Military Information Technology AFITC 13 7

F

: TS N O EN TI C C SE ET L N IA E EC C SP OR

R AI

The Voice of Military Communications and Computing

Information Warfighter Lt. Gen. William T. Lord Chief of Warfighting Integration Chief Information Officer Air Force

www.MIT-kmi.com

C4ISR August 2009 Volume 13, Issue 7

View From the Hill Rep. Bobby Bright (D-Ala.) PRSRT STD U.S. POSTAGE PAID ROCKVILLE, MD PERMIT # 2669

Combat Information Transport System ✯ IT Energy Saving Host-Based Security ✯ Information Assurance Technology Assistance Center

H>DA 2A8C820; 0BB4CB C0:4 <0=H 5>A<B F4 ?A>C42C 0;; >5 C74< From the warďŹ ghter in the ďŹ eld to the data in cyberspace — when it’s critical, it’s QinetiQ North America. Your complex challenges require innovation in systems engineering, mission solutions, force protection and warďŹ ghting. We have the capabilities, the credentials and the mission success to deliver it. Discover where innovation lives at www.QinetiQ-NA.com/GetSolutions

F74= 8C½B 2A8C820; 8C½B @8=4C8@

MILITARY INFORMATION TECHNOLOGY

AUGUST 2009 VOLUME 13 • ISSUE 7

FEATURES

COVER / Q&A View From the Hill Though we have yet to see the digital Pearl Harbor that some have predicted, cyber-attacks on military and civilian networks have shown increasing sophistication in the past decade. By Rep. Bobby Bright

6

NETCENTS The NETCENTS Record MIT magazine recently reached out to companies serving as prime contractors for the Air Force Network Centric Solutions (NETCENTS) program.

7

Conglomerate of IT Capabilities

16

As part of an effort to fundamentally change the ways in which it manages and operates networks, the Air Force is implementing a restructuring of its Combat Information Transport System. By Tom Marlowe

Lieutenant General William T. Lord Chief of Warfighting Integration Chief Information Officer Air Force

DEPARTMENTS 2 Editor’s Perspective 4 Program Notes 5 People

Security from End-point to Enterprise

30

25

An initiative originally focused on improving the security of individual computers and other equipment is being transformed into an enterprise-level campaign to strengthen command and control over networks throughout the department. By Harrison Donnelly

19 JTRS Update 22 Data Bytes 42 COTSacopia 43 Calendar, Directory

Powering Down IT

34

Amid the federal push to cut energy consumption, including of electricity for information technology-related needs, industry is stepping forward with a host of green IT solutions designed to reduce both costs and DoD’s carbon footprint. By Karen E. Thuermer

INDUSTRY INTERVIEW

State of the IA Art The Department of Defense’s Information Assurance Technology Analysis Center is a “super library” of expertise on IA and defensive information operations. By Harrison Donnelly

40

44 Steven Cooper ForeScout

MILITARY INFORMATION TECHNOLOGY VOLUME 13, ISSUE 7

AUGUST 2009

The Voice of Military Communications and Computing EDITORIAL Managing Editor Harrison Donnelly harrisond@kmimediagroup.com Copy Editors Regina Kerrigan reginak@kmimediagroup.com Diana McGonigle dianam@kmimediagroup.com Correspondents Adam Baddeley • Peter Buxbaum • Scott Gourley Tom Marlowe • Karen E. Thuermer

ART & DESIGN Art Director Anna Druzcz anna@kmimediagroup.com Graphic Designers Scott Morris scottm@kmimediagroup.com Anthony Pender anthonyp@kmimediagroup.com Jittima Saiwongnuan jittimas@kmimediagroup.com

ADVERTISING Account Executives Tabitha Naylor tabitha@kmimediagroup.com Dean Sprague deans@kmimediagroup.com Ted Ventresca tedv@kmimediagroup.com

KMI MEDIA GROUP President and CEO Jack Kerrigan jack@kmimediagroup.com Executive Vice President David Leaf davidl@kmimediagroup.com Vice President of Sales and Marketing Kirk Brown kirkb@kmimediagroup.com Editor-In-Chief Jeff McKaughan jeffm@kmimediagroup.com

The recent opening of a research and technology application facility near the Army Combined Arms Center and Fort Leavenworth, Kan., is highlighting the growth of an important new model for bringing industry, academia and government together to speed delivery of new capabilities to warfighters through intense collaboration. Sponsored by General Dynamics C4 Systems, the Leavenworth Edge Innovation Center is part of the Edge Innovation Network, which comprises more than 85 members representing a wide range of industries, colleges and universities worldwide. Its goal is to provide a collaborative, open environment that enables members from industry, academia and the government to work together in quickly developing new technologies to meet requirements identified through customers’ direct field experiences. Edge Innovation Centers are also located in Scottsdale, Ariz.; Orlando, Fla.; and Oakdale, U.K. In September, the Vehicle C4ISR Edge Innovation Center is slated to open in Taunton, Mass. Product and technology developments resulting from collaboration at other Edge facilities have included the Soldier Intelligence, Surveillance and Reconnaissance Receiver, which delivers real-time streaming video directly from multiple unmanned assets into the hands of soldiers on the ground; the Primordial Route Planning Application, a route planning application that automatically determines the fastest or most concealed route; and the Boomerang Shooter Detection and Location System, which enables soldiers to identify and respond to a sniper’s shot within seconds. When Edge members find a gap between a user requirement and members’ products and capabilities, the network issues a call for innovation (CFI). The most recent CFI, for example, seeks high-accuracy keyword speech recognition of approximately 20 different keywords, or combination of keywords, received in Harrison Donnelly broadcasts from commercial and military grade VHF and UHF harrisond@kmimediagroup.com radios. (301) 670-5700

Controller Gigi Castro gcastro@kmimediagroup.com Publisher’s Assistant Carol Ann Barnes carolannb@kmimediagroup.com

KMI MEDIA GROUP FAMILY OF MAGAZINES AND WEBSITES

OPERATIONS, CIRCULATION & PRODUCTION Circulation Specialists Dena Granderson denag@kmimediagroup.com Davette Posten davettep@kmimediagroup.com

Military Medical/ CBRN Technology

Geospatial Intelligence Forum

Military Logistics Forum

Military Space & Missile Forum

www.MMT-kmi.com

www.GIF-kmi.com

www.MLF-kmi.com

www.MSMF-kmi.com

Special Operations Technology

Military Information Technology

Military Training Technology

Military Advanced Education

www.MIT-kmi.com

www.MT2-kmi.com

www.MAE-kmi.com

MARKETING & ONLINE Marketing & Online Director Amy Stark astark@kmimediagroup.com Trade Show Coordinator Holly Foster hollyf@kmimediagroup.com

A PROUD MEMBER OF SUBSCRIPTION INFORMATION

SS m ra og Pr s M ate CO d O Up

All Rights Reserved. Reproduction without permission is strictly forbidden. © Copyright 2009. Military Information Technology is free to members of the U.S. military, employees of the U.S. government and non-U.S. foreign service based in the U.S. All others: $65 per year. Foreign: $149 per year. Corporate Offices KMI Media Group 15800 Crabbs Branch Way, Suite 300 Rockville, MD 20855-2604 USA Telephone: (301) 670-5700 Fax: (301) 670-5701 Web: www.MIT-kmi.com

World’s Largest Distributed Special Ops Magazine

U

Military Information Technology ISSN 1097-1041 is published 11 times a year by KMI Media Group.

SOF Leader Admiral Eric T. Olson

www.SOTECH-kmi.com

May 2008 Volume 6, Issue 4

Commander USSOCOM

Body Armor ✯ Image Analysis ✯ Weapon Suppressors Wearable Power ✯ CSAR with a Twist ✯ PEO Soldier

www.SOTECH-kmi.com

APPTIS.COM

APPTIS IS DEFENSE For over 18 years Apptis has worked side by side with the DoD to make the networks that sXpport oXr Moint IorFes rXn more eIIeFtiveOy and eIĂ€FientOy 3rovidinJ innovative net FentriF enJineerinJ Ior voiFe video and data serviFes to D,6A the 3entaJon and &2&20s oXr team keeps the DoD stronJ FonneFted and seFXre APPTIS IS DEFENSE. APPTIS IS SERVICES.

Compiled by KMI Media Group staff

Flagship Exercise Breaks New Ground Combined Endeavor (CE) 09, the world’s largest communication interoperability exercise, will be held in September featuring several firsts for the annual event. CE 09 is a flagship communications exercise highlighting EUCOM’s Strategy of Active Security. This year, 40 nations crossing two unified commands—EUCOM and CENTCOM—and three continents with more than 1,200 participants will conduct approximately 1,000 communication information systems interoperability tests during a two-week period. This will mark the first time that three separate locations have been used for the multinational communications event. It is also the first time that a Partnership for Peace (PfP) nation, Bosnia-Herzegovina, will be used as the main site. At Banja Luca, there will be approximately 600 personnel participating during the exercise period. Other exercise sites this year include Suz Base, Netherlands, and Copenhagen, Denmark. The interoperability test locations and participation by NATO and PfP nations are unique. Combined Endeavor sets conditions for multinational C4 network success and eliminates “discovery learning” upon deployment for military and humanitarian operations. The test documentation gained from these series of exercises has been utilized in multinational deployments. Tests this year will focus on net-centric capabilities, user-defined common operational pictures, ISAF and NATO Response Force pre-deployment testing, and cyberdefense. The results of the tests will be compiled and added to the integrated interoperability guide that has been maintained since the first Combined Endeavor. The guide is used as a tool to assist in the rapid deployment of coalition networks for NATO and coalition mission and crisis response.

Soldiers from participating nations installed a communications antenna during last year’s Combined Endeavor. [Photo courtesy of U.S. European Command]

“This year’s Combined Endeavor is especially important, exciting and challenging,” said U.S. Air Force Brigadier General David A. Cotton, director, command, control, communications and war fighting integration and chief information officer (J6/CIO) for HQ U.S. European Command. “The national planners agreed to try something new this year and ‘break the mold’ to accomplish what has not been attempted in Combined Endeavor’s 14-year history. In past years, all of the participating nations and organizations would deploy their personnel and equipment to a familiar site in Germany to test the interoperability of their communications, save one year when the exercise was in Austria. Last year, the national communication leaders agreed to conduct deployable

communications operations from three locations, all of which have their unique logistical and operational requirements that have to be met in order for Combined Endeavor 2009 to succeed,” Cotton explained. “One of the more obvious challenges is to successfully plan, coordinate and attain national clearances to transport all personnel and equipment to these three locations, each in a different country,” he continued. “Once the personnel arrive, they must quickly and effectively establish a stable multinational network to conduct communications interoperability testing and integration. In some cases, such as Denmark, they will have equipment at each of the Combined Endeavor sites to provide the backbone for satellite connectivity and the hubs for the coalition network. “The main operating base will be in BosniaHerzegovina, and the two regional operating sites will be in Denmark and the Netherlands. Each of these nations has stepped up to prepare their sites for hosting over 1,100 communicators and 400 support personnel for Combined Endeavor 2009. All participating nations will have representatives working in the Combined Joint Communications Coordination Center in Bosnia-Herzegovina, to coordinate and oversee the exercise,” Cotton said. The most innovative and significant approaches being tried this year involve communications standards, including the Tactical Communications Standard (TACOMS), which is a commercial interface standard that integrates communications systems, allowing them to pass data to one another. The Netherlands has taken the lead in developing TACOMS as a NATO standard and will lead several Combined Endeavor nations through testing and integration of their TACOMScompliant systems. TACOMS has been submitted to NATO and is undergoing the approval process to become a NATO standard.

DISA, GSA Combine on COMSAT Acquisition In a move that will bring major changes to the way the military and other federal organizations acquire commercial satellite communications resources, the Defense Information Systems Agency (DISA) and the General Services Administration (GSA) have agreed to create a common marketplace for such services. Under an agreement signed in late July by DISA Director Lieutenant General Carroll F. Pollett and James A. Williams, commissioner of GSA’s 4 | MIT 13.7

Federal Acquisition Service, the two agencies will cooperate to create the Future COMSAT Services Acquisition (FCSA) program. The new program, which is slated to go into operation in 2011, will have a total value of more than $5 billion over 10 years. After exploring the possibility of merging acquisitions, DISA and GSA ultimately sealed the deal to ensure a common marketplace for satisfying the majority of the federal government’s future commercial satellite www.MIT-kmi.com

communication requirements. DISA and GSA are committed to President Obama’s agenda for cooperation among federal organizations. “Why manage separate contract vehicles that offer essentially the same services when we can combine forces?” said Tony Montemarano, DISA’s component acquisition executive. In unveiling the program in early August at a meeting with industry and a teleconference with reporters, agency officials predicted that the new program would lead to cost savings and a leveling out of government spending for commercial SATCOM, which has grown rapidly in recent years. The savings will come from elimination of redundant administrative costs both by the two agencies, which will no longer have to manage separate programs, as well as by companies, which will reduce overhead involved in bidding on multiple contracts. In addition, the federal government can expect to save through combined buying power, which will reduce bandwidth expenses by an estimated 10 percent to 15 percent through economies of scale. FSCA will replace three existing programs: DISA’s Defense Information Systems Network Satellite Transmission Services-Global (DSTS-G) and Inmarsat contracts, and GSA’s SATCOM-2 contract. The DISA programs acquire about $350 million a year, while GSA currently manages $47 million in annual acquisitions. The DSTS-G program, which expires in 2011, involves three initially small businesses—Artel, Spacelink (now DRS Technologies) and Arrowhead (now

CapRock Communications—acting as prime contractors combining offerings from other satellite companies. The program has attracted both strong defenders, who say it fosters an integrated approach to delivering services to warfighters, and critics, who argue that it unnecessarily limits market access. (See Military Information Technology, June 2009, page 9.) FSCA will have three components: dedicated transponder capacity; subscription services, including terminals; and end-to-end solutions, including bandwidth, access, terminals and network management. Vendors will compete for master contracts in any service area and, if selected, then compete for specific task orders. Two indefinite delivery/indefinite quantity contact vehicles will be established for end-to-end services, with one of the vehicles reserved for small businesses. “I see nothing but better things ahead for all of our customers,” said Bruce T. Bennett, DISA’s director of satellite communications, teleport and services.

Correction: In the article, “X-band Advantage,” in the July 2009 issue of MIT, the name of the Spanish company that co-owns XTAR appeared incorrectly. It is HISDESAT.

p eop le Compiled by KMI Media Group staff

Brig. Gen. Gregory L. Brundidge

Air Force Brigadier General Gregory L. Brundidge has been assigned as director, command, control, communications and war fighting integration, Headquarters U.S. European Command. He has been serving as deputy chief of staff, communications and information systems, Multi-National ForceIraq.

www.MIT-kmi.com

Navy Captain Gretchen S. Herbert, who has been selected for promotion to rear admiral (lower half), will be assigned as director, Navy Networks, N6N, Office of the Chief of Naval Operations.

assigned as director for command control systems, J6, Headquarters North American Aerospace Defense Command/director, architectures and integration, J6, U.S. Northern Command.

Air Force Brigadier General John E. Hyten has been assigned as director, Space and Cyber Operations, Deputy Chief of Staff, Operations, Plans and Requirements, Headquarters U.S. Air Force.

Laura Larson

Navy Captain Diane E. H. Webber, who has been selected for promotion to rear admiral (lower half), will be

Laura Larson has joined Citrix Government Systems as director of sales and business development on the company’s

federal systems integrators team.

Skot Butler

Skot Butler has been named director of strategic initiatives of Intelsat General, where he will initially lead a team working to win the Pentagon’s $8 billion Future Commercial Satellite Communications Architecture contract, to be awarded by the Defense Information

Service Agency in 2010. The contract will replace the decade-old DSTS-G contract vehicle now used by the military to lease commercial satellite capacity and services.

Ericsson Federal Inc. has announced a number of new executive hires to serve its expanding government customer base, including Bob Dunn, senior vice president, business development, sales and marketing; Dave Baciocco, vice president, business development, defense and intelligence; and John Klopacz, vice president, sales, DoD/ commercial SATCOM providers.

MIT 13.7 | 5

Pre-empting a Digital Pearl Harbor BY REP. BOBBY BRIGHT Nobody likes surprises, especially when they affect your country’s national security posture. Getting caught by surprise, as we were in 1941 at Pearl Harbor and again in 1957 by Sputnik, has serious consequences. Americans are accustomed to having the luxury of distance or time—the Pacific Ocean or the prolonged race to space in these two instances—as shock absorbers. Even though we were initially caught by surprise in each case, American ingenuity and grit carried us to victory on both fronts and in turn improved our national security position. We cannot count on the same literal and figurative “oceans” in the future because our reaction time has been reduced by the pace of information technology. Though we have yet to see the “digital Pearl Harbor” that some have predicted, cyber-attacks on military and civilian networks have shown increasing sophistication in the past decade. What began as uncoordinated threats from individuals or small groups has morphed into a much more dangerous group of hacker clubs and cyberaggressors that are tolerated, and in some cases aided, by unfriendly governments. For example, public reports suggest that North Korea has sponsored a cyberwarfare unit, while hackers in Russia have claimed credit for attacks that have impacted American interests. Recent coordinated attacks disrupted the U.S. State Department, the Department of Homeland Security and even The Washington Post, but bounced off basement servers at the White House. But what happens when our enemies can make the Ground Based Missile Defense system think it’s a laundromat? Now we are talking about a serious, technological “Pearl Harbor” surprise. These recent attacks remind us that the attackers on that fateful Sunday morning in 1941 were actually picked up by what was then new technology in the form of Army SCR 270 radar, but misclassified as six American B-17s scheduled to arrive at the islands at the same time as the Japanese attackers. The government has begun to recognize and respond to these threats. Recently, the House Armed Services Committee held a 6 | MIT 13.7

subcommittee hearing on “Cyberspace as a Warfighting Domain.” My colleagues and I heard from a spectrum of military IT experts, including the Defense Advanced Research Projects Agency (DARPA). The agency was formed in the immediate aftermath of Sputnik, and to this day its mission remains “to prevent technological surprise.” At the hearing, Bob Leheny, DARPA’s acting director, stated that “cybersecurity threats will continue to increase in scope and sophistication. Rapid experimentation of new defensive capabilities is needed to stay ahead of cyberthreat advances.” He went on to describe how the National Cyber Range will allow “realistic, quantifiable tests and assessments of cyberscenarios and defensive technologies.” One of DARPA’s main goals is to develop what Leheny described as “robust, secure, self-forming networks ... with the promise of turning information superiority into combat power ... to dramatically speed up our OODA [observe-orient-decide-act] cycle.” Leheny sees network-centric operations that can “form, manage, defend and heal themselves ... at enormously high speeds ... which mean that people may no longer be central to establishing, managing or administering them.” While to some this may sound like science fiction, we should remember that the moon landing and the Internet also seemed implausible not too long ago. The concern, of course, is that our enemies are working to meet the same goals. The good news is that we are moving forward. President Obama is establishing a new cybersecurity office within the White House, and Secretary of Defense Robert Gates has tasked General Kevin P. Chilton, commander of USSTRATCOM, to deliver a plan to establish a “Cyber Command” by September. There is much happening on the tactical level, too. At Maxwell Air Force Base, which I am fortunate to represent, the Air University has just held a “Future Operators” symposium to help determine ways to develop crossdomain integration for all warriors, including cyberwarriors. The 754th Electronic Systems Group at Maxwell AFB Gunter Annex is host-

ing the 22nd annual Air Force Information Technology Conference (AFITC) this month in Montgomery, Ala. AFITC is the premier information technology conference in the Air Force. This year’s theme is particularly prescient: “Air Force Information Technology: the Warfighter’s Edge in Battlespace.” How does this help us lead turn our cyberadversaries and help pre-empt a digital Pearl Harbor? It was the cooperation, planning and execution of the plans by American military and industry that earned us victory in World War II and put Americans on the moon a dozen years after Sputnik. The nature of cyberwarfare means that conflict dwell times have shortened, the OODA loop has tightened, and that combat in the cyberbattles pace now is measured not by miles or kilometers but by nanoseconds. Recognition of these realities will keep us alert, agile and flexible in cyberdefense, and secure in the future. But we must keep our eye on the target. As the ancient Chinese military strategist Sun Tzu correctly observed, “In conflict, direct confrontation will lead to engagement, and surprise will lead to victory. Those who are skilled in producing surprises will win.” We would be well-served, especially in the cyber-age, to remember those words. ✯

Rep. Bobby Bright (D-Ala.) is a member of the House Armed Services Committee. The 754th Electronic Systems Group is headquartered at Maxwell AFB, Gunter Annex, in Alabama’s 2nd Congressional District, which he represents. www.MIT-kmi.com

PRIME CONTRACTORS REVIEW ACHIEVEMENTS OF KEY

AIR FORCE IT CONTRACT.

(Editor’s Note: MIT magazine recently reached out to the eight companies serving as prime contractors for the Air Force Network Centric Solutions (NETCENTS) program. Following are the statements of those that chose to respond.)

www.MIT-kmi.com

MIT 13.7 | 7

1,300 awards has been its relationship with a core team of large and small business service providers and equipment manufacturers. As it has provided services and products THE CENTECH GROUP aforteam, projects as diverse as site survey and BETTER PRICING AND BETTER installation of a radome in Croughton, U.K., to software life cycle support at Maxwell AFBINFORMATION FLOW Gunter Annex, Montgomery, Ala., located just BY ELLEN HILL a couple of miles from the company’s NETThe NETCENTS contract has been very CENTS Program Management Office. successful for THE CENTECH Another innovative soluGROUP. The company has had tion example is a site survey significant success during its and installation of a “newfive-year history with NETto-the-Air Force� Internet CENTS, providing over $400 Protocol Television for all 12 million in information techHeadquarters Air Mobility nology and communications Command bases throughservices and products through out the United States. The June 2009. innovative solution has more The customer base has capabilities at a lower cost expanded from a presence in than the solutions previously four states to 42 states and 12 used by many Air Force orgaEllen Hill international locations, includnizations. The company also hille@centechgroup.com ing infrastructure support for provides the content services. the Iraqi Air Base Information At one AMC base, President Technology Infrastructure Program adminisBush’s speech to the troops was broadcast tered by Hanscom Air Force Base, Mass. Other live on computers throughout the base and to NETCENTS customers include the Air Force, all those who could not attend once the local Army, Navy, Air Force Reserves, Air Force Air hangar was filled to capacity. National Guard and Federal Aviation Agency. The company’s NETCENTS mantra has But CENTECH’s success has not been been, “First we must win, then we must achieved alone. A key aspect in winning over satisfy,� and the entire team is focused on

customer satisfaction. To support customers, CENTECH developed a Web portal application to immediately post customer requirements for review by our team. This has allowed it to be agile and responsive to a challenging decentralized ordering system. Contracting officers around the world have requirements ranging from simple task order requests to “model contract� requests. The time for response is short, so quick dissemination of information and team composition is critical. Although NETCENTS 2 will be structured differently, CENTECH knows how to build a team and respond in this type environment. Company executives are confident that they have an excellent opportunity to continue serving customers under the new contract vehicle. CENTECH’s senior vice president for Department of Defense operations, James Tindell, also noted that the NETCENTS vehicle has been about getting the most from teaming partners. As a result, CENTECH has made sure that every partner has an opportunity to get involved with winning or registering potential NETCENTS work. The CENTECH NETCENTS team does this by giving all partners access to their portal and pushing solicitations out to partners as soon as they are available. CENTECH has also developed and implemented a mutual purpose and vision for the team through the program, and ensures that they have committed leadership that takes an

THE CENTECH NETCENTS Team‌ Today and Tomorrow Priming today’s NETCENTS tasks and looking forward to the future of NETCENTS, S CENTE CE CENTECH NTT C pprovide provides: id : t /FUXPSL *OGSBTUSVDUVSF 4FSWJDFT t 4PGUXBSF %FWFMPQNFOU .BJOUFOBODF t 4ZTUFNT &OHJOFFSJOH 5FDIOJDBM "TTJTUBODF tt 5SBJOJOH ,OPXMFEHF 5SBOTGFS 4ZTUFNT 4FSWJDFT t 5SBJOJ 5SBJOJOH ,OPXMFEHF 5SBOTGFS 4ZTUFN 5SBJOJOH ,OPX 5SBJOJOH ,OPXMFEHF OH ,OPXMFEHF H ,OPXMFEHF 5 EHF 5SBOTGFS 4Z H 5SBOTGFS OTGFS 4ZTUFNT 4 4ZTUFNT 4ZTUFNT NT 4F 4FS 4FSWJDFT FSWJDFT J T t 5FTU &WBMVBUJPO 4FSWJDFT 5FTU &W 5 TU &WBMVBUJPO BMVBUJPO BUJPO 4FSWJDFT 4FS t -PHJTUJDT 4VQQPSU 4ZTUFNT 4FSWJDFT t -P JTUJDT 4VQQPSU 4Z UFNT 4 4FSWJDFT FSWJDFTT t )FMQ %FTL 4ZTUFNT 4FSWJDFT t ) Q %FTL TUFNT 4FSWJDF tt &OHJOFFSJOH 4FSWJDFT &OHJO OHJOFF OFFSJOH H 4FSW 4F FSWJDFT t $PNQVUFS %BUB $FOUFS 0QFSBUJPOT $PN FS %BU OUFS 0 BUJPO t #VTJOFTT 0QFSBUJPOT 4VQQPSU t #VTJOFTT 0QFSBUJPOT 4VQQP t #VTJOFTT 0QFSBUJPO OFTT 0 BUJPOT QPSU PSU t 8FC 4PMVUJPOT 4FSWJDFT 8FC POT WJDFT t 4FDVSJUZ 4ZTUFNT 4FSWJDFT t JUZ 4Z T 4 FT t 1SPHSBN "DRVJTJUJPO .BOBHFNFOU 4VQQPSU 4FSWJDFT 1SPH "DR O .B BOBHFN NFOU 4 QPSU NFO DFT

8 | MIT 13.7

CENTECH Prime Contract Vehicles Alliant IT Schedule MOBIS

For Fo or mo more orre iinformation information, io on conta contact: tact: ctt: t: NETC S Program gra Manager, ger Ellen Hill illl NETCENTS 0 Interstate Interstate Park Drive, ive, e, Suite S 400 401 Mo gom y, AL 36109 36109 Montgomery, 877.3 .334.9 3 .E.Fix.Now 877.334.9669 (877.E.Fix.Now)

ne netcents@centechgroup.com e etcents@c et ccentechg grroup com m w ww e e m www.centech-netcents2.com w te echgroup.com p www.centechgroup.com

5)& $&/5&$) (3061 *OD 5) /5&$) __30 _______________________________ __ _ TRUST . QUAILTY AILTY LT . SERVICE . VALUE

Maturity Level 3

www.MIT-kmi.com

interest and invests in the team’s staff in order to build trust and commitment. “Our company’s brand identity is just as important as the products and services we provide,” said Tindell. “Using the NETCENTS contract, CENTECH has continued to build on a solid brand identity, and the effort we put

GENERAL DYNAMICS INFORMATION TECHNOLOGY VITAL ROLE IN ENTERPRISEWIDE TRANSFORMATION MANAGEMENT BY DAN AYER NETCENTS I has helped to usher enterprisewide transformation into the Air Force and facilitate the service’s information management initiatives. Delivery orders under the contract have assisted the Air Force in achieving its goal of true net-centricity and a more secure cyberposture. NETCENTS I possesses a rigorous source selection process, a long-term IDIQ contract (which allowed for “lessons learned to be applied”), an enforcement of standards and policies, and a continuous competitive process for each delivery order. The contract was intended to support the Air Force’s transformation to Air Force Network Operations (AFNETOPS), which consolidates operations under one command. Through the contract, the Air Force has been able to draw expertise from key “vetted” contractors to support the entire life cycle of the Air Force IT mission. The NETCENTS prime contractors, which include General Dynamics Information Technology, felt like true industry partners, learning and adapting alongside the Air Force as the mission has evolved. NETCENTS I has helped the Air Force accomplish several key initiatives. For example, through delivery orders issued by the Combat Information Transport System (CITS) Program Office, 12 bases, www.MIT-kmi.com

into winning task orders has paid off in the form of loyal customers.” In summary, while competitive pricing and customer service are major goals, CENTECH’s experience has demonstrated that NETCENTS provides the ability to standardize IT systems that meet net-centric standards.

six of which General Dynamics IT directly supported, have received secure, broadband fiber-optic wired networks, under the Information Transport System (ITS) program, the foundation of net-centric operations. In addition, General Dynamics IT has delivered robust Air Force wireless infrastructure with high availability and multi-tiered administration and management, which complies with all Air Force, Department of Defense, federal and Joint Task Force-Global Network Operations security policies, to 29 bases, with 25 additional bases planned. The Air Force also has used the contract to upgrade its fielded telecom switches, incorporating unified capabilities, such as Voice over IP (VoIP), to provide the warfighter with reliable voice communications within the existing telephone system and to support future netbased voice capabilities. General Dynamics IT has also played a key role in evolving the Air Force Voice Switching System (VSS) from circuit to IP-based telephony by engineering, furnishing and installing VoIP solutions at Keesler, Wright-Patterson and Vanderberg Air Force bases. NETCENTS I assisted in the maturity of the Air Force’s enterprise network management and network defense (NM/ ND) capabilities. Delivery orders issued under the contract vehicle have been essential in helping the Air Force migrate toward its AFNETOPS transformational concept, a standards-based, secure, costeffective alternative to some of the legacy systems it has replaced. General Dynamics IT-led NETCENTS initiatives have established the Air Force intranet, consolidated core services at the enterprise level and automated NM/ND tools:

The end result is not only better pricing, but better information flow in an accurate and secure way across the Air Force—and, lest we forget, for the warfighters. Ellen Hill is NETCENTS team program manager for THE CENTECH GROUP.

•

•

•

AFNET Increment I (NOIA Block 30) product acquisition and stand-up of the 16 Air Force intranet gateways; Integrated Network Operations and Security Centers (I-NOSC) design and implementation, which migrated management of each base network boundary from its local Network Control Center to the I-NOSCs at Peterson AFB and Langley AFB, enabling true enterprise network management; and AFNOC Network Operations Division, providing operational support to the Air Force enterprise network.

NM/ND solutions provided by other NETCENTS prime contractors include automated, minimally managed enterprise-level system security process for establishing IT policy, scanning for vulnerabilities, reporting compliance and status via the Vulnerability Lifecycle Management System, and enterprise-level network, application and device monitoring via NetCop, NetIQ and SMARTS enterprise licensing agreements. In addition to being a key enabler for deploying net-centric solutions systems, NETCENTS I is also the vehicle under which sustainment of these mission-critical Air Force enterprise infostructure systems and assets have been accomplished. General Dynamics IT’s sustainment efforts include: •

Field assistance service with sustainment responsibilities for all Air Force combat support standard systems; MIT 13.7 | 9

•

repair and replacement in support of the Air Force telecommunications network.

contractors’ increased ability to support the program after understanding the mission needs.

These accomplishments have been critical in helping the Air Force transform its network operations. The initiatives have benefited from NETCENTS’ strong source-selection process and the

Dan Ayer is NETCENTS program manager for General Dynamics Information Technology. He can be contacted at daniel. ayer@gdit.com.

provides independent test and evaluation and IT security services for the Electronics Systems Center (ESC) 754th Electronic Systems Group (ELSG) at Maxwell-Gunter AFB. The ESC ELSG has been convertHARRIS IT SERVICES ing its business applications—including PATHFINDER FOR NETWORK-CENTRIC software for managing critical personnel, logistics, medical and civil engineering COMMUNICATIONS information systems—to Web-based appliBY JOHN HELLER cations. According to John Weimer, Harris’ NETCENTS continues to be a very NETCENTS program director, the Harris successful vehicle for Harris IT Services, team ensures that system security requireaccording to John Heller, vice president ments of those Web-based applications and general manager, meet DoD regulations and Department of Defense mission requirements. programs. “We’ve captured “In addition to scanning and performed on over 600 for security vulnerabilities services and solutions task and monitoring network orders, which we manage penetration activities, our from our highly responsive team performs source code NETCENTS program office analysis to identify vulnerin Montgomery, Ala. In ability within code execution fact, Harris IT Services has as well as working side by side been awarded more total with developers to secure the task orders than any of the applications at the highest of John Heller other seven NETCENTS DoD and industry standards,” john.heller@harris.com primes, and we rank third said Weimer. in terms of cumulative In addition to services sales,” he said. and solutions, Harris IT Services is by far Harris serves Air Force, Army and Navy the leading NETCENTS product vendor customers via NETCENTS at locations in terms of dollars and number of orders. across the U.S. as well as in Iraq, AfghaniWhen including products, Harris has delivstan, Japan, Guam, the United Kingdom, ered on more than 2,700 tasks. Germany, Italy and Korea. The company’s When Harris was awarded the contract, NETCENTS engagements span the life Heller thought it was logical to divide the cycle, from IT transformation through company’s NETCENTS services/solutions operations and maintenance and informaand products teams into two groups. Now, tion assurance. it’s likely that NETCENTS 2 will also sepaFor example, under a $42.9 million rate services/solutions and products into IDIQ task order, the Harris IT Services team different contracts.

“I attribute our products success to several factors. First, our products group collaborates closely and frequently with our program management office (PMO) on each request for proposal (RFP) and request for quote (RFQ) to determine the best means of maximizing customer value. Secondly, we are extremely responsive and have built strong relationships with many of the largest product purchasing organizations. And, lastly, we’re on time with 98 percent of our product deliveries and can deliver anywhere in the world in less than 30 days,” Heller continued. Harris IT Services partners with more than 150 subcontractors on NETCENTS, and more than 75 percent of them are small businesses. “Our PMO excels at assembling, structuring, adjusting and managing teams to ensure we effectively meet customers’ needs. Our partners offer exceedingly relevant past performance and competitive rates, have proven processes and certifications, and cover all small business categories,” Heller said. Heller views NETCENTS as a highly effective vehicle for quickly providing standardized and interoperable products, services and solutions to warfighters. “We’ve seen 2,400 RFPs for solutions and service in four and a half years, along with 15,000 product RFQs. In addition, a growing number of DoD organizations rely on NETCENTS as a primary vehicle. That depth and breadth indicate that vendors are meeting customers’ mission needs within the cost and time constraints,” he commented. Furthermore, NETCENTS has led the way in terms of incorporating increasingly

•

•

CITS hardware/software support, which supports and sustains all fielded NM/ND systems; KZ engineering support, which acts as a bridge for all newly fielded CITS tools and capabilities; and VSS sustainment, which provides help desk support and emergency

10 | MIT 13.7

www.MIT-kmi.com

Enabling Air Force Enterprise IT Transformation

G eneral Dynamics Information Technology is helping

the U.S. Air Force transform their IT enterprise and better manage information by providing: t /&5014 BOE *OGSBTUSVDUVSF 4PMVUJPOT t "QQMJDBUJPO 4FSWJDFT t /FU $FOUSJD 1SPEVDUT t 5FMFQIPOZ 1SPEVDUT BOE 4PMVUJPOT t *5 1SPGFTTJPOBM 4VQQPSU BOE &OHJOFFSJOH 4FSWJDFT t &OUFSQSJTF *OUFHSBUJPO BOE 4FSWJDF .BOBHFNFOU "T B QSJNF DPOUSBDUPS VOEFS UIF /&5$&/54 *% *2 DPOUSBDU General Dynamics Information Technology provides JOUFHSBUFE *5 TPMVUJPOT PQFSBUJPOT TVTUBJONFOU BOE NBOBHFNFOU QSPDFTTFT JO TVQQPSU PG UIF GPMMPXJOH programs: t $PNCBU *OGPSNBUJPO 5SBOTQPSU 4ZTUFN $*54 t *OUFHSBUFE /FUXPSL 0QFSBUJPOT BOE 4FDVSJUZ * /04$ t &OUFSQSJTF %FTJHO (VJEBODF BOE &WBMVBUJPO 4DPQF &%(& t 4FDPOE (FOFSBUJPO 8JSFMFTT -"/ (8-"/ t $*54 )BSEXBSF 4ZTUFNT *OUFHSBUPS $)4* t 7PJDF 4XJUDIJOH 4ZTUFNT 744

7JTJU www.gdit.com UP MFBSO NPSF BCPVU UIF DPTU DPNQFUJUJWF TUBOEBSET CBTFE JOUFHSBUFE *5 TPMVUJPOT XF EFMJWFS RVJDLMZ BOE FBTJMZ UIBU ESJWF NJTTJPO TVDDFTT

stringent cybersecurity requirements. “NETCENTS standards recognize the network as a weapons system. It’s a pathfinder in terms of network-centric communications for military and national security. I believe we’ll see more trendsetting with NETCENTS 2,” Heller continued. Heller attributes much of Harris IT Services’ NETCENTS success to the standardization the contract requires. “Because of the volume of NETCENTS business we’ve done, Harris knows how to help all the various DoD entities across the globe comply with policy. We can quickly deliver

services, solutions and products that meet dynamic needs and evolving standards,” he said. Indeed, because of the nature of NETCENTS, customers have faster access to more interoperable and secure solutions. “With many ex-military and National Guard members on our staff—along with more than 30 years serving the Air Force— Harris fully appreciates the value NETCENTS delivers to customers and to us,” Weimer added. Heller and Weimer agree that Harris offers extensive experience relevant to

NETCENTS 2 customers, including delivering expert network operations that better enable mission performance, rapidly responding to the needs of customers across the globe, and helping consolidate legacy contracts to achieve dramatic cost savings. “We look forward to building upon our successes with NETCENTS 2,” Heller concluded.

ture, and a significant amount of enterprise engineering. For example, through NETCENTS, the LOCKHEED MARTIN company was selected to operate and maintain the message routing infrastrucAN EXTREMELY EFFICIENT ture for the Pentagon’s command messagCONTRACT VEHICLE ing systems in support of the Pentagon BY JOHN SLOTA Telecommunications Center, an organizaThe NETCENTS program was intended tion of the Army Information Technology to provide a flexible contracting vehicle to Agency. The Pentagon Telecommunicaobtain net-centric technologies, networktions Center’s mission is critical, providing equipment and services, and voice, ing Defense Messaging System services video and data communicato DoD, and any disruption tions hardware and softof service to the decisionware. Lockheed Martin was makers in the Pentagon has selected to share in task the potential to impact misorders under NETCENTS sion operations worldwide. in 2004. In addition to providing Since that time, the messaging services at the NETCENTS contract vehiUnclassified, Secret and Top cle has proved to be a valSecret levels, the Lockheed ued and vital component Martin team also provided of delivery organizations. virus and spam protection John Slota The broad range of contract as well as directory, security users across the Air Force and configuration managejohn.slota@lmco.com and other Department of ment support. Defense agencies allows Lockheed Martin Also under NETCENTS, Lockheed to continue to provide new capabilities to Martin was selected to upgrade the Air a wider customer base. Force flying unit command and conTask orders that Lockheed Martin has trol capability, formerly under the Thereceived under NETCENTS have greatly ater Battle Management Control System varied. These tasks have ranged from (TBMCS) contract. Lockheed Martin was enterprise service work for the Air Force, tasked to provide users at more than many telephony modernizations as the 46 fixed and expeditionary bases with services are preparing for Voice over an improved suite of tools at the wing Internet Protocol, upgrades to medical and squadron level. Resident around the treatment facilities and base infrastrucglobe, the TBMCS unit command and

control component allows staffs at airbases to coordinate air order taskings with the Air Operations Center and create a flying schedule. By interfacing with a number of external systems, it provides wing and base commanders with decision-quality information in near real-time, such as the status of their installation’s vital capabilities and the tools to conduct command and control activities on their installation. The effort included design, development, test, certification, installation, integration and sustainment. Another key aspect of NETCENTS is its emphasis on small business. As a large supporter of small business; more than 50 percent of Lockheed Martin’s contracted effort on NETCENTS has been performed by small businesses. When establishing a team, Lockheed Martin determines the specific industry leaders and small businesses that will help provide the customer with a best-value solution. This is where subcontracting comes into play—with a focus on small business. NETCENTS recognizes innovations from small businesses, which can range from IT hardware and software product fulfillment to on-site critical application and IT support requirements. NETCENTS has proved to be an efficient vehicle to quickly field a wide range of capabilities to a diverse customer set.

12 | MIT 13.7

John Heller is vice president, general manager Department of Defense programs at Harris IT.

John Slota is director of C2 Solutions for Lockheed Martin’s IS&GS-Defense. www.MIT-kmi.com

NCI DELIVERING ON AFNETOPS TRANSFORMATIONAL GOALS BY NORRIS CONNELLY The NETCENTS contract provides the Air Force, Department of Defense, and other federal agencies a broad array of integrated solutions, COTS products, engineering services, and life cycle management support. NETCENTS plays a key role in significantly enhancing the Air Force and the entire DoD’s capability in the era of net-centric warfare and operations by providing a “standardsbased” vehicle for provisioning the network and net-centric services. NETCENTS has been one of the Air Force’s primary delivery mechanisms for operational and architectural initiatives to achieve both improved operational effectiveness (improved security and availability), as well as increased efficiency (reduced personnel requirements and cost of operations). In particular, the key AFNET operations concepts to consolidate network and security management at major commands and then regional centers have required that Air Force IT infrastructure architectures and technical solutions implemented under the NETCENTS contract be done consistently at every Air Force location. NETCENTS is an integral part of an enterprise strategy for delivering transmission and net-enabled services to the Air Force. There is less variability when it comes to messaging protocols, security and boundary protection issues, and data storage/management under NETCENTS. NETCENTS is one of the largest, most diverse multiple-award IDIQ contracts in existence today. Its breadth of scope, efficient ordering mechanisms, and mission-oriented capabilities make it one of the pre-eminent product and service contracts in the federal government. As such, NETCENTS is an important element of NCI’s corporate strategy. It enables us to build a solid platform for growth while delivering value to www.MIT-kmi.com

significant lessons learned that have and will our customers, stockholders and employees. continue to benefit the entire Air Force ERP NETCENTS provides us an advantage as we community. seek to expand the level of services we provide At AMC, NCI provides Secure Voice over IP to our customers. (SVoIP), integrated secure wireless, and MAJWe aggressively pursue task orders under COM C2 network support. NCI also provides NETCENTS to add important new customUSSTRATCOM/JIOWC/GCCS fully integrated ers and expand our service offerings. NCI Google enterprise search and geospatial visuoffers a broad array of services, products and alization, supporting near-real-time informaintegrated solutions through NETCENTS to tion operations warfare planning, assessment help our customers meet their critical misand analysis. sions and objectives. NCI is extending our Looking forward, NETCENTS-2 should core capabilities provided under NETCENTS continue to play an integral role in the Air in line with key market drivers and investing Force’s achieving its transformational initiain a robust set of business solutions and offertives. The vision for NETCENTS-2 includes a ings, including IT consolidation/modernizafamily of full and open and set-aside procuretion; geospatial search and visualization; ments covering net-centric products, teleinformation operations/warfare; information phony products and solutions, NetOps and assurance and cybersecurity; program maninfrastructure solutions, application services, agement, acquisition and life cycle support; enterprise integration and service managesustainment engineering and obsolescence ment, and IT professional support and engimanagement; medical transformation/health neering services. IT; and full-spectrum training. NETCENTS-2 will support the full IT life Over the past five years, NCI has been cycle, including legacy operational and sustrusted by numerous major commands, tainment activities, re-engineering of legacy program offices and combatant commands, capabilities into target architectures and enviincluding Air Education and Training Comronments, and future service-oriented capamand, Air Force Materiel Command, Air bilities. The NETCENTS-2 model should allow Force Space Command, Air Mobility Comfor increased innovation and the ability to mand (AMC), Combat Information Transport more rapidly provision and field capabilities. System, Air National Guard, NORAD/NORTHAchieving the Air Force’s COM and USSTRATCOM. transformational goals in an There are a number of key incremental and evolutionary programs that demonstrate manner requires that it have the breadth and depth of the a set of contractors under a NETCENTS contract and our common set of standards and ability to deliver mission-critarchitecture within a single ical services and products to contract vehicle, ensuring our customers. For example, consistency across the actions NCI provides the Air Force of the multiple contractors. Research Laboratory Rome NCI believes NETCENTS-2 Research Site complete IT supwill play an instrumental role port for the information and Norris Connelly in achieving these objectives. finance directorates located NCI has been a trusted partin Rome, N.Y., including help nconnelly@nciinc.com ner of the Air Force and NETdesk, CSA, FSA, infrastructure CENTS, and we look forward to continuing support, telephony and information assurour trusted relationship with the Air Force ance. In addition, NCI supports AFWAY II, a and delivering mission-critical services and robust, scalable, flexible enterprise resource solutions to customers worldwide. planning (ERP) system using the Oracle eBusiness suite to meet future strategic Norris Connelly is senior vice president enterprisewide purchasing needs for all comof Air Force programs for NCI Information modities and services. NCI provides effective Systems, Inc. solutions and workarounds and produces MIT 13.7 | 13

NORTHROP GRUMMAN FOUNDATION FOR C4I SUPPORT TO THE WARFIGHTER BY ED MOORE The bottom-line goal of the NETCENTS contract is to provide standardized network infrastructure required to get the right information to the warfighter at the right time to ensure mission success. For five years, NETCENTS has provided the Air Force, Department of Defense and other federal agencies with a primary source for network-centric infrastructure equipment and systems, to include the requisite system engineering, installation, integration, deployment, operational support, and life cycle maintenance. A key objective is to migrate toward a family of DoD standardized networking solutions, which are based on commercial standards but are also interoperable with Air Force, joint and DoD standardized networking technical architectures, including support of the Global Information Grid (GIG). While there were some initial growing pains, the overall NETCENTS process to post opportunities, accept proposals, evaluate responses, make awards and properly execute task orders has developed into a streamlined and efficient methodology for both products and services. Most products are now delivered within 30 days of an award—frequently sooner—and most services are initiated immediately following an award. The NETCENTS contract has provided its customers with the benefit of competitive pricing with an overall reduction in the amount of labor and time involved to award an individual contract. Northrop Grumman has had numerous successes on the NETCENTS contract and currently leads all other primes with more than $1 billion in NETCENTS awards to date, out of a total of $5 billion that has been awarded on the entire NETCENTS contract. Northrop Grumman has been most successful on the services side of the contract. Approximately 93 percent of our 14 | MIT 13.7

awarded value has been as a result of service awards. Key Northrop Grumman service task order awards include: Vulnerability Lifecycle Management System (VLMS); Defense Knowledge Online; Defense Travel Services; Air Force Equipment Management System; Commander Navy Installations Command IT and telecom support; and Host-Based Security System (HBSS). Each of these task orders was achieved by the proper utilization of both large and small business partners, as well as multiple business sectors within Northrop Grumman. Getting the right combination of players for each task order was and is critical to winning and the proper execution of each task order. This was an early focus of our program management office, and continues to be very successful. Northrop Grumman believes that network-centric communications plays a critical role for both military and national security. The current world situation (both in terms of threat and funding) requires that all services operate jointly to meet emergent threats in a timely and costeffective manner. This requires not only joint interoperability between the services but also with other DoD and intelligence agencies. The only real way to achieve the required commonality and interoperability is best expressed by the Combat Information Transport System motto: “single architecture, with standardized products.” The days of stovepiped solutions with differing standards across multiple commands need to finally come to an end. However, as our dependency on common centralized data repositories grows, the need to ensure that data is adequately protected, to ensure availability at the critical moment, becomes even more paramount. The use of contracts such as NETCENTS and the follow-on NETCENTS-2 provide the means to achieve that end. Northrop Grumman maintains the “pulse” of our NETCENTS customers. We have taken the lead in our customer’s evolution of critical cyberdefense initiatives by providing more than $75 million worth of

security services, including the installation and support of the Air Force network defense initiatives of VLMS and HBSS. LMS is an automated and centralized network vulnerability management of classified and unclassified networks, and deploys the Joint Task Force-Global Network Operations mandated tools that provide the Air Force with tools and processes for real-time vulnerability scanning, remediation, quarantine, reporting and information sharing. Additionally, we’ve provided HBSS, used to provide local computer defense of critical systems and devices on the GIG. HBSS provides DoD with a significant capability to defend all computers across the department’s unclassified networks and enables system administrators improved situational awareness in the fight against cyber-attacks. These tools ensure vital network capabilities are available at all times to warfighters. Furthermore, Northrop Grumman’s work under NETCENTS has contributed to DoD’s transformation of existing operational capabilities. In order to realize a seamless joint network of information and engagement grids that link sensors, command and control cells, and tactical units to support future war fighting capabilities through the GIG, the company has partnered on critical joint initiatives, including Defense Knowledge Online and Defense Travel Service, to provide an enterprise capability across DoD to our service men and women. The HQ 754th ELSG has been an exceptionally good partner to work with on NETCENTS. They essentially serve as an additional partner for each of the prime contractors and greatly facilitate the use of the NETCENTS contract across DoD. Northrop Grumman found this relationship to be important enough to add a dedicated deputy program manager to work with them on a daily basis in Montgomery, Ala. We look forward to continuing our strong partnership for the remainder of NETCENTS and into NETCENTS-2. Ed Moore is NETCENTS program manager for Northrop Grumman Information Systems. He can be contacted at ed.moore@ngc.com. www.MIT-kmi.com

mission-critical operations with innovative technology. NETCENTS changed this and enables the government to put in place the best networking technology and the latest IT security solutions.” TELOS An example of a valuable development to come from NETCENTS is the IMPROVED NETWORKING AND IT establishment of the Air Force Application SECURITY Software Assurance Center of Excellence (ASACoE), located at Gunter Annex, MaxBY CHARISSE STOKES well Air Force Base, Ala. ASACoE ensures Since the Air Force awarded the origithat application security best practices nal NETCENTS contract in September are incorporated across the Air Force and 2004, the contract vehicle has provided a enables the Air Force to identify critical competitive edge for the federal governvulnerabilities and secure its applications. ment by reducing the time to market for With the additional security provided by critical networking and communications ASACoE, the Air Force is better able to equipment and services. The five-year, $9 defend against application-level attacks, billion Air Force IDIQ contract enables protecting sensitive information that in government agencies to purchase missionturn helps protect the nation. critical hardware and software, networkTelos was awarded an initial task centric voice, video and data products and order, which has a ceiling of $75 million, services, and telephony solutions from a to establish the ASACoE in September group of prime contractors. 2007. To date, the center has conducted “NETCENTS has trans260 software assurance formed the government proassessments and identicurement process by offering fied numerous vulneraa single source for secure, bilities. The assessments high-performance, cost-comwere conducted jointly petitive solutions for networkwith Air Force program centric applications to support developers in an effort and enable government and to make the assessment Department of Defense misprocess part of the softsions, functions and operaware development life tions,” said Charisse Stokes, cycle. Charisse Stokes senior director, Southeast In addition to operations and NETCENTS improving application charisse.stokes@telos.com program manager for Telos, software assurance for which serves as a small busicustomers within the ness prime on the contract. Air Force, last year, ASACoE performed Prior to NETCENTS, no standard concode analysis and training for a variety tract existed in which the government of other government agencies, including could order integrated network solutions. the Department of Veterans Affairs and The Air Force, for example, used a Navy the Judge Advocate General, reducing the contract vehicle for its IT and telecom risk and cost associated with application requirements, and in some cases, it used vulnerabilities. piecemeal software and hardware for its This year, Telos received a NETCENTS networks. task order modification of $6.7 million to “This practice was not in the best further support ASACoE. The task order interest of national security; it did not includes training classes and services to help protect the nation’s IT and commuprovide software licenses. The modificanications resources,” said Stokes. “Furtion brings the total value of the ASACoE thermore, this practice did not support task order to more than $16 million. www.MIT-kmi.com

“Via NETCENTS, Telos is supporting new technologies that can be employed to help the government enhance its communications capabilities and protect the nation from IT security threats,” Stokes added. “Some of these new technologies that the government can access under NETCENTS had not been previously available to government agencies.” Telos posted more than $230 million in new sales from the Air Force’s NETCENTS program in fiscal year 2008, which is more than any of the contract’s eight primes. Among the many NETCENTS wins for Telos are a $13 million task order for the Defense Message System at the Pentagon Telecommunications Center, and a $6.3 million order for Air Force Defense Message System program management. NETCENTS has promoted networkcentric communications, which is critical to ensure the speed, accuracy and quality of decision-making information that is available to federal and civilian agencies, according to Telos. The firm is leading the way to provide the enterpriseclass network infrastructure backbone for secure voice and data communications for customers in support of their operations. Telos’ offerings under NETCENTS are voice, video and data communications; secure wireless networking; information assurance; application software assurance; vulnerability and penetration testing; enterprise messaging; secure credentialing; telephony including VoIP; COTS products; system solutions and engineering services; inside/outside plant engineering systems hardware and software; systems management, operations and maintenance support; configuration management; training; centralized logistics and inventory management support; worldwide depot support, spares and supplies; outsourcing and services support; and engineering/IT/specialty experts. ✯ Charisse Stokes is senior director, Southeast, and NETCENTS program manager for Telos. MIT 13.7 | 15

BY TOM MARLOWE MIT CORRESPONDENT marlowet@kmimediagroup.com

AIR FORCE RESTRUCTURES COMBAT INFORMATION TRANSPORT SYSTEM TO IMPROVE NETWORKS AND INCREASE SECURITY.

As part of an effort to fundamentally out into the field in the next year,” he added. change the ways in which it manages and The various initiatives are ambitious and operates networks, the Air Force is implecritical to maintaining Air Force cyberfuncmenting a restructuring of its Combat Infortionality and security, Fellers noted. CITS will mation Transport System (CITS). continue its Information Transport System The CITS, which incorporates various (ITS) program as an acquisition category projects to provide upgraded and secure Air (ACAT) 1 program to redesign the entire Force network systems, began as a single network infrastructure at every Air Force major defense acquisition program operating base. The ITS program has been going on with the federal government as a systems for a number of years and will continue for integrator. another eight years at presBut as of 2009, CITS has ent, Fellers said. been restructured into several A separate ACAT I promajor programs (acquisition gram will install secure wirecategory I) and multiple lesser less capabilities across all Air programs (acquisition catForce bases as well, while a egory III) to become “a conthird ACAT I contract will glomerate of capabilities being take the ITS network infradelivered through various prostructure upgrades to the Air grams,” according to Colonel National Guard bases. Russ Fellers, CITS program The CITS program office manager. also supports contracts for Col. Russ Fellers The CITS program office another set of ACAT 1 promay award those contracts as grams under the banner of task orders through the Air Force Networkthe Air Force Network (AFNET). The AFNET Centric Solutions (NETCENTS) consolidated Increment 1 program has been working for purchasing vehicle, but it also may explore several years toward the goal of creating other options due to the anticipated timing of gateways for the Air Force intranet. Those the awards, Fellers explained. 16 gateways are designed to protect the Air “Right now, NETCENTS is the contract Force from external threats to its networks that we have been directed to use for acquisifrom over the Internet. That effort goes into tion of CITS products and capabilities. The operational test this fall with full operational current contract is about to run out of its capability projected for the middle of 2010. ordering period,” Fellers stated. AFNET Increment 2 also will begin next “There is a follow-on contract, NETyear, Fellers revealed. The program, another CENTS 2, won’t be in place until next sumACAT 1, centers on the re-architecture of all mer, so we have to look at multiple vehicles to base boundaries to protect networks from procure the capabilities we are trying to put internal threats from base to base. 16 | MIT 13.7

The CITS program office will kick off yet another large acquisition program next year to rebuild network control centers at all Air Force bases. “We will continue to embrace server virtualization to reduce our logistics footprint, our life cycle costs, and our energy consumption across the Air Force for our networks,” Fellers said. A host of smaller programs also will bring additional benefits to networks. For example, the CITS program office will start up a program called the Cyber Control System within the next few months. It will be a command and control system used for situational awareness of the AFNET. “The Cyber Control System is the first step toward giving the operator the ability to have real-time knowledge of the operational state of the network,” Fellers said.

SECURITY MENTALITY The restructuring of the CITS program office and its portfolio is a significant effort requiring the office to double in size over the next year to adequately deliver the capabilities it has been tasked to implement. “There has been a mentality in the past that our networks need to be fast, responsive, convenient and as open as possible to get our job done,” Fellers commented. “The Air Force is in the process of changing that mentality. The first priority now is that our networks need to be secure. That is trumping the availability and ease of use of the network. We can’t afford to have a compromise. Much of our operational activity now takes place on www.MIT-kmi.com

the network, and we can’t afford to have that taken away from us.” The flurry of activity now occurring is a result of the CITS program office clearing an audit by the inspector general of the Department of Defense as well as a program support review from the Office of the Secretary of Defense, Fellers said. Once CITS resources were freed from those obligations, the office began to turn its attention to fielding new cybercapabilities. Recent events have underscored the need for the Air Force to rapidly deploy new ways of deploying and securing its networks, Fellers remarked. A sustained cyber-attack against government networks in June, suspected to have originated from North Korea, reminded network managers that DoD is a prominent target for malicious actors. “So we have to be very secure—more secure than the public sector. There is a lot of activity going on now and over the next several years to improve the security of our networks, to improve the security of our network devices, and to improve the security of the desktops, laptops and mobile devices that our military members use to carry out their missions. This amounts to a defense-indepth activity to try to protect ourselves from cyberthreats,” Fellers commented. There has been a growing focus within DoD on cybersecurity, including such departmentwide initiatives as the recently announced establishment of U.S. Cyber Command. But Fellers said the timing of the CITS initiatives to upgrade Air Force networks has sprung from a predictable and necessary technology refresh. “For the purposes of CITS, we are not in the business of developing the network infrastructure, the network management or network defense tools. We are purchasing COTS products. We are following the industry lead and purchasing best of breed to defend our networks,” Fellers stated. The Air Force, meanwhile, is establishing the 24th Air Force to oversee its cyber-activity and moving its cyber-operations to Air Force Space Command. These moves are part of a significant change to how the Air Force previously conducted its cyberbusiness, Fellers emphasized. Previously, the Air Force established networks and maintained them at every base, and the major commands were responsible for managing their networks. “Now we are moving toward an Air Force enterprise concept for managing and defending our networks. All of the tools that we are 18 | MIT 13.7

engineering, furnishing and installing Voice over IP solutions at Keesler, Wright-Patterson and Vandenberg Air Force bases.” Among its major contributions to CITS, General Dynamics IT has supported the move from decentralized management of networks at the Air Force major commands to the new INDUSTRY RELIANCE Air Force Network Operations (AFNETOPS) construct, Besson continued. Under AFNET Fellers highlighted the importance of Increment 1, the company assisted with prodfollowing the lead of industry in standing up uct acquisition and standing up the 16 Air new network connectivity and security. Given Force intranet gateways. It also designed and the reliance on industry for this expertise implemented integrated network operations and the host of projects coming from the and security and provided operational supCITS program office, it was no surprise that port for the Air Force enterprise network at an industry day held this spring drew attenthe Air Force Network Operations Center dance from more than 100 contractors, large Network Operations Division. and small, interested in providing support to It’s a critical time for the CITS program CITS. office as the Air Force makes key strategic Among the companies represented at the decisions, Besson noted. “The CITS program industry day was General Dynamics Informais being restructured to provide the most tion Technology, which has worked with the effective means to quickly tackle such issues CITS program office in the past. using standardized, proven processes and “A large number of our delivery orders sources to acquire, deploy and sustain the have directly contributed to ground-based data and voice the Air Force making great elements of the cyberspace strides toward achieving true domain,” he stated. net-centricity and a more That restructuring secure cyberposture,” said Paul comes with challenges. BesBesson, staff vice president of son anticipated that openbusiness development for Air ing multiple, complex ACAT Force IT solutions at General programs concurrently will Dynamics IT. involve oversight challenges While supporting the ITS for both the Air Force and for program, General Dynamics industry. IT delivered turnkey survey, “However, it’s those Paul Besson design, installation, training, changes that will also allow integrated system testing and for the more efficient, rapid warranty support for the backbone IT infraand flexible acquisition agility,” he said. “Fosstructure at more than 75 sites worldwide— tering a continued environment of partnerincluding Vandenberg, Petersen, F.E. Warren, ship with industry will serve as key enablers Eglin, Edwards, Beale and Ellsworth Air Force to meeting those challenges.” bases, Besson said. Looking ahead to the future of CITS, BesGeneral Dynamics IT also provided the Air son emphasized the need for all involved to Force with robust, standardized, secure wirebring innovative and forward-thinking soluless infrastructure with multi-tiered administions to meet mission requirements. “The tration and management for 29 bases, with 25 restructured program may require indusmore in process, as the prime contractor for try to be more proactive in the future by the Second Generation Wireless LAN delivery aggressively assisting in the development of order for CITS. technology roadmaps, consolidation initia“We fielded and sustained Air Force teletives, innovative lab environments, flexible communication switches across the Air Force sustainment options and assured compliance for many years, providing reliable voice comwith mandated security standards and procemunication within the existing telephone dures,” he said. ✯ system, and supporting future net-based voice capabilities,” Besson recounted. “GenContact Editor Harrison Donnelly at eral Dynamics IT has also played a key role in harrisond@kmimediagroup.com. For more information related to this subject, evolving the Air Force’s voice switching syssearch our archives at www.MIT-kmi.com. tems from circuit- to IP-based telephony by

putting in place now from the CITS program office are focused on enabling the Air Force to manage the Air Force intranet at the enterprise level. That is a departure from the way our networks were managed previously,” Fellers said.

www.MIT-kmi.com

JTRS Advances Acquisition Reform PROGRAM SHOWS PROGRESS IN TACKLING ISSUES FROM TECHNOLOGICAL IMMATURITY TO CREEPING AND GOLD-PLATED REQUIREMENTS.

Editor’s Note: This is another in a regular series of updates on the Joint Tactical Radio System (JTRS), as provided by the program’s Joint Program Executive Office (JPEO).

As the Defense Science Board has observed, a transformed acquisition system is essential to military transformation for a number of reasons. “In today’s environment, a responsive, rapid and agile acquisition system is a necessity—the current model is not up to the task,” according to a 2005 board report. Many distinguished panels and individuals over the decades have aimed at reforming the defense acquisition process, and observers have already identified most of the problems and have proposed solutions for them. There appears to be remarkable agreement as to the problems that need to be addressed but, so far, not enough ability or agility to address them, according to a 2008 assessment of defense acquisition performance. The JTRS program faces many of the same problems that trip up other acquisition programs, especially the problems that www.MIT-kmi.com

arise from being a joint program in a service-centric environment. The Department of Defense has attempted to deal with JTRS problems in unique ways. They include: Technology Immaturity. AMF JTRS competitively awarded development contracts to two industry teams that each took their competing designs to preliminary design review well before Milestone B. Industry also built prototypes. The government then required each team’s proposals for the follow-on system development and demonstration work to show that the technology readiness level (TRL) for critical technologies were at TRL 6—defined as “system/subsystem model or prototype demonstration in a relevant environment”—or better. This allowed the under secretary of defense for acquisition, technology and logistics (USD (AT&L)) to certify to Congress that AMF JTRS MIT 13.7 | 19

was one of the first programs to comply with the provisions of 10 U.S.C. 2366b, which represented an attempt by Congress to raise the bar for Milestone B. The new Weapon Systems Acquisition Reform Act of 2009 further enhances the importance of technology maturity and competitive prototyping. Lethargic Acquisition Process. In 2007, USD (AT&L) approved a streamlined process for JTRS to decrease the time and cost to staff documents, thus facilitating faster decisions without sacrificing OSD or service insight or program rigor. The under secretary also delegated final approval of some documents to the JPEO JTRS to facilitate the JPEO’s ability to apply midcourse corrections and more quickly institutionalize lessons learned in acquisition and systems engineering, as needed. After a year in use, an OSD joint analysis team endorsed this process by recommending that JTRS’ “current streamlined procedures be retained.” Slow Technology Insertion to Meet Urgent Operational Requirements. JTRS produces software defined radios, and much of its capability resides in software. After JTRS delivers a baseline software package, it plans to then develop, integrate, and test enhancements to the baseline software every two to three years via its software in service support (SwISS) process. As recommended by the January 2006 Defense Acquisition Performance Assessment report and other analyses, these enhancements can be heavily influenced by input from users, such as combatant commanders, via the JTRS Tactical Requirements Group, which is part of the SwISS process. Emergency code revisions could be fielded in two to six months. JTRS has an opportunity to take another step to build a powerful new model—an annual operating plan (to supplement the acquisition program baseline) fed by level RDT&E funding to respond to an annual list of COCOM-generated enhancements approved outside the Joint Capabilities Integration and Development System (JCIDS). Creeping Requirements. From program initiation in 2002 through 2005, JTRS had more than 3,000 requirements. Several were extremely challenging and even beyond available technical capability. Others were too vague, and requirements never stabilized. JTRS was not executable, and the success of the 2006 restructuring hinged on deferring many requirements to future JTRS increments and clarifying other requirements. Today, JPEO JTRS and JTRS program managers remain vigilant on both informal (that is, outside the JCIDS process) and formal requirements creep. Several JTRS contracts tie industry’s award fee to its ability to resist disruptive tasking and any growth in contract scope not formally approved by the government procuring contracting officer and program manager. Additionally, the DoDI 5000.02 policy to emphasize key performance parameters, while pushing other requirements to trade space, will embolden JTRS PMs to request requirements relief. A JTRS Configuration Steering Board can facilitate this relief. Gold-Plated Requirements. JTRS cost estimators are playing a key role in developing the capabilities document for JTRS Increment II; after cost estimators placed a price tag on each iteration of the draft capabilities development document (CDD), another group of “requirements” suddenly disappeared due to their high price. For the draft CDD, this drove the requirements community to realize how difficult/expensive some requirements would be to meet. The result was a distilled list 20 | MIT 13.7

of cheaper, easier-to-develop capabilities that are based on more mature technologies—that is, the 75 percent solution advocated by the secretary of defense in Senate testimony earlier this year. JTRS programs will continue striving for realistic cost estimates on draft requirements, making it easier to predict the cost, schedule and performance outcomes of each round of development, resulting in more stable budgets. These detailed cost estimates will also help the government recognize overly aggressive bidding in industry proposals. Competition Ends When Development Starts. The radio industry has been a closed, proprietary model: Industry typically retained most software and hardware intellectual property rights, requiring the services to continuously invest with an individual vendor for each capability upgrade. Different radio vendors diluted interoperability and DoD’s ability to leverage economies of scale. Through the JTRS enterprise business model, JTRS increases software reuse and portability because JTRS vendors provide government purpose rights for their historically proprietary software, and standards ensure that JTRS software is consistently applied across several hardware platforms. This increases competition for software upgrades and maintenance, avoids costs, improves and increases interoperability across multiple radio platforms, and allows easier technology insertion and product refresh. In addition, JTRS qualifies at least two production sources for radio sets and competes buys in aggregated lots. (For example, individual components combined their purchases of handheld tactical radios, and in less than 18 months avoided $425 million in costs while buying more than 110,000 JTRS single channel handheld radios.) JTRS encourages radio vendors that do not currently have development contracts to join the competition for future production orders by showing, via government testing, that their radios meet JTRS requirements. Competition has been and continues to be a key tenet of the JTRS enterprise business model. Joint Acquisition Programs Are Typically Not Well Managed. Shortfalls of the existing joint acquisition process typically include: • • • •

the joint requirements generation process is too slow, and there is often a lack of consensus on requirements; joint programs often take longer and cost more than single-service acquisitions; single-component programs often have more seniorleader advocacy than do joint programs; and OSD oversight of joint programs is strained due to other commitments and lack of staffing.

JTRS was initially established as a direct report to USD (AT&L), which provided joint oversight and guidance to the program and to the services. This approach addressed several of these shortfalls, but with the JPEO JTRS returning to an SAE acquisition structure, many of these will need to again be resolved, unless a new set of rules of engagement can be agreed upon initially. An approach for JTRS and other joint programs to have an advocate of a true joint nature would be to create a joint acquisition executive (JAE), as a peer to current component acquisition executives, reporting to USD (AT&L) and that manages only joint programs. The JAE would be the joint technical authority for those joint programs. www.MIT-kmi.com

AN/PRC-117G(V)1(C) ©Copyright 2008 Harris Corporation

■ ■ ■ ■

■ THE AN/PRC-117G(C) Multiband Manpack

JTRS Approved JTEL CERTIFIED NSA CERTIFIED JITC CERTIFIED

falcon III Networks the battlefield. falco ®

Harris has introdu introduced the world’s first JTRS SCA-compliant Type-1 secure wideband/narrowband tactical radio. The AN/PRC-117G(C) delivers simultan simultaneous transmission of voice, video, situational awareness and intelligence data to the networked battlefield. For more information informat visit us on the web at www.rfcomm.harris.com/117G or contact your Harris sales representative.

■ Secure ground-to-air communications Havequick interoperability.

■ TAC-CHAT

■ SECURE SATCOM REACHBACK

Instant sta t te text xtt messaging tthroughout hroug tthe hee netwo network. t ork. ork

DAMA MILSATCOM and automatic BGAN satellite routing beyond terrestrial networking range today with fut future ture upgradability u for MUOS.

SSINCGARS AND MULTIBAND CCommunications

MEDEVAC ME E

F range combat net radio Full iinteroperability.

■ Display live video feeds feeeds from f UAVs and other vide video eo so sources. ources.

ENEMY E NE NEMY ENGAGEMENT EN E NGAG

FALCON III ® Multiband Manpack

■ Situational Awareness Every node in the network shares a common operating picture.

www.harris.com 2& #OMMUNICATIONS s 'OVERNMENT #OMMUNICATIONS 3YSTEMS s "ROADCAST #OMMUNICATIONS s (ARRIS 3TRATEX .ETWORKS

assuredcommunications®

Compiled by KMI Media Group staff

Handheld Radio Order Supports Air Force Comms Changes Harris has been awarded $44 million in orders to provide Joint Tactical Radio System ( JTRS)-approved Falcon III AN/PRC-152(C) handheld radios and accessories to the Air Force. The radios will support the changing communication needs of the entire Air Force enterprise, including security forces, special operations, combat engineers and Air Mobility Command. The Air Force is acquiring AN/PRC-152(C) radios along with vehicle adapter amplifiers, base stations, and repeater systems for use as core elements of a modern adaptive communications system. The system offers mounted and dismounted forces, secure and reliable extended range communications links among team members and back to the mission command post or tactical operations centers. The AN/ PRC-152(C) offers users a wide range of capabilities such as SINCGARS interoperability, APCO P25, UHF ground-to-ground line-of-sight communications, HAVEQUICK II, close-air support and programmable encryption. The AN/PRC-152(C) also serves as the handheld-based transceiver of the Falcon III AN/VRC-110, a high-performance, multiband vehicular system that serves as an improved alternative to legacy SINCGARS radios. The radio has been certified as fully compliant with version 2.2 of the JTRS Software Communications Architecture and certified Type-1 compliant by the National Security Agency.

Marines Seek Common Robotic Controller The Marine Corps has awarded QinetiQ North America a two-year, $2 million contract to develop a universal wearable controller to operate a wide variety of unmanned systems, including unmanned ground vehicles, unmanned air vehicles and unattended ground sensors. The Marine Corps uses many types of unmanned systems in combat today, but none of these platforms use the same controller. Marines operating these platforms must contend with unique controllers for each type of system made by various vendors. The Common Robotic Controller resulting from this contract will enable Marines operating unmanned systems to use a single-type controller for varied platforms regardless of manufacturer. The introduction of this common controller will simplify user training, reduce operator work load and combat load weight, simplify maintenance, and lessen overall system procurement and repair costs. The Common Robotic Controller will not only be lightweight, but will be designed to co-exist with the other items of equipment that Marines must wear and carry. The project will include development of a wearable, integrated set of components including a robust, miniature computer system able to support all the necessary platform software requirements, a reliable power source, a user-friendly touch-sensitive display, a gaming style input device, and much more.

22 | MIT 13.7

CITS Order Upgrades Infrastructure at Hickam AFB NCI has been awarded a task order worth an estimated $3.6 million to support the Air Force’s Combat Information Transport System (CITS) Program Office. The primary place of performance will be at Hickam AFB, Hawaii, with performance expected to begin in August. This competitively awarded task order is new work for NCI and was awarded under the Network-Centric Solutions (NETCENTS) contract vehicle. Under this task order, NCI will provide the CITS program with an integrated, high-bandwidth, information transport capability to support the warfighter’s current and future mission requirements at Hickam AFB and the local Hawaii Air National Guard sites. The Air Force is transforming its networks from MAJCOM-centered islands to secure, unified, consolidated enterprise-centric networks as part of the Air Force’s portion of the Global Information Grid. The CITS work will help the Air Force meet its goals by upgrading and establishing the communications infrastructure for a centralized C2 capability and core IT services. Norris Connelly: nconnelly@nciinc.com

Secure Wireless Bridge Approved for Army Use The ES520 Secure Wireless Bridge from Fortress Technologies has been added to the Army Information Assurance Approved Products List (Army IA-APL), establishing it as an approved technology for use across the Army. The first fully rugged, tactical wireless solution suitable for outdoor use on the Army IA-APL, Fortress successfully secured product certification and IA compliance through Network Enterprise Technology Command. In order to be placed on the Army IA-APL, Fortress’ Secure Wireless Bridge had to meet the following criteria: Federal Information Processing Standard 140-2 Level 2 validation; under National Information Assurance Partnership Common Criteria Level EAL4+ evaluation; Internet Protocol version 6 compliance; and Army Information Systems Engineering Command Technology Integration Center evaluation and recommendation. Fortress’ Secure Wireless Bridges are all-in-one network access devices that combine the features of a wireless access point, bridge, Ethernet switch and FIPS 140-2 validated AES encryption in a small, rugged, weatherized form factor. Chris Whalen: cwhalen@fortresstech.com

www.MIT-kmi.com

Contract Provides Turn-Key C4I Systems Worldwide Apptis has been awarded the Project Manager Defense Communications and Army Transmissions Systems (PM DCATS) Command Center Upgrade (CCU) Special Project Office (SPO) contract to provide overall management, engineering, integration and acquisition of turn-key C4I systems worldwide. The total contract is valued at more than $130 million, with one base year and one option year. The PM DCATS CCU SPO organization manages a suite of more than 100 projects that supports joint warfighters, major commands and combatant commanders worldwide. Projects include strategic satellite communications and wideband control systems, long-haul terrestrial microwave and fiber-optic communications systems, tech control facilities, combat service support communications systems, critical power infrastructure, command center upgrades, base radios and combat vehicle intercom systems. Apptis will support these systems with program management, engineering services, integration of enterprise infrastructure, telecommunications engineering, IT system engineering and implementation, operation and maintenance, training support, and integrated logistics support among other services. The Apptis team includes subcontract partners ManTech, SGIS, X-EETO and CSC. Steve Conway: stephen.conway@apptis.com

Identification Capabilities Aid Federal Security Compliance Verizon Business is now offering Symark PowerSeries security access-management software and applications, integrating those security capabilities for UNIX/Linux servers and systems into the company’s already robust portfolio of security solutions for government customers. These new services, available under the General Services Administration’s Connections contract, will help federal agencies comply with access control and accountability requirements associated with new stricter Federal Information Security Management Act regulations. The addition of the Symark offering complements and extends Verizon Business’ identification and authentication and identity access management portfolio by enabling organizations to better control access to critical IT systems and information across diverse IT environments using UNIX and Linux data centers and operating systems.

www.MIT-kmi.com

Army Seeks Mounted Soldier Cordless Communication Thales Communications has received an award from Army Research, Development and Engineering Command for development and delivery of mounted soldier cordless communication systems. Today’s warfighters require the capability to dismount from their vehicle while maintaining secure communications over the vehicle intercom system and the vehicle’s combat net radio. Current intercoms necessitate the warfighter being tethered to the vehicle by a cable. This results in lost connectivity when transitioning from mounted to dismounted operations. Thales has leveraged the flexibility of the battle-proven AN/PRC-148 JTRS Enhanced Multiband Inter/Intra Team Radio to provide a Type 1 secure wireless connection between the dismounted soldier and their VIS, seamlessly extending the reach of the VIS for full crew station functionality. Thales’s Mounted Soldier Cordless Communication System enables warfighters to move freely inside and outside the vehicle without losing critical communications. The core of the Thales system is the AN/PRC-148, the smallest, lightest and most power-efficient multiband, tactical, handheld radio in use today covering the 30–512 MHz frequency range.

System Supports Information Sharing Between Security Levels ITT has been awarded a re-compete contract for the continued development, deployment and sustainment of the Information Support Server Environment (ISSE) system. ISSE is a high assurance communications infrastructure component, providing secure information sharing and protection between networks operating at different security levels. ITT has received two delivery orders valued at $9.8 million under the five-year indefinite delivery/indefinite quantity contract. The contract has a ceiling value of $49.9 million and was awarded through the Air Force Research Lab based in Rome, N.Y. Under ISSE, data and communications exchanged between networks operating at different security levels undergo extremely high levels of scrutiny, ensuring that there are no compromises in the information confidentiality or integrity. ITT will provide systems and security engineering technical expertise for the ISSE system, from ongoing requirement definition and analysis to software research and development, integration, quality control, certification, installation and accreditation. The ISSE product is a critical component of secure data communications throughout the U.S. and its allies, and is integral to operations at intelligence community and Department of Defense sites worldwide.

MIT 13.7 | 23

YOUR AIR OPERATIONS CENTER CAN BE EVERYWHERE, NOW

Advanced Network Centric Solutions Now all ground, airborne and satellite communications can be integrated to improve situational awareness, accelerate the exchange of information and shorten decision times, including the sensor to shooter timeline. CSW networking capabilities are truly seamless and interoperable across all platforms and service branches. Visit L-3com.com/CSW to see the difference our network can make to everyone, everywhere, now.

C 3 ISR > GOVERNMENT SERVICES > AM&M > SPECIALIZED PRODUCTS

Comm unication S y s t e m s – We s t

L-3com.com

Information Warfighter

Q& A

Seeking Highest Value Technology to Leverage Combat Power

Lieutenant General William T. Lord Chief of Warfighting Integration Chief Information Officer Air Force Lieutenant General William T. Lord is the chief of war fighting integration and chief information officer, Office of the Secretary of the Air Force, where he leads five directorates and two field operating agencies consisting of more than 1,000 military, civilian and contractor personnel supporting a portfolio valued at $17 billion. He integrates Air Force war fighting and mission support capabilities by networking space, air and terrestrial assets. Additionally, he shapes doctrine, strategy, and policy for all communications and information activities while driving standards and governance, innovation, and architectures for information systems and personnel. A 1977 graduate of the Air Force Academy, Lord holds a bachelor’s degree in biological and life sciences, and master’s degrees in business administration and national resource strategy. He held various duties with tours in Europe, U.S. Central Command and the White House, and has commanded at the detachment, squadron, group, wing, major command and joint levels. Prior to his current position, Lord was commander, Air Force Cyberspace Command (Provisional), Barksdale Air Force Base, La. Lord was interviewed by MIT Editor Harrison Donnelly. Q: First can you please explain the structure of your organization and what its primary functions are? A: The Air Force Chief of Staff set up the Office of Warfighting Integration and Chief Information Officer [SAF/XC] in 2005. The office consolidated all Air Force information technology organizations under a single umbrella by combining the former deputy chief of staff war fighting integration [AF/XI], Air Force chief information officer [AF-CIO], and Directorate of Communications [AF/ILC]. The consolidation brought the strengths of each previous organization together. In addition to those roles, SAF/XC also has responsibility for AF/A6 [communications and information] on the Air Staff. As the chief of war fighting integration, I am responsible for developing, implementing and enforcing Air Force strategy and policy that enables delivery of integrated war fighting combat support capabilities to the joint warfighter. The Clinger-Cohen Act of 1986, which mandated the position of CIO for all executive branch agencies in the federal government, created SAF/XC’s chief information officer role. In this role I am responsible for the development of Air Force IT www.MIT-kmi.com

policies, guidance, architectures and standards. The CIO also oversees the Air Force IT budget and ensures all Air Force IT systems are certified and accredited in accordance with law and DoD guidelines. As AF/A6 I provide the chief of staff with independent advice on communications matters across the Air Force and most importantly, I am responsible for communication and information [C&I] force development. Q: As you assume your new position, what do you see as the most pressing issues facing the Air Force in terms of information technology and war fighting integration? A: Resources. We are in an environment where competition for resources—money and personnel—are very dynamic. As we look at how to support today’s fight and modernize, we look for the highest value technology to leverage our combat power. That will mean we’ll watch the trade space between various systems, business and combat, to ensure highest bang for buck. Q: Based on your recent experience as head of Air Force Cyber Command (P), how would you evaluate the cyberthreat facing the Air Force, and what will your first steps be to address it in your new job? MIT 13.7 | 25

A: I’d evaluate the threat as both growing in magnitude and sophistication. Better defenses and treatment of Air Force networks as critical assets are the first orders of business, and we have terrific leadership support to do both. Q: What role will SAF/XC play in terms of organization, policymaking and coordination with the new 24th Air Force? A: The stand-up of 24th Air Force, under AF Space Command [AFSPC] is truly historic and provides the Air Force with a cyberfocused organization with the responsibility to defend our vital networks as well as conduct offensive operations. SAF/XC will work with our fellow Air Staff elements to ensure that Space Command receives the support it needs to get the job done. Q: What do you see as the future of Air Force space-based communications in light of the cancellation of the Transformational Satellite program? What other current or planned programs can meet the needs it would have filled? A: We’re evolving our broader communications architecture to leverage the complementary aspects of the terrestrial, aerial and space-based layers of the network. As we move forward it’s increasingly important that we treat each layer as crucial, interconnected and mutually supporting pieces of the larger war fighting network.

When Secretary of Defense Gates announced the termination of the Transformational Satellite [TSAT] program in April, he also committed to two additional Advanced Extremely High Frequency [AEHF] satellites. These satellites, along with the four already funded, will provide global, highly secure, survivable communications for the war fighter and the national command authorities. It’s important to note that we’ve relied on our MILSTAR satellite program to provide many of these capabilities for the last 15 years. However, today’s highly data-centric war fighting environment requires increased bandwidth over our SATCOM links and much greater total satellite capacity. If you look at the Wideband Global SATCOM [WGS] and AEHF systems, I think you’ll see that the Air Force is putting a lot of emphasis on fielding highly capable SATCOM capabilities over the next decade. For instance, WGS introduces enhanced capabilities, and operations in the Ka-band, which will pump data to our troops in the field at up to 137 Mbps. The AEHF system will provide protected data rates more than 500 percent greater than what we have now with today’s MILSTAR system. These capabilities will ensure our warfighters receive critical information such as air and space tasking orders, real-time ISR, and logistics information on a timelier basis. Higher data rates, compression techniques, and improved waveforms enable transmitting a range of data types we couldn’t previously share in real-time. We also have a great deal of advanced technology that was developed by the TSAT program. General Kehler was on target when he told Congress in May that the Air Force should look for ways to harvest some of that work for use in other programs— possibly in AEHF or WGS. While those decisions haven’t yet been made, we have a lot of very smart people looking at options. In any case, I’m confident the knowledge gained from that program will still be very useful to us. I also want to emphasize our continued partnership with the commercial satellite communications industry. Today, about 80 percent of the bandwidth provided by SATCOM is provided by commercial providers. Even if we somewhat reduce that number in the future, I think it’s safe to say that commercial capabilities will continue to be an important element of our space-based communications architecture long into the future. Q: How would you evaluate the significance and progress of the Battlefield Airborne Communications Node [BACN] program? A: In my opinion, BACN is a true Air Force success story in combat support to today’s fight and joint force warriors. BACN’s genesis began when our Global Cyberspace Integration Center tactical data link team began looking across a number of aircraft weapons systems to integrate tactical data link equipment in the Air Force and other services. Our first BACN flight demonstration was in 2006, when we integrated our proof of concept payload into a NASA aircraft with some initial success. Afterwards, we continued to demonstrate the BACN payload and flew it again in Joint Expeditionary Force Experiment 2008 with even better results. Since BACN was first deployed in the fall of 2008, it has made great strides in joint and coalition interoperability. Data collected from missions has shown significant reduction in the “kill chain” timeline while BACN is operating. Because of the success BACN has achieved, a joint urgent operational need was issued calling for added BACN capability. We are currently scheduled to

26 | MIT 13.7

www.MIT-kmi.com

have sufficient BACN assets to provide round-the-clock capability in the AOR by the middle of fiscal year 2011.

technologies can take the Air Force to the next level in this vital area?

Q: What are some of your other priorities in the area of airborne networking technology and communications interoperability?

A: The “kill chain” has been shortened substantially in recent years with streamlined processes and advancements in support tools throughout the “sensor to shooter” loop. For example, the MISREP Analysis Tool shortened the ingestion and processing time of mission reports from more than 24 hours to a few minutes. Going forward, Air Force developers and experimenters need to continue working closely with the hands-on warfighters to rapidly prototype and address their most pressing C2 priorities. Building a robust aerial network of networks will allow tactical users to have the right information at the right time in the right format. This aerial network will be essential in the event of a denied-space environment. A robust airborne network will allow for greater access to information in a secure manner, with antijam capability. We are leveraging our experience with the BACN and other programs to assist in building this network.

A: In order to provide joint commanders with the information they need, XC needs to champion the rapid insertion of cutting-edge IT through rapid prototyping and experimentation to improve our networks, both airborne, space and terrestrial. We are currently working on an Air Force vision for airborne networking that will provide direction for warfighter networking. This will be followed up with a flight plan that will provide the guidelines for building this important network. We are also a major contributor to the study of advanced tactical data links, and have had a major role in writing the joint aerial layer initial capabilities document, which will provide the benchmark for all of the services for networking in the aerial layer, including net-enabled weapons and ISR. Ultimately this network will allow the services to move from our current stovepiped tactical data link-based network to the next-generation IP-based network that allows the services to leverage off of each other’s capabilities. Q: There have been substantial successes in recent years in shortening the “kill chain” and “sensor to shooter” loop. What

Q: How do you see the new DCGS Integration Backbone [DIB] contributing to Air Force war fighting integration? A: The DIB provides data exposure for the entire intelligence community, not just the Air Force. This enables us to move toward the more responsive TPPU [task, post, process, use] model instead of the older TPED [task, process, exploit, disseminate]

)& I;9ED:I JE J>; :HEF$ - C?DKJ;I JE J>; I?=D7B$

(&&/ HeYam[bb 9ebb_di" ?dY$ 7bb h_]^ji h[i[hl[Z$

=[jj_d] Yedd[Yj[Z _d j^[ XWjjb[ifWY[ # WdZ ijWo_d] Yedd[Yj[Z # _i Yh_j_YWb \eh if[Y_Wb \ehY[i ef[hWj_edi$ J^[ c_I7J#N ioij[c" Wd N XWdZ j[hc_dWb j^Wj jhWdic_ji ed M=I" _i Z[i_]d[Z je gk_Yabo WdZ [Wi_bo cel[ \hec el[h^[WZ X_d je hkYaiWYa" j^hek]^ ikXcWh_d[ fehjWbi eh X[oedZ [d[co b_d[i$ Ekh ^_]^ ]W_d" i_cfb_\_[Z Z[i_]d \[[Zi W ijhed]" fh[Y_i[ WdZ i[Ykh[ i_]dWb je Yecfb[j[ oekh c_ii_ed$ <_dZ ekj ceh[ jeZWo Wj mmm$heYam[bbYebb_di$Yec%c_biWjYec$

www.MIT-kmi.com

MIT 13.7 | 27

model where appropriate. Increased machine-to-machine interfaces will further reduce the kill chain cycle and enhance our ability to engage time-sensitive targets with our joint partners. The DIB moves us away from stovepiped legacy systems to netenabled capabilities that have already proved themselves in Iraq and Afghanistan. Q: What changes would you like to see in the way the Air Force operates its financial, medical and other business information systems? A: We need to work toward more integration of the financial, medical and even personnel systems so our military members can continue to focus on the mission. What we have works well, but by leveraging the latest technologies there is considerable room for improvement. Integration of the financial and personnel systems can allow our Air Force members to conduct even more “self-help” financial actions. For example, airmen are limited on some allotment actions they are able to conduct online, so instead they have to actually walk down to the base accounting and finance office. If we can integrate these systems, we can keep our airmen on the job and lower support manpower requirements at the same time. Similarly, further integration of the medical and personnel systems will allow us to be more efficient in our approach to combat readiness from a medical perspective. Right now, across

The Air Force is putting a lot of emphasis on fielding highly capable SATCOM capabilities over the next decade, including the Wideband Global SATCOM system. [Image courtesy of U.S. Air Force]

the Air Force, our numbered air forces and wings track the status of the medical readiness of their troops such as the status of their vaccinations, health assessments, lab work and dental status. This effort requires a lot of human intervention to track and notify individuals, as well as report to leadership on a regular basis. Using new tools and technology, we can take the man out of the loop in several places and allow the systems to automatically generate e-mail alerts to the airman as well as reports in whatever format leadership wants. If we get this right, our airmen will resolve any number of medical requirements long before they become due, while at the same time, we will spend a lot fewer man-hours tracking and reporting. Q: What role does your organization play in Air Force IT procurement? Where would you like to see the NETCENTS program go in the future?

Your Single Source for both sides of the solution. For more information on Nortel Government Solutions’ services cost and performance advantages visit www.nortelgov.com

28 | MIT 13.7

A: Our role in SAF/XC is to define the Air Force policy on the standards, architecture and management practices of the IT equipment and software we need to make the Air Force mission more efficient and effective. We now do that in conjunction with the chief management officer. The acquisition community focuses on the actual process of procuring that equipment and www.MIT-kmi.com

software, and we are highly dependent upon and teamed with their expertise. As the Air Force CIO, our role in IT procurement is to ensure we have the right requirements identified to purchase the right IT that fits with our Air Force enterprise and meets our strategic Air Force objectives. Working hand-in-hand with SAF/AQ, we are working to ensure the proper governance is in place for IT procurement vehicles such as NETCENTS. Regarding NETCENTS, we are continuing to grow this service and provide the products and services we need to fulfill our IT strategic goals. My vision for NETCENTS and its follow-on NETCENTS 2 is to provide the Air Force community at large with competitive, cost-effective vehicles that meet local base contracting goals while at the same time adhering to our Air Force enterprise strategic objectives. We need to be more responsive to the needs of our users, which means acquiring and delivering capability in a short amount of time. Users can’t wait 18 months for a system or product to be delivered—they need it now. Our vision for NETCENTS is to provide that rapid acquisition capability. Q: What messages would you most emphasize to industry in its partnerships with the Air Force? A: The first message is that we, the U.S. Air Force, are dependent on a strong partnership. The solutions to our problems are provided by a vibrant U.S. industry, both large and small. As the resourcing becomes more difficult, big leverage items are the ones we are looking for. The return on investment will be closely scrutinized for high percentage returns. We need products that can be quickly deployed to enhance current ops and are netcentric from day one. The second message is a big “thank you” for the help our industry partners give us every day! The third message is that we depend on our industry partners to help us with the innovation that they are so wonderful at fostering—and bringing that innovation to us. The final message is to invite them to offer us their advice on what we can do to make our relationship better for both. The environment is at the “perfect storm” point to change processes and rules that are obstructive to both of us. Q: What can the Air Force do to strengthen training and development of its IT professionals? A: The increased focus on the cyberdomain is forcing us to take a hard look at how we structure our entire C&I career field [both civilian and military], and we will be making some major decisions in the near future. We must offer education and tailored training to develop our IT professionals throughout their careers, and ensure that training is producing the professionals needed to support our COCOMs. We must also develop a deliberate funding strategy based on training requirements. The fielding of IT systems is always accompanied by a corresponding training requirement, which if unfunded, jeopardizes the very effectiveness of the capability the new technology delivers. Some current initiatives include transforming our basic skills training courses. Graduates of these courses will receive the necessary fundamentals and be primed for follow-on specialized training. Organizationally, this new training paradigm www.MIT-kmi.com

requires the establishment of formal training units that focus on teaching the skills needed to deliver the capability to establish, operate, defend, exploit, and attack in, through, and from the cyberdomain. One of the challenges we have to confront is that the same highly specialized skill sets needed within the Air Force are also highly desired within industry. Since we are in fierce competition for these skills, we must maintain a focus on personnel retention measures. At the same time, we also need to recognize that the leading edge in this arena can often be found outside the Air Force within other services, industry, and/or academia. Expanding our existing partnerships can only benefit our people. Identifying and partnering with IT centers of excellence enables knowledge transfer and better prepares our professionals to meet and conquer the unique challenges presented by the cyberdomain. Q: Is there anything else you would like to add? A: This is an exciting time to be in our Air Force and in the IT/ cyberbusiness. I am honored to be placed in a position of responsibility where I may effect positive change to assist our forces engaged in combat today. We are also engaged in a cultural change as the cyberdomain takes the stage with air and space— and that will be historic. Everything we do will be focused on our Air Force mission: Fly, fight and win ... in air, space and cyberspace! ✯

IT ALL STARTS WITH CLASSIFICATION Titus Labs offers the leading military classification solutions to ensure every email and document is classified and protectively marked before it is sent.

Visit us at exhibit #329 at AFITC!

Titus Labs solutions can help you: •

• • •

Force users to classify emails and documents according to CUI and CAPCO Enhance information sharing with consistent and accurate markings Defend against email data spillage Prevent inadvertent disclosure of sensitive documents

(613) 820-5111 x 127 www.titus-labs.com MIT 13.7 | 29

DISA HOST-BASED SECURITY PROGRAM EXPANDS TO STRENGTHEN AWARENESS AND CONTROL THROUGHOUT

DOD NETWORKS.

BY HARRISON DONNELLY MIT EDITOR harrisond@kmimediagroup.com

A Defense Information Systems Agency (DISA) initiative originally focused on improving the security of individual computers and other equipment is being transformed into an enterprise-level campaign to strengthen situational awareness and reinforce command and control over networks throughout the Department of Defense. The program, called the host-based security system (HBSS), took an important step forward early this summer with the launching of a hosting service at DISA computing centers to help smaller military services and agencies implement the program. While the schedule for the program’s official launch is classified, intensive efforts are under way by both the DoD and IA industry experts to put the program into place globally, train for it and provide operational support. Mark Orndorff, DISA program executive officer for information assurance and network operations, summarized the program in a recent article: “What we’re doing today is building out an enterprise architecture to take what was originally designed to improve the security of end-points, but pull information from a system and correlate it to a DoD enterprise level, so that commanders operating and defending the network will know the status of their security posture, giving us a readiness report card that’s machine generated. “It will give us the ability to collect and correlate alarms as attacks propagate around the network and will give us the visibility of things such as anti-virus signature updates and anti-virus scan runs—essentially, letting us know what’s on the network. It will also give us the ability to look for what we call ‘rogue’ systems. These could be systems installed by DoD, systems configuration-managed by the DoD operators and defenders, systems added to the network, friendly systems added outside the management control of the network operators, and potentially malicious systems,” he explained. 30 | MIT 13.7

“The whole focus is getting global situational awareness to help us know exactly what’s on the network, the readiness posture of everything on the network, and the network-alerting information to help us fight through an attack,” Orndorff continued. While the new program will be largely transparent to end-users, DISA officials suggest that it will dramatically change the way administrators and operators of the network do business. “What we hope we are giving system administrators is a set of tools to improve the security of the networks, and additionally to provide a set of dashboards or views into the status of their network in order to change their whole routine. This will allow them to move from a reactive posture to attacks, to being proactive with the focus on prevention first,” Orndorff said. “Whether it’s compliance with security policy, updating and patching computers, or maintaining anti-virus, there’s a whole set of things users on the ground who administer networks need to deal with every day,” he pointed out. “HBSS will now give a set of meaningful and actionable reports and dashboards to help focus time and attention on the key issues that need to be addressed every day.”

PROGRAM EVOLUTION HBSS started several years ago as an initiative to try to improve the security of DoD computing platforms. Recognizing that there was a gap in the network when an off-the-shelf computer system was put on the network, officials addressed some specific objectives, such as the common problem of buffer-overflow attacks, and decided to buy an encompassing tool to mitigate multiple risks. In addition, the DoD policy for “infoconing” requires the baselining of systems to identify all loaded software on a host, and then www.MIT-kmi.com

TRAINING NEEDS Given the pervasiveness of the new system and the major changes it will involve in operations, officials realize training and managing expectations are critical. They are using a variety of methods, including online programs, classroom training and the latest collaboration tools. For example, the initiative is taking advantage of an existing partnership with Carnegie-Mellon University, which had already developed a capability called the virtual training environment to push general information assurance and security training to users and administrators. “What we did was to take advantage of the capability and build into a group of HBSS-specific modules for high-level leaders, administrators and users,” said Chris Paczkowski, chief, CND Enclave Security Division, in support of the program. “It’s a multi-part targeted set of training products, which

2009 JOINT SYMPOSIUM AND EXPO Monday September 14, 2009 - Thursday September 17, 2009 Atlantic City Convention Center, New Jersey

ISR C4 EA M

1 010 100

01 01

ARMY T

0 01 00

1

COMBAT

0 1 1 00

01

000101000101

0001 01010

00 111 10010100

0

September 15-17, 2009 Exposition

FROM CONCEPT to

01

September 15-17, 2009 Symposium includes Plenary Sessions, Panels, Tracks and Classified Sessions

010101 000 1

September 14, 2009 Golf Tournament, Dolce Seaview

00 101 00010011

www.MIT-kmi.com

alarms and operate and defend their portion of the network, but we will take over some of the burden of standing up the infrastructure and maintaining, upgrading and patching it—all the normal responsibilities needed to operate a new capability. “The enterprise service option has recently become available, with initial implementations occurring over the past month. We are quickly moving out with the fielding process. The specific deadlines are classified, but we’re moving quickly toward the finish line,” he said.

01 10 11 010

periodically re-baselining to identify any deltas. Anything found during the re-baselining may cause an attack or threat, thus changing software that wasn’t deliberately installed by the system administrator. The original focus was to automate the baselining effort and provide some specific controls to mitigate a set of attacks. Since then, awareness and concern over the cyberthreat has grown exponentially, as has DoD’s focus on cyber-operations. With this, a greater need has grown for automation to provide better command and control, better situational awareness, and the ability to operate a network speed with machine-to-machine flows of information. “Even though those objectives weren’t part of our original focus, we realized HBSS was a great platform to address those emerging requirements,” Orndorff said. “It seemed like a pretty awesome undertaking even when it started out,” he acknowledged, “but it has definitely grown since then. The good news is we have high-level leadership support for this program. Commanders at all levels are tracking progress in implementation and providing the support to get resources on board to get this operating effectively.” HBSS is a centrally managed, host-based Tier 3 enclave-level tool, according to Ann Baron-DiCamillo, HBSS program manager. “Within the tool, there are different point products, such as an intrusion detection system and intrusion prevention system, a firewall system, policy compliance reporting, device control capabilities, rogue system detection capability, and an architecture capability to include third party and other government developed integration products. “The ePO server pushes an agent to the host to install, manage and add to all point products on the host,” Baron-DiCamillo continued. “HBSS supports infocon baselining, robust whitelist capability, buffer overload protection, and situational awareness from an asset alert reporting capability. “The situational awareness includes a variety of asset information, such as operating system versions, anti-virus/anti-spyware, and so on. From alert reporting, two-point products within the host-based security system do alerting—the Host Intrusion Prevention System, which is the intrusion prevention and detection system, and the anti-virus,” she added. The system will also have the ability to add government-developed capabilities. This capability can address those specific threats the DoD is experiencing that industry may be unaware of or not especially concerned about. The department will also be able to develop government additions to the framework to address emerging threats or DoD-specific threats and use the HBSS system to push out those capabilities. DISA’s strategy for implementing and supporting the program also has evolved, officials note. The initial strategy was to set up an enterprise contract and buy a DoD-wide license for software, as well as the key hardware components needed to roll this out. But each component, agency military service and field activity was essentially responsible for developing implementation plans, with some support and training from DISA. “That’s still the plan that, for the most part, the larger military services are executing,” Orndorff said. “But we’ve added an option where DISA will host some of the infrastructure for the services and components out of our enterprise computing centers. The components will still have the operational responsibility to manage

The Symposium will cover the full scope of activities for which Team C4ISR is responsible: research and development, acquisition, fielding and support and sustainment. By integrating these disciplines together, Team C4ISR is able to provide the full range of C4ISR capabilities to America’s Warfighters – From Concept to Combat. High level speakers, panelists and track presenters will provide attendees with the latest information, ranging from technology demonstrations to Unit Set Fielding and implementation of the Army Force Generation model. The Symposium will provide a targeted training opportunity for the entire C4ISR Team: Government, Military and Industry.

For more Information: www.joint-symposium-expo.com Questions: Contact Cheryl Davidson at cdavidso@harris.com or 732-389-1221

MIT 13.7 | 31

KMI Media Group is seeking a full-time Military DATABASE ADMINISTRATOR This is a permanent, full-time supervisory position responsible for overseeing KMI Media Group’s circulation department which includes the operation of the circulation system, and scheduling and supervising department staff. Successful candidate will direct circulation strategy and monitor overall performance of services; be responsible for planning and implementing sales and service strategies; and to maximize the military and defense industry circulation potential. Candidates must be innovative, have the ability to develop and manage employees, manage effective circulation marketing programs and be able to define and maintain distribution to qualified readers. QUALIFICATIONS: Former military and/or defense contractor employment. Position requires computer skills on Excel and Word. SALARY AND BENEFITS: s Salary commensurate with experience. s Health insurance and vacation.

CONTACT: davidl@kmimediagroup.com

32 | MIT 13.7

allows us to deliver the training anywhere in the world, 24 hours a day. For the first time since I’ve been in this business, we’re getting feedback that the online training is better than the classroom training.” “We’ve always had traditional classroom training for administrators, but we wanted to give more of a focus to the management side,” Baron-DiCamillo explained. “So we’ve worked to create specific classes geared more toward senior management. Instead of going through four days of classes, you can choose different modules that fit your role in the HBSS deployment.” To address newly emerging topics and focus areas, officials are also using DISA’s Defense Connect Online, which offers a variety of collaboration tools. In addition, teams of enterprise implementers are available to visit locations to assist in getting started. “During this implementation phase, we’ve tried to set expectations by defining what we think is a safe first step in getting this rolled out,” Orndorff explained. “We have some pretty good plans for where we want to take it next, with at least three waves of improvement already on the drawing boards. By the time we get to the second wave, I’m sure we’ll be thinking about the fourth one. We’ll continue to evolve this to leverage it to the maximum extent possible.” The program is also coordinating closely with other DoD efforts. The Enterprise Solutions Steering Group—which is led by STRATCOM and includes participation from the military services, National Security Agency, DISA and other agencies— decides on priorities and develops technical approaches. While DISA then takes the lead on the acquisition side, participants emphasize that it truly represents a DoD enterprise approach to addressing network defense requirements. “We’re enthusiastic about HBSS, and we’re excited about what this brings to DoD networks,” said Orndorff. “But this is just one component of a strategy to secure and defend the networks. It doesn’t solve all of our problems or eliminate other key defense capabilities that we’re working on in parallel. It’s not a silver bullet, but is part of an integrated framework to help defend DoD networks.”

INDUSTRY PERSPECTIVE Several companies also are helping with implementation, testing and operational

support. BAE Systems is the prime contractor of HBSS. After extensive market surveys and technical analysis of various vendor offerings, the company selected McAfee Security as technology partner. “We have formed a close working relationship with DISA through a team-based approach that includes McAfee, other contractors, and outside organizations such as Carnegie Mellon to successfully deliver this capability,” said Bruce Thibault, HBSS program manager for BAE Systems. As lead integrator, BAE Systems is providing cybersecurity engineering, classroom and online training, and global implementation and operations support. The company’s cybersolutions are based on more than 30 years of research, new product development, and new tool and technology evaluation for the defense and intelligence communities. “BAE Systems is experienced in establishing and operating new cybersecurity programs from initial requirements through long-term trends and challenges. We focus on providing expert solutions and field-proven security, driven by our customer’s performance requirements,” said John Lewington, director of enterprise solutions and identity management for BAE Systems. “With the threat rapidly changing, the BAE Systems cybersecurity team stands ready to support HBSS and other critical cyberprograms. The successful deployment of HBSS across DoD will result in a drastic improvement in situational awareness and the security posture of DoD computer systems.” “Our research teams have seen the same amount of malware in the first half of 2009 that we saw in all of 2008,” said Kent Rounds, director, DoD for McAfee Security. “This explosion in malware, combined with other emerging threats, requires an up-tothe-minute approach in enterprise level security. Centrally managing the network in a holistic manner in order to easily integrate with supporting tools is a paradigm shift in network security protection. Simply put, the objective is security at every layer, combined with global threat intelligence at a breadth, depth and speed to be fully prepared.” ✯

Contact Editor Harrison Donnelly at harrisond@kmimediagroup.com. For more information related to this subject, search our archives at www.MIT-kmi.com.

www.MIT-kmi.com

WIN-T is… being fielded today. a self-forming and self-healing network. providing integrated network operations. a mobile, ad-hoc network. the U.S. Army’s current and future network. For more information please call 508-880-1759.

© 2007-09 General Dynamics. All rights reserved. Select photographs courtesy of the U.S. Department of Defense.

COMPANIES ARE WORKING TO PROVIDE THE MILITARY AND GOVERNMENT WITH GREEN TECHNOLOGY SOLUTIONS THAT ACHIEVE ENERGY-SAVING GOALS. BY KAREN E. THUERMER thuermerk@kmimediagroup.com

34 | MIT 13.7

As the Department of Defense and the federal government push to cut energy consumption, including of electricity for information technology-related needs, industry is stepping forward with a host of green IT solutions designed to reduce both costs and DoD’s carbon footprint. The statistics are staggering. According to a recent estimate, DoD uses almost 30,000 gigawatt hours (GWH) of electricity a year, at a cost of almost $2.2 billion—enough to power more than 2.6 million average American homes. Other statistics indicate that the federal government spends $293 million annually to power PCs and $479.5 million annually to power and cool data centers. In recognition of the critical need to cut the federal government’s energy costs and environmental impact, an executive order was issued in 2007 aimed at achieving certain energy management and reduction goals. Following suit, last year DoD released its Electronic Stewardship Plan, which outlines how it will implement those goals through acquisitions, operations and maintenance, and end-of-life management processes. The plan’s requirements include that 95 percent of equipment purchased be certified by the Electronic Product Environmental Assessment Tool; 100 percent of computers and monitors be Energy Star compliant; the life of computers be extended to four or more years; and discarded equipment be donated, sold, refurbished or recycled. “We do not see so much a push for the reduction of DoD’s carbon footprint as we do a cost savings and www.MIT-kmi.com

economic focus,” commented David Ryan, chief architect for the HP Federal Group. “But it is not all a cost story on the DoD side, but also tactical requirements.” HP, Citrix Systems, Microsoft and Intel have formed a coalition to encourage government and industry to be responsible with energy consumption. The coalition was scheduled to hold its second annual “Power IT Down Day” on August 27. “Last year, over 2,800 government and industry employees pledged to power down their computers, printers and monitors when they left their offices for the evening, which resulted in over 37,000 kilowatt hours saved,” said Tom Simmons, Citrix area vice president for government systems. Dell, meanwhile, has been working to improve the energy efficiency of its products. Since 2006, energy efficiency of Dell laptops has improved 16 percent, and the company has announced a commitment to reduce energy consumption by its laptops and desktops by 25 percent by 2010. Dell also plans to transition all of its new laptop displays to mercury-free LED in the next 12 months. Dell’s 15-inch LED displays consume an average of 43 percent less power at maximum brightness, resulting in cost and carbon savings of some $20 million and 220 million kilowatt-hours in 2010 and 2011 combined.

In some cases, systems and applications that are not missioncritical do not require totally redundant power and cooling infrastructure and other support systems. HP offers multi-tiered hybrid designs that can right-size an infrastructure by engineering the facility to incorporate multiple operational environments, each aligned with the business priority and criticality of specific systems and applications. Systems and application environments that require similar levels of business criticality are grouped within segmented raised floor spaces or modular data centers called performance optimized data centers (POD). A POD is a trailer with 22 industry standard racks that has been optimized to industry standards with a power usage effectiveness (PUE) ratio of 1.25. PUE is determined by dividing the amount of power entering a data center by the power used to run the computer infrastructure within it. “A traditional center normally has a PUE ratio of 2.0 or more,” Ryan added. “Consequently, PODs are much more efficient than brick and mortar data centers and are modular, mobile and low-cost.” From a DoD perspective, PODs are an attractive option, particularly for data centers that are running out of space and need a quick solution. “We can put these in within six weeks from the time of order,” Ryan remarked. “If the military is running out of space due to the war effort, we can have a power data center up and running quickly.” EFFICIENT INFRASTRUCTURE HP is currently doing just that for the Army. To optimize the center’s power at a lower level, HP offers software Besides this awareness day, companies are working to provide solutions such as dynamic power management inside the rack. the government and DoD with green IT solutions that achieve their “I think what is even more interesting is the life cycle logistics goals. Among them are products that transform data planning, where we work with an individual program centers from sprawling server farms into energyand how we can optimize the way servers go from our efficient hubs, virtual desktops and applications integration plant to the warfighter as quickly as posthat can be used across any network and device, and sible,” he said. servers that power down monitors so as to use less Not only are shipping costs reduced, but also HP electricity. can pre-integrate a POD and deliver it directly to the HP is working on an energy-efficient infrastrucprogram. ture that fits around the products themselves. “Lastly, we are working with customers on collabo“What we see in the military is they have lots of rations such as Halo studios, which offer virtual videodata centers, some of which are very good and others conferencing and telepresence solutions,” he added. that are very bad,” Ryan said. “A lot of easy money HP estimates that each internal Halo studio elimiDavid Ryan can be found by conducting a simple data center nates at least one roundtrip flight per day, or 237 tons analysis using techniques like computational fluid of carbon dioxide per studio per year. dryan@hp.com dynamics and thermal analysis.” On the asset side, HP has been concentrating on This provides a view of any flaws where systems optimizing its server storage—blade servers that have may be operating inefficiently. “Some data centers are over-chilled,” approximately 33 percent less power requirements. Ryan explained. “That’s because a knee-jerk reaction to keeping data “Our printers and notebooks have technology that allows them to centers cool is to ice them down. That is a waste of money.” shut down instantly,” Ryan said. “Everything is Energy Star compliConsequently, HP’s efficient critical facilities group focuses on ant.” critical data centers to analyze and come up with solutions to reach The company has been a leader in recycling programs over the optimal efficiency using IEEE standards. Facility and technology past 20 years. It offers skinless systems that get rid of all extraneous assessment services include power and cooling analysis, compupackaging, which can be a good solution for large cloud computing tational fluid dynamics analysis, thermal zone mapping, energy infrastructures that take advantage of many small commodity servers efficiency analysis, and energy efficiency design. DoD, FAA and the with direct attached storage. Department of State are among the customers of HP’s mission critical Intel, meanwhile, is reducing thousands of pounds of carbon facilities services. dioxide emissions through remote services and off-hours power “When we do thermal zone mapping analyses, we identify what management. should be hot or cold—the chillers, their velocities, and how we can The company started early in maximizing performance while improve their optimization,” Ryan explained. “We take the data center minimizing energy consumed on several fronts. On the process side, data and compare it against standards. If we have customers who want it initially started with bipolar transistors, then made transitions to new centers, we can design and contract the building of the centers to positive-channel metal-oxide semiconductor to negative-channel IEEE standards or to whatever tier they need.” metal-oxide semiconductor, and finally to complementary metal www.MIT-kmi.com

MIT 13.7 | 35

oxide semiconductor to better manage energy efficiency. Centrino mobile technology was Intel’s first “from the ground up” example of this platform approach. The company continues to be recognized for its leadership efforts by the Environmental Protection Agency (EPA) and Department of Energy. In particular, by working with the Natural Resources Defense Council (NRDC), Intel made changes to its power supply design guidelines to encourage the development and adoption of more energy-efficient power suppliers. Intel also has a strong focus on leveraging software to drive power savings, despite the fact that most software products are not currently power-aware. Consequently, Intel is working with the industry, particularly independent software vendors, to improve software sensitivity to battery power and configuration, as well as to tune for power. This includes developing benchmarks to help spur development of software cooperation with power-conserving devices, as well as making device characteristics and energy saving evaluations part of the operating system vendor design discipline.

LOWER MAINTENANCE COSTS

Microsoft is also building the same policies with Windows 7 Client software so that similar savings can be realized, as well as looking at energy savings around Windows Server 2008 Hyper-V hardware-based server virtualization technology. By going through lab consolidation, Microsoft has found that the system uses 27 percent less energy, saving more than $100 million in hardware and 3.5 billion kilowatt hours per year. Already, Microsoft is finding it is saving 25 million kilowatt hours per year just by doing virtual consolidation. “Internally, 80 percent of internal Microsoft IT servers are virtual,” Schnegelberger explained, noting that such savings could be especially beneficial to DoD, which generates huge amounts of power in deployed locations from diesel fuel. “If they can generate less power, then they do not have to deliver as much diesel fuel in trucks, meaning fewer trucks and drivers in convoys,” he said. It also translates to less risk and a better force protection posture for the U.S. military.

END-TO-END VIRTUALIZATION

Meanwhile, Citrix Systems has introduced a server virtualization Microsoft’s work with the Federal Desktop Core Configuration system called Citrix Essentials for XenServer. in conjunction with the Air Force has resulted in a standard desktop “We can virtualize the physical server and load multiple iterations configuration that helps lower maintenance costs. As a result, the Air of an operating system or multiple operating systems—making one Force is moving to standardize its desktop around Microsoft’s Vista server function as 10 servers,” reported Rue Moody, strategic products software. technical director, government systems, for Citrix. “That’s because Vista, unlike previous versions of According to Moody, the average server in a data software, has significant enterprise-level power mancenter today runs at 30 percent utilization. agement capabilities,” said Kim Nelson, executive direc“Data centers are built to handle peak time tor for e-government for Microsoft U.S. Public Sector usage; so, for most of the day, 60 percent to 70 perand former chief information officer for the EPA. “This cent of the server capacity sits idle, drawing power gives customers a more efficient and environmentally and waiting for that peak demand,” he said. “With friendly operating system than they ever had before. It Citrix XenServer, we can dynamically repartition helps to leverage savings from the hardware using the servers and have them run on average at 60 percent software itself.” or 70 percent utilization.” As a result, the Air Force expects to save around $15 XenServer consolidates servers, improves system million per year by using Vista enterprise availability and management flexibility to move Rue Moody “This is huge. In addition, the NRDC has looked at workloads from server to server as needed. As workVista and determined that using it is the equivalent of loads change, Citrix can provision the servers to rue.moody@citrix.com reducing carbon emissions by about 300 million tons change with them. That creates a lower demand for per year, or like taking 400,000 cars off the road per year,” she said, the number of physical machines, which mean less power to both run noting that the Army is rolling out Vista as well. and cool the servers. Meanwhile, the company has been focusing on building an endXenDesktop and its virtual desktop infrastructure essentially to-end virtualization strategy—a technology that isolates one comvirtualizes desktops—running them in the data center and delivering puting resource from others. By separating the logical operation from them to users on-demand—for simpler management, improved data the physical hardware, a virtualized environment provides greater security and increased IT agility. Operating systems and applications operational flexibility and streamlines system changes, to provide are hosted centrally on a server, and the desktop is assembled, identity an operating environment that strengthens business continuity and is verified and the desktop is delivered based on the user’s profile. scales rapidly to meet demands. “This allows the military to deploy less expensive, lower wattage, The company is doing some interesting things as well on the longer lasting thin clients for a greener desktop,” explained Moody. server side, where it is implementing systems that turn the processors “Virtual desktops can, in some cases, double the life cycle of existing off as load decreases in the middle of the night. The feature is called end devices.” Core Parking in Windows Server 2008R2. With the e-waste involved in the disposal of desktops and laptops, “We are moving load to underutilized cores on a multi-core the higher wattage of traditional “fat” clients and the expense of processor,” added Jeff Schnegelberger, core infrastructure solutions replacing IT hardware, virtual desktops help the military save energy, specialist at Microsoft. “We will turn two or three of those cores off reduce e-waste and save money at the same time. so that we can show significant power savings as well as savings to “Citrix XenDesktop also helps the Army meet the Thin Client air conditioning. We are not generating as much heat, and so do not Architecture Standardization for the Army Small Computer Proneed as much AC.” gram,” he added. 36 | MIT 13.7

www.MIT-kmi.com

TUC

Tactically Unbreakable COMSEC

Dynamically reconfigurable logic Hardware Speed Architecture (FPGA-Based) Multiple Encryption Algorithms Multiple Bit Insertion & Bending Protocols Multiple Compression Engines

For more information contact Dale Cottongim 254-231-6171 www.mclaneat.com TUC is a product of

TUC is presented by

Citrix XenApp virtualizes applications—hosting applications in power needed to run the data center itself, and by enabling thin clithe data center or streaming them to run on user desktops—making ents for the military,” Moody noted. them available for use anywhere, online or offline. In addition, Citrix offers online services that provide remote “This end-to-end virtualization solution reduces the power needed access, remote support and Web conferencing solutions, which are to operate and cool the data center and enables the use of lowerideal for mobile workers such as military personnel in the field. wattage thin clients. Citrix Delivery Center allows the “Citrix also supports our troops with Citrix military to utilize green IT without compromising perWANScaler, which optimizes satellite bandwidth formance,” Moody explained. “With Citrix virtualization for the U.S. Army and its Warfighter Information solutions, IT departments can achieve their missions Network-Tactical initiative,” Moody added. while minimizing energy consumption and waste at Citrix WANScaler facilitates real-time commuboth the server and desktop levels.” nication for forward-deployed troops within TCP/IP, Citrix Cloud Center (C3) offers an integrated portSCPS and other standard protocols. folio of Citrix delivery infrastructure products (Citrix “Citrix flow control capabilities reduce latency XenServer, Citrix XenApp, Citrix XenDesktop, Citrix issues and improve performance up to 30 times NetScaler, Citrix Repeater and Citrix Workflow Studio) over, which means our warfighters quickly and packaged and marketed to the cloud service provider securely receive the IT services they deserve,” he Steve Foley market. C3 integrates cloud-proven virtualization and said. networking products that power many of today’s largest steve.foley@3par.com STORAGE SAVINGS Internet and Web service providers. Citrix contends that this unique combination lets Another major area of potential energy savings is storage, which next-generation cloud providers take advantage of the most widely in today’s data centers accounts for an estimated 37 percent of the adopted virtual infrastructure platform for hosted cloud services, as total energy consumed. This is why, as federal agencies seek to well as a proven infrastructure to deliver those services reliably and reduce energy costs and lessen carbon footprint, data storage is securely to both cloud consumers and enterprise data centers. moving to the top of the list. “Again, Citrix virtualization solutions help military data centers One company in the field, 3PAR Government Systems, reduces save energy by optimizing servers and dramatically reducing the energy costs and environmental impact by enabling data centers to replace 2.5 TB of traditional storage with only 1 TB of 3PAR Utility Storage, according to its federal director, Steve Foley. “Virtualization technologies pioneered by 3PAR—including 3PAR Thin Provisioning software—allow data centers to meet performance and service level objectives with 50 percent to 75 percent fewer disks than traditional arrays.” These capacity savings greatly reduce the amount of energy required to power arrays and cool the data center. But even data centers that do not take advantage of 3PAR’s unique thin technologies still benefit from the built-in energy efficiency of 3PAR arrays, Foley said. “All told, 3PAR customers enjoy a combined annualized RESPONSIBILITIES R RESP ESPON ONSI SIBI BILI LITIES ES INCLUDE: energy savings of approximately $7 million.” • Developing and producing multiple According to Foley, an excellent “real world” example of the magazine titles savings that 3PAR delivers is the Army’s selection of 3PAR Utility • Planning the editorial calendars Storage for its Distributed Learning System group. “3PAR Utility • Writing and assigning articles Storage not only reduced resource consumption by facilitating • Working with public affairs officers, remote learning programs, but also our Thin Provisioning software writers & others in defense industry has saved the group an estimated 50 percent on capacity purchases,” • Representing company at trade shows and he said. conferences 3PAR also emphasizes innovative green programs unique to the storage industry, including the 3PAR Carbon Neutral Storage ProQUALIFICATIONS: gram. Through this initiative, 3PAR augments the inherent energy • Background in or strong knowledge efficiency of its utility storage platform by purchasing carbon offsets of military affairs & technology for every terabyte of disk capacity sold with 3PAR Thin Provisioning. • Journalism/English degree preferred “Since the program’s inception in 2007, 3PAR has sub.purchased but not required carbon credits to offset nearly 15,000 metric tons of CO2 emissions,” SALARY AND BENEFITS: said Foley. ✯

KMI Media Group is seeking a full-time

MAGAZINE EDITOR

• •

Salary commensurate with experience Health insurance and vacation

CONTACT:

38 | MIT 13.7

jeffm@kmimediagroup.com

Contact Editor Harrison Donnelly at harrisond@kmimediagroup.com. For more information related to this subject, search our archives at www.MIT-kmi.com.

www.MIT-kmi.com

Welcome to the Evolution.

The SectÊraŽ vIPer™ Universal Secure Phone is the next step in end-to-end high assurance security for voice communications. The vIPer Phone is a single desktop solution for: s "OTH NON SECURE AND SECURE 4OP 3ECRET AND "ELOW s 034. CONNECTIVITY ;OL <UP]LYZHS :LJ\YL 7OVUL J\YL 7OVUL s 6OICE OVER )0 CONNECTIVITY s #OST EFFECTIVE MIGRATION FROM 034. TO 6O)0 s 34% INTEROPERABILITY Protect your investment and evolve into the next generation of technology. The VERSATILE 3ECT�RA V)0ER 0HONE PROVIDES THE mEXIBILITY FOR MULTIPLE NETWORKS !LL OTHER SOLUTIONS SEEM WELL PRIMITIVE s SECURE COMMUNICATIONS GDC S COM s WWW GDC S COM V)0ER General Dynamics Secure Communications: We Bring You What’s Next

Š 2009 General Dynamics. All rights reserved. SectÊra and vIPer are trademarks of General Dynamics.

State of the IA Art INFORMATION ASSURANCE CENTER PROVIDES DOD A CENTRAL POINT OF ACCESS TO INFORMATION ON CYBERSECURITY AND NETWORK DEFENSE. as a twice-weekly online digest of links to IA “IATAC’s mission is to provide DoD a central point of access to information on IA and cybersecurity, emerging technologies and system vulnerabilities, research and develharrisond@kmimediagroup.com opment, modeling and analysis to support implementation of effective defense against The release earlier this year of a report on information warfare attacks,” Tyler said. “One the critical topic of measuring the effectiveof our major roles is synchronizing the IA ness of cybersecurity programs has again area across government, academia and indushighlighted the role of the Department of try. If you look at our core mission as being Defense’s Information Assurance Technology a key repository for IA and cybersecurity, it Analysis Center (IATAC) as a “super library” of would make sense to make sure that anything expertise on IA and defensive that comes out within that information operations. mission area is managed at The report, titled “Meaa particular place and made suring Cyber Security and available for reuse across the Information Assurance,” was federal government. one of a series of “state-of“We’re a ‘super library,’ or the-art reports” issued by the a center of excellence,” Tyler 11-year-old center. Given the continued. “Frankly, a numincreasing attention paid to ber of our clients have written cybersecurity by DoD, the cento us and said we really are a ter’s products—from newsletcenter of excellence, because Gene Tyler ters and research reports to a we can get information across database of expert “graybeards” a broad range of topics within on specific IA topics—are likely to continue to IA. If we don’t solve their problem immedigrow as an important resource in the defense ately, we point them in the right direction.” of the nation’s networks. As a type of government/industry hybrid, Perhaps most prominently for DoD and IATAC offers a mix of fee and service arrangeother federal employees, the IATAC regularly ments. In addition to no-charge initial provides up to four hours of free research for assistance, it does contract research for orgaany inquiries of specific topics, and does so nizations, such as the Defense Information scores of times each month. Systems Agency (DISA). But the results of As one of 10 information analysis centers that research then go into a database available (IACs) sponsored by DoD and managed by to other agencies. “If you’re an authorized the Defense Technical Information Center user—defined as any federal employee or a (DTIC), which provides a “one-stop” access person from academia or industry who is regpoint to DoD scientific, research and engiistered with DTIC—you can ask us a question, neering information, IATAC’s basic services and we’re obligated to spend up to four hours include collecting, analyzing, synthesizing, researching that,” Tyler explained. producing and disseminating IA scientific and The center receives an average of 60 to 65 technical information; responding to user requests for information a month, Tyler said, inquiries; database operations; current awareas well as 120 or so requests for documents, ness activities; and publishing critical review all of which are provided free of charge to and technology assessments reports and stateauthorized users. of-the-art reports. All 10 IACs perform these CURRENT-AWARENESS PROGRAMS tasks within their functional areas. IATAC is operated for DoD on a contracThe center has a variety of current-awaretual basis by Booz Allen Hamilton (BAH). The ness programs, including campaigns to make center’s director, Gene Tyler, is a BAH senior sure those in the field are aware of recent associate who, in his last military assignment, targeted research. It also has a newsletter, served on the OSD staff as director of the in which most of the articles are written by Defensewide Information Assurance Program outside subject matter experts (SMEs), as well office.

BY HARRISON DONNELLY MIT EDITOR

40 | MIT 13.7

news and analysis. Again, authorized users receive these products at no cost to them. In addition to receiving guidance from DTIC, the center is steered by a committee of IA experts from across the government, who meet once a year to help determine the emerging technologies and issues that should be worked. “We prepare a list of some of the hot-button issues for DoD, and they generally select one topic for us to work. Then we assign a researcher to develop it, working in collaboration with DTIC, the 55th Contracting Squadron, which manages our contract, our steering committee of SMEs, and an adviser,” Tyler said. Based on that input, the topics of the center’s state-of-the-art reports offer an excellent window into the issues facing IA specialists every day. Currently, the most popular report, with some 490,000 electronic and printed copies in general circulation, addresses software security assurance. In addition to this year’s report on IA measurement, other recent studies have focused on insider threats, and a possible study focused on security of the software supply chain is under consideration. IATAC has a small staff, which includes a chief scientist and a specialist on academic integration. But it also has access to a range of outside expertise. While the center makes use of Booz Allen Hamilton and its experts, it also works with other firms, academia and government to maintain a database of SMEs. “We rely on the resources of Booz Allen, but we don’t want this to be just a Booz Allen-centric solution, but an IA community and government-centric one,” said Tyler. Indeed, the center devotes considerable effort to identifying and evaluating SMEs, with strict criteria for professional achievement and a panel that reviews qualifications. In addition, it has a list of some 150 “super experts” or “graybeards.” DTIC’s Website, www.dtic.mil/dtic/iac, offers more information about its work, while more information about IATAC or any of the other nine IACs is available at http://iac.dtic. mil. ✯ Contact Editor Harrison Donnelly at harrisond@kmimediagroup.com. For more information related to this subject, search our archives at www.MIT-kmi.com.

www.MIT-kmi.com

It’s your job to protect others, so missing a beat is not an option. Nextel Direct Connect

®

makes sure your entire team can be mobilized in under a second. And in a field like this, that second makes all the difference. Nextel Direct Connect. Only on the Now Network.™ 1-800-NEXTEL-9 sprint.com/nextel

BlackBerry® Curve™ 8350i

Direct Connect: Nextel and PowerSource devices operate on the Nextel National Network. International Direct Connect not included. Other Terms: “Fastest” claim based on initial call setup time. Coverage not available everywhere. The Nextel National Network reaches over 274 million people. ©2009 Sprint. Sprint and the logo are trademarks of Sprint. Other marks are the property of their respective owners.

Compiled KMI Media Group staff Compiled by by KMI Media Group staff

Security System Uses Multiple Anomaly Detection Methods CounterStorm from Trusted Computer Solutions is a new solution for identifying security threats in seconds without the need for signatures. CounterStorm goes beyond current network behavioral anomaly detection (NBAD) solutions in its ability to rapidly detect and quickly take action by utilizing multiple anomaly detection techniques and then correlating to quickly find worms and botnets before the damage spreads. CounterStorm has proved in beta field testing that the solution is capable of addressing the shortcomings of traditional NBAD solutions, which can be ineffective against fastspreading attacks, prone to high falsepositive rates, and unable to provide fully automated responses. Key CounterStorm features include the Statistical Payload Analysis Detection Engine, which builds models of normal network traffic content

with patent-pending technology to detect malicious or atypical data traffic being transferred across the network; the Volumetric Anomaly Detector, which pinpoints clients or servers producing unusually high levels of network activity and identifies the characteristics of insider activities and actively exploited compromised systems; the Enhanced Behavioral Engine, which detects patterns of malicious network activity such as worm-like malware; and the Rogue Detection Engine, which searches for botnets or exfiltration behavior by looking for clients communicating with servers that they do not normally access. Additionally, it can detect clients that exhibit unauthorized behavior such as becoming zombie computers performing unexpected activities. Sheryl Dorch: sdorch@trustedcs.com

Autotracking Antenna Delivers Video, ISR Data Links The EnerLinksIII Autotracking Antenna System (ETAS) from the Enerdyne division of ViaSat is a complete, high-performance ground station for video and ISR data links using the EnerLinksIII Ground Modem Transceiver. Using the ETAS, EnerLinksIII can deliver downlink line-of-sight range of at least 75 nautical miles at 11 Mbps, and over 100 nautical miles at 5 Mbps, operating at L-, S- or C-band frequencies. The complete ETAS system includes a 24-inch parabolic antenna, an omni-directional antenna, a radio interface module, a gimbal to point the antenna, a rugged tripod to support the equipment, and two transit cases for the antenna assembly and electronics. The parabolic reflector gain varies in a way that offsets any propagation loss variation, providing a constant link margin. The omni-directional antenna enables operation at close range where the angular velocity of the aircraft may exceed the ability of the tracking gimbal to follow it. Both the downlink and uplink are switched seamlessly and automatically between the two antennas. Bob Varga: bvarga@enerdyne.com 42 | MIT 13.7

Portable Tracking Antenna Supports Ku-band Data Links The GDT-2100 Ku-band Grand Data Terminal (GDT) antenna system from TECOM Industries is a military-grade, lightweight portable tracking antenna system for groundbased Ku-band data link transmit and receive communication that is currently in active service by U.S. forces in overseas operations. This standard COTS system comprises a 4-foot antenna, Ku-band feed, two-axis positioner, integrated control system, tripod mounting base and transit cases. The positioner features continuous azimuth travel and highly effective tracking using pointing commands derived from GPS position information. RF beam autotrack configurations are available for applications where GPS position information is not available. Used by mobile ground forces to exchange imagery and data from UAVs utilizing Common Data Link or other Ku-band data links, the GDT-2100 also supports data link relay, and UAV command and control missions. To date, several hundred GDT-2100 and variant systems have been fielded to support multiple UAV platforms. This ruggedized, portable system offers reliable field-proven performance at a low cost. In addition to future military UAV applications, the GDT-2100 is an affordable solution for non-military UAV missions such as disaster monitoring, border surveillance, drug interdiction and law enforcement.

New SATCOM Base Station Aids Rescue Communication The new SATCOM Base Station, part of the General Dynamics HOOK2 GPS combat search and rescue (CSAR) system, enables secure, two-way, worldwide communications with isolated personnel or rescue forces that are using the satellite-enabled HOOK2 AN/PRC-112G combat search and rescue radio. Lightweight, rugged and portable, the base station is just right for mobile, rapid deployment or fixed site operations. The kit includes udes base station radio, ruggedized computer and satellite antenna with cabling and power supply options. Mission-critical features include embedded dded security to prevent information from being compromised; intererrogation feature to rapidly locate and identify isolated personnel; el; and e-mail-like format to facilitate messaging, which can bee immediate or queued. The General Dynamics HOOK2 GPS CSAR system is a powerful, global, cost-effective solution for military, paramilitary, law enforcement and government agency search and rescue operations. Composed of the software-defined, upgradeable AN/ PRC-112G transceiver or the AN/PRC-112B1 transceiver, plus a handheld GPS Quickdraw2 Interrogator, the system delivers field-proven capability and adds encrypted two-way messaging and GPS positioning for precise, accurate location. The Quickdraw Interrogator turns virtually any aircraft into a CSAR platform simply by plugging the device into the aircraft’s intercom system. www.MIT-kmi.com

The advertisers index is provided as a service to our readers. KMI cannot be held responsible for discrepancies due to last-minute changes or alterations.

MI T CALEND A R & DI REC TO RY ADVERTISERS INDEX Apptis. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .3 www.apptis.com Cases 2 Go . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .43 www.cases2go.com Centech Group Inc. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .8 www.centech-netcents2.com Dynamic Systems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .17 www.sstew.com General Dynamics Information Technology . . . . . . . . . . . . . .11 www.gdit.com GDC4 Needham . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .39 www.gdc4s.com/secureproducts GDC4 Taunton . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .33 www.gdc4s.com Harris RF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .21 www.rfcomm.harris.com/117g

NEXTISSUE

September 2009 Volume 13, Issue 8

Joint Symposium and Expo . . . . . . . . . . . . . . . . . . . . . . . . . . .31 www.joint-symposium-expo.com L-3 East . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .C4 www.l-3com.com/talon L-3 West . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .24 www.l-3com.com/csw McLane Advanced Technologies . . . . . . . . . . . . . . . . . . . . . . . .37 www.mclaneat.com Nortel Government Solutions. . . . . . . . . . . . . . . . . . . . . . . . . .28 www.nortelgov.com QinetiQ North America . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .C2 www.qinetiq-na.com/getsolutions

Cover and In-Depth Interview with: th:

Maj. Gen. Susan Lawrence rence

Rockwell Collins . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .27 www.rockwellcollins.com/milsatcom

Commanding General Army Network Enterprise Technology chnology Command 9th Signal Command (Army)

Sprint . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .41 www.sprint.com/nextel

Features:

Titus Labs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .29 www.titus-labs.com

Network Service Centers terss

Ultra-Criticom. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .C3 www.ultra-criticom.com US Falcon . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .26 www.usfalcon.com

Army SOA Foundation n

CALENDAR September 9, 2009 ComDef 2009 Washington, D.C. www.ideea.com/comdef09/ September 14-16, 2009 Air and Space Conference National Harbor, Md. www.afa.org September 14–17, 2009 2009 Joint Symposium & Expo Atlantic City, N.J. www.joint-symposium-expo. com

www.MIT-kmi.com

The Army plan to establish a global bal enterprise linked by five operational onal network service centers represents nts a major shift in the way it organizes es and operates its massive networks.

September 22-24, 2009 Biometric Consortium Conference Tampa, Fla. www.biometrics.org

The Army’s SOA Foundation is ann operating pilot infrastructure with th a formalized reference technical architecture, contributing to such efforts as the enterprise decision management system, Web service certification process, and unit management pilot Web service.

September 29-October 1, 2009 Modern Day Marine Quantico, Va. www.marinemilitaryexpos.com

Tactical 3G

October 5-7, 2009 AUSA Annual Meeting and Exhibition Washington, D.C. www.ausa.org

Domain Name Security

After spurring explosive popularity in the civilian sector, 3G wireless technology is holding out promise as an effective tool for tactical communications. Military and other federal agencies face a deadline for strengthening the security of Domain Name Systems against cyberattacks.

Intelligence IInteroperability t bilit A methodology called distributed agent-based systems interoperability is helping to support teaming within the intelligence community.

Software Service As part of the cloud computing movement, the military is exploring the use of software as a service.

NCOIC Report The Network Centric Operations Industry Consortium highlights its work to help customers apply standards, analytic tools and processes to realize the benefit of interoperability.

MIT 13.7 | 43

INDUSTRY INTERVIEW

MILITARY INFORMATION TECHNOLOGY

Steven Cooper ForeScout Steven Cooper served as special assistant to President Bush and senior director for information integration in the White House Office of Homeland Security in 2002, and as the first chief information officer at the Department of Homeland Security in 2003. In this interview, Cooper discusses the importance of the Access Control Security Technical Implementation Guides (STIGs) developed by the Defense Information Systems Agency (DISA), the Federal Information Security Management Act (FISMA) Federal Information Processing Standards (FIPS) developed by the National Institute of Standards and Technology (NIST), and the new Consensus Audit Guidelines (CAGs) developed by the SANS (SysAdmin, Audit, Network, Security) Security Training Institute. Q: Who developed the SANS CAGs and what purpose do they serve? A: In February 2009, a group of U.S. government agencies—NSA, US-CERT, various Department of Defense computer security groups—and the SANS Institute put out a list of “top 20 controls” that was subsequently published as the CAGs. John Gilligan, who chaired the effort, has been a pillar of the community for years. Allen Paller, with the SANS Institute, was very helpful in support of our early information security efforts at DHS and has helped in the development of this list. The CAGs’ first recommendation is that companies keep a dynamic inventory of authorized and unauthorized hardware accessing their networks to reduce network attacks via unprotected systems. Having a whitelist and inventory of authorized and unauthorized software is also high on the list. The CAGs are scheduled to undergo pilot implementations this year and have a “high probability of becoming a common set of controls” for private industry. Q: Why is “Inventory of Authorized and Unauthorized Devices” at the top of the control list? A: Without an inventory, you cannot hope to proceed. I strongly feel that any security 44 | MIT 13.7

Q: So the key is to control access at the switch port?

effort, or for that matter most any IT effort, has to start with an accurate understanding of what the ground truth is. That is totally dependent upon an accurate inventory of your networks, attached devices— including wireless—and all hardware and software in use. Q: How do the CAGs compare with the DISA access control STIG? A: The CAGs state you must take inventory of authorized and unauthorized devices. The DISA STIG for access control takes it a step further and states that device access must be controlled at the switch port: “Network ports should be both physically and logically secured to prevent unauthorized access to the DoD enclave”; and “Both unclassified and classified networks require the implementation of a logical network port security solution.” Not all NAC solutions are alike, so you need to be sure that if you are implementing a NAC solution, it meets this fundamental requirement outlined in the STIG. Q: Don’t all access control solutions provide this capability? A: Unfortunately, no. Some NAC solutions require the deployment of 802.1X to provide port base access control. Many organizations have yet to deploy it or are not in a position to deploy it, and therefore look to fulfill the STIG requirement using port-based solutions that are not 802.1X-dependent.

A: Yes. The key is to do it in a scalable way without blowing your operations budget. Agencies can meet this requirement through “port-based security,” whereby an individual asset is associated with a specific switch port. This type of security is extremely resource-intensive to maintain, because the network administrator needs to manually modify switch configurations anytime a device is added or moved. Also, the drawbacks of this approach are highlighted in the DISA STIG: It is very easy for someone to spoof an individual machine address and connect to the network, thus bypassing this type of solution. Q: Are there products or educational resources that can help IT staff embrace and apply these recommendations today? A: Absolutely. In fact, the Army has an approved product list that identifies the access control products that have been tested, proven and certified to work “as advertised.” It’s called the Army Information Assurance Approved Products List [AIAAPL]. One such tool is CounterACT from ForeScout Technologies, a NAC appliance that does many of the things described above [and other things, as well]. Q: If our readers want to learn more, where can they go? A: For military, I’d start with the AIAAPL “recommended list of products.” IT staff are asked to trust and use only those solutions that have been certified and added to the list, so this will save you some time. I also recommend visiting sans.org to learn more about these latest security controls. And, of course, the DISA STIGs and FISMA FIPs documentation offers a wealth of information. Both can be found on the Web at http://iase.disa.mil/stigs/ stig/index.html and http://csrc.nist.gov/ groups/sma/fisma/index.html. ✯ www.MIT-kmi.com

Secure video conferencing from Ultra Electronics Criticom… Communicate More – Spend Less.

And know your systems are secure. Criticom, an Ultra Electronics company, through its ISEC™ solutions, provides failsafe separation between security domains and networks to ensure your video communications are secure. ISEC is TEMPEST, DISA/JITC and NIAP-certified and approved for use on Defense networks. And all at a reasonable cost that helps you stretch your budget. For more information, visit www.ultra-criticom.com. Call 877-CRITICOM (877-274-8426) or 301-306-0600 or email ISECMIT0809@ultra-criticom.com for more information today.

Ultra Electronics CRITICOM 4211 Forbes Boulevard Lanham, MD 20706 USA Tel: 301-306-0600 Fax: 301-306-0605 ISECMIT0809@ultra-criticom.com www.ultra-criticom.com www.ultra-electronics.com

SECURE COMMUNICATIONS WHEREVER YOU GO

Taking your secure networks further than ever before Secure — flexible — and the only NSA certified Type-1 encryptor designed to interoperate with both SCIP and HAIPE® protocols. The Talon (KOV-26) card lets you use your laptop or desktop computer to make a secure phone call, or securely access your classified IP network at broadband speeds. As the smallest in-line encryptor available, Talon allows you to securely and cost-effectively communicate through a wide variety of connections, including wired and wireless Internet, dial-up, ISDN or SATCOM by simply inserting the Talon PCMCIA card into your computer. To find out how to securely extend your network anywhere, visit L-3com.com/Talon or call 1-800-339-6197 today. C 3 I S R > G OV E R N M E N T S E R V I C E S > A M & M > SPECIALIZED PRODU CTS Comm unication Systems-East H AIP E ® is a registered t rademark of t he NSA.

L-3com.com