1. No category

ICT Standards - Government of Manitoba

Standard No.
Effective Date:
Planned Review:
5.0
July 28, 2015
July 2016
Version No.
Issued Date:
Replaces:
3.7
July 28, 2015
All previous versions
Government of Manitoba
Manitoba
Information and Communication Technology
Standards
Version 3.7
July 2015
Manitoba ICT Standards
Version 3.7
Manitoba ICT Standards
1. Introduction
1.1 Purpose
1.2 Scope
1.3 Governance Process
2. Standard Lifecycle Management
2.1 Four Stages of the Standard Life Cycle
2.2 Enterprise Architecture Taxonomy
2.3 Solution Classification
3. Technology Standards
3.1 Application/Web Development Standards
3.1.1 Common Application Development Standards
3.1.2 SAP Application Development Standards
3.1.3 .NET Application Development Standards
3.1.4 Java/J2EE Application Development Standards (non-SAP)
3.1.5 Web Development Standards
3.2 Platform Infrastructure Standards
3.2.1 Web and Application Server Standards
3.2.2 System Management – Tools, Processes and Protocol
3.3 Security Standards
3.3.1 Encryption & Authentication Standards
3.3.2 Risk/Vulnerability Assessment Standards
3.3.3 Firewall and Anti-Virus Standards
3.4 Data and Database Standards
3.4.1 Database Standards (non SAP)
3.4.2 Directory Service Standards
3.4.3 Information Management Standards
3.5 Desktop/Office Productivity Software Standards
3.5.1 Desktop Standards
3.5.2 Mobility Standards
3.5.3 Office Productivity Software Standards
3.6 End User Hardware Minimum Standards
3.6.1 Desktop Device Standards*
3.6.2 Laptop Device Standards*
3.6.3 Printer Standards
3
3
3
3
4
4
5
6
9
9
9
10
10
11
11
14
14
15
19
19
21
21
22
22
22
23
24
24
24
25
27
27
27
28
TABLE OF FIGURES
FIGURE 1: FOUR STAGES - STANDARD LIFE CYCLE
FIGURE 2: SOLUTION CLASSIFICATION GROUPS
FIGURE 3: BUSINESS IMPACT ANALYSIS
FIGURE 4: STANDARDS RELATIONSHIP CROSS REFERENCE
4
6
7
29
Page 2 of 29
Manitoba ICT Standards
Version 3.7
1. Introduction
1.1 Purpose
The Information and Communication Technology Standards communicate the standards,
guidelines, and preferred practices adopted by the Government of Manitoba Enterprise
Architecture Standards. These standards guide the application of standardized information
and technologies to meet the service delivery needs of the Government.
The purpose of the Technology Standards is to ensure interoperability, alignment and
consistency of technologies and practices by providing a baseline across key technology
areas, leading to:
■ The ability of providing services at reduced costs
■ Improved service agility and solution interoperability
■ More efficient resource planning and collaboration
1.2 Scope
The scope of this document includes all technical, information, and communications
technologies used by the Government of Manitoba.
Software licensing is beyond the scope of this document. The Government has a number
of license agreements that should be consulted when using products.
1.3 Governance Process
Technology Standards are moving targets as:
■ Technologies are advancing, new standards are constantly emerging which retire
old ones
■ The needs of the business are constantly evolving
Ongoing ownership and responsibility for the lifecycle management including maintenance
and evolution of the Technology Standards resides with Manitoba’s Enterprise Architecture
branch, led by the Chief Enterprise Architect. It’s recommended that a new version of the
standards will be published annually.
The Architecture Review Board (ARB) is the governing body that oversees the Architectural
Decision Requests (ADR) process. For more detail on the ADR process, please see the
Architecture Review Board Governance document.
Page 3 of 29
Manitoba ICT Standards
Version 3.7
2. Standard Lifecycle Management
The Standard Lifecycle management provides guidance on current and long-term directions
for the use of technologies under each Enterprise Architecture domain. The lifecycle has four
stages, including Baseline, Emerging, Containment, and Retirements. The management of
lifecycle provides a framework to support effective oversight and management of IT solution
development in a manner that balances cost, complexity, and capability. The Standard
Lifecycle Management applies to the development, acquisition, implementation,
maintenance and retirement of technologies and processes.
Colors are used to indicate each stage in the lifecycle of the standard. At a high level, the
Baseline, in green, represents current direction while Emerging, in blue, indicates future
direction. The Containment, in yellow, indicates a stage where new development and
investment should be limited. Last, Retirement represents the view that certain technologies
have reached the end of their lifecycle; therefore they are not suitable for any new
development and deployment.
Considerations for additions or modifications to each category will be business driven. The
Architecture Decision Request (ADR) process will be used to determine if adoption of a
technology is appropriate.
Please note that most standards will evolve through numerous versions through their
applicable lifespan. Versions are included wherever possible in the list of standards, and
typically take the form of ratification or publishing date or some dot-based number scheme.
2.1 Four Stages of the Standard Life Cycle
Figure 1: Four Stages - Standard Life Cycle
Baseline
The Baseline category, coloured green in the list of technologies, includes technologies
and processes that are currently in use by the Government of Manitoba and are endorsed
by the Architecture Review Board. Green technologies have reached an acceptable level
of maturity and are deemed to provide good value to the Government of Manitoba.
Baseline technologies are the target for new and ongoing activities.
Page 4 of 29
Manitoba ICT Standards
Version 3.7
Emerging
The Emerging category, coloured blue in the list of technologies, includes technologies and
processes that the Government of Manitoba views as a long-term strategic direction and
may or may not be integrated into the target architecture.
Containment
The Containment category, coloured yellow in the list of technologies, includes
technologies and processes that should only be targeted for limited investment (e.g.
maintenance) or are necessary to meet specific service delivery needs for the Government
of Manitoba that are not achievable using baseline elements. Specific emergent
technologies may also be placed in the contained category to indicate that they have been
evaluated, but should not be considered for general deployment and require an ADR for
any project which considers such technologies essential for successful project delivery.
Retirement
The Retirement category, coloured red in the list of technologies, includes technologies
and processes that the Government of Manitoba has targeted for retirement from
production and should not be used in current or future development.
It is incumbent upon the technology consumers to provide a business case for any
investment or enhancement in the use of retired technologies.
2.2 Enterprise Architecture Taxonomy
Standards are grouped based on Enterprise Architecture (EA) Taxonomy. The EA has four
main sections: Solution Architecture, Technical Architecture, Information Architecture, and
Business Architecture. It then breaks down into the following Technology Domains:
■
■
■
■
■
■
Application Development
Platform Infrastructure
Information and Database
Security
Desktop & Office Productivity
Service Management
Finally, the Technology Domains are further broken down into a set of Technology SubDomains as shown in the diagram below:
Page 5 of 29
Manitoba ICT Standards
Version 3.7
2.3 Solution Classification
Solution Classification defines a model to assess business impacts and to transform the
impacts into measures that can be applied consistently to the development, delivery, and
maintenance of solutions, as well as service and infrastructure management across the
Government of Manitoba.
Class 1
Business Solution
Classification
Class 2
Class 3
Solution
Classification
Class 1
Technology Solution
Classification
Class 2
Class 3
Figure 2: Solution Classification Groups
Page 6 of 29
Manitoba ICT Standards
Version 3.7
As depicted from Figure 2, The Solution Classification includes two groups:
■
■
Business Solution Classification
Technology Solution Classification
Further, Solutions are classified into three categories: Class 1, Class 2, and Class 3, with
lower classification (i.e., Class 1) categorize solutions of higher business impacts.
The Business Solution Classification defines the level of importance of a business-related
solution (i.e., application) based on requirements identified through the Business Impact
Analysis process. It governs:
■
■
How information must be stored, managed, transmitted, and restored
How the underlying technology solutions should be architected to satisfy the
data security, performance, availability, scalability, and growth perspectives of
the business
The purpose of the Business Solution Classification is to translate business requirements
into measurable service level management targets to guide the implementation and
management of IT infrastructure and application management services.
Figure 3: Business Impact Analysis
Business Impact Analysis assesses the business or technology solutions from the following
perspectives: Business & Integration, Data Classification, Scalability, and Time Objectives.
Page 7 of 29
Manitoba ICT Standards
Version 3.7
Each perspective has one or more factors which will be rated to evaluate the significance
of the perspective. For example, the Data Classification perspective has four factors,
namely: Privacy Regulations, sensitivity, integrity, and audit. For each factor, a score of 1
to 5 will be given – 1 being little or no impact, 5 being the highest impact. The total score of
all the perspectives will become the Business Impact Measure, which determines the
Classification (Class 1, 2, or 3) that a business solution will be assigned to.
The total score of rating for Class 1 Solutions is between 45 and 60. Class 1 solutions
have: high number of users, volumes, security, integration, performance, and scalability
requirements; significant public visibility; a minimum of Recovery Time Objective (RTO) of
48 – 72 hours and Recovery Point Objective (RPO) of 24 hours.
The total score of rating for Class 2 Solutions is between 36 and 45. Class 2 solutions
have: moderate number of users, volumes, security, and integration requirements; some
public visibility; a minimum of Recovery Time Objective (RTO) of 48 – 72 hours and a
Recovery Point Objective (RPO) of 24 hours.
The total score of rating for Class 3 Solutions is less than 36. Class 3 solutions have: small
number of users, volumes, security, and integration; a Recovery Time Objective (RTO) of
over 72 hours and a Recovery Point Objective (RPO) of over 24 hours.
The Technology Solution Classification defines the level of quality of service (QoS) of a
technology solution that is required to support one or a cluster (or a set) of business
solutions. Technology Solutions of Class 1, 2, 3 will be used to support business solutions
of the corresponding Classes or higher. For example, a .NET server farm that is designed
based on Class 1 specifications can be used to run Class 1, 2, and 3 business solutions.
For a more complete discussion of the solution classification, please refer to the Solution
Classification document.
Page 8 of 29
Manitoba ICT Standards
Version 3.7
3. Technology Standards
3.1 Application/Web Development Standards
3.1.1 Common Application Development Standards
Common Application Development Standards apply to the development of all applications
(internal and external), regardless the development platform or programming language upon
which the solution will be built. Common Application Development Standards will most likely need
to be combined with other Standard sections within the Application/Web Development Standards.
For example, for a Web-based .NET application, the following sections should be applied:
■ 3.1.1 Common Application Development Standards
■ 3.1.3 .NET Application Development Standards
■ 3.1.5 Web Development Standards
Domain: Application Development / Integration Sub-Domain: Solution Foundation Class: 1/2/3
Category
Baseline
Containment
Retirement
Emerging
Programming languages
C#, Java
PHP, C, C++
Fortran, COBOL,
Python
,PowerBuilder, PL/1, Perl, VB,
Access, Clipper,
Domino
Scripting Languages
(See Section 3.1.5)
Modeling
OO A & D, UML
language/specifications
Modeling product
Microsoft Visual Rational Rose, MS Visio 2003
Studio
TogetherSoft,
Architecture
Rational XDE,
Modeling tool
MS Visio
2012
2007, 2010
Source/Version control
MS Team
- MS Team
MS Team
Foundation
Foundation
Foundation Server
Server 2012
Server 2010
2008;
CVS, MS Visual
SourceSafe
Team collaboration tool
Microsoft Office
Microsoft Office
SharePoint
SharePoint Server
Server 2010;
(MOSS) 2007;
Windows
SharePoint
Services (WSS) 3.0
Geospatial
ESRI, Bing
Intergraph
MapPoint (class 3)
,
Maps,
(*);Google
Maps
Message queuing
SAP PI ,
IBM MQ
Biztalk
Series (**), MS
MQ
References
Notes:
* An Enterprise GIS web mapping strategy will complement the existing Geospatial
baseline for applications requiring the Mashup of services and Internet maps.
Page 9 of 29
Manitoba ICT Standards
Version 3.7
** An Enterprise Service Bus strategy is required to allow seamless integration of
data/services across applications built on different platforms such as .NET, SAP, J2EE,
etc.
3.1.2 SAP Application Development Standards
Domain: Application Development / Integration Technology: SAP
Category
Baseline
Containment
Programming
NW ABAP and NW
language
JAVA
Integrated
NWDI/(NWDS)
Development
NWCE 7.3; SAP ABAP
Environment
Work Bench
(IDE)/Platform
Platform Core
SAP ECC 6.0, CRM 7.0, Solution Manager 7.1,
Enterprise Portal (EP)
7.0; SAPGUI 7.3
Business Process &
Data Integration
Reporting
Testing
SAP Process Integration
(PI) 7.3
SAP Business
Intelligence (BI) 7.3
SAP Business Objects
(BOBJ) 4.0
WorkSoft Automated
Testing
Class: ALL
Retirement
Emerging
Java(jdk1.6)
-
Composition
-
-
-
-
-
Crystal
Enterprise 10
-
-
-
-
-
References
3.1.3 .NET Application Development Standards
Domain: Application Development / Integration
Technology: .NET
Class: 1/2/3
Category
Baseline
Containment
Retirement
Emerging
Application
.NET 4.5
.NET 3.5
.NET 1.x
.Net 4.6 and
development
.Net 5
framework
Programming language C#
VB.Net
Integrated
MS Visual
MS Visual
MS Visual
Visual Studio
Development
Studio for
Studio for
Studio for .NET
(VS) 2015
Environment (IDE)
.NET 2012
.NET 2008
2003 and 2005
SP1
Industry framework
MS Enterprise MS Enterprise
Libraries v4.0,
Libraries v3.0
v5.0
Database Access
Entity
Entity
Entity
Framework
Framework
Framework
Version 5.0
Version 4.0
Version 1
GoM customization
Manitoba
Manitoba
Manitoba MTSA -SOFA 2.1
framework
Software
Software
Factory
Factory
(SOFA)
(SOFA)
Page 10 of 29
Manitoba ICT Standards
Category
References
Version 3.7
Baseline
Containment
Retirement
Emerging
Version 2.0
Version 1.0
Manitoba Software Factory (SOFA) for .NET Best Practices:
1. Business Logic tier: based on Microsofts ASP.NET Web
API.
2. Database Access tier: vendor neutral, and based on
Microsoft Entity Framework version 5.0.
3. Presentation tier: Microsoft ASP.NET MVC version 4.0 or
WinForms; English and French language support and
independent from Business Logic in principle.
4. Reporting: Microsoft SQL Server Reporting Services,
Crystal Reports or a combination of the two.
5. Unit Tests: automated unit tests at 80% or over code
coverage.
6. All public facing solutions shall use the standard account
management (password reset, account creation) and
authentication service (SSO) from SOFA. It allows single
identity across multiple solutions.
3.1.4 Java/J2EE Application Development Standards (non-SAP)
Domain: Application Development / Integration Sub-Domain: Java/J2EE(*) Class: 1/2/3
Category
Baseline
Containment
Retirement
Emerging
Programming language Java(jdk1.7)
Java(jdk1.5),
Java(jdk1.6)
DB Access component
Hibernate
EJB
Integrated
Eclipse
Rational
VisualAge for Development
Application
Java,
Environment (IDE)
Developer for
JBuilder
WebSphere,
Industry framework
Struts 2.3x
Struts, , , Spring
Struts 1.1
3.0,
Reporting
Testing
References
Business
Objects XI R2
WorkSoft
Automated
Testing
Crystal
Enterprise 10
jUnit
-
-
-
-
1. Code Conventions for the Java Programming Language
http://java.sun.com/docs/codeconv/
Notes: * Government of Manitoba’s standard application development platforms are SAP
NetWeaver and .NET. Java/J2EE is not part of the baseline application development platform
outside of SAP NetWeaver. However, since there are a large number of applications
developed in Java/J2EE platform in the past, it’s important to maintain the Java/J2EE
application development standards as a guideline for software maintenance and vitality.
3.1.5 Web Development Standards
Page 11 of 29
Manitoba ICT Standards
Version 3.7
Domain: Application Development / Integration
Sub-Domain: Web
Class: 1/2/3
Category
Baseline
Containment
Retirement
Emerging
Scripting languages
JavaScript*
PHP,
Perl, ASP,
Python
Knockout; Angular
ECMAScript
VBScript,
SSI, CGI Bin
Server side
ASP.NET,
JSP**
technologies
SAP BSP
Web services /
Specifications/
Technologies
, WSDL, WS*,
XML, XSLT, XSD,
UDDI; RESTful;
Ajax***; jQuery 1.7
Markup languages
HTML 5 XHTML
2.0,
CSS 3
Not Supported
Protocol for nonsecure content
Protocol for secure
content
Web Publishing
Accessibility
Standards
Supported web
browsers (for Internet
applications/pages)
Supported web
browser (Intranet)
Publishing
framework/document
Multimedia player /
Video Format
Development Tools
Web publishing Tools
Graphic editing
References
SOAP 1.1, 1.2;
WSDL1.1, DOM,
CSS 3.0
All
HTTPS, SFTP
W3C Level 2
compliance
IE ;
Firefox
Safari
Chrome
(Browsers must be
supported by their
manufacturers)
MS IE 11
IE7.0
IE 6.0
Generic
Browser
Standards;
MS IE 8.0
MS IE 6.0
MS Edge,
Adobe PDF, GIF,
JPEG, MIME, TIFF
MP4; JW Player;
Flash Video Player;
HTML 5.0 video;
MS Media Player
Adobe Flash
SharePoint 2010
Adobe
Sharepoint
CMS;
Framemaker,
2013
SharePoint
Adobe inDesign,
Designer; Adobe
Dreamweaver
Adobe Illustrator,
Adobe Photoshop,
Paintshop Pro
Links available to internal Government staff only
1. Guide to Building Secure Web Applications
http://cserv.internal/sites/EA/EA Management/Work Products and
Deliverables/EA Release Candidate 1 (from OIT) - Published
Architecture/14 - TT-003_SecureWebAppGuide_link.doc
2. Standards Guide for Web Based Systems
http://cserv.internal/sites/EA/EA Management/Work Products and
Page 12 of 29
Manitoba ICT Standards
Category
Version 3.7
Baseline
Containment
Retirement
Emerging
Deliverables/Web Systems Standards Guide 1 0 1TT006 draft.doc
3. TT-005 N-Tier Browser Solution Architecture & Deployment Guide
AJAX accessibility standards must be met.
Notes:
* The use of JavaScript should not impact the accessibility and the support for major web
browsers listed above.
** The use of Java/J2EE outside of SAP NetWeaver platform is contained. Therefore,
JSP outside of SAP is also contained, not baseline.
*** Ajax is approved for internal applications. Adopting Ajax for external-facing
applications will depend on the experience gained through the use of Ajax for internal
applications.
Page 13 of 29
Manitoba ICT Standards
Version 3.7
3.2 Platform Infrastructure Standards
3.2.1 Web and Application Server Standards
Domain: Middleware
Category
Microsoft .NET server
Sub-Domain: Web and Application Server
Class: 1/2/3
Baseline
Containment Retirement
Emerging
MS .NET
MS .NET
MS .NET
server 4.5,
server 3.0/2.0 server 1.0
IIS7.5
Protocol for Microsoft based
IIOP
CORBA, MS
COM/DCOM/C
Remote Procedure call (RPC)
RPC
OM+
Web server
MS IIS 7.5 on
Apache, IIS
IIS 6.x/5.x
Win2008 R2,
7.0, IBM
Win2012
HTTP server
FTP server
Enterprise
Ntreepoint
SFTP, FTPS
(for internal /
external use),
Server-based Computing
Citrix 4.5,
Citrix 4.0
XenApp 7.6
(SBC)
Microsoft
Remote
Desktop
Service
SharePoint server
SharePoint
Windows
SharePoint 2013
2010
SharePoint
Services
(WSS) 3.0,
WSS
2.0;Microsoft
Office
SharePoint
Server
(MOSS) 2007
Project Server
MS Project
Server 2012
Email & Groupware server
MS Exchange
Exchange
MS Exchange
2010
2003
2013
Lotus
Notes/Domino,
MS Exchange
2007
Java/J2EE/SAP Application /
WebSphere
WebSphere
Bea
SharePoint 2013,
Portal servers
8.5;
6.x+; Tomcat WebLogic,
SAP Web
JBoss, Oracle
Application Server
Application
Server, Oracle
Forms
Protocol for Java/J2EE/SAP
SOAP, Java
CORBA, SAP Unix RPC,
based Remote Procedure
RMI, RMI/IIOP, BAPI
DCE, SAP
Call (RPC)
IIOP
RFC
Page 14 of 29
Manitoba ICT Standards
Category
Web Application Firewall
Web Load Balance
Version 3.7
Baseline
Citrix Netscaler
Citrix Netscaler
Containment
Retirement
Cisco ACE
Miscrosoft
NLB
Emerging
References
3.2.2 System Management – Tools, Processes and Protocol
Domain: System Management
Category
System Management
framework / techniques /
methodologies
System Management protocol
System/Performance
Management tool
Storage/Backup management
Application delivery
Software/Patch update &
delivery server
Sub-Domain: Tools, Process, and Protocol
Class: 1/2/3
Baseline
Containment
Retirement
Emerging
ITIL v3
ITIL v2
-
SNMP v3, RFC
3411
System Centre
2012 SP1
Tivoli Storage
Manager
SCCM System Centre
2012 SP1
SCCM System Centre
2012 SP1
SNMP v2, RFC
2571
IBM Tivoli;
Xymon Big
Brother (server
capacity
monitoring)
-
SNMP v1.x
Adstor
-
-
EDS CA
UniCenter ,
SMS
EDS CA
UniCenter ,
SMS
XenApp 7.6, System Center
R2
-System Center
R2
WSUS2.0
System Center
R2
References
Page 15 of 29
Manitoba ICT Standards
Version 3.7
3.2.3 Platform – Operating System and Hardware
Domain: Platform
Category
Windows Server OS
Sub-Domain: OS and Hardware
Baseline
Containment
Windows 2008
R2 64 bit;
Windows
Server 2012
Unix/Linux/Mainframe Server
Red Hat
OS
Enterprise v6
Class: 1/2/3
Retirement
Emerging
Windows 2003
Windows
R2 32 bit
Server 2015
z/OS, RHEL 4;
HP Unix 11
(64bit)
Red Hat
Enterprise 7
Virtualized Platform OS
Hardware vendor
ESX Vmware 5
See Approved
Product List
ESX VmWare 6
-
Desktop hardware standards
See Approved
Product List
and Section 3.6
-
Printers
See Approved
Product List
Peripheral connectivity
USB 2/3.0,
Bluetooth
ver4.x
Thermal,
<300dpi, <1
ppm, LED
printers
USB 1.1,
Parallel, SCSI
Vmware 4.x
Any hardware
NOT listed in
Approved
Product List
Any hardware
NOT listed in
Approved
Product List
Dot Matrix
-
Serial
Proprietary,
PS2; Firewire
400(IEEE
1394),
References
3.2.4 Platform – Storage and Backup
Domain: Platform
Domain: Platform
Category
SAN product
Sub-Domain: SAN and Backup
Technology: SAN and Backup
Baseline
Containment
Netapp
Sun
Class: 1/2/3
Class: 1/2/3
Retirement
EMC CX, HP
EVA
Serial
Proprietary,
PS2
-
Emerging
Peripheral connectivity
protocol
Fibre Channel
400 (IEEE 1394),
USB 1.1,
Parallel, SCSI
Storage connectivity protocol
Fibre Channel
ATA-6
; RAID 6
SCSI
RAID 5, RAID 1
-
FCIP, iSCSI
SAN backup,
Virtual Tape
backup EMC
Avamar 7.1,
Tivoli TSM
Tape backup,
Veritas
Netbackup
-
Disk based
backup
Mirroring and redundancy
technology
Backup
Firewire 800.
HyperTransp
ort (r2)
SAS, iSCSI
References
Page 16 of 29
Manitoba ICT Standards
Version 3.7
3.2.5 Network & Communications
Domain:
Sub-Domain: Networking & Communications
Class: 1/2/3
Category
Baseline
Containment
Retirement
Network protocol
TCP/IPv4, UDP,
IPSec, SSLv3
LAN – Vendor products
Approved
All nonProduct List,
standard &
Cisco products,
non- Approved
equipment
Product List
10/100/1000, ,
hardware;
Gigabit Ethernet
Hubs,
backbone, NICs
Repeaters,
with PowerOn
Transceivers,
LAN
HP Procurve
LAN Management / Planning
LAN packet monitoring
WLAN – Wireless protocol
-
-
-
802.11x,
802.11w,
802.11e,
801/11ac
MIB
Bridge to
Bridge
Wireless;
Frame Relay,
ATM; X.25
-
Cat 6, CCIA
Cat5e, CCIA
Cat5 UTP, Fibre
RJ-45
Cat4
Cat3, Coax
Cat7
-
-
-
VPN
EIA/TIA 568A,
EIA/TIA 606,
EIA/TIA 569
Citrix NetScaler
(SSLv3), Cisco
VPN ASA; Cisco
IPSec VPN
RJ-11, RJ-12,
TRS, BNS
-
Cisco VPN
Concentrator
(IPSec 6),
Checkpoint
VPN(IPSec
6)
Remote dial in
;
WLAN – Network
management
WAN
Wireless Personal Area
Network (WPAN)
Cabling
Connector
Structured cabling
Satellite, High
Speed xDSL,
MPLS,
-
-
P2P Bridge to
Bridge Wireless
802.11b
802.11b
WLAN – Wireless device
Netscout
Netscout
802.11a/g/n/ac80
2.1x, TKIP EAPTLS
EAP-TLS,
802.11a/g/n/ac,
802.11i, AES,
802.1x, TKIP
Emerging
SIP, IPv6
802.16a,
802.11e,
Bluetooth
-
-
L2F Layer 2
Forwarding
References
Page 17 of 29
Manitoba ICT Standards
Version 3.7
3.2.6 Proxy Services
Category
Forward Proxy
Baseline
Bluecoat SG
Reverse Proxy
Application Proxy
F5
ARR – Microsoft
access request
routing
Containment
Retirement
Emerging
References
Page 18 of 29
Manitoba ICT Standards
Version 3.7
3.3 Security Standards
3.3.1 Encryption & Authentication Standards
Domain: Security
Class: 1/2/3
Sub-Domain: Encryption, Authentication & Remote Access
Category
Authentication products
Baseline
, Funk Steel
Belted Radius,
Microsoft Active
Directory (AD)
Containment
Authentication protocol
LDAP; Kerberos,
SSH, SAML2.0;
Radius
Disk: Bitlocker
(whole disk
encryption).
Bitlocker (togo);
- NTLMv2.0
Encryption products
RSA
authentication
manager
Vormetric –
Network Folder
Encryption
Retirement
-
-NTLM v1.0
MS Digital
Rights
Management,
Packet: SSL
v3, TLS 1.0,
1.1, SSLv.x
40 & 56 bit
encryption (or
less)
TLS 1.3
SSL vx
TLS 1.3,
Secure
Socket Layer:
Citrix Secure
Gateway
MS Direct
Access
(IPv6)
-
TLS 1.2, PPTP,
SSH
-
Data encryption
AES (FIPS-197),
2048 bit
asymetrical keys
Remote Access protocol
TLS 1.2, VPN
Protocol: IPSEC,
VPN (UDP/TCP
modes)
Triple DES
(FIPS 46-3),
Blowfish, Naive
DB encryption,
SHA1,
Dial: L2FT
Layer Two
Tunnel
VPN
Cisco VPN
Client, NetScaler
-
SSL vx
File compression &
encryption
FTP large file transfer
WinZip 19
Winzip 15.0,
RSA
-
NtreePoint
Hashing Algorithm
References
SafeNet
-
File: Decros
Protect
Software
(network
folder): IP
Chains, FW 1;
Safeguard
Easy, Ultimaco
Private Crypt
Encryption protocol
SFTP, FTPS
Tumbleweed
SecureTransport
5.2 (SP4 –
production)
AES256
Emerging
PAR
(Password
Access
Resource
Appliances)
-
-
MD5
Page 19 of 29
Manitoba ICT Standards
Category
Version 3.7
Baseline
Containment
Retirement
Emerging
Note: Please consult with the Information Protection Centre (IPC) for information on this section.
Page 20 of 29
Manitoba ICT Standards
Version 3.7
3.3.2 Risk/Vulnerability Assessment Standards
Please consult with the Information Protection Centre for information on this section.
3.3.3 Firewall and Anti-Virus Standards
Domain: Security
Sub-Domain: Firewall & Anti-Virus
Category
Baseline
Containment
Firewall – Hardware product
Cisco
Checkpoint;
Cisco ASA
Firewall – Software product
Checkpoint NG,
Cisco Virtual
Firewall (VFW)
Desktop anti-virus software
Trend Micro
Trend Micro
Office Scan 10,
office Scan 8
File/Print anti-virus software
Gateways anti-virus software
Messaging anti-virus software
Database Security
Trend Micro
Office Scan 10
Trend Micro
Interscan
Trend Micro Scan
Mail
McCafe
Vulnerability
Manager
Class: 1/2/3
Retirement
-
Emerging
-
Checkpoint
GAIA
Trend Micro
Office Scan 7.3
Trend Micro
office Scan 8
-
Trend Micro
Server Protect
-
-
-
TrendMicro
Office Scan
11
TrendMicro
Deep
Security
Trend Micros
Neat Suite
-
References
Page 21 of 29
Manitoba ICT Standards
Version 3.7
3.4 Data and Database Standards
3.4.1 Database Standards (non SAP)
Domain: Database
Sub-Domain: Database
Class: 1/2/3
Category
Database products
Baseline
MS SQL 2012
Containment
Oracle 10g; MS
SQL 2005,
Oracle 11g,
DB2 V9
Data Warehouse products
SAP BISQL 2012
Database programming
language
T-SQL (SQL
Server 2008,
2012 ISO)
Data format
Meta data and schema
XML
Dublin Core
DB2, MS SQL
2005
All previous
versions of
ANSI SQL, PL
SQL, Stored
Procedures
HL7 v2.x,
custom
Data modeling
ERWIN
Power
Designer,
Rational Rose,
Oracle
Designer, ER
Studio
Retirement
Sybase, Lotus
Notes/,
ADABAS,
Access, Xbase,
Paradox,
Ingres, IMS,
Wang, VSAM,
Oracle
Sybase
Emerging
SQL 2015
-
SQL Server
2016
EDI
-
ebXML, HL7
v3.x, XHTML,
SVG
-
-
SQL 2012
Database Security
Database Encryption
Vendor’s
recommended
solution for builtin encryption
capabilities.
References
3.4.2 Directory Service Standards
Domain: Data and Database
Category
Directory service products
Sub-Domain: Directory Service
Class: 1/2/3
Baseline
Containment
Retirement
Emerging
MS Active
Tivoli Directory Oracle Internet
Directory 2012
Manager
Directory, Lotus
Domino
Directory
Page 22 of 29
Manitoba ICT Standards
Category
Directory service protocol
Network authentication
protocol
References
Version 3.7
Baseline
LDAP, JNDI
Kerboros
Containment
X.500
NTLM v2
Retirement
-
Emerging
-
3.4.3 Information Management Standards
Domain: Information Management
Sub-Domain:
Category
Baseline
Containment
Information Management
SharePoint 2010
products
Document Management
products
GoM Information and
Records Management
standards
Metadata
Barcode (or Universal
Product Code – U.P.C)
standards
References
SharePoint 2010
PCDoc
MOREQ2
-
Class: 1/2/3
Retirement
SharePoint
2007-
SharePoint
2007
Emerging
Digital Rights
Management,
SharePoint
2013
SharePoint
2013
MoReq2010
compliant
DublinCore;
Geospatial
Metadata (ESRI
compliant)
GS1 standards:
C39/128 (xxx-10
numeric body)
GoM Information Management standards (intranet):
http://gww.internal/iem/btt/process_framework_tools/imm/imm/im_fram
ework.html
Page 23 of 29
Manitoba ICT Standards
Version 3.7
3.5 Desktop/Office Productivity Software Standards
3.5.1 Desktop Standards
Domain: Desktop
Domain: Desktop
Category
Desktop OS
Sub-Domain: Windows Platform Software
Technology: Desktop
Class: 1/2/3
Baseline
Containment
Windows 7
64/32bit,
Windows 8.1
64bit
WinZip 19
File compression &
encryption utility
Desktop anti-virus scan
product
Class: 1/2/3
Retirement
Windows
NT/95;
Windows XP
Emerging
Windows 10
64bit
-
Trend Micro
OfficeScan
11
-
Trend Micro
OfficeScan 10
Trend Micro
OfficeScan 8
Trend Micro
OfficeScan 7.0
Scanning & OCR
Terminal emulation
XML
OmniPage
ProComm
Microsoft XML
Core Services v 6
PLS Neterm
-
Desktop firewall
Microsoft
Personal Firewall
-
Microsoft XML
Parser v 6 and
4
-
Sun JRE plug-in
Sun Java Run
Time (all
versions)
.Net
.NET Framework
v4.0, v4.5
Sun Java Run
Time v
1.6.xSun Java
Run Time v
1.4.2_06
-
.NET
Framework v
3.5-
-
References
3.5.2 Mobility Standards
Domain: Desktop
Category
Products/Platform
Sub-Domain: Mobile Platform Software
Baseline
Containment
Blackberry,
Windows
Apple iOS
Mobile,
OS
Anti-virus scan product
Connectivity technologies
Blackberry 10,
iOS8x
-
iOS6x, iOS7x
Class: 1/2/3
Retirement
Emerging
Palm
Trimble Mobile
devices, iPhone,
iPad
Blackberry 5
Windows 10
-
-
802.11 g/n/a,
802.1x,
802.11x,
EVDO,
GSM/GPRS,
-
-
TrendMicro
Mobile, MS
Forefront
Page 24 of 29
Manitoba ICT Standards
Category
Mobile Application
development platform
Version 3.7
Baseline
3G, Cellular
Network,
BlueTooth; High
Speed Packet
Access (HSPA),
LTE
HTML5,
Responsive
Web Design
Containment
Retirement
Emerging
W3C Mobile Web
Initiative (MWI)
compliance;
W3C validating
scheme
(mobileOK
Scheme)
References
3.5.3 Office Productivity Software Standards
Domain: Office Productivity
Sub-Domain: Office Productivity Software
Category
Word processing
Baseline
MS Word 2013
Containment
MS Word
2007, 2010
Spreadsheet
MS Excel 2013
MS Excel
2007, 2010
Email & Groupware
MS Outlook 2013
MS Outlook
2007, 2010
Presentation
MS PowerPoint
2013
Personal database software
(disabled by default)
MS Access 2013
(*class 3 only)
MS
PowerPoint
2010
-
Document viewer
Adobe Acrobat 11x
Project Software
Web Browser
MS Project 2007
IE11
Media player
CD Burning software
Desktop Publishing
Windows Media
Player 12
MS Direct Burning
MS Publisher 2013
Instant messaging software
Lync 2013
Flash Plugin/Player
Flash v 10
MS Publisher
2007
Office
Communicat
or 2007
-
Mulimedia
Flash Player (plug-
-
Adobe
Acrobat 9
-IE10
-
Class: 1/2/3
Retirement
All earlier
versions of
Word
All earlier
versions of
Excel
All earlier
versions of
Outlook
All earlier
versions of
PowerPoint
All earlier
versions of
Access
All earlier
versions
Emerging
Office 2016
All previous
versions
-
MS Edge
Nero 7.7.5.1
All previous
versions
-
Office 2016
All earlier
versions
All earlier
-
Office 2016
Office 2016
Office 2016
Office 2016
-
Skype for
Business
-
Page 25 of 29
Manitoba ICT Standards
Category
Visio Viewer
Version 3.7
Baseline
in)
Visio Viewer 2013
Reporting Services
Client Print ActiveX
Control
Presentation
Server Client v12
SVG Viewer v3.03
Containment
Retirement
versions
-
Emerging
-
-
-
-
-
-
-
-
Visio Viewer
2007
-
-
References
Page 26 of 29
Manitoba ICT Standards
Version 3.7
3.6 End User Hardware Minimum Standards
3.6.1 Desktop Device Standards*
Domain: Devices
Category
Processor
Memory
Hardware Security
Module
Video Resolution
Monitor
Configuration
Video
Hard Drive Size
Peripherals
Energy Star
Compliant
DVD RW Drive
Production lifecycle
USB
LAN card
Security Lock Slot
References
Technology: Desktop
Baseline
Based on currently available
technology (with VPro)
‐
Certified to work with
Windows 7 Enterprise
(32/64 bit)
4 GB
Trusted Platform Module (TPM)
Containment
Retirement
Emerging
Retirement
Emerging
1024x768
Support Dual Monitor
Configuration
Support D15 capability
Current available technology
Windows OS certified, Ability to
support minimum 1 add-in card.
Yes
Yes, based on current technical
standard in the environment
Minimum 12 months remaining
2.0+, 3.0
Integrated
- Min. 100 MB with Wake On
LAN capability
Yes
*
Technology Position Paper TPP-004
3.6.2 Laptop Device Standards*
Domain: Devices
Category
Bluetooth
Pointer Device
Web Cam
Technology: Laptop
Baseline
‐
v4.x
Built-in mouse pointer (trackpad
or trackpoint)
Integrated VGA 640x480 with:
- microphone
- speakers
Containment
Page 27 of 29
Manitoba ICT Standards
Category
Wi-Fi Wireless
Docking Station or
Port Replicator
Processor
Memory
Hardware Security
Module
Video Resolution
Monitor
Configuration
Video
Hard Drive Size
Peripherals
Energy Star
Compliant
DVD RW Drive
Production lifecycle
USB
LAN card
Security Lock Slot
References
Version 3.7
Baseline
802.11 a/g/n with:
- automatic disabling of
wirelss/wired bridging set in
BIOS
Yes
Containment
Retirement
Emerging
Based on currently available
technology (with VPro)
‐
Certified to work with
Windows 7 Enterprise
(32/64 bit)
4 GB
Trusted Platform Module (TPM)
1024x768
Support Dual Monitor
Configuration
Support D15 capability
Current available technology
Docking station, with RJ45
capability, Digital pen (where
appropriate)
Yes
Optional
Minimum 12 months remaining
2.x+, 3.x
Integrated
- Min. 100 MB with Wake On
LAN capability, or available
through docking station or
dongle.
Yes
*
Technology Position Paper TPP-004
Note:
 Usability testing to assess (but not limited to) screen size, keyboard layout.
Portability and power consumption must be completed.
3.6.3 Printer Standards
Domain: Devices
Category
Technology: Printers
Baseline
‐
Containment
Retirement
Emerging
References
Page 28 of 29
Manitoba ICT Standards
Version 3.7
Standards Relationship Cross Reference Guide describes the relationship among standards for easy cross references.
The green boxes are standards, the blue boxes provide examples of products/technologies conformed to the standards. The arrows
defines the relationships, i.e., “Conformed to”, “Deploy to”, “Data stored at”.
Desktop/Office
Productivity Products
Application/Web
Development
Standards
Internet Explorer
Web
Conform
to
MS Outlook
Microsoft .NET
Microsoft Office Suite
SAP NetWeaver
Common Application
Development Standards
Office Productivity
Mobility
Desktop
Windows
Conform
to
Integrated
with
Platform Infrastructure
Directory and
Database Products
Active Directory
Desktop/Office
Productivity Standards
Business
Applications
Deploy
to
Data
stored at
Citrix Farm
SAP Web Application Servers
.NET Servers
MS SQL Servers
SharePoint
Apply
to
Conform
to
Data and Database
Standards
Information
Management
Directory Services
Conform
to
Security Standards
Platform Infrastructure
Standards
Anti-Virus
Vulnerability Assessment, Intrusion
Detection & Protection
Encryption & Authentication
Database & Data Warehouse
Network & Communications
Platform – Storage & Backup
Platform – OS & Hardware
Sys. Mgmt – Tools, Processes &
Protocol
Web & Application Platform
Figure 4: Standards Relationship Cross Reference
Page 29 of 29

 Download  Report

Paperzz.com

Your Paperzz

© Copyright 2026 Paperzz