaster recovery plan.
4.0 POLICY
In the event of a disaster at the EPA NDPD National Computer Center, Telecommunications
Services Department personnel will follow the procedures outlined in the current Critical
Applications Disaster Recovery Plan maintained by the Security Officer. This plan includes
steps which address:
o Emergency Response
o Backup of Critical Applications
o Recovery of Processing Capabilities
As this plan dictates, Telecommunications Services will:
a. Participate in reactivation of the RTP Control Center by ensuring that voice
communications are established and by installing required terminals.
-------�
NDPD OPERATIONAL POLICY NO. 300.06 " ~ Page 2 of 2
b. Participate in activation of the Cincinnati Control Center by bringing up links
to the WIC and RTF.
c. Participate in telecommunications operation by monitoring the network to
ensure continual availability.
d. Participate in reestablishment of NCC configuration.
e. Participate in returning Cincinnati to normal operations.
f. Participate in final restoration of the NCC network.
5.0 DEFINITIONS
Currently, there is one primary source document for disaster recovery procedures at NCC:
Critical Applications Disaster Recovery Plan,
Document Number 379/001B
Published February 21, 1990
This document is maintained by NDPD and its distribution is limited to NDPD, contractor
management personnel, and other persons having principal responsibilities in the event of a
disaster to NCC facilities. The Plan is maintained by the NCC Disaster Recovery Document
Officer, who has the responsibility to "review all documentation from the standpoint of
completeness, accuracy, and integration with related procedures."
In the event of an actual disaster at NCC, the plan calls for formal notification to all disaster
team members, including the Manager of Telecommunications Services or his appointed
representative on the team.
-------�
U.S. ENVIRONMENTAL PROTECTION AGENCY
NDPD OPERATIONAL POLICIES MANUAL
TITLE: EPA Telecommunications Access for NO.: 300.07
International Travelers
APPROVAL:
: £) g /, \S,LO _ DATE: ?.
-Hf
1.0 PURPOSE
This document defines the mechanisms which enable international file transfer and interactive
terminal access to various EPA network hosts. These mechanisms include various international
dial-up routes, as well as internetworking capabilities available through BITNET and the
upcoming connection through the scientific INTERNET.
2.0 SCOPE & APPLICABILITY
This policy is applicable to all EPA organizations and their employees, and to personnel of
agents (including State agencies, contractors, and grantees) of EPA who are involved in the
design, development, acquisition, operation, and maintenance of Agency telecommunications
systems.
Under the present EPA contract with TYMNET, which expires on August 1, 1991, access from
local dial-up lines in many foreign countries can be selectively switched on for users who
request access to specific EPA host computers. A standard asynchronous ASCII terminal or
PC-based asynchronous terminal emulation package, such as CROSSTALK, will be compatible
with this international connectivity service. Typically, the main area of incompatibility is
with the modems. A special international modem must be used to successfully communicate
with an EPA system (see 4.a.).
3.0 RESPONSIBILITIES
NDPD is responsible for policy maintenance and enforcement. NDPD will annually review
policies for needed modification and/or enhancement, and will provide technical support for
all Agency networks.
The NDPD Telecommunications Services Department is responsible for planning, installing,
and managing the day-to-day operations of the EPA network. NDPD will provide assistance
to international travelers who are interested in accessing EPA's interactive services, such as
Email.
4.0 POLICY
This policy summarizes the types of assistance provided by NDPD. For more information and
assistance, contact the NDPD Telecommunications Services Request Group or the NDPD
Network Control Facility.
a. NDPD will provide a list of required/recommended equipment, its source, and
ordering information.
-------�
NDPD OPERATIONAL POLICY NO. 300.07 page 2 of 2
b. A Telecommunications Service Request (TSR) must be submitted at least 30 days
prior to departure to a foreign country, identifying a complete itinerary and the
type of access required (i.e., EPA host, Email, etc.).
c. If first time travelers submit a TSR 60 days in advance of travel, NDPD will
assist with modem testing and PC communications software customization.
Repeat travelers may submit a TSR 30 days in advance of departure to receive
a similar level of support.
d. NDPD will provide travelers with a U.S.-based dial-up FTS test line to schedule
and carry out tests with the special modem and the portable PC or terminal to
be used during travel.
e. NDPD will assist in determining the appropriate equipment available at a
foreign location to limit the amount of equipment that must be carried and to
ensure that state-of-the-art capabilities are being utilized.
f. NDPD will attempt to loan international modems to one-time travelers on an as-
available basis.
g. Access to EPA's U.S. network services is limited to those countries and cities
served by TYMNET'S TYMUSA service. A list of the TYMUSA service areas
is available from NDPD Telecommunications Services Network Control Facility
at FTS 629-4506 or (919) 541-4506.
h. Foreign countries that wish to access EPA network services must be sponsored
by an EPA ADP Coordinator and must request service through the TSR process.
-------�
U.S. ENVIRONMENTAL PROTECTION AGENCY
NDPD OPERATIONAL POLICIES MANUAL
TITLE: Local Area Network (LAN) Planning NO. 310.01
DATE:
1.0 PURPOSE
This policy defines the methods approved by NDPD for establishing a new LAN or performing
a major modification to an existing LAN.
The objective of this policy is to identify all of the hardware, software, and configuration
information necessary to assure compatibility of Agency network components and to clarify
and identify the level of support expected from the NDPD central support group.
2.0
-------�
2 of 3 NDPD OPERATIONAL POLICY NO. 310.01
Type 1 cable is recommended for token-ring LANs. NDPD approval is required
for any exceptions. Type 1 cable is mandatory for all token-ring backbones and
all connections to the backbone. Ethernet wiring will be "thickwire coax" for
backbones and thick- or thinwire coax for PC connections.
Twisted pair Ethernet wiring is not permitted until the 10 BASE-T IEEE standard
is finalized and an acceptable implementation is tested and approved by NDPD.
Thickwire, thin-wire, and twisted pair Ethernet wiring conforming to the 10
BASE-T IEEE standard is acceptable. Any multifloor LANs must be connected
via an approved facility backbone. (For details, see Policy No. 310.13, Wiring and
Optical Fiber Cabling for Voice and Data Telecommunications.^
Note: It is recommended that a hardware and software plan be prepared as part
of the LAN planning process. Contact LANSYS for assistance.
(3) A LAN System Administrator named to serve as the technical contact along with
a backup Administrator. The names, phone numbers, and Agency E-mail ID of
the LAN System Administrator and backup Administrator must be provided.
Date of completion (or scheduled completion) of the EPA LAN System Adminis-
trator must be provided.
(4) Each LAN plan for token-ring LANs should be attached to a TSR and submitted
for review, approval, and implementation to:
TCB/LANSYS
NDPD MD-90
U.S. EPA
RTP, NC 27711
Each LAN plan for Ethernet LANs should be attached to a TSR and submitted
for review, approval, and implementation to:
TCB/Ethernet
NDPD MD-90
U.S. EPA
RTP, NC 27711
All TSRs must be signed by the appropriate, official EPA ADP Coordinator.
b. Modifications, such as subsequent addition of file servers, gateways, or LAN bridges
to the facility backbone must be approved by NDPD via the TSR process. (See Policy
No. 310.10, LAN Change Management. Section 4.0c.
c. The LAN System Administrator must ensure that adaptor cards used for the backbone
or in conjunction with a print ring arc defined for LAN Manager in the symbolic
name file. If a resource is defined as critical, it must be designated as such within
LAN Manager.
d. The appropriate LAN System Administrator support group shall designate the LAN
as operational when all workstations and gateways have been configured and tested.
The LAN support group shall ensure that LANSYS or DECSYS is informed of the
LAN's designation as operational.
-------�
NDPD OPERATIONAL POLICY NO. 310.01 Page 3 of 3
5.0 DEFINITIONS
Local Area Network (LAN). A Local Area Network as defined for these policies is a system
within a given facility backbone comprising microcomputers as the end-user device to access
various servers through a communications medium.
Extended LAN Facility (ELF). An NDPD-approved LAN bridge or repeater subsystem which
joins two or more facility backbones to form a Metropolitan Area Network (MAN) between
facilities in a "campus" environment. All ELFs require NDPD approval under the TSR process.
ELFs are jointly funded by NDPD and the relevant user organization. ELFs are supported by
NDPD.
Metropolitan Area Network (MAN). A metropolitan area network comprises two or more
facility backbones joined by an ELF in a "campus" environment.
Wide Area Network (WAN). The extension of several geographically isolated networks into one
cohesive network.
-------�
-------�
U.S. ENVIRONMENTAL PROTECTION AGENCY
NDPD OPERATIONAL POLICIES MANUAL
TITLE: Supported LAN Hardware and Software NO. 310.02
1.0 PURPOSE
This policy defines methods approved by NDPD for acquiring Agency-supported hardware and
software for Local Area Networks.
The objectives of this policy are to:
a. Preserve individual LAN stability.
b. Provide a compatible, predictable environment for applications.
c. Provide a consistent environment for users.
d. Provide a consistent environment for testing and support.
e. Provide an environment where interconnected LANs deliver services and applications
to all Agency LAN workstations.
2.0 SCOPE AND APPLICABILITY
This policy is applicable to all EPA organizations and employees, and to personnel of agents
(including State agencies, contractors, and grantees) of EPA who are involved in the design,
development, acquisition, operation, and maintenance of Agency LANs.
3.0 RESPONSIBILITIES
NDPD is responsible for policy maintenance and enforcement. NDPD will annually review
policies for needed modification and/or enhancement, and will coordinate technical support
for all Agency standard LANs.
The Architectural Management and Planning Branch (AMPB) at NDPD will evaluate Agency
requirements for LAN hardware and software (and services, as appropriate). Through
established procurement processes in conformance with GSA and Agency policy, AMPB will
establish contracts for the use of Agency offices operating LANs.
The Program Management Support Branch (PMSB) at NDPD will, upon award of Agency
contracts for LAN equipment and services, assume contract administration responsibilities.
The purchasing office's PC Site Coordinator (PCSC) and Senior Information Resource Officer
(SIRMO) will review and approve all Purchase Requests for acquisition of items through
Agency contracts.
4.0 POLICY
a. LANs should be composed of Agency-supported components acquired through
established Agency contracts. (The attached appendix contains a list of these components.)
-------�
Page 2 of 5 NDPD OPERATIONAL POLICY NO. 310.02
b. NDPD will fund and support Value-Added Backbone Service (VABS) components for
each approved site. Additional components will be announced annually.
c.
NDPD will provide and support upgrades to Agency standard LAN systems software
including (1) operating system software within the current platform (eg upgrade
NetWare 286 Rev 2.15 to NetWare 286 Rev 2.2); (2) workstation shell software- and (3)
communications gateway, routers, and bridges.
d. NDPD will manage and support Source Routing Bridges (SRB's) for sites which will
require accessibility to an AS-400. Approval must be obtained from NDPD for this
process.
e. OS2 Communications Manager Connectivity. A TSR should be submitted requesting a
coax connection to that workstation. Source routing bridges will not be approved to
support communications manager connectivity.
and WordPerfect Office as LAN menu systems are supported by
NDPD on token ring PC networks.
g. Operating system and connectivity software may not be modified without written
approval from the Director of NDPD via the TSR process.
h. Protocols on Agency LAN media are as follows:
(1) Token-Ring: Novell and other NDPD formally designated protocols are allowed.1
(2) Ethernet: Only DECNET, MSCP, LAT, and PCSA/Pathworks-based protocols are
allowed. TCP/IP protocols are allowed for CIS Prime and workstation use as well
as supercomputer access, but only on LAN cabling separate from DECNET protocols
with gateways provided as needed via the TSR process. Combining protocols on
Ethernets may be approved under the TSR process for sites with appropriately low
levels of total anticipated network utilizations and demonstrated LAN Network
Management capabilities.2
i. Extended LAN Facilities (ELFs) between campus facilities will be approved when all
backbones and configurations involved completely meet NDPD operational LAN
policies.
j. Interconnectivity of Macintosh AppleTalk networks, or the use of a Macintosh as a
token-ring workstation, is not supported.
TOKEN-RING LANs. NDPD will fund the following facility backbone token ring LAN components- a
minimum of one Multistation Access Unit (MAU) per floor in EPA facilities designated as token ring LAN
sites in an approved LAN plan, wiring and connectors required for the backbone to provide connectivity
between LANs on different floors, and other internetwork resources that enable sharing of bridges routers
and gateway resources. '
2NDPD will support DEC connectivity to an Ethernet LAN through approved Ethernet interfaces. These
interfaces are listed in the Appendix to Policy No. 310.10, LAN Change Management. NDPD will continue
to test products for compatibility, but DEC connectivity will not be considered strategic on items noted.
Further enhancements are not guaranteed. For Ethernet LANs, NDPD will fund thick wire facility backbones
and connections in EPA facilities designated as "Ethernet LAN" sites.
-------�
NDPD OPERATIONAL POLICY NO. 310.02 Page 3 of 5
5.0 DEFINITIONS
Aeencv Contracts: EPA has in place two contracts from which organizations can acquire
necessary hardware and software for LAN's. American Coastal Industries (ACI) provides
workstations, software, peripherals, and LAN products to the EPA. Digital Equipment
Corporation (DEC) provides DECNET Ethernet components via its contract with EPA, as well
as various approved GSA schedule items.
Bridge. Software and hardware physically joining separate networks into a single logical
network. Bridges allow users on one network to access the resources of another network and
operate at Level 2 of the protocol stack.
Multistation Access Unit (MAU). A passive wiring concentrator for the star-wired, token ring
network. Each MAU has connectors for eight devices (workstations, servers, and gateways) to
gain access to the network ring. The MAU is generally located in a wiring closet or at a central
location within an of f ice. Multiple MAU's are linked together to allow more than eight devices
to be attached to a ring.
Value-Added Backbone Service (TABS). A centrally managed platform which allows services
that are common to all LANs connected to a backbone to be consolidated onto one central, easy-
to-use, easy-to-manage system. Future services may be added and maintained in a cost-
effective manner to provide increased productivity and capability for program offices. This
is the platform for delivery of National LAN applications.
Repeaters. Devices that provide a bit-by-bit signal regeneration capability, thereby allowing
the physical extension of the length of a LAN's cabling.
Router. A high level protocol-specific device allowing LAN interconnectivity. Example:
Novell file server connected between a user ring and a facility backbone.
Gateway. A special purpose protocol translator that allows LANs to connect to other types of
services and computers. Example: Novell SNA gateway.
-------�
PagC 4 Of 5 NDPD OPERATIONAL POLICY NO. 310.02
APPENDIX
REQUISITION OF LAN HARDWARE AND SOFTWARE
1. TOKEN-RING LANS:
Agency-supported3 workstations:
Telex Model 1260
Telex Model 1280
IBM XT, AT
Epson Equity III Plus
IBM PS/2 Model 30 8086
IBM PS/2 Model 30 80286
IBM PS/2 Model 50, 55, 60, 70, 80
Compaq transportable
NCR PC386sx
NCR ELPCsx
ALR Powercache 4-486
Agency-supported adaptor cards:
IBM token-ring 4 Mbps Adaptor A, Adaptor II
IBM token-ring 16 Mbps Adaptor A, Adaptor II
Agency-supported printers-
HP DeskJet Plus, PaintJet XL, LaserJet Series
Qume
IBM Proprinter
IBM Graphics Printer
QMS PostScript
Panasonic KX-P1180 Narrow Carriage Printer
Okidata Microline 391 Plus Wide Carriage Printer
Texas Instruments Laser 2115 Printer
Texas Instruments microLASER PS
Agency-supported file server components:
IBM PS/2 Model 80 16 MHZ
IBM PS/2 Model 80-A31, 25 MHZ
IBM token-ring 4 Mbps adaptor A
IBM token-ring 16/4 Mbps adaptor A
Server Operating System:
Novell Netware 286 Version 2.15 Rev. C
Novell Netware 386 Version 3.1
Agency-supported is defined as any equipment which has been tested by NDPD/LANSYS and
determined operative in the current EPA LAN environment. Such equipment will be part of a testing
laboratory and utilized in determining acceptability of LAN software products.
-------�
NDPD OPERATIONAL POLICY NO. 310.02 Page 5 of 5
2. ETHERNET LANS
Agency-supported workstations:
IBM XT, AT
Epson Equity III Plus
IBM PS/2 Model 30 8086
IBM PS/2 Model 30 80286
IBM PS/2 Model 50, 55, 60, 70, 80
Compaq transportable
NCR PC386sx
Agency-supported adaptor cards:
DEC DEI00
DECDE101
DEC DE200
DEC DE201
DECDE210
Western Digital
Agency-supported printers:
HP DeskJet Plus, PaintJet XL, LaserJet Series
Qume
IBM Proprinter
IBM Graphics Printer
QMS PostScript
Panasonic KX-PI 180 Narrow Carriage Printer
Okidata Microline 391 Plus Wide Carriage Printer
Texas Instruments Laser 2115 Printer
Texas Instruments microLASER PS
DEC LN03
DEC LN03R
Agency-supported file server components:
Any VAX system
Server Operating System: Pathworks
Aeencv supported Macintosh systems:
Etherport SE
Etherport SE/30
Etherport II
Fastpath 4 router
-------�
-------�
U.S. ENVIRONMENTAL PROTECTION AGENCY
NDPD OPERATIONAL POLICIES MANUAL
TITLE: LAN System Management NO. 310.03
APPROVAL:
1.0 PURPOSE
Local area networks (LANs) require a structured management system, including Agency
representatives to provide administrative guidance and several tiers of LAN support to the
LAN community for various functions and services. This policy establishes and defines the
various levels of support and responsibilities necessary to manage effectively in an Agency
LAN environment.
2.0 BACKGROUND
EPA's LAN environment is expected to evolve toward a model in which certain tasks related
to LAN system management are handled in a central LAN support group at each site, while
direct user support continues to be handled by Information Center staff or support staff
personnel associated with an individual LAN. The central group will ensure that consistent,
mature LAN management practices are in place for all LANs and provide higher level
telecommunications support, management of the LAN backbone, WAN connections, VABS
services, and monitoring, diagnostic, and troubleshooting services. This group will take direct
responsibility for the data integrity of LANs by ensuring that agreed-upon LAN backup
regimens are implemented and that LAN security procedures comply with Agency policy for
all LANs connected to the Agency backbone.
3.0 SCOPE AND APPLICABILITY
This policy is applicable to all EPA organizations and their employees, and to personnel of
agents (including State agencies, contractors, and grantees) of EPA who are involved in the
design, development, acquisition, operation, and maintenance of Agency LANs.
4.0 RESPONSIBILITIES
NDPD is responsible for LAN policy maintenance and enforcement. NDPD will review policies
for needed modification and/or enhancement, and coordinate technical support for all Agency
standard LANs.
5.0 POLICY
a. NDPD shall:
(1) Provide technical advice and assistance on LAN technology.
(2) Provide operational manuals to ensure that LAN hardware and software are
acquired, installed, and managed in accordance with this policy.
(3) Perform periodic technology assessments and compatibility testing of hardware
and software to be added to EPA LANs.
-------�
Page 2 of 3 NDPD OPERATIONAL POLICY NO. 310.03
(4) Establish and disseminate LAN configuration standards and guidelines, and
periodically review Agency LANs for compliance with these standards.
(5) Provide troubleshooting and problem resolution support to LAN System
Administrators and 1C staff.
(6) Maintain a LAN Bulletin Board System (BBS) which contains policy and technical
manual updates, software problem notifications, and software fixes. BBS will
serve as a central mechanism for providing information to Agency LAN System
Administrators.
(7) Maintain onsite, central LAN support at EPA Headquarters and at the EPA
Research Triangle Park facility. All services listed above are provided for LANs
at these two sites. In addition, NDPD will administer all backbone and VABS
services at these sites, install and upgrade file servers, and install all connections
to the backbone, and provide onsite troubleshooting and network monitoring
services.
b. LAN System Administrator Duties:
While the scope of duties of LAN System Administrators may vary, each LAN must
have a LAN System Administrator who has completed the required Agency LAN
Administration courses. Offices must ensure that for each LAN, the System Adminis-
trator functions listed below are clearly provided. These functions can be provided by
having a single LAN System Administrator whose responsibilities include all the duties
below or utilizing a central LAN group to provide a portion of the support. (For sites
where the central LAN support team concept has been implemented, divisions of
responsibilities between the central team and local LAN support are indicated.)
The central support team shall:
(1) Plan for, design, and test LANs.
(2) Ensure LAN hardware and wiring conform to building codes.
(3) Ensure that standard hardware and software configurations are maintained on
file servers and workstations.
(4) Ensure that only authorized protocols run on each type of LAN media and
unauthorized protocol mixing does not occur.
(5) Manage LAN change control or ensure that LAN change control procedures are
in use.
(6) Manage centralized data management to provide regular tape backups in
accordance with Agency policy or ensure that equivalent backup procedures are
in place.
(7) Provide administrative backbone services to ensure that only items authorized by
the Telecommunications Service Request Policy are placed on Agency LAN
backbones, and that network addresses for these items are registered with the
Network Control Facility of NDPD in Research Triangle Park.
(8) Manage Value-Added Backbone Services in cooperation with NDPD to provide
National LAN services and telecommunications network access to LAN users.
-------�
NDPJD OPERATIONAL POLICY NO. 310.03 Page 3 of 3
(9) Manage configuration control for a site/LAN. Configuration control includes:
• Specific location of all equipment connected to the LAN and wiring
identification.
• Hardware address and workstation location chart of all adaptor cards. Easily
understandable symbolic names -- like user names - will be assigned.
• Wiring chart and labels attached to all LAN cabling, identifying all work-
stations and locations associated with every LAN cable run from the wiring
closet MAU to the workstation location.
This information will be provided to NDPD annually.
The central support team or the LAN System Administrator shall:
(1) Provide LAN system troubleshooting and problem-solving.
(2) Ensure that LAN security policies are implemented in server setup and observed
by LAN users.
(3) Install LAN software in accordance with Agency LAN policies and vendor license
agreements.
(4) Ensure that all new software installed on the LAN is virus-free.
The local LAN System Administrator shall:
(1) Manage daily operation and maintenance of the LAN.
(2) Manage and control user access to the network. User access and privilege levels
on a LAN will be limited to those resources required for job performance.
(3) Ensure that LAN user workstations are equipped with correct and current
versions of network workstation software.
(4) Ensure that LAN users are trained in the use of the LAN and that they know
whom to contact for assistance with the LAN.
-------�
-------�
U.S. ENVIRONMENTAL PROTECTION AGENCY
NDPD OPERATIONAL POLICIES MANUAL
TITLE: LAN Problem Determination and Resolution NO. 310.04
APPROVAL: ./' /_ /} \J I '-A /U O DATE: /_ ^ / - ?/
1.0 PURPOSE
This policy establishes a framework for identifying and resolving hardware and software
problems in a LAN environment as they occur.
2.0 SCOPE AND APPLICABILITY
This policy is applicable to all EPA organizations and their employees, and to personnel of
agents (including State agencies, contractors, and grantees) of EPA who arc involved in the
design, development, acquisition, operation, and maintenance of Agency LANs.
3.0 RESPONSIBILITIES
NDPD is responsible for policy maintenance and enforcement. NDPD will annually review
policies for needed modification and/or enhancement, and will coordinate technical support
for all Agency standard LANs.
4.0 POLICY
a. The initial point of contact for LAN users experiencing PC hardware or
software problems should be clearly identified to users. The recommended
model is as follows: The Information Center staff at a site will serve as the
initial contact for users on a token-ring LAN who experience problems with PC
hardware and software. The Information Center staff will identify and classify
the problem as hardware, system software, or application-related, and route the
problem to the appropriate support group. Generally, all hardware and software
problems will be directed to the 1C staff. LAN problems will be directed to the
LAN System Administrator who, in turn, will depend on the central LAN
support group for further support. LANSYS and DECSYS will be the ultimate
source of support.
b. LANSYS supports the central LAN support group, LAN System Administrators,
Information Center LAN Application Support staff, and EPA LAN Coordina-
tors. Other users will be referred to appropriate sources.
c. The VAX Administrator is the user point of contact for problem resolution in
DEC LANs. The System Administrator relies on DECSYS support, if necessary,
to provide the user with a solution.
d. All significant token-ring problems and their respective solutions will be
documented by LANSYS and placed on the EPA LAN Bulletin Board System
(BBS). The LAN System Administrator of each work group will be provided
with BBS login instructions and may perform a keyword search on the BBS
problem data base to obtain fixes.
-------�
Page 2 of 2 NDPD OPERATIONAL POLICY NO. 310.04
e. The LAN System Administrator and central LAN support group are responsible
for reporting significant problems to LANSYS.
-------�
U.S. ENVIRONMENTAL PROTECTION AGENCY
NDPD OPERATIONAL POLICIES MANUAL
TITLE: LAN Data Management NO- 310.05
°ATE:^.- -?/•-
1.0 PURPOSE
Data must be managed so that it is available when needed. Good management practices are
demanded by the economics of available disk storage and its maintenance and operation. In
the Local Area Network (LAN) multi-user environment, the ability to back up and restore data
is critical. Adherence to this policy will ensure that data arc available when needed.
2.0 SCOPE AND APPLICABILITY
This policy is applicable to all EPA organizations and employees, and to personnel of agents
(including State agencies, contractors, and grantees) of EPA who are involved in the design,
development, acquisition, operation, and maintenance of Agency LANs.
3.0 RESPONSIBILITIES
NDPD is responsible for policy maintenance and enforcement. NDPD will annually review
policies for needed modification and/or enhancement, and provide technical support foi all
Agency standard LANs.
LAN System Administrators are responsible for planning, installing, and managing day-to-day
operations for the LAN in accordance with established Agency policies and procedures.
4.0 POLICY
Agency LANs shall be operated in accordance with established local data management policies
and procedures. These policies and procedures shall be in accordance with, or functionally
equivalent to, those specified in the EPA LAN Technical Reference Manual.
a. The LAN System Administrator shall establish local data management policies
and procedures in accordance with, or functionally equivalent to, those specified
in the LAN Technical Reference Manual.
b. The LAN System Administrator will ensure that:
(1) Daily incremental backups are performed.
(2) Total (generation) backups are performed at least biweekly.
(3) Several generations of backups are maintained as a protection against
viruses.
(4) Backups are stored securely of f site.
(5) A scan for virus is performed before backups.
(6) Recovered data is tested twice a year.
c. The LAN System Administrator may use the provided VABS Centralized Data
Management services to perform the tasks in (b) above.
-------�
-------�
U.S. ENVIRONMENTAL PROTECTION AGENCY
NDPD OPERATIONAL POLICIES MANUAL
TITLE: LAN Performance Capacity & Monitoring NO. 310.06
APPROVAL:
1.0 PURPOSE
Agency Local Area Networks (LANs) must be managed to provide maximum performance and
minimize the need for system upgrades. This policy is intended to ensure that these goals are
met.
2.0 SCOPE AND APPLICABILITY
This policy is applicable to all EPA organizations and their employees, and to personnel of
agents (including state agencies, contractors and grantees) of EPA who are involved in the
design, development, acquisition, operation, and maintenance of Agency LANs.
3.0 RESPONSIBILITIES
NDPD is responsible for policy maintenance and enforcement. NDPD will annually review
policies for needed modification and/or enhancement, and will provide technical support for
all Agency standard LANs.
LAN System Administrators are responsible for monitoring the performance and capacity of
the network.
4.0 POLICY
a. The System LAN Administrator:
(1) Utilizes NDPD-supported tools to monitor traffic and access activity on the
network including, but not limited to:
• Space utilization on the file server.
• Space utilization on the print server.
• Caching size and use.
(2) Monitors, on a continuous basis, the following devices:
Netware File Servers
Netware External Routers
IBM Source Routing Bridges
Novell Asynchronous Communications Servers (NACS)
Novell Access Servers
Novell SNA Gateways
IBM Control Units
IBM 8220 Fiber Repeaters
Token Ring Interface Couplers (TICs)
Standards for Bridge Definitions in LAN Manager
VAX Ethernet Counters
-------�
Page 2 Of 2 NDPD OPERATIONAL POLICY NO. 310.06
(3) Provides an updated, annual configuration and enables/maintains the data collec-
tion and submission mechanism on their LANs, as required.
b. The LANSYS and DECSYS groups shall be available for consultation on effective meth-
ods of performance and capacity management. LANSYS and DECSYS are the principal
Email IDs for these support groups.
c. NDPD will:
(1) Collect and analyze performance and capacity data from various Agency LAN sys-
tems, as appropriate. LAN SAs will provide updated, annual configuration data
and enable/maintain the data on their LANs.
(2) Continuously monitor all token-ring and Ethernet backbones (image rings, print
rings, and facility backbones, including all interconnecting bridges and routers)
with the latest available version of its LAN/WAN Agency-Standard Network Man-
agement tools.
(3) Furnish and maintain a dedicated 486-class Network Management Workstation
software, and bridges between the three backbone rings located at every EPA Major
Node and Super Node1 site's central facility; and EMA compatible device at
Ethernet sites.
(4) Maintain a pool of special LAN performance and management test equipment and
services to be loaned to Regional System Administrators to resolve reported or sus-
pected problems as follows:
• Time Domain Reflectometer to measure copper cable lengths and locate faults.
• Optical TDK and power meters to measure fiber cable loss budgets, lengths and
locate faults. '
• Special trace and performance monitor boards to measure token ring utilization
and verify the need for a 16 megabit speed upgrade.
• Multifunctioning LAN analyzers.
• Onsite assistance, as required, in emergency situations.
'See Policy No. 310.08, LAN Communication Gateways and Interconnectivitv. for definitions of Major
Node and Super Node.
-------�
U.S. ENVIRONMENTAL PROTECTION AGENCY
NDPD OPERATIONAL POLICIES MANUAL
TITLE: LAN Naming Conventions NO- 310.07
APPROVAL: /)_ /?(?//* ^ f * DATES
1.0 PURPOSE
Consistency in Local Area Network (LAN) user/server naming conventions is necessary for
operation of LANs in conformance with EPA's computer architectural strategy for
connectivity.
Network routing protocols and service advertising protocols include elements from a variety
of devices (e.g. file servers, print servers, and gateways). Default settings allow all routers on
an internetwork to identify connected devices by means of the aforementioned protocols. It
is essential that these devices remain unique, logical entities which, in turn, requires unique
nomenclature.
2.0 SCOPE AND APPLICABILITY
This policy is applicable to all EPA organizations and employees, and to personnel of agents
(including State agencies, contractors, and grantees) of EPA who are involved in the design,
development, acquisition, installation, operation, and maintenance of Agency Token-Ring
LANs. (Ethernet node names must be obtained via the TSR process.)
3.0 RESPONSIBILITIES
NDPD is responsible for policy maintenance and enforcement. NDPD will annually review
policies for needed modification and/or enhancement, and will provide technical support for
all Agency standard LANs.
The Telecommunications Branch, through LANSYS, is the central authority for maintenance
of unique names and addresses on the Agency Token-Ring internetwork. The standards below
should be used as guidelines by the regions.
LANSYS must be contacted in order to register new equipment before implementation on the
internetwork. LANSYS will confirm that all devices at a given regional site conform to the
standards set forth in this policy prior to allowing the site to join the Agency internetwork.
LAN System Administrators of work groups are responsible for planning, installing, and
managing day-to-day operations of the LAN, as well as for coordinating activities with the
NCC, LAN Central Support Group (ICB, TCB, and LANSYS), and vendors as appropriate.
4.0 POLICY
4.1 FILE SERVER NAMING CONVENTIONS FOR TOKEN-RING NETWORKS
a All file server names must be unique and mutually determined by the LAN System
Administrator in consultation with NDPD/LANSYS. Names shall be determined as
follows:
-------�
Page 2 of 7 NDPD OPERATIONAL POLICY NO. 310.07
File server names shall consist of up to 8 characters in the following format:
XXYYYYYY
where XX is the Regional or Headquarters location of the server. Locations shall be
identified as follows:
Rl - RIO1 = Regions 1 through 10
DC = Headquarters Area
CI = Cincinnati Area
RT = Research Triangle Park Area
NE - National Enforcement Investigations Center
XX = Two-character State code for State-based LANs.
The remaining six characters (YYYYYY) must be unique and assigned by the LAN
System Administrator in coordination with NDPD/LANSYS.
A file server name may not be changed without approval from LANSYS.
b. Netware Serial Numbers must be unique. Logically and legally, no two servers may be
running the same copy of Netware.
4.2 USER NAMING CONVENTIONS
User names will be determined as follows:
Names shall consist of eight characters in the following format:
XYYYYYYY
where X is the user's first initial and YYYYYYY are the first (up to) seven letters of the
user's last name. In the case of duplicate character combinations between two users, the
LAN System Administrator will assign a unique last character.
4.3 NETWORK ADDRESSES
All internal and external router network adapters on the same physical ring must have the same
logical network address. All internal and external router network adapters on different
physical rings must have unique network addresses. Both of these standards hold true for
Netware 286 and 386.
Netware, in either version, logically refers to the first token-ring card in a server or external
router as LAN A and the second card as LAN B. The LAN A card will remain unique for each
physical ring. LANSYS will ensure that unique addresses are assigned Agency-wide. The LAN
B card is the card connected to the Agency backbone and will be addressed as FFFFFFF8.
Since geographically separate LANs are now being linked with Vitalinks, essentially forming
one backbone, it is important that the standard backbone address for the LAN B card always
be FFFFFFF8. Each Region must implement this address prior to joining the Agency
internetwork.
!R10 will have the form XXXYYYYY.
-------�
NDPD OPERATIONAL POLICY NO. 310.07 Page 3 °f 7
4.4 IPX INTERNAL NUMBERS (NETWARE 386 SERVER NUMBERS)
Netware 386 adds another address for file servers which must be unique on an internetwork:
The IPX internal number. In order to discern which physical network a particular 386 server
resides on (for network management and troubleshooting purposes) IPX Internal Numbers will
be formed by concatenating the LAN A Network address w.th 2 hexadecimal bytes ranging
from 01 to FF. For example:
The first 386 server on ring 106 will have an IPX Internal Number of 10601. The 10th server
on ring 106 would have an IPX Internal Number of 1060A.
To incorporate sections 4.2, 4.3, and 4.4 into an example:
The first 386 server for organization WXYZ in Region 9 would have the following unique
attributes:
Server Name: R09WXYZ1
LAN A address: 350
LAN B address: FFFFFFF8
IPX internal number: 35001
Note- If a server has only one token-ring card (i.e., it is not bridged to the backbone) or it
resides on the backbone with no local ring attachment (no LAN B), then the IPX internal
number will be in the form:
F8NN
where NN is a hexadecimal value in the range 01 to FF
4.5. NOVELL ASYNCHRONOUS COMMUNICATIONS SERVERS - NACS
a. ASCII Gateway Name
The names assigned to NACS ASCII gateways will consist of 8 characters in the
following format:
XXYYYYYY
where XX is the location of the gateway, identified as follows:
Rl - RIO = Regions 1 through 10
DC = Headquarters Area
CI = Cincinnati Area
RT = Research Triangle Park Area
XX = Two character code for State-based LANs
The remaining six characters will be:
NACSNN
where NN are two hexadecimal bytes in the range 00 through FF.
-------�
4 of 7 NDPD OPERATIONAL POLICY NO. 310.07
Examples:
The second NACS at Region 3 would be named R3NACS02.
The twelfth NACS at Region 3 would be named R3NACSOB.
b. ASCII Gateway General Port Names
The general port names for each of the ports on the ASCII gateway will be determined
as follows:
General port names may be seven characters long in the following format:
XXYYYYY
where XX are the same two character identifiers used for the ASCII Gateway name.
The remaining five characters should be used by the LAN System Administrator to
designate the type of service connected to the port. For VABS-provided gateways, the
name will be selected by the VABS Administrator in coordination with LANSYS. Vhe
first 2 characters will guarantee uniqueness among the regional sites; the last 5
characters must be unique within a regional site.
c. ASCII Gateway-Specific Port Names
Specific names for each port may be up to fourteen characters long and determined as
follows:
The first eight characters will be the actual NACS ASCI! Gateway name.
The ninth character will be a dash ( - ).
The last five characters will be:
PORTn
where n is a hexadecimal number ranging from 0 to F.
4.6 PRINT SERVERS
a. LANSpool print server names must be in the form:
LS
where is replaced with the name of the file server on which the
LANSpool VAP resides.
b. Netware 386 Print Server (PSERVER) names will be in the form:
PS NN
where is replaced with the name of the primary file server that the
PSERVER services.
-------�
NDPD OPERATIONAL POLICY NO. 310.07 Page S of 7
where NN is replaced with two hexadecimal numbers in the range 00 to FF.
It is possible to have one PSERVER service more than one file server. It is also possible
to have several PSERVERS service multiple queues on one file server. By combining
and NN, unique names are attainable.
4.7 SNA GATEWAYS
Version 1 1 of Novell's SNA gateway is the present EPA standard. With this version, SNA
gateways 'are made unique by using different 12-bytc, locally administered, token-ring
addresses for each and every gateway. [The data base of token-ring addresses is maintained
by the Telecommunications Implementation Group (TIG)]. The Telecommunications Service
Request (TSR) process includes the establishment of a unique address for any new gateway.
Version 1 3 of Novell's SNA gateway will use the Service Advertising Protocol (SAP) When
this version of the gateway becomes standard, unique names (as opposed to locally adminis-
tered11 token-ring addresses) will ensure that each gateway remains unique on the internetwork.
The following conventions should be used when naming an SNA gateway under Version 1.3 of
the Gateway Control Program:
XXSNAGATEWAYYY
where XX is the region number:
Rl -RIO = Regions 1 through 10
DC = Headquarters Area
CI = Cincinnati Area
RT = Research Triangle Park Area
NE = National Enforcement Investigations Center
XX = Two-character code for State-based LANs
and where YY are two hexadecimal characters in the range 01 through FF.
4.8 IBM SOURCE ROUTING BRIDGES
The following segment numbers will be used by token-ring source routing bridges in
conjunction with LAN Manager in the EPA network. These numbers have no meaning outside
of the LAN Manager/Netview context.
a. FACILITY BACKBONES:
RTP-FF4 NE -FED
WIC-FF3 KC -FE7
ATL-FEO NY - FE8
BOS -FE1 PHI -FE9
CHI -FE2 SEA -FEA
CIN - FE3 SF - FEE
DAL-FE4 LV - FEC
DEN - FES
-------�
Page 6 of 7
NDPD OPERATIONAL POLICY NO. 310.07
b. PRINT RINGS:
WIC-FF2 KC -FD7
ATL-FDO NE - FDD
BOS-FD1 NY - FD8
CHI -FD2 PHI - FD9
CIN - FD3 SEA - FDA
DAL - FD4 SF - FDB
DEN - FD5
c. AS/400 RINGS:
RTP-FCD DAL -FC4
RTP-FCF DEN -FC5
RTP-FCE KC-FC7
RTP-FCD NE-FBO
WIC - FCC NY - FC8
ATL- FCO PHI - FC9
BOS -FC1 SEA -FCA
CIN - FC2 SF - FCB
CIN - FC3
d. USER RINGS
User rings will have the same IBM segment addresses that are used for Novell LAN local
segment numbers (e.g., if a Netware IPX network number for LAN A is 350, 350 will be
the Source Routing ring segment number).
For user rings which are not Netware networks, the ring segment number will be XYY
where X is the region number O2 through 9 and YY are two hexadecimal numbers in the
range 00 through FF.
4.9 LAN MANAGER DEFINITIONS
7ACxif?l10win8 3re standards for adapter definitions within the system definition function of
LAN Manager:
a. Standards for symbolic names associated with token-ring adapters:
XXYYY#NAME
where XX is the region number:
R1-R10 = Regions 1 through 10
DC = Headquarters Area
CI = Cincinnati Area
RT = Research Triangle Park Area
NE = National Enforcement Investigations Center
XX = Two-character code for State-based LANs
where YYY is the ring segment number as explained in Section 4.8.
0 will designate Region 10.
-------�
NDPD OPERATIONAL POLICY NO. 310.07 Page 7 of 7
where NAME = 10 characters defined by the LAN administrator to identify the device
being monitored.
It is suggested that the naming conventions set forth in previous sections of this policy
be used when assigning these names (i.e., file server for organization WXYZ in Region
9 could be identified as:
R9FEB#R09WXYZ1
where R9 is the region, FEE is the ring segment, and R09WXYZ1 is the name).
b. Token-Ring address - Universally administered address (i.e., manufacturer-installed
address) or locally administered address.
(Note: Any "local" address (i.e., an address beginning with 4000) should have been
obtained from the TIG group as part of the TSR process.
c. Standards for symbolic names associated with bridges:
XXYYYYYY
where XX is the region number:
R1-R10 = Regions 1 through 10
DC = Headquarters Area
CI = Cincinnati Area
RT = Research Triangle Park Area
NE = National Enforcement Investigations Center
XX = Two-character code for State-based LANs
and YYYYYY is descriptive information which will help the LAN System Administra-
tor identify the monitored bridge.
-------�
-------�
U.S. ENVIRONMENTAL PROTECTION AGENCY
NDPD OPERATIONAL POLICIES MANUAL
TITLE: LAN Naming Conventions NO-: 310.07
APPROVAL:
1.0 PURPOSE
There must be consistency in Local Area Network (LAN) user/server naming conventions in
order to operate Local Area Networks (LAN's) that adhere to the EPA's existing and planned
computer architectural strategy for connectivity. Adherence to this policy will ensure the
required uniqueness of names by providing a methodology for establishing user and file server
names.
2.0 SCOPE AND APPLICABILITY
This policy is applicable to all EPA organizations and their employees, and to personnel of
agents (including State agencies, contractors, and grantees) of EPA who are involved in the
design, development, acquisition, operation, and maintenance of Agency LAN's.
3.0 RESPONSIBILITIES
NDPD is responsible for policy maintenance and enforcement. NDPD will annually review
policies for needed modification and/or enhancement, and will provide technical support for
all Agency standard LAN's.
LAN System Administrators (SA's) are responsible for planning, installing, and managing
day-to-day operations of the LAN, as well as for coordinating activities with the NCC
LANSYS or DECSYS support groups and the appropriate vendors (FDC, SMA, DEC).
4.0 POLICY
4.1 FILE SERVER NAMING CONVENTIONS FOR TOKEN RING NETWORKS
All file server names must be unique and mutually determined by the LAN SA in consultation
with the NCC LANSYS group and/or SMA. Names shall be determined as follows:
File server names shall consist of 8 characters in the following format:
XXYYYYYY
where XX is the Regional or Headquarters location of the server. The first two
characters shall be designated as follows:
Rl through RO = Regions 1 through 10
DC = Headquarters Area
Cl = Cincinnati Area
RT = Research Triangle Park Area
XX = Two character state code for state-based LAN's
-------�
NDPD OPERATIONAL POLICY NO. 310.07
Page 2 of 2
The remaining six characters (YYYYYY) must be unique and assigned by the LAN
SA in coordination with the NCC LANSYS group and/or SMA.
A file server name may not be changed without approval from LANSYS.
4.2 USER NAMING CONVENTIONS
User names will be determined as follows:
Names shall consist of eight characters in the following format:
XYYYYYYY
then; v !S ?e USCr'? firuSt initial and YYYYYYY are the first (up to) seven letters of
the LAN ? JA ,hanmi!i C3Se °f ,dUPliCatC CharaCter "'"^nations between two users
the LAN SA should use a unique last character.
4.3 NAMING CONVENTIONS FOR DECNET
See NDPD Operational Policy 230.07, NCC VAX rioter User
-------�
U.S. ENVIRONMENTAL PROTECTION AGENCY
NDPD OPERATIONAL POLICIES MANUAL
TITLE: LAN Communication Gateways and Intel-connectivity NO. 310.08
DATE: / - 2/ -
1.0 PURPOSE
This policy defines network capabilities and requirements for EPA's Local Area Networks
(LANs).
2.0 SCOPE AND APPLICABILITY
This policy is applicable to all EPA organizations and their employees and to personnel of
agents (including State agencies, contractors and grantees) of EPA who are involved in the
design, development, acquisition, installation, operation, and maintenance of Agency LANs.
3.0 RESPONSIBILITIES
NDPD is responsible for policy maintenance and enforcement. NDPD will annually review
policies for needed modification and/or enhancement, and will provide technical support
for all Agency standard LANs.
LAN System Administrators are responsible for planning, installing, and managing day-to-
day operations for the LAN, as well as for coordinating activities with the Central Support
Group (TCB and ICB at NDPD), LANSYS, DECSYS, and vendors as appropriate.
4.0 POLICY
a. All Agency LANs are part of EPA's telecommunications network unless
exempted by the Director, NDPD, through the Telecommunications Service
Request (TSR) process. Each physical ring is limited to single-floor operation.
b. NDPD will only approve and support Agency-standard communications
gateways, bridges, and routers. Non-standard devices of these types are not
allowed except with the approval of the Director, NDPD, through the TSR
process.
c. Installation of all communication gateways, routers, bridges, and other back-
bone components requires approval by NDPD through the TSR process.
d. LANs within a single building will be networked via a centrally-located
"Facility Backbone" which will span all floors of the building requiring LAN
connectivity. For token-ring LANs, user LAN-based Novell routers will
provide connectivity from the user LAN to the facility backbone. Users who
have rings requiring source routing bridging to facility backbones will submit
a TSR for assistance and approval of an appropriate approach to accomplish
this function. (See Policy No. 310.01, Local Area Network (LAN) Planning.)
-------�
Page 2 of 3 NDPD OPERATIONAL POLICY NO. 310.08
e. Internetworking of LANs between buildings will be accomplished via IBM Type
1 cable, coax or fiber connections, where appropriate, utilizing their respective
repeaters. Internetworking between buildings may also be accomplished via
Agency standard Extended LAN Facilities (ELFs) supported by NDPD. The
TSR process is used to request assistance and approval for these connections.
Overall token-ring architecture for EPA Major Node sites:
Three "backbone rings" are currently being installed and maintained by NDPD in the
"central facility" at Regional and other "Major Node" locations, as follows:
• The familiar Facility Backbone is in place for general LAN use for inter-
connecting Novell-based user rings and central facilities (e.g., VABS
server, SNA gateway, Network Management, async. gateway, and ELF
links to other campus locations). This facility backbone is designed with
16 megabit rules, funded by NDPD, extends throughout the Major Node
central facility, and runs nominally at 4 megabit/sec speeds. It is not
intended for Print or Image traffic.
• The "Print PC Machine Room Backbone" is a single MAU, 4 megabit ring
that is located exclusively in the LMF machine room and supplied by
NDPD as part of the LMF removal project. It is connected to the backup
TIC on the 3720 FEP, as well as being bridged to the facility backbone
(with an NDPD-supplied PC) for backup and network management
reasons. Connected to this MAU are the 3174 cluster controller(s) and
two RJE print-PC's, also supplied as part of the LMF removal process.
This is the sole purpose and physical extent of this ring/MAU.
• The "Image Backbone Ring" is a third token ring dedicated to the support
of the AS400 Image Processing System under the SCRIPS project. It is
designed with 16 megabit rules. Initially it was intended to be operated
at 4 megabit/sec solely to connect AS400 IPS workstations to the AS400
system. It is funded jointly by the SCRIPS project and user organizations
and is to be deployed only to locations in the central facility where
Image workstations are to be located. The SCRIPS project furnishes a
bridge PC to connect this ring to the facility backbone for network
management purposes. The AS400 has two TICS--one connected to the
Image ring and one to the facility backbone for 3090 and "peer AS400"
access.
NDPD will continuously provide Network Management capabilities on these three rings under
the latest technology available, including Netview and LAN Manager.
Changes and special exceptions to this architecture are only allowed with the approval of the
Director, NDPD, under the TSR process.
5.0 DEFINITIONS
Agency Standard Token-Ring Communications Gateways, (a) CXIs PCOX/GW 3270 direct, 4
megabit/sec token-ring connection, (b) CXIs PCOX/GW 3270 9.6 Kbit/sec (RS232) and 56
Kbit/sec (V.35) SDLC connection, (c) Novell's Asynchronous Communications Server (ACS)
and (d) X.25 (future).
-------�
NDPD OPERATIONAL POLICY NO. 310.08 P«Ee 3 of 3
Agency Standard Ethernet Gateways, (a) DEC RTP-and-Cincinnati-based Ethernet-to-IBM
channel and link-attached SNA gateways, (b) BITNET: Joiner Associates JNET gateway, (c)
TCP/IP: Wollongong's "WIN-TCP" gateway installed on EPA VAX systems on a case-by-case
basis by written approval of the Director, NDPD, via the LAN TSR process.
Maior Node. A region is a major node.
Super Node. RTP, Cincinnati, and Headquarters are Super Nodes.
-------�
-------�
U.S. ENVIRONMENTAL PROTECTION AGENCY
NDPD OPERATIONAL POLICIES MANUAL
TITLE: LAN Security NO- 310.09
APPROVAL: „ ,„ „ ^ ,^
LV U\^M^
1.0 PURPOSE
This policy documents a prudent but minimal security control environment required by the
Agency to protect LAN systems and resources from theft, damage, and unauthorized use. This
policy defines LAN security objectives and security auditing requirements as defined by the
EPA Information Security Manual (Report 431/001) and the EPA Information Security Manual
for Personal Computers.
The security design for each LAN will be based on an individual risk assessment representing
a consensus of the management of that LAN and the need to meet applicable Federal laws and
regulations and OIRM policies. Each LAN shall meet a minimal level of security identified
below Compliance with these security policies is a prerequisite for connection to the Agency
LAN backbone and for support by NDPD. This policy addresses physical security, login
'securltyTiogical access security, and protection from virus attacks.
2.0 SCOPE AND APPLICABILITY
This policy is applicable to all EPA organizations and theii employees and all agents (including
State agencies, contractors, and grantees) of EPA who are involved in the design, development,
acquisition, installation, operation, maintenance, and use of LANs supported by NDPD. (Refer
to Policy No. 230.08, VAX Security, for additional information regarding Ethernet LANs.)
3.0 RESPONSIBILITIES
NDPD is responsible for:
• Monitoring security policy maintenance and compliance.
• Assisting each EPA LAN Coordinator in determining the security requirements
for his or her LAN and recommending security implementation to ensure the
integrity of the data and applications on that LAN.
• Auditing the security compliance of each Agency LAN at least every three years
in order to validate continued access to the Agency network and network
services.
• Communicating all security violations in writing to the designated EPA LAN
Coordinator for that LAN, and to NCC Computer Security with recommenda-
tions for corrective action.
LAN System Administrators are responsible for:
• Planning, installing, and managing day-to-day LAN security implementation in
accordance with this policy.
• Training users on the importance of maintaining non-trivial confidential
passwords.
-------�
Page 2 of 7 NDPD OPERATIONAL POLICY NO. 310.09
• Monitoring intruder lockout data to identify any attempted illegal access.
• Reporting any security violation to NCC Security.
• Ensuring that user-IDs remain active only for those users who currently require
access.
• Assessing the security requirements for each LAN system in accordance with the
EPA Information Security Manual.
LAN users are responsible for:
• Creating a non-trivial password for their user-IDs.
• Ensuring that their passwords are held in confidence.
• Reporting any observed security violations to the LAN System Administrator.
4.0 POLICY
4.1 BACKGROUND
As the number of new LAN installations increases, so does the number of programs and
quantity of data stored on these LANs. Microcomputers or personal computers (PCs) pose
numerous security issues by themselves. When work group PCs are connected to form LANs in
order to share resources, the task of securing these resources is even more difficult.
Any one work group LAN may be fairly self-contained and have a System Administrator (LAN
bystem Administrator). Once these separate LANs are connected via a facility-wide backbone
physical access among work groups is granted. Processing power and data storage are
distributed, but so are access points. Security becomes a larger issue for all users and System
Administrators.
The degree of security needed at a LAN site will vary with the type of data processed and the
physical security afforded by the facility. A careful analysis of the value of the resources and
the level of security needed must be viewed system-wide. (An analysis technique is provided
in the EPA Information Security Manual.) The factors of risk and consequences of corrupted
or stolen data must be considered. The ramifications in terms of time, money, and resources
to restore the system must be considered. Since access to the resources is shared, some minimum
levels of security must be maintained throughout the network.
The following policy sections state the minimum levels of security which must be implemented
and maintained. Failure to comply with these policies will result in disconnection of a LAN
[roj" the^gejncyjjUernctwork and removal of NDPD support. ~ '—•
4.2 PHYSICAL AND ENVIRONMENTAL SECURITY
Physical security of the LAN and its access points is critical to the overall security of the LAN
Physical security controls for each LAN access point (workstations, file servers, wire closets,
and dial-in) are discussed in this policy. Requirements in the physical security area were
derived from the EPA Information Security Manual and have been summarized in the
appropriate policy sections. For a more extensive explanation of the physical security controls
required by the Agency, refer to the EPA Information Security Manual.
-------�
NDPD OPERATIONAL POLICY NO. 310.09 P«ie 3 of 7
4.2.1 File Servers
The following security measures are required for an EPA token-ring LAN file server: (Refer
to Policy No. 230.08, VAX Security, for applicable Ethernet information.)
a The file server must be located in either a secure area (e.g., a locked or con-
tinuously monitored area), or procedures must be implemented by the LAN
System Administrator to prevent unauthorized access to the server.
b The keyboard must be locked when not in use by the LAN System Administrator.
All file servers should be protected by "keyboard lock" Value Added Process (for
Netware 286) or Netware Loadable Module (for Netware 386). PS/2 file servers
must also be protected with ROM boot passwords.
c. File servers must be dedicated systems and not utilized by an individual user as
a workstation.
d. At a minimum, critical files/programs must be backed up on a file server hard
disk on a daily (incremental) and weekly (full) basis.
e. An Uninterruptible Power Supply (UPS) capable of supporting the server in the
event of electrical system failure must be installed.
f. Smoking is not permitted in the server room.
g. A fire extinguisher suitable for extinguishing an electrical fire must be present
in the area where the server is housed.
h. Antistatic mats must be in place to protect all servers and gateways from damage
resulting from static electrical discharge.
4.2.2. Cables. MAUs. and Wire Closets
a. Multistation Access Units (MAUs) and fiber repeaters must be located in a
secured wiring closet. The wiring closet must remain locked at all times unless
the LAN System Administrator or a repair technician requires access to the area.
b. Unused, installed cabling must not be connected to the network, thereby
providing an open access point to the LAN. Patch cable connections to
operational MAUs will only be made to active workstations.
c. H Protocol analyzers and other devices capable of reading and decoding data
I transmitted on LAN wiring must be kept locked except when in use. These
1 devices shall only be used with the knowledge and consent of NDPD/LANSYS.
-------�
Page 4 of 7 NDPD OPERATIONAL POLICY NO. 310.09
4.3 LOGICAL SECURITY
4.3.1 Loein and User-ID Restrictions
a. Supervisor passwords shall be kept in strict confidence and shall be known only
to the LAN System Administrator, backup Administrator, and the central
support group site LAN System Administrator. There shall be no more than
three supervisor level user-IDs defined for a given file server. These user-IDs
must only be used when a particular task specifically requires supervisor
privileges. The passwords for these user-IDs should be non-trivial, no less than
six characters in length, and should be changed at least every 90 days. The
operating system should be used to enforce the latter two conditions.
b. User-level passwords should be no less than six characters in length and should
be non-trivial. At a minimum, NDPD encourages all users to at least alternate
between two non-trivial passwords on a semiannual basis.1 This is a minimum
password requirement. Should analysis of the information security needs of
your LAN (referenced elsewhere in this policy) indicate a requirement for
higher levels of security, operating system-based mandatory password changes
features should be implemented.
The practice of recording passwords on media viewable by other personnel is not
permitted. Ease in obtaining a new password from the LAN System Administra-
tor will be promoted as an alternative.
c. Repeated, unsuccessful attempts to log in should be noted by the LAN System
Administrator and the operating system should be used to lock the user account
after 4 unsuccessful attempts. The account should remain locked for the
maximum time period allowed by the operating system, or until the LAN System
Administrator unlocks the account.
d. User-IDs or groups of user-IDs shall be given access to a file server based on a
specific requirement. Providing all users with blanket access to all file servers
solely for ease of configuration is not allowed.
e. Training user-IDs and maintenance user-IDs must be approved by the LAN
System Administrator and rendered inactive immediately after the training or
maintenance task is completed. User-IDs developed for training need not be
rendered inactive after every class if there are multiple classes during a given
day, but these User-IDs should be rendered inactive and reinstated at the end of
the training task (i.e., training session of less than one day's duration).
f. By default, the operating system should be used to limit the number of
concurrent logins for any user-ID to one. Sharing of user-IDs on the system is
strictly prohibited. To control sharing of user-IDs, user-IDs to allow multiple
logins should be established based on user processing needs.
NDPD has formally requested that Novell modify their software to allow EPA to enforce the use of
alternation between two unique passwords. Currently software requires these passwords to be unique
through eight changes. When Novell provides the capability of enforcing alternate unique passwords, EPA
will modify its policy to require implementation of this feature.
-------�
NDPD OPERATIONAL POLICY NO. 310.09 Page 5 of 7
g. If auto-login scripts for system access are utilized, scripts may not contain the
password associated with the user-ID. Prompting the user for the password by
the login script, however, is an acceptable practice.
h. Application-specific user-IDs and generic user-IDs not requiring passwords, such
as those implemented on Value-Added Backbone Services (VABS) servers, must
have additional security measures implemented at the directory and file level.
These user-IDs must be given rights to only those directories and files necessary
for proper execution of the application.
i. The GUEST user-ID should either be removed from all servers or password-
protected and removed from the group EVERYONE. It is generally known that
this user-ID is automatically created without a password during system
installation.
j. LAN System Administrators requiring logins to user accounts for problem
recreation and resolution shall change the user password prior to performing the
work and inform the user that the password must be changed by the user after
the work is performed. This second change will be enforced by the network
operating system.
4.3.2 Directory and File Access
a. The default file and directory protection as outlined in the LAN System
Administrator Technical Reference Guide provides continuity among Agency
file servers and protects applications and data for which the individual user is
the custodian. This default structure, as distributed by NDPD or its agents,
should not be changed without written approval from the Agency LAN Program
Manager.
b. Application software that does not provide 1 i ecu s i ngjgntrol must be installed
with appropriate "front end" routines in order TcTrestrTct the number of
concurrent users to those who are legally entitled to use the software. The front-
end routines must be approved by the particular vendor as an acceptable
licensing control.
c. Application software shall be installed to provide users with the lowest level of
access needed to access and execute the application. The operating system
"execute only" flag should be used whenever possible to protect application
software from unlawful copying and/or viral infection.
d. The EPA LAN Coordinator shall be responsible for all software license
agreements and shall ensure strict adherence to the provisions of the agreements.
4.3.3 Virus Protection
a. LAN System Administrators utilizing Supervisor-equivalent user-IDs shall log
in to other workstations with a known virus-free boot disk.
b. LAN System Administrator workstations should execute a virus monitoring
program upon startup. This program must remain resident while the workstation
is operating.
-------�
Page 6 of 7 NDPD OPERATIONAL POLICY NO. 310.09
c. A check for viruses or other unauthorized programs will be performed prior to
backing up file server data for those organizations subscribing to the NDPD
data management service. NDPD will supply LAN System Administrators with
virus detection software for those organizations not subscribing to the data
management service.
d. New software (non-vendor) must be checked for a virus by the central site
support group prior to being loaded on a LAN.
4.3.4 Auditing and Monitoring
a. The LAN System Administrator will periodically (at least weekly) review the
audit log for login and data access problems on the system. The operating system
SECURITY utility should be run at least monthly to identify any potential
security gaps. The LAN System Administrator will report any operational or
security problems to the EPA LAN Coordinator and NCC Security.
b. Use of software and/or hardware devices to monitor or analyze LAN operation,
remote workstations, or message traffic is prohibited for the general LAN
community and is reserved for the LAN System Administrator and his/her
agent(s). Users will be notified of monitoring activities unless a user suspected
of engaging in illegal or unauthorized activities on the LAN is being monitored.
4.4 DIAL-IN ACCESS SYSTEMS
Access to a LAN which has no connections to the outside is generally limited to those with
access to the facility itself. Once dial-in access to the LAN is provided, the network is
potentially opened to the public, and additional controls are needed for a networked
environment. Dial-in, however, only provides access similar to that provided by a network
attached workstation. Server operating system security must still be surmounted. Users can
dial in via a single dedicated PC or via a multiport remote access server. An important
distinction is made for the dedicated PC environment in that the user has access to the local
drives of the dedicated PC. Otherwise, security implementations are similar for both.
a. For dial-in access directly to a LAN-based workstation, users must implement
password protection at the dial-in host. Call-back features should be used when
possible.
b. LAN dial-in capability is intended strictly for use by Agency staff and their
agents. Agency bulletin board systems which are accessed by the public shall not
be attached to the Agency intranet.
c. LAN System Administrators must create and maintain an operating system
"Group" for each file server which contains the user-IDs of those users
authorized for dial-in access. Logic must be coded in the individual login scripts
of these users which will combine membership in the aforementioned Group and
physical network address as criteria for login access to the server. Instructions
for implementing this logic can be found in the Security chapter of the LAN
System Administrator's Technical Reference Manual.
d. The audit trail function provided by the Access Server must be activated and the
audit log must be monitored at least weekly.
-------�
NDPD OPERATIONAL POLICY NO. 310.09 Page 7 of 7
4.5 RISK ANALYSIS AND SECURITY ASSESSMENT
Organizations planning to implement a LAN should use the following tables and worksheets
extracted from the EPA Information Security Manual (see Policy No. 310.01, Local Area
Network (LAN) Planning) as a guideline for determining the sensitivity of applications and
data in terms of availability, integrity, and confidentiality:
• TABLE FOR SENSITIVITY EVALUATION. This table is referenced as Table
4-1 in the EPA Information Security Manual.
• DETERMINING RELEVANT SECURITY OBJECTIVES AND DEGREE OF
SENSITIVITY worksheet. This worksheet is referenced as Table 4-2 in the EPA
Information Security Manual.
• SENSITIVE APPLICATION CERTIFICATION WORKSHEET. This worksheet
is referenced as Exhibit B-l in Appendix B of the EPA Information Security
Manual.
• RISK ANALYSIS WORKSHEET. This worksheet is referenced as Exhibit C-l
in Appendix C of the EPA Information Security Manual.
A file should be maintained with these worksheets and should be updated when new
applications are added to the existing environment. The following additional controls may be
implemented based on the assessments made:
a. Users and administrators should only be allowed to log in to the file server from
workstations which are assigned to those users. The operating system can be
used to enforce these logical network and physical workstation address
limitations.
b. Passwords for all user-IDs should be changed at least every ninety days. This
should be enforced by the network operating system. ~~~
c. It LANs which are processing sensitive information should not be connected to the
l\ Agency internetwork.
d. Operating system GROUPS should be established which contain only the user-
IDs of users needing access to sensitive information.
-------�
-------�
U.S. ENVIRONMENTAL PROTECTION AGENCY
NDPD OPERATIONAL POLICIES MANUAL
TITLE: LAN Change Management _ NO. 310.10
DATE:
1.0 PURPOSE
Hardware and software commonality must be maintained so that Local Area Networks (LAN's)
can function effectively in the Agency's integrated network. This policy ensures that all
changes are managed in a timely manner with minimum disruption to system performance.
2.0 SCOPE AND APPLICABILITY
This policy is applicable to all EPA organizations and their employees, and to personnel of
agents (including State agencies, contractors, and grantees) of EPA who are involved in the
design, development, acquisition, operation, and maintenance of Agency LAN's.
3.0 RESPONSIBILITIES
NDPD is responsible for policy maintenance and enforcement. NDPD will annually review
policies for needed modification and/or enhancement, and will provide technical support for
all Agency standard LANs.
LAN System Administrators are responsible for planning, installing, and managing day-to-day
LAN operations and change management, as well as for.coordinating activities with the NCC
LANSYS, DECSYS, and NDPD Telecommunications Department support groups and
appropriate vendors.
4.0 POLICY
a. The central LAN support group and/or the LAN System Administrator shall
carry out established local management policies and procedures, including
documentation requirements as recommended in the LAN Technical Reference
Manual. These policies and procedures shall be established through the
appropriate EPA LAN Coordinator, in consultation with the cognizant ADP
Coordinator as required.
b. The LAN System Administrator shall manage performance of change manage-
ment activities and inform users of all major changes prior to their taking
effect. At a minimum, the LAN System Administrator will maintain a simple
log of all changes with the date and time of implementation.
c. The following changes must be approved by NDPD and tracked through the
Telecommunications Service Request (TSR) process (sec Policy No. 310.01. Local
Area Network (LAN) Planning), or via Change Management for VAX LANs:
(1) Modifications or major upgrades to system software.
(2) Installs, upgrades, and configuration changes in the LAN operating
system, communications gateways, repeaters, LAN-to-LAN bridges,
routers, and other internetwork connections.
-------�
Page 2 of 2 NDPD OPERATIONAL POLICY NO. 310.10
(3) Additions to or changes in connections to a facility backbone and/or
Extended LAN Facility.
(4) Changes in LAN wiring type.
(5) Changes in LAN System Administrator assignments.
(6) Any configuration changes exceeding the following limits:
• 200 total connections on a token-ring using Type-1 wiring.
• 50 total connections on a token-ring using Type-3 wiring.
• 10 connections on a single Farallon Phonenet Apple network unit.
• 20 connections on a single AppleTalk network.
d. Proper notification will be given to affected individuals for any network outage
resulting from changes.
-------�
U.S. ENVIRONMENTAL PROTECTION AGENCY
NDPD OPERATIONAL POLICIES MANUAL
TITLE: LAN Timeshare Accounting NO.: 310.11
APPROVAL:
1.0 PURPOSE
OMB Circular A-130 requires all Government agencies to establish and implement policies and
procedures to:
a. Account for the full cost of operating data processing facilities.
b. Allocate all costs to users according to the service they receive.
This policy ensures that these requirements are met.
2.0 SCOPE AND APPLICABILITY
This policy is applicable to all EPA organizations and their employees, and to personnel of
agents (including State agencies, contractors, and grantees) of EPA who are involved in the
design, development, acquisition, operation, and maintenance of Agency LAN's.
3.0 RESPONSIBILITIES
NDPD is responsible for policy maintenance and enforcement. NDPD will annually review
policies for needed modification and/or enhancement, and will provide technical support for
all Agency standard LAN's.
4.0 POLICY
NDPD will publish timeshare chargeback rates and collect timeshare charges as appropriate.
-------�
-------�
U.S. ENVIRONMENTAL PROTECTION AGENCY
NDPD OPERATIONAL POLICIES MANUAL
TITLE: Wiring and Optical Fiber Cabling for NO. 310.12
Voice and. Data Telecommunications
^ DATE:
1.0 PURPOSE
Adherence to this policy will ensure consistency in the selection and use of wiring and optical
fiber components at the National Computer Center and enable NDPD to provide appropriate
and necessary support to the NCC user community.
The objectives of this policy are to:
a. Ensure that all wiring acquisitions are consistent to facilitate EPA's ability to provide
quality support to the NDPD user community.
b. Provide a compatible environment for applications.
c. Preserve the Agency's telecommunications network stability and performance.
2.0 SCOPE AND APPLICABILITY
This policy is applicable to all EPA organizations and their employees, and to personnel of
agents (including State agencies, contractors, and grantees) of EPA who are involved in the
design, development, acquisition, operation, and maintenance of the Agency network at EPA
locations.
3.0 RESPONSIBILITIES
NDPD is responsible for policy maintenance and enforcement, and will annually review
policies for needed modification and/or enhancement.
4.0 POLICY
Each user request for a wiring medium other than that herein described will be reviewed on
a case-by-case basis by the NDPD to determine compatibility and an appropriate level of
support. Requests must be submitted in writing to the Director, NDPD, under the TSR process.
The NDPD "Decision Paper" process will be used to document and determine the level of
support to be provided a "new" design.
The following specifications have been established for various wiring media:
a. Vertical wiring for VOICE shall consist of unshielded twisted pairs, as requireo.
b. Station wiring for VOICE shall consist of unshielded twisted pairs, as required.
-------�
Page 2 of 3 NDPD OPERATIONAL POLICY NO. 310.12
c- Token-Ring vertical backbone wiring for DATA shall include 802.5 cabling consisting
of IBM Type 1, Teflon™-coated, shielded twisted pair, or optical cable as designated in
the National Electrical Code:
(1) Cable in plenums, ducts, and floor-to-floor risers will be Type CMP (copper cable).
(2) Optical cables in plenums, ducts, and floor-to-floor risers will be Type OFNP.
(3) "Standard" optical cable, nonplenum, will be Type OFC or OFN.
EPA token ring backbones shall be constructed under 16 megabit/sec design rules, but
operated at 4 megabit speeds unless approved for speedup by NDPD under the TSR pro-
cess. Contact LANSYS for details.
d. Ethernet vertical backbone wiring for DATA shall include 802.3 thickwire cabling
where user requirements dictate an Ethernet facility. This cabling consists of Teflon-
coated, standard Ethernet coaxial cable. Ethernet LANs shall be constructed under
standard 10 megabit/sec design rules. Contact DECSYS for details.
e- Vertical wiring for special needs (LDM circuits, terminal servers, etc.) shall consist of
unshielded twisted pair, Teflon-coated, as appropriate.
f- Token-Ring station wiring for DATA shall consist of IBM Type 1, Teflon-coated,
shielded twisted pair, Type 3, or optical cable run from wiring closets on each floor to
each workstation as designated in the National Electrical Code:
(1) Cable in plenums, ducts, and floor-to-floor risers will be Type CMP (copper cable).
(2) Optical cables in plenums, ducts, and floor-to-floor risers will be Type OFNP.
(3) "Standard" optical cable, nonplenum, will be Type OFC or OFN.
Type 3 supports up to 4 MBPS; Type 2 up to 16 MBPS. EPA token ring user LANS shall
normally be constructed under 4 megabit/sec design rules. However, if the user
organization's SIRMO feels strongly that the network must operate at 16 megabits/sec,
he or she may request and fund an implementation under the TSR process for a 16
megabit/sec user ring.
8- Ethernet station wiring for DATA shall consist of Type 3, four-pair, unshielded twisted
pairs, where connection is required as a terminal through a terminal server, and 802.3
thinwire coax cabling, twisted pairs under the IEEE 10 BASET standard where user
requirements dictate a direct-connection to an Ethernet facility. For direct connection
to a thick wire Ethernet backbone, standard PVC or Teflon-coated Ethernet "transceiver-
AUI" cables shall be used as appropriate.
h- Terminal to Asvnc ASCII and 3270 services shall consist of one run Type 3, four-pair,
unshielded twisted pairs from wiring closets on each floor to each workstation. This
wiring facilitates the use of one ASCII terminal and one 3270, balun-matched device per
user location, or two of either terminal type.
i. All wiring will conform to the applicable national and local electrical codes for "optical
fiber cabling" and "computer/communications wiring."
-------�
NDPD OPERATIONAL POLICY NO. 310.12
Page 3 of 3
j In designated facilities, based on distance constraints of the LAN technology involved,
an optical fiber system consisting of 62.5/125 micron, multimode optical fiber cabling
and associated patch equipment shall be used with appropriate cable coatings and
connectors.
In general, the above policies are based on the Electrical Industries Association (EIA) building
wiring work group TR 41.8.1 standards proposals now before EIA and ANSI for final approval.
Users should consult the final standard for more details. The latest National Electrical Code
designates:
a Cable types in plenums, ducts, and floor-to-floor risers will be Type CMP (copper cable).
b. Optical cables in plenums, ducts, and floor-to-floor risers will be Type OFNP.
c. "Standard" optical cable, nonplenum, will be Type OFC or OFN.
5.0 DEFINITIONS
Balun
Coaxial Cable
Station
Thickwire
Thinwire
10BASET
AUI Cable
Transceiver
Twisted Pair
Type 1
Type 3
A device used to convert coaxial cable to twisted pair wiring and twisted
pair to coaxial. Two types of baluns are used in EPA for passing 3270
signals over twisted pairs and Ethernet signals over Type 1 Token-Ring
station wiring.
Two-conductor, concentric, constant impedance transmission cable.
A single addressable device on a LAN.
A Digital trademark used to describe its IEEE 802.3 compliant Ethernet
cable used for backbone wiring in LANs.
A Digital trademark used to describe its IEEE 802.3 compliant Ethernet
cable used for limited distance station wiring.
The new IEEED 802.3-related 10 megabit/sec Ethernet wiring standard
which utilizes unshielded twisted pairs of designated maximum lengths for
Ethernet station wiring.
A type of Ethernet cabling of a designated length used to connect an
Ethernet "station" to a backbone via a "transceiver." (Also called a
"transceiver cable.")
A device attached to an Ethernet backbone which allows a connection to an
Ethernet "station."
Multiple-conductor cable whose component cables are paired together,
twisted, and enclosed within a single jacket.
An IBM identifier used to describe its IEEE 802.5-compliant, IBM, Teflon-
coated, shielded, twisted pair wiring.
An IBM identifier used to describe its IEEE 802.5-compliant, IBM, four-pair,
unshielded, twisted pair.
-------�
-------�
U.S. ENVIRONMENTAL PROTECTION AGENCY
NDPD OPERATIONAL POLICIES MANUAL
TITLE: WIRING AND OPTICAL FIBER CABLING NO.: 310.13
FOR VOICE AND DATA TELECOMMUNICATIONS
APPROVAL: /s/ Donald W. Fulford DATE: 8/16/89
1.0 PURPOSE
Adherence to this policy will ensure consistency in the selection
and use of wiring and optical fiber components at the National
Computer Center and enable NDPD to provide appropriate and
necessary support to the NCC user community.
The objectives of this policy are to:
a. Ensure that all wiring acquisitions are consistent to facili-
tate £PA's ability to provide quality support to the NDPD
user community.
b. Provide a compatible environment for applications.
c. Preserve the Agency's telecommunications network stability
and performance.
2.0 SCOPE £ APPLICABILITY
This policy is applicable to all EPA organizations and their
employees, and to personnel of agents (including State agencies,
contractors, and grantees) of EPA who are involved in the design,
development, acquisition, operation, and maintenance of the
Agency network at EPA locations.
3.0 RESPONSIBILITIES
NDPD is responsible for policy maintenance and enforcement, and
will annually review policies for needed modification and/or
enhancement.
-------�
NDPD OPERATIONAL POLICY NO. 310.13 Page 2 of 4
M.O POLICY
Each user request for a wiring medium other than herein described
will be reviewed on a case-by-case basis by the NDPD to determine
compatibility and an appropriate level of support. Requests must
be submitted in writing to the Director, NDPD. The NDPD
"Decision Paper Process" will be used to document and determine
the level of support to be provided a new design.
The following specifications have been established for various
wiring medium:
a. Vertical wiring for VOICE shall consist of unshielded
twisted pairs, as required.
b. Station wiring for VOICE shall consist of unshielded
twisted pairs, as required.
c. Token-Ring vertical backbone wiring for DATA shall include
802. r. cabling consisting of IBM Type 1, Teflon-coated,
shielded twisted pair or optical cable as designated in the
National Electrical Code=
(1) Cable types in plenums, ducts, and floor-to-floor risers
will be Type CMP (copper cable).
(2) Optical cable: in plenums, ducts, and floor-to-floor
risers will be Type OFNP.
(3) "Standard" optical cable, nonplenum, will be Type OFC
or OFN.
The National Electrical Code (NEC) is published by the
National Fire Protection Association (NFPA), copyright 1988,
and is a nationally accepted guide for safe installation of
electrical conductors and equipment. For more information,
contact NFPA, Batterymarch Park, Quincy, MA 02269-9990.
d. Ethernet vertical backbone wiring for DATA shall include 802.3
Thickwire cabling where user requirements dictate an Ethernet
facility. This cabling consists of Teflon-coated, standard
Ethernet coaxial cable.
e. Vertical wiring for special needs (LDM circuits, terminal
servers, etc. ) shall consist of unshielded twisted pair,
Teflon-coated, as appropriate.
-------�
NDPD OPERATIONAL POLICY NO. 310.13 Page 3 of 4
f Token-Ring station wiring for DATA shall consist of IBM Type 1,
Teflon-coated, shielded twisted pair, Type 3, or optical cable
run from wiring closets on each floor to each workstation as
designated in the National Electrical Code:
(1) Cable types in plenums, ducts, and floor-to-floor risers
will be Type CMP (copper cable).
(2) Optical cables in plenums, ducts, and floor-to-floor
risers will be Type OFNP.
(3) "Standard" optical cable, nonplenum, will be Type OFC or
OFN.
Type 3 supports up to M MBPS; Type V up to 16 MBPS.
g. Ethernet station wiring for DATA shall consist of Type 3,
four pair, unshielded twisted pairs where connection is
required as a terminal through a terminal server or 802.3
Thinwire coax cabling where user requirements dictate a
direct connection to an Ethernet facility. For direct Con-
nection to a Thickwire Ethernet backbone, standard PVC or
Teflon-coated Ethernet "transceiver-AUI" cables shall be
used as appropriate.
h. Terminal to Asynch ASCII and 3270 services shall consist of
one run Type 3, four-pair, unshielded twisted pairs from
wiring closets on each floor to each workstation. This
wiring facilitates the use of four ASCII terminals and/or
3270, balun-matched devices per user location.
i. All wiring will conform to the applicable national and local
electrical codes for "optical fiber cabling" and "computer/
communications wiring."
j In designated facilities and based on distance constraints
of the LAN technology involved, an optical fiber system
consisting of 62.5/125 micron, multimode optical fiber
cabling and associated patch equipment shall be used with
appropriate cabling coatings and connectors.
-------�
NDPD OPERATIONAL POLICY NO. 310.13
Page 4 of
k.
In general, the above policies are based on the Electrical
Industries Association (EIA) building wiring work group,
TR 41.8.1 standards proposals, now before EIA and ANSI for
final approval. Users are recommended to consult the final
standard for more details as appropriate. The latest
National Electrical Code designates:
( 1 )
Cable types in plenums, ducts, and floor-to-floor risers
will be Type CMP (copper cable).
(2) Optical cables in plenums, ducts, and floor-to-floor
risers will be Type OFNP.
(3) "Standard" optical cable, nonplenum, will be Type OFC
or OFN.
5.0 DEFINITIONS
Balun
Coaxial Cable
Station
Thickwire
Thinwire
Twisted Pair
Type 1
Type '3
A device used to convert coaxial cable to twisted
pair wiring and twisted pair to coaxial.
Two-conductor, concentric, constant impedance
transmission cable.
A single addressable device on a LAN.
A Digital trademark used to describe its IEEE 802.3
compliant Ethernet cable used for backbone wiring
in LAN's.
A Digital trademark used to describe its IEEE 802.3
compliant Ethernet cable used for limited distance
station wiring.
Multiple-conductor cable whose component cables are
paired together, twisted, and enclosed within a
single jacket.
An IBM identifier used to describe its IEEE 802.5
compliant, IBM, Teflon-coated, shielded twisted
pair wiring.
An IBM identifier used to describe its IEEE 802.5
compliant, IBM, four-pair, unshielded twisted pair.
-------�
U.S. ENVIRONMENTAL PROTECTION AGENCY
NDPD OPERATIONAL POLICIES MANUAL
TITLE: EPA Email System Management NO.: 320.01
APPROVAL: /Q//? ^j A /} I) O DATE: 2/23/89
1.0 PURPOSE
The EPA Email System Management Policy establishes the following course of action
pertaining to electronic mail:
a. Objectives for managing the system.
b. Functions to be managed to meet the objectives.
c. Responsibilities for system management, administration, operation, and support
of the system.
2.0 SCOPE & APPLICABILITY
This policy applies to all NDPD and contractor staff personnel responsible for providing
management, operation, and support of the EPA Email system.
Any deviation from this policy must be approved in writing by the Director of NDPD.
3.0 RESPONSIBILITIES
The EPA Email Technical Manager will coordinate Agencywide use of the EPA Email system,
establish usage standards, provide overall cost monitoring and control, and manage all aspects
of the Computer Based Messaging System (CBMS) contract.
The EPA Email contractor will provide the system services as defined in the CBMS contract.
The Electronic Mail (Email) Coordinators will coordinate all EPA Email activities within their
organizations.
The FM contractor will establish an EPA Email Support Group. The group will:
a. Provide general technical support.
b. Coordinate all EPA Email system training.
c. Perform all EPA Email system management functions.
d. Provide administrative support to the EPA Email Technical Manager.
-------�
NDPD OPERATIONAL POLICY NO. 320.01 Page 2 pf 2
4.0 POLICY
a. The EPA Email system will be managed in a manner to provide a cost-effective
service to the EPA Email user community.
b. The EPA Email system will be managed to meet the service levels defined bv
the Director of NDPD.
c. While the organizational structure of the NDPD and the supporting contractors
may change from time to time, the following major areas of responsibility will
DC managed:
(1) System Operations
(2) System Access
(3) System Usage
(4) System Costs
(5) System Funding
(6) Management Reporting
(7) User Services
5.0 DEFINITIONS
a- System Operation consists of contract specifications, system availability
response time, and products and services provided.
b- System Access consists of service accessibility and network management.
c. System Usage consists of resource usage data and reports, usage trends and needs
analyses, and new products/services review and recommendations.
d. System Costs consists of contract costs review, monthly invoice verification
analyzing trends in costs, budget versus actual costs review FY budget
requirements, and cost controls.
e- System Funding consists of analyzing basic system and Service Level Agreement
requirements.
f- Management Reporting consists of resource usage, cost and trend reports and
directory reports.
g- User Service-; consists of user registration and training; documentation requests-
problem tracking, resolution, and escalation; development and support of special
applications; and directory and reference list maintenance.
-------�
U.S. ENVIRONMENTAL PROTECTION AGENCY
NDPD OPERATIONAL POLICIES MANUAL
TITLE: EPA Email System Service Levels NO.: 320.02
DATE; 2/23/89
^
1.0 PURPOSE
The EPA Email System Service Level Policy establishes the following course of action
pertaining to electronic mail:
a. Scheduled hours of system availability and support.
b. Service level goals.
c. System stability goals.
2.0 SCOPE & APPLICABILITY
This policy applies to all NDPD and contractor staff personnel responsible for the
management, operation, and support of the EPA Email system.
Any deviation from this policy must be approved in writing by the Director of NDPD.
3.0 RESPONSIBILITIES
The EPA Email contractor and the FM contractor will develop, update, and maintain
procedures to implement this policy.
The EPA Email contractor and the FM contractor will adhere to NDPD policies and procedures
and CBMS contract specifications to ensure that service level objectives are met.
The EPA Email contractor and FM contractor will advise the EPA Email Technical Manager
of potential problems and system changes that might have an adverse impact on the EPA Email
system operation and/or support.
4.0 POLICY
a. The EPA Email system will be available to the EPA user community 7 days a
week, 24 hours each day.
b. The EPA Email system will be accessible through:
(1) The EPA Private Network
(2) Local Direct-Dial (Washington, DC)
(3) Value-Added Networks (Tymnet, Telenet)
(4) WATS
c. The EPA Email system will be able to interface with the various word processing
equipment and PC word processing software supported by the Agency.
-------�
NDPD OPERATIONAL POLICY NO. 320.02 Page 2 of 3
d. The EPA Email system will support and preserve the complete 128-character
ASCII set (upper and lower case).
e. The EPA Email system availability rate will be at least 99 percent each month.
f. The EPA Email contractor will schedule any preventive maintenance between
2400 and 0600 hours.
g. The EPA Email system response time will be 5 seconds or less, 95 percent of the
time.
h. The EPA Email system will provide the capability to automatically log a user
off after a defined period of system inactivity. The length of this period is
defined and controlled by the EPA Email Technical Manager.
i. The EPA Email contractor will provide the following products as defined in the
CBMS contract:
(1) Basic Service - no additional usage charges: MAIL.
(2) Extra Services - no additional usage charges:
Service Function
(a) TEXT text editor
(b) WPMAIL batch mail transfer
(c) PCMAIL batch mail transfer
(d) POST/PRPOST bulletin boards
(e) REQUEST forms processor
(f) PERFORMS forms processor
(g) CALENDAR scheduling system
(h) CHAT on-line conferencing
(i) NET-TALK on-line conferencing
(j) LEARN on-line tutorial
(k) KERMIT file transfer
(3) Premium Services - additional usage charges:
Service Function
(a) EPUB data base management
(b) TRADEPOST bulletin boards
(c) INFOX data base management
(d) FT file transfer
(e) OAG Official Airlines Guide
(f) NEWS & NEWS*TAB electronic news search
(g) UNISTOX UPI financial data
(h) NETLINK communications gateway
j. The EPA Email contractor will not directly market any of the above services
or any new products/services to the EPA user community. All product
announcements and promotions will be coordinated through the EPA Email
Technical Manager.
-------�
NDPD OPERATIONAL POLICY NO. 320.02 Page 3 of 3
k. The EPA Email contractor will provide technical assistance to the EPA Email
Technical Manager and the EPA Email Support Group from 8:00 a.m. through
5:30 p.m. Eastern time, Monday through Friday.
1. The EPA Email contractor will provide support to report and resolve
communication or hardware failures 7 days per week, 24 hours per day.
m. The EPA Email Support Group will provide direct assistance to the EPA Email
user community in the resolution of Email problems from 8:00 a.m. until 5:00
p.m. Eastern time, Monday through Friday.
n. The Basic MAIL service, the Extra services including TEXT, PCMAIL,
REQUEST, LEARN, and KERM1T, and the Premium service TRADEPOST
will be provided to all registered users.
o. Requests for Premium service resources and/or the development of applications
using Premium services must be submitted to the EPA Email Technical Manager
for review and approval. Requests must be submitted at the level of Division
Director or above.
p. The cost for applications using Premium service resources (e.g., EPUB,
TRADEPOST, and INFOX data bases) will be funded by the requesting user's
organization. Reference Policy 320.04, EPA Email Usage Accounting, Paragraph
4.0.f.
-------�
-------�
U.S. ENVIRONMENTAL PROTECTION AGENCY
NDPD OPERATIONAL POLICIES MANUAL
TITLE: EPA Email Problem Resolution NO.: 320.03
APPROVAL: /7 ///rl J / CJ DATE: 2/23/89
/^ X
1.0 PURPOSE
The EPA Email Problem Resolution Policy establishes the following course of action
pertaining to electronic mail:
a. Problem resolution objectives.
b. Problem resolution responsibilities.
c. Problem tracking and reporting requirements.
d. User notification requirements and responsibilities.
e. Management notification requirements and responsibilities.
2.0 SCOPE & APPLICABILITY
This policy applies to the EPA Email user community and to all NDPD and contractor staff
personnel responsible for the management, operation, and support of the EPA Email system.
Any deviation from this policy must be approved in writing by the Director of NDPD.
3.0 RESPONSIBILITIES
The EPA Email contractor and the FM contractor will develop, update, and monitor procedures
to implement this policy.
The EPA Email contractor and the FM contractor will adhere to NDPD policies and procedures
to ensure that problems are resolved expeditiously.
4.0 POLICY
a. The EPA Email Support Group will strive to resolve problems with the EPA
Email system as soon as possible after identification in order to provide the best
possible level of service to the user community.
b. The EPA Email Support Group will serve as the point of contact for reporting,
tracking, and resolving user-reported problems. The Support Group staff will
forward all problems which they cannot resolve to the EPA Email contractor
technical staff. Users may not call the EPA Email contractor technical staff
directly to obtain assistance.
c. The EPA Email Support Group will report to the EPA Email Technical Manager
the status of unresolved problems on a daily basis.
-------�
NDPD OPERATIONAL POLICY NO. 320.03 Page 2 of 2
d. Users reporting problems will be called within 24 hours, excluding weekends and
holidays, to advise them of the problem status.
e. Users will contact the EPA Email Technical Manager to discuss the status or
report dissatisfaction with the resolution of a reported problem.
f. The EPA Email Support Group will post messages on the Email System to notify
users of system problems. The messages will be posted on the EPA Email Banner
page and/or the EPA EMAILNEWS TRADEPOST as determined by the EPA
Email Technical Manager. Prior to broadcasting, messages must be reviewed and
approved by the EPA Email Technical Manager.
g. AH problems reported to the EPA Email Support Group will be entered into the
Problem Management System by close of business on the day the problem was
reported.
h. Problems encountered with the EPA Email system will be categorized as
hardware, software, performance, telecommunications, or user problems.
i. The EPA Email Support Group will submit a monthly report to the EPA Email
Technical Manager identifying the number, nature, and status of the problems
addressed during the reporting period.
j. The Director of NDPD will be immediately notified by the EPA Email
Technical Manager of any data loss experienced by the EPA Email user
community.
k. Closed problem reports will be archived for a period of 3 years from the date
the problem was logged.
-------�
U.S. ENVIRONMENTAL PROTECTION AGENCY
NDPD OPERATIONAL POLICIES MANUAL
TITLE: EPA Email Usage Accounting NO-: 320.04
1.0 PURPOSE
The EPA Email Usage Accounting Policy establishes the following course of action pertaining
to electronic mail:
a. Usage accounting objectives.
b. Usage services costs.
c. Management reporting requirements.
2.0 SCOPE & APPLICABILITY
This policy applies to the EPA Email user community and to all NDPD and contractor staff
personnel responsible for the management, operation, and support of the EPA Email system.
Any deviation from this policy must be approved in writing by the Director of NDPD.
3.0 RESPONSIBILITIES
The EPA Email Technical Manager will establish the resource usage chargeback rates.
The EPA Email contractor and the FM contractor will develop, update, and monitor procedures
to implement this policy.
4.0 POLICY
a. The EPA Email contractor will collect resource usage data by mailbox-ID. The
resource usage data and the monthly billing summaries will be available to the
EPA Email Technical Manager no later than 7 working days after the end of the
report month.
b. The EPA Email Technical Manager will use the usage data provided by the EPA
Email contractor to generate monthly management reports. These reports will
provide resource usage by mailbox-ID and summarized by organization. The
management reports will be distributed to all Email Coordinators no later than
15 working days after the end of the report month.
c. The Email Coordinator will review the monthly management reports. Any
problems or questions will be investigated and resolved by the Email
Coordinator.
d. The Basic MAIL service, the Extra services including TEXT, PCMAIL,
REQUEST, LEARN, and KERMIT, and the Premium service TRADEPOST
will be provided to all registered users.
-------�
NDPD OPERATIONAL POLICY NO. 320.04 Page 2 of 2
e. Requests for Premium service resources and/or the development of applications
using Premium services must be submitted to the EPA Email Technical Manager
for review and approval. Requests must be submitted at the level of Division
Director or above.
f. The costs for any Premium services are subject to a chargeback by the NDPD.
Each service request will be reviewed by the EPA Email Technical Manager.
A Service Level Agreement will be established between the NDPD and the
requesting organization for special applications using Premium service resources.
Specifically, the cost for the development and ongoing use of special
applications using Premium service resources, such as EPUB, TRADEPOST,
and INFOX data bases, will be funded by the requesting user's organization.
The NDPD will support the application during initial start-up, defined as 6
months, or the fiscal year boundary, whichever is longer, or for a maximum of
$5,000. After start-up, the requesting user's organization will be charged for
the Premium service. The NDPD will invoice the requesting user biannually,
after the first and third fiscal quarters.
-------�
U.S. ENVIRONMENTAL PROTECTION AGENCY
NDPD OPERATIONAL POLICIES MANUAL
TITLE: EPA Email User Registration NO.: 320.05
APPROVAL: f~] fi (1 , r \ A 9 D DATE: 5/2/90
1.0 PURPOSE
The EPA Email User Registration Policy establishes the following course of action pertaining
to electronic mail:
a. User registration objectives.
b. User registration requirements.
c. Reporting requirements for managing the user registration process.
2.0 SCOPE & APPLICABILITY
This policy applies to the EPA Email user community and to all NDPD and contractor staff
personnel responsible for the management and support of the EPA Email system.
Any deviation from this policy must be approved in writing by the Director of NDPD.
3.0 RESPONSIBILITIES
The FM contractor will develop, update, and monitor procedures to implement this policy.
The EPA Email Support Group will be responsible for all aspects of EPA Email system user
registration and directory maintenance.
The user community will follow the NDPD procedures derived from this policy to gain access
to the EPA Email system.
The Email Coordinator will review and approve all requests for Email system access in his/her
assigned organization. Each Email Coordinator will ensure that users are registered on the
EPA Email system for the purpose of conducting legitimate Agency business only.
4.0 POLICY
The objective of the EPA Email User Registration Policy is to provide the guidelines to
effectively respond to user's requests for system access and to monitor and control the use of
Email resources.
a. User registration procedures will conform to the objectives of this document.
b. Requests for system access will be submitted by the requesting user through the
on-line Email application form. The completed form will be sent to the reques-
ting user's Email Coordinator for review and approval.
-------�
NDPD OPERATIONAL POLICY NO. 320.05 Page 2 of 2
c. Turnaround time for an Email system mailbox request will be 24 hours from the
time the request was submitted to the EPA Email Support Group.
d. Two types of mailboxes will be assigned:
Individual Mailboxes. An individual mailbox will be issued by the EPA Email
Support Group to the requesting user, the mailbox owner. The mailbox owner
is responsible for all activities attributed to the mailbox. Each individual
mailbox will be initialized with the Basic MAIL service, the Extra services
including TEXT, PCMAIL, REQUEST, LEARN, and KERMIT, and the Premium
service TRADEPOST, and issued with a standard initial password. The initial
password should be changed by the mailbox owner the first time the mailbox
is accessed. The mailbox password should be kept confidential at all times and
changed at least every 90 days.
Group Mailboxes. A group mailbox will be issued by the EPA Email Support
Group in special cases to meet the specific needs of defined groups where access
to a mailbox is required by more than one user. A registered owner is assigned
for each group mailbox. The registered owner is the point of contact for all
communication with the EPA Email Support Group regarding the management
and use of the group mailbox. The registered owner is responsible for all
activities attributed to the group mailbox. Each group mailbox will be
initialized with the Basic MAIL service, the Extra services including TEXT,
PCMAIL, REQUEST, LEARN, and KERMIT, and the Premium service
TRADEPOST, and issued with a standard initial password. The initial password
should be changed by the registered owner the first time the mailbox is accessed.
The registered owner is responsible for maintaining the confidentiality of the
password among the defined group and periodically changing the group mailbox
password, at least every 90 days.
e. Mailboxes that have not been accessed for 90 days are considered inactive.
Inactive mailboxes will be removed and reassigned.
f. The mailbox-ID's of users terminating employment will be deleted from the
system and reassigned.
g. The EPA Email Support Group will be responsible for the deletion and
reassignment of mailboxes.
h. The Email Coordinator will send a list to the EPA Email Support Group of any
changes required to the EPA Email directory.
i. System utilization will be recorded for each mailbox.
j. The EPA Email Support Group will provide a monthly report to the EPA Email
Technical Manager on the number and status of Email registration requests.
Indicates revision.
-------�
U.S. ENVIRONMENTAL PROTECTION AGENCY
NDPD OPERATIONAL POLICIES MANUAL
TITLE: EPA Email System Security NO.: 320.06
APPROVAL:
7—^
1.0 PURPOSE
The EPA Email System Security Policy establishes the following course of action pertaining
to electronic mail:
a. Security objectives.
b. Security facilities and requirements.
c. Security responsibilities.
d. Security enforcement requirements.
2.0 SCOPE & APPLICABILITY
This policy applies to the EPA Email user community and to NDPD and contractor staff
personnel responsiole for the management, operation, and support of the EPA Email system.
Any deviation from this policy must be approved in writing by the Director of NDPD.
3.0 RESPONSIBILITIES
The EPA Email contractor and the FM contractor will develop, update, and monitor procedures
to implement this policy.
The EPA Email contractor and the FM contractor will perform the tasks necessary to meet the
objectives of this policy.
The EPA Email user community will rely on the terms of this policy to protect their resources.
NDPD will conform to the requirements of statutes, oversight agency publications, and OIRM
directives in administering security on the EPA Email system.
4.0 POLICY
a. The EPA Email system will not be used to transmit or store confidential or
proprietary information.
b. The EPA Email Support Group will initialize each Individual mailbox and
Group mailbox with a standard password. The standard password must be
changed the first time the system is accessed.
c. Passwords will be kept confidential and changed periodically, at least every 90
days.
-------�
NDPD OPERATIONAL POLICY NO. 320.06 Page 2 of 2
d. The EPA Email Support Group can reset a password for the owner of an
Individual mailbox. In the case of a Group box, the request must be from the
registered owner.
e. The EPA Email contractor will limit physical access to the processor complex
and peripherals to authorized contractor personnel requiring such access in the
normal course of their duties.
f. Mailbox messages will be readable by the Individual mailbox owner or the
Group mailbox users only. System management functions (required to operate,
support, and maintain the system) will not provide the capability to read
mailbox messages.
-------�
U.S. ENVIRONMENTAL PROTECTION AGENCY
NDPD OPERATIONAL POLICIES MANUAL
TITLE: EPA Email System Data Management NO.: 320.07
APPROVAL: /^ A / 7 DATE: 2/23/89
1.0 PURPOSE
The EPA Email System Data Management Policy establishes the following course of action
pertaining to electronic mail:
a. Data management objectives.
b. Data storage requirements.
2.0 SCOPE & APPLICABILITY
This policy applies to the EPA Email user community and to all NDPD and contractor staff
personnel responsible for the management, operation, and support of the EPA Email system.
Any deviation from this policy must be approved in writing by the Director of NDPD.
3.0 RESPONSIBILITIES
The EPA Email contractor and FM contractor will develop, update, and monitor procedures
to implement this policy.
The EPA Email contractor and FM contractor will perform the tasks necessary to meet the
objectives of this policy.
The EPA Email user community will follow the procedures developed through this policy in
the management and use of their Email data and storage requirements.
The EPA Email contractor will manage the data storage devices of the EPA Email system to
meet the storage requirements of the EPA Email user community in a secure and cost-effective
manner. Data storage devices will also be managed to enhance system performance.
4.0 POLICY
a. The EPA Email system will be used to transmit memos, letters, documents, and
other correspondence materials of relatively short length (fewer than 15 pages)
where expedited delivery is important.
b. The EPA Email system will not be used to transmit or store confidential
materials, long documents (over 15 pages), or materials containing graphics or
requiring an official signature.
c. The EPA Email system will be managed to minimize disk storage costs and
connect charges.
-------�
NDPD OPERATIONAL POLICY NO. 320.07 Page 2 of 2
d. Users arc responsible for reading their messages daily. Read messages should be
acted upon and deleted from the system.
e. On a weekly basis, the EPA Email contractor will delete Read messages over 30
days old.
f. On a weekly basis, the EPA Email contractor will delete Unread messages over
60 days old.
g. On-line storage of messages is prohibited. The EPA Email Technical Manager
will review disk storage usage on a monthly basis.
-------�
U.S. ENVIRONMENTAL PROTECTION AGENCY
NDPD OPERATIONAL POLICIES MANUAL
TITLE: EPA Email System Support Services NO.: 320.08
APPROVAL: DATE: 2/23/89
1.0 PURPOSE
The EPA Email System Support Services Policy establishes the following course of action
pertaining to electronic mail:
a. Responsibilities for providing support services.
b. Services provided.
2.0 SCOPE & APPLICABILITY
This policy applies to the EPA Email user community and to NDPD and contractor staff
personnel responsible for the management and support of the EPA Email system.
Any deviation from this policy must be approved in writing by the Director of NDPD.
3.0 RESPONSIBILITIES
The EPA Email contractor and FM contractor will develop, update, and monitor procedures
to implement this policy.
Users are responsible for acquiring adequate and appropriate system knowledge and training
to use the Email system resources effectively and efficiently.
4.0 POLICY
a. The EPA Email Support Group will coordinate all Email system training,
including network access methods and word processing interfaces.
b. Users will access the EPA Email system through the EPA private data network
utilizing the recommended access method for their location and configuration.
c. To reduce connect time and communication charges where possible, users will
prepare and/or process their large data files offline (such as with a PC word
processor).
d. The EPA Email contractor will provide Email system documentation on all
products/services available through the CBMS contract.
e. The EPA Email Support Group will develop any customized documentation for
the EPA Email system, including network access methods and word processing
interfaces.
f. All Email documentation will be distributed through the EPA Email Support
Group. A Basic Email Quick Reference Guide will be provided at no charge.
Other system documentation is subject to a chargeback cost.
-------�
NDPD OPERATIONAL POLICY NO. 320.08 Page 2 of 2
g. The EPA Email Support Group will provide direct assistance to the EPA Email
user community in the resolution of EPA Email system problems or questions.
h. The EPA Email contractor will providf. technical assistance to the EPA Email
Technical Manager and the EPA Ewaii Support Group.
i. The EPA Email Support Group will post messages CD. the EPA Email System to
notify users of relevant inf 01 mat io-a regarding -the system. The messages will
be posted on the EPA Email Banner page and/or in ihe EPA EMAILNEWS
TRADEPOST, as determined by the EPA Email Technical Manager. Prior to
broadcast, all messages must be reviewed and approved by the EPA Email
Technical Manager.
• U.S. GOVERNMENT PRINTINGOFFICE:! 9 92 -650 -2
-------�
U.S. Environmental Protection Agency
Region 5, Library (PL-12J)
77 West Jackson Boulevard, 12th Floor
Chicago, IL 60604-3590
-------�
United States
Environmental Protection
Agency
Center for Environmental Research
Information
Cincinnati, OH 45268
BULK RATE
POSTAGE & FEES PAID
EPA
PERMIT No. G-35
Official Business
Penalty for Private Use, $300
Please make all necessary changes on the above label,
detach or copy, and return to the address In the upper
left-hand comer.
If you do not wish to receive these reports CHECK HERE Q ;
detach, or copy this cover, and return to the address in the
upper left-hand comer.
EPA/208/B-92/001
-------� |