Sentris

  • Who is accessing the data (user security accesses)
  • Where is the data being accessed from (facility clearances)
  • What system is the data being accessed from (network accreditations)
  • Access to information is granted only when all three of these criteria are met.

Why Sentris?

  • Simplifies information sharing while enforcing user and organizational access control
  • Accelerates replacing "need to know" with "responsibility to provide"
  • Ensures consistent labeling of classified information
  • Can be used in a decentralized model for information sharing
  • Works with everyday user applications to protect your data

Sentris Platform

  • Sentris is a Microsoft® Windows® based platform for implementing security classification services within network environments that are governed by the Director of Central Intelligence Directive 6/3 (DCID 6/3) or the DoD Joint Air Force Army Navy Manual 6/3 (JAFAN 6/3) PL3 confidentiality requirements and the Intelligence Community Directive 503 (ICD 503) Risk Management Framework as part of an overall secure network implementation.
  • Sentris Server
  • Sentris Labeling for Microsoft Office
  • Sentris Protection for Microsoft Exchange
  • Microsoft SharePoint Integration

Capabilities

  • Defines classification levels, handling caveats, and control markings
  • Controls access to information based on classification label
  • Authorizes users and network locations for specific classification levels, handling caveats, and control markings
  • Provides users with utilities to associate classification labels with the information that they create
  • Establishes trusted connections with other organizations to allow for the sharing of classified information across organizational boundaries
  • Assists users with marking recommendations using powerful and robust content inspection engine

Benefits

  • Supports key U.S. Government information sharing initiatives
  • Developed to satisfy DCID/JAFAN 6/3 and ICD 503 security requirements
  • Complies with CAPCO (Controlled Access Program Coordinating Office) and NISPOM (National Industrial Security Program Operating Manual) document marking requirements
  • Supports commercial and government applications through extremely flexible and customized markings and labels
How to Purchase

Overview

Sentris is a flexible security labeling and access control platform, developed by ManTech for Microsoft Windows environments that require a high degree of data security and confidentiality. Sentris provides end users with easy to use tools to label and secure content using common applications, such as Microsoft Office and Outlook. Sentris is unique in its capability to control access to data based on three criteria:

  1. Who is accessing the information;
  2. Where are they located;
  3. What system are they using.

This innovative approach allows organizations to easily and efficiently manage access to information in complex, high-security environments where traditional access control mechanisms are ineffective and cumbersome. Sentris is designed to meet or exceed the confidentiality requirements specified in Director of Central Intelligence Directive 6/3 (DCID) and Joint Air Force Army Navy Manual 6/3 (JAFAN 6/3) for Protection Level 3 (PL3) networks, and is compliant with National Institute of Standards and Technology (NIST) Special Publication 800-53.

ManTech offers commercially-available software licenses and maintenance/support offerings for the Sentris Platform. The Sentris Platform is comprised of the following components:

  • Sentris Core Components - Sentris Server, Sentris Labeling for Microsoft Office, and Sentris Protection for Microsoft Exchange
  • Sentris Enterprise Services Components - Sentris Protection for Open Text Livelink, Sentris Instant Messaging for Microsoft Office Communications Server
  • Sentris Extended Infrastructure Components - Sentris Synchronizer, Sentris External Access Data Providers ManTech offers the Sentris Platform to customers as a packaged solution of perpetual software licenses and annual support subscriptions.

Sentris Platform Packaged Solution Services and Benefits

Customers that license the Sentris Platform and maintain an annual Sentris Platform support subscription are entitled to the following services and benefits from ManTech:

ManTech Sentris Service Desk

The ManTech Sentris Service Desk provides customers with a central point of contact to ask questions, log support cases, and make service requests. The ManTech Sentris Service Desk ensures that customer inquiries are appropriately categorized according to severity level and responded to according to the Sentris Platform Service Level Agreement. The ManTech Service Desk also provides assistance to customers in the following areas:

  • Providing first-line support for troubleshooting and resolving issues;
  • Coordinating advanced Tier 2/Tier 3 problem resolution with ManTech Sentris engineering and development staff;
  • Instructing customers on the proper usage of Sentris Platform features; and
  • Distributing Sentris Platform patches and service packs.

The ManTech Sentris Service Desk is staffed from 9 AM - 5 PM Monday through Friday and available 24 hours a day via the Internet.

ManTech Sentris Knowledge Base

Available 24 hours a day via the Internet, ManTech provides a self-service knowledge base that provides customers access to known issues and solutions, Sentris Platform documentation, and training resources.

ManTech Sentris Service Packs and Patches

Based upon software defects identified by customers through support cases with the ManTech Service Desk as well as internal processes, ManTech develops periodic patches and service packs for the Sentris Platform.

ManTech Sentris Platform Downloads

Customers with active Sentris Platform support subscriptions are entitled to download supported Sentris Platform releases, service packs, and patches free of additional charge.

Sentris Platform Licenses

ManTech's Sentris Platform is licensed on a perpetual named-user basis. Customers may purchases any number of named licenses subject to a minimal purchase of 100 named-user Licenses. ManTech offers individually negotiated enterprise license agreements for customers that require more than 5,000 named-user licenses.

Sentris Platform Support Subscriptions

ManTech offers customers ongoing production support for the Sentris Platform through annual support subscriptions. Customers have the option to purchase either a "Core" Sentris Platform support subscription or a "Core Plus" Sentris Platform support subscription. Table 2 provides an overview of the Sentris platform components supported under each subscription offering.

Sentris Platform Support Subscription Offerings
Subscription Offering Supported Sentris Platform Components
Core Sentris Core Components
Core Plus Sentris Core Components
Sentris Enterprise Services Components
Sentris Extended Infrastructure Components

 

There are no additional Sentris Platform license costs associated with Core Plus Sentris Platform Support subscriptions -- customers with active Core Plus support subscriptions are entitled to download, install, and configure the software associated with the Sentris Enterprise Services and Extended Infrastructure Components and receive the same level of support provided for the Sentris Core Components under the Core Sentris Platform support subscription.

Customers receive one year of Sentris Platform support when they purchase a Sentris Platform license/support bundle. Customers must renew their subscription on an annual basis to continue receiving the above-mentioned Sentris Platform support services and benefits from ManTech.

Sentris Development Support

For customers that require development support or wish to implement a small-scale prototype Sentris Platform infrastructure, ManTech offers an annual developer support subscription that entitles customers to the following:

  • Licenses to deploy the Sentris Platform for up to 20 users for development/prototype purposes;
  • Access to the Sentris software development kit; and the
  • Ability to log development-related support cases with the ManTech Sentris Service Desk.

ManTech does not provide any production end-user support under the Sentris developer support subscription.

Sentris Platform Service Level Agreement

Customers with an active Sentris Platform support subscription are provided support under the Sentris Platform Service Level Agreement, which governs the method and number of support cases that customers can open with the ManTech Sentris Service Desk, as well as the initial response times for support cases in each severity level. The severity levels for Sentris Platform support cases are defined as follows:

  • Severity One (Urgent): Catastrophic production problem which may severely impact the customer's production systems, or in which customer's production systems are down or not functioning; loss of production data and no procedural work around exists. Severity 1 problems also include issues that result in an emergency condition that cause a serious security breach.
  • Severity Two (High): High-impact problem in which the customer's operation is disrupted but there is capacity to remain productive and maintain necessary business-level operations. Severity 2 problems also apply for minor security breach situations.
  • Severity Three (Medium): Medium-to-low impact problem which involves partial non-critical functionality loss. One which impairs some operations but allows the customer to continue to function. This may be a minor issue with limited loss or no loss of functionality or impact to the customer's operation and issues in which there is an easy circumvention or avoidance by the end user. This includes documentation errors.
  • Severity Four (Low): General usage questions, recommendations for future product enhancements or modifications and to calls that are logged for information purposes. There is no impact on the quality, performance or functionality of the product.

The table below provides an overview of the service provided by the ManTech Sentris Service Desk under the Sentris Platform Service Level Agreement:

Sentris Platform Support Service Level Agreement
SLA Category SLA Level
Hours of Coverage 9A-5P EST
Support Channel(s) Web/Phone
Number of Cases Unlimited
Initial Response Times
Severity 1 (Urgent) 2 business hours
Severity 2 (High) 1 business day
Severity 3 (Medium) 2 business days
Severity 4 (Low) 5 business days
Products

Sentris Server

Sentris Server provides classification labeling metadata and access control web services used by other Sentris Platform applications and administration tools to manage Sentris.

Sentris Server offers the following features:

  • Content and structure can be easily defined to suit individual needs by importing pre-defined data, or by customization.
  • Robust and flexible usage rules allow markings to be configured to control the use of other markings or marking types within the system.
  • Customizable common dialogs for generating document labels and portion markings.
  • Fine-grained control of the content, structure, and placement of security labels on documents.
  • Capability to define sensitive words that are associated with specific markings.
  • Color-coded security banners for system and application-level use, supporting static or marking-based labels and coloration.
 

Sentris Labeling for Microsoft Office

A component of Sentris, Sentris Labeling for Microsoft Office 2007 is a classification labeling utility for Microsoft Office applications that eases document marking and works with other Sentris products to help control access to information.

Sentris Labeling for Microsoft Office 2007 adds controls to the ribbon and menu items of standard Microsoft Office applications Word, PowerPoint, Excel, and Project so that users can readily mark portions of text such as paragraphs, figures, and tables. Sentris Labeling for Microsoft Office 2007 reads and rolls-up portion markings to set a minimum classification for an entire document and can be configured to insert headers and footers on each page, a classification block on the first page, and an optional coversheet. Other Sentris products programmatically read the Sentris Labeling for Microsoft Office 2007 classification markings and use them for access control. Sentris Labeling for Microsoft Office 2007 also provides a sensitive word search utility.

Sentris Labeling for Microsoft Office offers the following features:

  • Seamlessly integrated within the Microsoft Office 2007 Word, PowerPoint , Excel, and Project user interfaces.
  • Easy to use document labeling functionality that prompts the user to select security metadata for the document and inserts the appropriate security label into the header and footer of the document.
  • Stores document security labels in a format that can be automatically interpreted by other applications in the Sentris Platform.
  • Portion marking utility that enables user to easily mark paragraphs, figures, and tables with a security label.
  • Automatically scans documents for portion markings and resolves portion markings into minimum security settings for the document.
  • Integrated with Sentris Sensitive Word Search to scan documents for sensitive words and phrases to aid users in assigning the appropriate security label for the document.
  • Integrated with Windows Rights Management Services to automatically apply rights management policies to documents based upon the security label associated with the document.
 

Sentris Protection for Exchange

The e-mail component of Sentris, Sentris Protection for Microsoft Exchange/Outlook is a classification labeling and validation service for Microsoft Exchange and Outlook.

Sentris Protection for Microsoft Exchange/Outlook adds its own toolbar to Microsoft Outlook that enables users to add portion markings as they compose e-mail messages, appointments, meeting requests, and tasks. Sentris Protection for Microsoft Exchange 2007 sets a message's minimum classification based on its portion markings and the marking of documents attached to the message and prompts the user to classify the message and enter information for the classification block. Based on the markings, the Exchange server will only deliver the message to users who have appropriate access to the network and the facility, and who are briefed into programs specified in the e-mail message and attachments. Sentris Protection for Microsoft Exchange/Outlook also conducts a sensitive word search before each message is sent.

Sentris Protection for Exchange offers the following features:

  • Ability to read markings in attachments created with Sentris Labeling for Microsoft Office and set the e-mail's minimum classification accordingly.
  • A security paradigm that enables receipt of messages only when user accesses, network accreditation, and facility accreditation criteria are all met.
  • Security validation failure messages to notify the sender if any of the intended recipients were denied access.
 

Sentris Protection for Open Text Livelink ECM

Sentris Protection for Open Text Livelink ECM is an add-in to Open Text Livelink that enhances the standard Livelink security model by providing compartmented document management. In short, it allows users to add markings to Livelink items and then restricts access based on the markings.

How does it work?

When a user creates or uploads a document, folder, or other Livelink item, Sentris Protection for Open Text Livelink ECM displays a dialog box that prompts the user to classify the item so that every item added to the repository is marked with a security classification. Users can only assign classification levels to which they are authorized, and can only view items with markings for which they, the facility, and the network are authorized. So, a dynamic custom view of the Livelink repository is displayed that includes only information the user is authorized to see during the current session.

Sentris Protection for OpenText Livelink offers the following features:

  • Enhancement of the Livelink search engine, enabling robust search capability that respects security classification markings.
  • Compatibility with Sentris Labeling for Microsoft Office. Document markings created using Sentris Labeling for Microsoft Office are used when assigning a minimum classification in Livelink.
  • Sensitive word search for items in the Livelink repository.
  • Labeling and compartmented access control framework for Livelink ECM 9.7 repositories.
 

Sentris Instant Messaging for Microsoft Office Communicator

Sentris Instant Messaging (SIM), more commonly known as "chat" is the instant messaging component of Sentris. SIM allows you to have secure instant messaging sessions with other individuals.

You can use SIM to have secure instant messaging sessions with another individual while ensuring that each participant's access levels match the classification level of the discussion. The initiating user always sets the classification of the discussion. When the initiator of the instant message sets the classification level on an SIM session, Sentris Instant Messaging will check the access levels of the person that the initiator is attempting to chat with.

SIM ensures that the individuals in the session have the proper clearance granted, and that compartmented conversations only occur between individuals who have formal access approvals.

 

Sentris Software Development Kit (SDK)

Sentris Software Development Kit (SDK) offers the following features:

  • Enables organizations and independent software vendors to integrate their custom or commercial applications with the Sentris platform.
  • Extensive Application Programming Interfaces and sample code allows developers to focus on integrating Sentris with their applications rather than developing functionality to collect security labels and validate access controls.
  • Web Services based for ease of integration into Service Oriented Architectures (SOA).
Capabilities

Metadata Administration

  • Import & export of classification marking schema and metadata
  • Create, configure, and delete custom marking types
  • Specify how each marking type controls usage of other marking types
  • Create, configure, and delete marking dialogs
  • Specify classification label format separators, prefixes, and suffixes
  • Define sensitive words and phrases
  • Define complex sensitive word/phrase search conditions
  • Create, configure, and delete coversheet sets

Classification Labeling

  • Apply portion markings
  • Resolve portion markings into overall document classification
  • Automatically set minimum classification level for document based upon resolved portion markings
  • Apply classification label to document header and footer
  • Apply programmatic classification label to custom document properties
  • Allow end-users to reclassify documents
  • Robust classification label auditing
  • Apply Windows Rights Management restrictions to documents based upon classification label

External Access Providers

  • Register data providers to synchronize end user, facility, and network access controls with external databases and web services
  • Specify the access control markings that each External Access Data Provider is authoritative for
  • Configure multiple key fields to uniquely identify end users, facilities, and networks for synchronization
  • Synchronize end user, facility, and network access control markings with External Access Data Providers on a periodic and on-demand basis

Access Administration

  • Specify default access control markings for all end-users of the system
  • Create, configure, and define facility records
  • Assign access sets to facilities
  • Create, configure, and define network records
  • Assign access sets to networks
  • Authorize end-users for individual access control markings
  • Create, configure, and delete Rights Management records
  • Associate a Rights Management record with specific marking type(s)

Email Protection &: Validation

  • Apply portion markings
  • Apply classification labels to email messages, calendar entries, meeting requests, and tasks
  • Automatically set minimum message classification based upon file attachment classification labels and email portion marking content
  • Intercept and validate all e-mail messages to ensure message sender and recipients are authorized for message classification label
  • Support journaling of all messages processed by message validation service
  • Automatically filter messages from Outlook views based upon current user, location, and network security accesses

Secure Document Management

  • Apply classification labels to content uploaded to Livelink repository
  • Display classification labels for items displayed in Livelink views
  • Display dynamic color-coded security banners representing classification level of content currently displayed in Livelink
  • Automatically filter Livelink views based upon user, location, and network security accesses
  • Automatically filter Livelink search results based upon user, location, and network security accesses
Service & Benefits

Sentris Platform Packaged Solution Services and Benefits

Customers that license the Sentris Platform and maintain an annual Sentris Platform support subscription are entitled to the following services and benefits from ManTech:

ManTech Sentris Service Desk

The ManTech Sentris Service Desk provides customers with a central point of contact to ask questions, log support cases, and make service requests. The ManTech Sentris Service Desk ensures that customer inquiries are appropriately categorized according to severity level and responded to according to the customer's Sentris Platform Service Level Agreement. The ManTech Service Desk also provides assistance to customers in the following areas:

  • Providing first-line support for troubleshooting and resolving issues;
  • Coordinating advanced Tier 2/Tier 3 problem resolution with ManTech Sentris engineering and development staff;
  • Instructing customers on the proper usage of Sentris Platform features; and
  • Distributing Sentris Platform patches and service packs.

The ManTech Sentris Service Desk is staffed from 9 AM - 5 PM Monday through Friday and available 24 hours a day via the Internet.

ManTech Sentris Knowledge Base

Available 24 hours a day via the Internet, ManTech provides a self-service knowledge base that provides customers access to known issues and solutions, Sentris Platform documentation, and training resources.

ManTech Sentris Service Packs and Patches

Based upon software defects identified by customers through support cases with the ManTech Service Desk as well as internal processes, ManTech develops periodic patches and service packs for the Sentris Platform.

ManTech Sentris Platform Downloads

Customers with active Sentris Platform support subscriptions are entitled to download supported Sentris Platform releases, service packs, and patches free of additional charge.