Military Information Technology w/ General Susan Lawrence

The Voice of Military Communications and Computing

Network Unifier Maj. Gen. Susan S. Lawrence

www.MIT-kmi.com

C4ISR September 2009 Volume 13, Issue 8

Commanding General Army NETCOM 9th SC (A)

PRSRT STD U.S. POSTAGE PAID ROCKVILLE, MD PERMIT # 2669

Satellite Phones ✯ Domain Name Security ✯ NCOIC ✯ 3G Technology Air Mobility Command ✯ C2 Transformation ✯ Software as a Service ✯ Cybermetrics

MILITARY INFORMATION TECHNOLOGY FEATURES

SEPTEMBER 2009 VOLUME 13 • ISSUE 8

COVER / Q&A Networks in the Sky

6

Rapidly evolving from its first incarnations, satellite phone technology is becoming embedded in every part of military life from the foxhole to the Internet cafe. By Adam Baddeley

3G and Beyond

11

Cellular communications technologies now in their latest 3G and 4G iterations are being tested, evaluated and packaged for urgent operational needs in the current fight and integrated in critical programs both on and off the battlefield. By Adam Baddeley

Digital Technology for Small Unit Leaders

16

In order to leverage the potential of networked information, small unit leaders need greater bandwidth connecting them to a secure network. By Colonel Buddy Carman and Mike Kelley

Putting the IT in “Mobility”

18

The Directorate of Communications supports Air Mobility Command by providing integrated, reliable and secure communications and information, and providing services and policy for managing information as a strategic resource.

25 Major General Susan S. Lawrence Commanding General Army Network Enterprise Technology Command 9th Signal Command (Army)

DEPARTMENTS 2 Editor’s Perspective 4 Program Notes

Domain Name Security

30

34

20 JTRS Update

Servings of Software

42 COTSacopia

Information technology vendors providing software as a service are attracting growing revenues, as well as increasing interest from military organizations. By Peter Buxbaum

Outcome-Based Metrics

37

22 Data Bytes

43 Calendar, Directory

INDUSTRY INTERVIEW

It is vital that the government develop processes by which to measure performance and outcomes associated with its cybersecurity efforts. By Scott Charbo

Network-Centric Consensus

38

4 People

A new mandate for defense and other federal agencies is focusing attention on the security of the Internet’s Domain Name System— the vital “telephone book” that looks up the IP addresses of Websites. By Peter Buxbaum

The Network Centric Operations Industry Consortium (NCOIC) is a global not-for-profit association dedicated to the advancement of network-centric operations and the benefits of interoperability.

44 Simon Lee Chief Executive Officer STG Inc.

MILITARY INFORMATION TECHNOLOGY VOLUME 13, ISSUE 8

SEPTEMBER 2009

The Voice of Military Communications and Computing EDITORIAL Managing Editor Harrison Donnelly harrisond@kmimediagroup.com Copy Editor Regina Kerrigan reginak@kmimediagroup.com Correspondents Adam Baddeley • Peter Buxbaum • Scott Gourley Tom Marlowe • Karen E. Thuermer

ART & DESIGN Art Director Anna Druzcz anna@kmimediagroup.com Graphic Designers Scott Morris scottm@kmimediagroup.com Anthony Pender anthonyp@kmimediagroup.com Jittima Saiwongnuan jittimas@kmimediagroup.com

ADVERTISING Account Executives Tabitha Naylor tabitha@kmimediagroup.com Dean Sprague deans@kmimediagroup.com Ted Ventresca tedv@kmimediagroup.com

KMI MEDIA GROUP President and CEO Jack Kerrigan jack@kmimediagroup.com Executive Vice President David Leaf davidl@kmimediagroup.com Vice President of Sales and Marketing Kirk Brown kirkb@kmimediagroup.com Editor-In-Chief Jeff McKaughan jeffm@kmimediagroup.com Controller Gigi Castro gcastro@kmimediagroup.com Publisher’s Assistant Carol Ann Barnes carolannb@kmimediagroup.com

Sometimes, the questions can be at least as telling as the answers. At the Army LandWarNet conference in Fort Lauderdale, Fla., this summer, for example, one of the plenary sessions featured a number of executives from companies involved in Army information technology. What was especially interesting was that session organizers took the time to ask staff members in the Army Chief Information Office/G-6 what questions they would most like to ask industry. The questions were: • How could industry support the requirement to take modular capabilities and deploy them anywhere, with immediate connectivity and access to network-delivered capabilities, without the need to modify systems or configurations? How would industry create an environment that supports the “fight on arrival” imperative, global plug and play, and train as we fight? • What is industry’s role in achieving the Army’s thrust to integrate generating and operating force into one cohesive force in support of total joint requirements, and what is needed from the Army to make this a reality? • From what you know of the Army infostructure today, what three areas should the Army focus on—why and how? • What lessons learned or areas of improvement—IT, communications, information assurance or network management—have come from overseas contingency operations? What specific areas can the government partner with industry to better support joint warfighters? • The Army fights today in a coalition construct, which presents challenges within the U.S. military, and even more without international partners. What is U.S. industry doing to bridge this gap? • In an era of increasing demand for new technology and flat or decreasing IT budgets, what approaches should the Department of Defense take to keep pace with the rate of technology change? While the answers given by industry executives on the panel were good, the questions themselves provided valuable insight into Harrison Donnelly what’s on the minds of those creating the Global Network Enterprise harrisond@kmimediagroup.com Construct. (301) 670-5700

KMI MEDIA GROUP FAMILY OF MAGAZINES AND WEBSITES

OPERATIONS, CIRCULATION & PRODUCTION Circulation Specialists Dena Granderson denag@kmimediagroup.com Davette Posten davettep@kmimediagroup.com

Military Medical/ CBRN Technology

Geospatial Intelligence Forum

Military Logistics Forum

Military Space & Missile Forum

www.MMT-kmi.com

www.GIF-kmi.com

www.MLF-kmi.com

www.MSMF-kmi.com

Special Operations Technology

Military Information Technology

Military Training Technology

Military Advanced Education

www.MIT-kmi.com

www.MT2-kmi.com

www.MAE-kmi.com

MARKETING & ONLINE Marketing & Online Director Amy Stark astark@kmimediagroup.com Trade Show Coordinator Holly Foster hollyf@kmimediagroup.com

A PROUD MEMBER OF SUBSCRIPTION INFORMATION

SS m ra og Pr s M ate CO d O Up

All Rights Reserved. Reproduction without permission is strictly forbidden. © Copyright 2009. Military Information Technology is free to members of the U.S. military, employees of the U.S. government and non-U.S. foreign service based in the U.S. All others: $65 per year. Foreign: $149 per year. Corporate Offices KMI Media Group 15800 Crabbs Branch Way, Suite 300 Rockville, MD 20855-2604 USA Telephone: (301) 670-5700 Fax: (301) 670-5701 Web: www.MIT-kmi.com

World’s Largest Distributed Special Ops Magazine

U

Military Information Technology ISSN 1097-1041 is published 11 times a year by KMI Media Group.

SOF Leader Admiral Eric T. Olson

www.SOTECH-kmi.com

May 2008 Volume 6, Issue 4

Commander USSOCOM

Body Armor 2 Image Analysis 2 Weapon Suppressors Wearable Power 2 CSAR with a Twist 2 PEO Soldier

www.SOTECH-kmi.com

Reliability is crucial on the battlefield. With over 400,000 units deployed worldwide, ITT SINCGARS is the most capable, reliable, battle-proven combat net radio available today. This tough radio, with waveforms and features only found with ITT SINCGARS, is built to survive the harshest environmental challenges. Giving you peace of mind on the battlefield. To find out how ITT SINCGARS stands up to nature’s worst, visit us at: cs.itt.com/tough.

Drenched. Burned. Frozen. Run over. Blasted. Shot. Dropped. Yeah, it still works.

$PNNVOJDBUJPOT t 4FOTJOH 4VSWFJMMBODF t 4QBDF t "EWBODFE &OHJOFFSJOH *OUFHSBUFE 4FSWJDFT ITT, the Engineered Blocks logo, and ENGINEERED FOR LIFE are registered trademarks of ITT Manufacturing Enterprises, Inc., and are used under license. ©2009, ITT Corporation.

Compiled by KMI Media Group staff

Advanced Aperture System Offers “Superhero” Vision Over the past year, a group from the Army RDECOM CERDEC Night Vision and Electronic Sensors Directorate (NVESD) has been working on the Advanced Distributed Aperture System (ADAS), which gives aircrews “superhero” vision, enabling them to “see through” the helicopter. During a recent flight demonstration, Brigadier General Raymond Palumbo, deputy commanding general, Army Special Operations Command, said, “The ability to see through the cockpit infrastructure is pretty damn awesome. Can you imagine having this on a Stryker, where you can see all around and hear each other?” The ADAS is a multi-spectral day/night viewing system, consisting of six cameras mounted on the outside of the helicopter. The day/night imagery from each camera is processed and stitched together to provide each aircrew member with an independent, unrestricted spherical view around the aircraft. Each aircrew member independently views the thermal and near-infrared fused imagery as it is projected onto the visor of their helmet mounted display (HMD). Each aircrew member’s HMD is continually tracked by an optical head tracker, and the aircrew member determines the imagery he sees by simply pointing his head in the desired direction. Since the cameras are located Correction on the outside of the aircraft, the In the article, “DISA, GSA images appear to “see through” Combine on COMSAT Acquisition,” the Blackhawk. Informational in the August 2009 issue of MIT, the symbols from the helicopter instruname of one of the prime contractors ment panel also provide heads-up on the DSTS-G program appeared pilotage and navigation data as incorrectly. It is CapRock Government an overlay to the multi-spectral Solutions. imagery.

ADAS greatly improves situational awareness by providing aircrew members the ability to look anywhere about the aircraft to view objects and terrain with minimal or no structural limitation during day/night operations. NVESD has been working with several contractors to develop the helmet display and multi-spectral sensors. One of NVESD’s contractors is also providing 3-D audio cueing and active noise reduction technology. Similar to a bat’s echolocation, the 3-D audio cueing distributes sound directionally so that auditory signals sound like they’re coming from the direction of the source; this also provides separation for different channels of input, like threat alerts, radio traffic and aircrew dialogue. The 3-D audio is enhanced by ANR, which also minimizes the risk of hearing loss from noise exposure, reduces fatigue and stress during long missions, and limits cockpit noise, enabling the aircrew to concentrate and work efficiently. One of the issues deployed aircrews have been facing is brownout. Brownout occurs when a helicopter is landing and the rotorcraft’s downwash throws dust, sand and other loose debris into the air, severely limiting or obscuring the pilots’ view of the landing area. To combat brownout situations, the aircrew using ADAS can view pilotage and brownout symbology to let the pilots know where the helicopter is in relation to the ground as well as look through the floor of the helicopter into the cleaner downwash directly below them, allowing the aircrew to conduct safe landings during a dangerous brownout situation.

Diana L. McGonigle With sadness, KMI Media Group announces the passing of our friend and co-worker, Copy Editor Diana L. McGonigle, who died August 15. A skilled editor with a fierce dedication to accuracy and timeliness, Diana had been a valued member of the KMI team since 2005. She will be missed.

Compiled by KMI Media Group staff

peo ple Robert J. Butler has been appointed to the Senior Executive Service and will be assigned as deputy assistant secretary of defense for cyber and space policy, Office of the Under Secretary of Defense for Policy. Brigadier General Dwyer L. Dennis, who has been serving as commander, 551st Electronic Systems Wing, Electronic Systems Center, Air Force Materiel Command, has been assigned as

4 | MIT 13.8

special assistant to the commander, Air Force Materiel Command. Major General Blair E. Hansen, who has been serving as director, ISR capabilities, deputy chief of staff, intelligence, surveillance and reconnaissance, Headquarters U.S. Air Force, has been assigned as deputy commander, Joint Functional Component Command for Intelligence, Surveillance and Reconnaissance, U.S. Strategic Command.

Cubic Defense Applications has hired Grant Palmer as vice president of communications systems.

Textron Systems, has appointed Jon Percy as vice president of business development and strategy. Brian Roach has been named vice president, federal, for Juniper Networks. He previously worked at Microsoft, where he was general manager of product sales for the Department of Defense.

Jon Percy

Overwatch, an operating unit of

Aruba Networks, a provider of wireless LANs and secure

Hitesh Sheth

mobility solutions, has announced the appointment of Hitesh Sheth to the newly created position of chief operating officer.

www.MIT-kmi.com

TUC

Tactically Unbreakable COMSEC

Dynamically reconfigurable logic Hardware Speed Architecture (FPGA-Based)

Meet with MAT Corporate Leadership at

Multiple Encryption Algorithms

Booth # 135

Multiple Bit Insertion & Bending Protocols Multiple Compression Engines

AUSA Contact Michael Gravens michael.gravens@mclaneat.com

TUC is a product of

TUC is presented by www.mclaneat.com

Networks

in the Sky SATELLITE PHONES EMBRACE ADVANCED NETWORKING CAPABILITIES DESIGNED TO SUPPORT COMMAND AND CONTROL AND ADVANCED SITUATIONAL AWARENESS. BY ADAM BADDELEY MIT CORRESPONDENT BADDELEYA@KMIMEDIAGROUP.COM

Rapidly evolving from its first incarnations—when it offered little more than an expensive rugged personal communications device to its users and a tenuous business opportunity to its providers—satellite phone technology is becoming embedded in every part of military life from the foxhole to the Internet cafe. The latest wave of improvements in satphones include reductions in size and weight while simultaneously embracing advanced networking capabilities designed to also support command and control and advanced situational awareness via always-on networks available throughout the globe. 6 | MIT 13.8

www.MIT-kmi.com

One of the latest developments is the recent established its own Iridium DoD gateway in Hawaii, award by the Naval Surface Warfare Center (NSWC) separate from the firm’s commercial subscriber site to Iridium for Phase 2 of the Distributed Tactical in Arizona. Communications System (DTCS), an extension of EMSS services were first negotiated in Decem“Netted Iridium.” DTCS takes telephony out of the ber 2000. Iridium is now on its third such contract, loop, and makes Iridium into a packet switch network with the most recent negotiations leading to a conin the sky. Furthermore, it enables true tactical comtract signed in March 2008, which with options will munications by providing push-to-talk, one-to-many, continue until 2013. voice and limited data distribution to disadvantaged “We anticipate that our relationship with DoD users. will continue well into the future,” said Scott Scott Scheimreif “DTCS is a paradigm shift in many aspects of Scheimreif, vice president of government programs tactical comms, not only on the availability of satellite scott.scheimreif@iridium.com for Iridium. “Requirements and global military assets, but also in the way we do business,” said Igor activity will determine to what extent. We expect Marchosky, DTCS technical manager at NSWC Dahlgren Division. that the U.S. DoD’s reliance on commercial satellite communications, “The DTCS radios represent a much smaller form factor than other specifically Iridium, will continue to expand as their missions and tactical radios, require far less training and add opportunities that were applications evolve.” not available before. DTCS also provides a platform for learning how to In addition to providing conventional satphone capabilities across operate outside the traditional VHF/UHF bands. DoD, additional network capabilities are being developed. Iridium “The lessons learned from the implementation and development and the Marine Corps Warfighting Laboratory (MCWL) at Quantico, of this system present opportunities for other programs in DoD where Va., began an engagement in 2001 to address the needs of commuthese shifts could be challenging,” Marchosky continued. “One very nications-disadvantaged Marines, who did not have access to military important aspect of DTCS is to capture how we procure and manUHF tacsat channels and needed additional tactical narrow band comage commercial satellites, how we enable disadvantaged users to use munications. these new assets, and how rapid development and deployment can Scheimreif outlined the process by which the Marines addressed be accomplished while effectively incorporating warfighter feedback this. “The MCWL chose to look at space-based networks, and spedirectly from the field.” cifically Iridium, to try to solve their ship-to-object maneuver Despite its technological roots, it is important to keep in mind that the DTCS is not a phone. “The DTCS radio system will be completely removed from the 9555 or any other COTS Iridium products,” Marchosky emphasized. “The DTCS family of radios, which includes the RO, ROA, C2, C2A and eventually the C2S, will be capable of operating in the Iridium network, but will truly operate as a tactical device, and not as a COTS commercial phone.” DTCS will be transitioned into the Enhanced Mobile Satellite Service (EMSS) program under the Defense Information Systems Agency (DISA). DISA will provide DTCS service as one additional service in the EMSS product line. The roadmap for development and fielding of DTCS beyond Phase 2 at this point is not finalized, but demand is high, Marchosky said. “Today there is a stated need for a large quantity of units in the field. As OSD and Congress figure out what the portfolio will be, DTCS is tasked to satisfy urgent needs outside the POM cycles. Our intention is to satisfy as many of these requirements as possible within the next 12 months. “Although time will tell, I believe DTCS-Operational stands a good chance of being mainstream for years to come. DTCS fills a niche in the C2 arena, and it is unlikely it will ever be more than that. However, it is a very important niche that has become more relevant in the world of irregular warfare. The utility that DTCS will present to the warfighter will exceed how we intend to employ it today, not only complementing PORs, but also proving new capabilities in other areas, such as sensors and asset tracking,” he predicted.

NETWORK CAPABILITIES Iridium’s relationship with the Department of Defense dates to the EMSS contract with DISA, which has been the conduit through which Iridium continues to provide its hardware and services into the war fighting community, both for the U.S. DoD and allies. DISA has www.MIT-kmi.com

MIT 13.8 | 7

problem; their interest in our network focused on our complete global footprint, low latency and secure architecture. Plus in terms of cost, DoD had already made the investment into Iridium in respect to the gateway and subscriber devices.” Using Iridium, the lab created the Expeditionary Tactical Communications Systems (ETCS), originally designed as a proof of concept, although approximately 400 systems were deployed into the Iraq area of operations as well as into the Horn of Africa. Feedback on potential improvements to ETCS was then fed back into MCWL and the NSWC. Warfighter feedback and engineering improvements led to the evolution and change of the system architecture to what became Netted Iridium or DTCS. A limited technical assessment was conducted on the first phase of the system in October 2006, focusing on quality of service, range and the stability of the network. The MCWL continues evaluating this capability to support concept-based experimentation. To support this activity, a formal relationship was established between Iridium and DoD. “In 2005, Iridium entered into a cooperative research and development agreement with the MCWL to discuss how a system like this could be architected to meet the growing requirements for these communities. We surveyed interested parties, reaching out to the services and combatant commands, including Strategic Command, based on their interest in ensuring tactical narrowband SATCOM availability, and to operational combatant commands, specifically PACOM and CENTCOM, asking for their input,” Scheimreif explained.

GAPFILLER SYSTEM This led Iridium to envisage adapting the system as a near-term capability gapfiller between the legacy UHF tacsat and the forthcoming next generation Mobile User Objective System. “That is what led Iridium and our industry partners to invest our own internal R&D dollars into DTCS Phase 1, which was in essence a completely industry-funded effort,” said Scheimreif. “This resulted in a limited technical assessment in 2006, in which we and the government focused on measuring specific attributes of the capability, including range, scalability and quality of service.” That success led to the award of DTCS Phase 2 in June, as a fiveyear effort funded by the Navy. This work will fundamentally change the nature of the Iridum/EMSS service, which was hitherto limited to point-to-point, global telephony services. This next stage enhances each of the three nodes of the network: space, ground and subscriber equipment to provide greater capabilities in terms of networked operations while still retaining the legacy global point-to-point capabilities. “In the military tactical environment, a commercial satellite telephone isn’t necessarily the optimal tool to support the need for real-time tactical communications in a challenging environment,” Scheimreif observed. “As we have seen over the past 10 years, a satellite phone does provide a critical back-up communications solution. DTCS changes everything. Improvements and modifications to the radios, the satellites and the gateway create a new capability that for most users can now be used as a primary tactical voice and data solution. “Changes to the subscriber device, supported by ITT NexGen, offer a more robust, ruggedized tactical radio, known as the Radio Only device. Our customer is also working on an encryption path to take the handheld radios from a commercial AES 256 up to a National Security Agency-accredited system, while making sure that it remains flexible 8 | MIT 13.8

The Inmarsat-4 constellation enables the Broadband Global Area Network family of services. [Image courtesy of Inmarsat]

enough so it can be distributed out to NATO and coalition allies, supporting communications interoperability.” Under Phase 2, Boeing is updating software for the Iridium satellite fleet, as well as performing systems integration and testing. One of the biggest differences to the tactical user moving from ETCS to DTCS capabilities will be its networking. “In Phase 1 we created a network based on a single beam in which the user could establish a net around himself with an approximately 100-mile footprint with high reliability,” Scheimreif said. “In the next phase of the spiral development, we will leverage multiple spot beams by lighting up adjacent beams to the user, therefore expanding the footprint from 100 miles to 250 miles. Basically, it is now a pocket radio with a 250-mile footprint. Under Phase 1, we could employ 250 nets simultaneously anywhere in the world. Now, we expect to increase that to 2,000 simultaneous nets, deployable anywhere in the world at the same time.” Under Phase 1, the networks were primarily voice and position location information (PLI), but under Phase 2, the program provides netted data as well. “In Phase 2, we are still able to support voice and PLI, but have added the ability to push data over the multi-cast architecture. This includes text, chat, medevac request and so on. If somebody wants to send out a low-resolution imagery target of interest in real time to multiple users in the net, distributed over 250 miles, regardless of whether they are dismounted, in a ground vehicle, or a fast-mover, DTCS will be able to support that,” Scheimreif said. This data capability is being envisaged as a benefit to platforms as part of command and control on-the-move initiatives. Iridium has already been installed on a variety of platforms, such as LAVs, HMMWVs and MRAPs, and has been flown on everything from fixed to rotary wing tactical aircraft, as well as installed at fixed locations like command centers and forward operating bases. As the need for commercial satellite communication networks increases within the DoD community, DTCS presents a viable capability well into the future, Scheimreif emphasized. “Today, I believe DTCS is viewed by many as a gapfiller. But once MUOS and other systems come online, will the need for Iridium and DTCS go away? No, I don’t think so. MUOS and other military satellite networks will continue to provide attributes and capabilities that commercial networks cannot. However, the growing warfighter communication requirements in the future will still demand access to networks such as Iridium. www.MIT-kmi.com

“The DTCS system significantly changes how DoD communities use our network. We are excited about DTCS and truly see the value and advantages it brings to the warfighter. We are working closely with the NSWC and our industry partners and are committed to provide this service,” he added.

GLOBAL BROADBAND Inmarsat has a longstanding relationship with DoD in terms of personal communications. The company’s most recent capability is provided by its Inmarsat-4 (I-4) constellation, which enables the Broadband Global Area Network (BGAN) family of services. “You can toss a BGAN terminal in a man pack,” noted Rebecca CowenHirsch, a former DISA official who currently serves as vice president of global government services for Inmarsat. “Special operations and other military users employ BGAN for their voice communications, but they are Rebecca Cowen-Hirsch also using this capability for high streaming data and rebecca_cowen-hirsch@inmarsat.com situational awareness capability. This is a highly portable capability, and special ops communities have found it especially valuable for highly disconnected, mobile communications for small units.” In addition to frontline applications, BGAN is also widely used for welfare communications in theater back to the United States, providing an Internet cafe environment for off-duty forces. Cowen-Hirsch said, “It is deployed in a wide variety of applications, such as command and control, but also supporting different types of assets, from intelligence and battle damage assessment to morale communications and telemedicine, and virtually everything in between.” Access to Inmarsat’s BGAN is offered through a demand-assigned capability. “We are a very different commercial satellite system,” Cowen-Hirsch explained. “Our core services don’t require leased transponder bandwidth. You use it as you require it, rather than having capacity that sits idle when you don’t use it. We have seen a significant penetration in Southwest Asia, and we know that our streaming IP traffic in that particular region is very high, not only for U.S. forces but for coalition operations too.” BGAN has the ability to support a mobile ad hoc networking capability, so that a small unit can go into an environment, use BGAN to create and set up a small network, and then tear it down just as rapidly and deploy it into another region. Inmarsat is currently working on a multi-cast capability that ensures that multiple users receive the same information, simplifying command and control issues. Traditionally, Inmarsat has simply managed the satellite network, with interface criteria provided by hardware manufacturers such as Thrane & Thrane and Hughes Networks. This is now changing, with Inmarsat due to launch its own global handheld satellite phone in 2010, using the I-4 constellation. “It is our intent as well to provide a secure satellite phone specifically for military operations,” CowenHirsch said. Encryption is key to providing this, and moves to certification are well advanced. Inmarsat is currently registering with www.MIT-kmi.com

Search across your Hitachi and NetApp storage* for increased business efficiency.

Elementary!

No file too small, no search too big Time is money and there’s no time to waste. Hitachi Data Discovery Suite efficiently searches all of your Hitachi and Net App storage* to find the data you need, when you need it, through one easy to use management interface. This means a super boost in productivity of users and IT staff, enhanced mission support and an intelligent retrieval platform for your unstructured data.

The investigation is over. Visit www.hds.com/go/discover for the latest analyst reports on Hitachi Data Discovery Suite. Or call 866-637-2763 for more information

Hitachi Data Discovery Suite. SEARCH. IDENTIFY. COLLECT.

Assuming an average salary of $60,000, including benefits, the cost of ineffective search is $5,251 per worker per year. For 1,000 workers, the cost is $5.25 million. IDC 2007

*Full text search capability for Hitachi High-performance NAS, Hitachi Content Archive Platform and NetApp filers running ONtap 7.3 Hitachi is a registered trademark of Hitachi, Ltd., and/or its affiliates in the United States and other countries. Hitachi Data Systems is a registered trademark and service mark of Hitachi, Ltd., in the United States and other countries. All other trademarks, service marks, and company names are properties of their respective owners. © Hitachi Data Systems Corporation 2009. All Rights Reserved.

MIT 13.8 | 9

NSA for its comsec encryption program. “We are requirements so that as we develop our systems, we looking to ensure that we have FIPS 140-2—AES have addressed their needs, so that they can take 256—commercial grade encryption,” she noted. advantage of our solution as we move forward and get “Then for the U.S. market we are currently in it into service. With the launch of TerreStar 1, which discussions with NSA to pursue their Suite A or is the linchpin for the network that will utilize the 2 B certification—the new type certification NSA is GHz spectrum in North America, they will be able to introducing.” use that satellite’s all-IP communications networks Cowen-Hirsch cited Suite B certification, which for the devices that we are going to be delivering,” is sufficient for secret and below traffic, as Inmarast’s said Dennis Matheson, chief technology officer of goal. The U.S. military satphone is anticipated to be TerreStar. Dennis Matheson made available shortly after the commercial device The handset for TerreStar, developed in conin 2010. junction with Finnish firm Elektrobit, is due to To date, Inmarsat has already injected the highbe available by the end of the year. Similar in size est level of NSA security into its overall system. to any other consumer smartphone, the TerreStar“One thing we offer specifically for the military is Elektrobit devices represent the world’s first secure to encrypt our command signal for our satellites, so quad-band GSM and tri-band WCDMA/HSPA smartthat it is consistent with NSA comsec requirement phone with integrated all-IP satellite-terrestrial voice for Type 1 encryption. This ensures that no one and data capabilities. else can command or control our satellites. That “As we worked the design of the smartphone, is an investment we have made to ensure that it is anything that needed to be incorporated for DoD was consistent with military requirements, but certainly done as much as we could. Being an all-IP phone, we there is a commercial advantage to that as well,” have the ability to add in functionality if they need Martin Neilsen Cowen-Hirsch said. different encryption, and we will be able to add those Other developments have seen Inmarsat enter things on top of the general handset,” Matheson said. the software defined radio (SDR) field, working with Gatehouse “Satellite terminals don’t have to be big and clunky. They can to instantiate the BGAN waveform on the company’s SDR to dembe in a more consumer package size,” he added. “At the same onstrate future Joint Tactical Radio System-type capabilities. In time, there is always going to be a need for ruggedized, specialized addition, earlier this year Inmarsat and Harris announced that the devices. What we are going to do is to take the smarts in our conBGAN waveform has received type certification on the latter’s AN/ sumer unit and wrap it into the packaging that is needed for that PRC-117G Type 1 radio. particular application as requested by our government clients.” Another company in this field is Globalstar, which provides a NEW CONTENDER wide variety of mobile and fixed satellite voice products to various U.S. government agencies, including DoD. Globalstar also proIn July, TerreStar Networks successfully launched TerreStar-1. vides those agencies with satellite data solutions using both satelDescribed by the company as the world’s largest, most powerful lite simplex and duplex data products for a variety of asset tracking commercial communications satellite, TerreStar-1 has been develand remote data monitoring or system control applications. oped while liaising with the government to ensure its capabilities Martin Neilsen, vice president, new business ventures for can meet defense and homeland security requirements. Globalstar, outlined the company’s capability growth path: “Later “We have been looking at the requirements of the governthis year, Globalstar expects to begin taking delivery of its secondment, specifically looking at first responders, understanding their generation satellites, with deployment of the second-generation constellation expected to finish in 2010. Combined with the ground segment upgrades, the new network is designed to provide high-quality voice and data services beyond 2025 and increased data speeds of up to 256 kbps, in a flexible all-IP configuration. “Products and services supported are expected to include push-to-talk and multicasting, advanced messaging capabilities such as multimedia messaging or MMS, mobile video applications, geo-location services, multi-band and multi-mode handsets and data devices with GPS integration,” he continued. “Globalstar is also expanding its satellite coverage area in both Southeast Asia and Africa, and the company continues to evaluate other potential markets.” ✯

TerreStar-1 has been described as the world’s largest, most powerful commercial communications satellite. [Image courtesy of TerreStar Networks]

10 | MIT 13.8

Contact Editor Harrison Donnelly at harrisond@kmimediagroup.com. For more information related to this subject, search our archives at www.MIT-kmi.com.

www.MIT-kmi.com

BY ADAM BADDELEY MIT CORRESPONDENT BADDELEYA@KMIMEDIAGROUP.COM

3G and Beyond THE LATEST CELLULAR COMMUNICATIONS TECHNOLOGIES ARE BEING TESTED, EVALUATED AND PACKAGED FOR URGENT OPERATIONAL NEEDS. No doubt many warfighters, looking at their bulky combat net “Keep in mind that the military operational environment is vastly radios and comparing them with their own sleek cell phones at home, different than a commercial cellular environment,” Armantrout have been left scratching their heads as to why the latter can’t be continued. “JTRS networking waveforms provide a ‘meshed network’ replicated on the battlefield. architecture—no fixed infrastructure required. Each radio has equal In reality, however, cellular communications technologies now capability and can connect with another like-kind radio directly over in their latest 3G and 4G iterations are currently being tested, evalu- the air. The radio determines coverage by transmit power and antenna ated and packaged for urgent operational needs in the current fight gain configuration. The radio also determines the connectivity popuand integrated in critical programs of record both on and off the lation autonomously. JTRS is capable of relay and routing messages battlefield. This is ensuring that both on and off the battlefield, the and provides for ad hoc connectivity between two or more radios.” Department of Defense and other federal agencies can conduct every MULTIPLE TECHNOLOGIES aspect of their work using militarily secure links that also embrace the enhanced bandwidth’s connectivity that originates in the civilian There are multiple 3G cellular technologies. In meeting some world. John T. Armantrout, chief technology officer for the Joint Program of the DoD’s key communications objectives, General Dynamics C4 Executive Office Joint Tactical Radio System (JPEO JTRS), addressed Systems is focusing on two of them—CDMA and WiMAX. Their capabilities are being incorporated as part of three key the issues involved in bringing this technology to the programs: the Mobile User Objective System (MUOS), battlefield. “It is not more challenging, just different,” a UHF SATCOM network; JTRS Handheld, Manpack he commented. “Certainly the legacy waveforms have and Small Form Fit (HMS); and the Warfighter Infora lot of history and folks have experience with them, so mation Network-Tactical (WIN-T). it is easy to find a subject matter expert in DoD. AddiMUOS uses a wideband CDMA architecture, much tionally, they are significantly less complex than the like a traditional cellular implementation in that there modern waveforms—and, obviously, significantly less is an infrastructure associated with it, albeit one that capable. The networking and cellular waveforms are is partially satellite-based. Joe Miller, director of JTRS new to DoD, and there is little development experience programs at General Dynamics, explained the underwith them in the department. But we are finding folks lying challenges for HMS terminals in supporting its from industry to assist us in the JPEO, and our primes Joe Miller 3G waveform. are quickly gaining similar experience. www.MIT-kmi.com

MIT 13.8 | 11

“From a terminal implementation perspective, you need more processing elements to host these networks and the applications associated with them. In addition, as these waveforms are adopted for military applications, unique modifications are required in the 3G technologies,” Miller said. “A very good example is the fact that they have to co-exist with terrestrial communications around the world, so it is very important to get spectral authorization to use MUOS. You can’t interface with existing terrestrial communications so the waveform is being modified for spectral adaptation so that it doesn’t jam existing commercial networks.” The first MUOS terminal will be the two-channel JTRS HMS manpack. The manpack is a two channel design with a 30 MHz–2.5 GHz 20W output requirement for both channels. Two separable power amplifiers (PA) are mounted on each side of the radio. Either channel extends down to 2 MHz with the addition of a high frequency PA. To run MUOS on the manpack requires a replacement MUOS PA that provides the additional circuitry required to host the MUOS waveform. This approach has inherent flexibility, Miller said. “You can put it on either side, or put it on both sides and field-replace the unit. In addition, because you have all of the modem and security hardware and software inside the main manpack, you can run the other waveforms using the MUOS PA in bypass mode, at the modem’s normal 5W output.” Right now MUOS is not a requirement on every JTRS HMS set, but only the manpack and handhelds. “I would expect that any set that they want to have SATCOM capability, they will eventually want MUOS on it. In reality, though, what they are initially looking for is a manpack terminal and a handheld terminal for MUOS. I don’t believe there is any current thought for any of the embeddable HMS form factors that go on sensors, to be MUOS compatible as they go through local nets. Once MUOS capability is reduced down to a handheld capability, it would be no problem to add it to the embedded variant that goes with the Ground Soldier Ensemble,” Miller commented. A broad concept of 3G incorporates WiMAX, an OFDMA-based wireless technology now being adapted for use by General Dynamics on JTRS HMS and WIN-T. Miler said, “There is growing interest for WiMAX on HMS. Standard commercial implementations of WiMAX do not incorporate true ad hoc capabilities, but our adaptation of WiMAX does incorporate that ad hoc functionality. “Commercial WiMAX implementations rely on network access points for connection into a network,” he continued. “The military doesn’t have the benefit of these network access points because of a lack of fixed infrastructure. The difficult piece for the military is making it fully ad hoc so that every node on the network can support any other node and route information through it, as well as adding in the security features that are not supported but required for military applications.” In WIN-T, General Dynamics has implemented a modified WiMAX that is used as a mobile local area network purely for secure local area connectivity.

EMPIRE CHALLENGE One of the key technological inflexion points has been the creation of cellular and 3G wireless environments that can be scaled down as well as up, making them suitable to military deployment and disaster recovery, explained Michael Coyne, chief technology officer of Ericsson Federal. “We have cellular systems based on standard hardware 12 | MIT 13.8

and software that is packaged into a small, self-contained ‘system in a box’ called QuicLINK. This system is scaled to be deployable and work in communities where the system itself is mobile, making 3G and 4G cellular systems viable in this space.” This concept was tested in DoD’s recent Empire Challenge event, a month-long exercise designed to take new technology, insert it in realworld tactical environments and test its ability to work with existing architectures to meet immediate operational needs. “Our primary focus with QuicLINK was on delivering broadband wireless to the soldier in the field, enabling multimedia capabilities with strong focus on distribution of voice and video information from sensor platforms. We also showed some IMS-based software that gave situational awareness capabilities and multimedia communications,” Coyne said, citing the example of a 360-degree immersive video C2 system, where Ericsson was asked with very short notice to allow the vendor to connect their system to QuicLINK, permitting a successful test. “What is unique about Ericsson’s IMS solution, used in combination with QuicLINK and using fixed broadband access, is that we are using a standardized IMS SIP core,” he noted. “That is interesting because in the past, people would tend to build custom-made IPbased systems, so if you buy from one vendor you get everything you need in a proprietary system. This does not support a multi-vendor environment or transparent sharing of information across agencies in a peered, policy managed way. The implementation Ericsson showed at Empire Challenge is a prime example of this approach, using standard IMS interfaces and various third-party software with more than eight different vendors in addition to our gear. We took best of breed.” The outcome from Empire Challenge, Coyne explained, is that Ericsson’s technology is now being considered for deployment in systems due to be rolled out in the next six to nine months. “Empire Challenge has been a big breakthrough for us. It has moved us from PowerPoint slides to real systems in a real-world environment, working with what is already deployed in the field,” he said. Coyne emphasized that the QuicLINK system is a complement to and enhancer of existing military capabilities. “We have to be able to say to guys with SINCGARS or JTRS, that you don’t have to throw away the things you have,” he said. “For example, in the public safety arena, we have worked with vendors of P25 deployed systems and have already enabled those products to tunnel over and go to cellular handsets that look and feel as though they were part of the P25 group. It’s a combination of an interworking gateway and an ability to tunnel a client on a handset. We can anticipate the same thing applying in this space. We will not try to replace what is already there, rather we will augment and enhance.” One of the first 3G customers in DoD for Nokia Siemens Networks (NSN), meanwhile, was the Army, which acquired a high speed downlink packet access 3G network in 2006. “There are other DoD entities that are also evaluating our technology,” said Robert Fennelly, head of U.S. government sales at NSN. “We provide the technology, support the technology and keep them apprised of the roadmaps for where the technology is headed. We also have a cooperative research agreement with Army CERDEC. That is another effort where we present technologies and are in the process of delivering latest generation technologies for evaluation. In one example, we have upgraded the radio network and introduced IMS technology, allowing the Army to evaluate applications such as VoIP.” www.MIT-kmi.com

The SectĂŠraÂŽ Edge™ is the only SME PED that switches between an integrated classiďŹ ed and unclassiďŹ ed PDA with a SINGLE KEY press.

Unified Secure Voice and Data in the Palm of your Hand General Dynamics’ SectĂŠraÂŽ Edge™ is the world’s ďŹ rst NSA-certiďŹ ed Type 1 ruggedized smartphone, developed for the National Security Agency’s SME PED (Secure Mobile Environment Portable Electronic Device). This compact and lightweight device allows users to protect classiďŹ ed and unclassiďŹ ed voice and data communications from one easy-to-use handheld device.

,_[LUKPUN ;`WL :LJ\YP[` [V [OL ,KNL VM [OL >VYSK The RUGGED SectĂŠra Edge smartphone provides secure and wireless: s 6OICE COMMUNICATIONS s !CCESS TO THE 3)02.%4 AND .)02.%4 s %MAIL WEB BROWSING AND INSTANT MESSAGING s 'LOBAL ROAMING OVER '3- #$-! OR 7I &I WIRELESS NETWORKS s )NTEROPERABILITY AND CONNECTIVITY WITH 3#)0 AND (!)0%ÂŽ devices s $ATA AT 2EST ENCRYPTION &OR MORE INFORMATION CALL OR 4YPE 5

EMAIL SECURE COMMUNICATIONS GDC S COM OR VISIT WWW GDC S COM SECUREPRODUCTS General Dynamics Secure Communications: We Bring You What’s Next.

:L )L PRGXOH H[SHFWHG WR EH VXEPLWWHG WR 16$ IRU FHUWLÀFDWLRQ 0D\ ‹ *HQHUDO '\QDPLFV $OO ULJKWV UHVHUYHG 6HFWpUD DQG (GJH DUH WUDGHPDUNV RI *HQHUDO '\QDPLFV +$,3( LV D UHJLVWHUHG WUDGHPDUN RI WKH 1DWLRQDO 6HFXULW\ $JHQF\ $OO RWKHU SURGXFW DQG VHUYLFH QDPHV DUH WKH SURSHUW\ RI WKHLU UHVSHFWLYH RZQHUV 0LFURVRIW SURGXFW VFUHHQ VKRW UHSULQWHG ZLWK SHUPLVVLRQ IURP 0LFURVRIW &RUSRUDWLRQ *HQHUDO '\QDPLFV UHVHUYHV WKH ULJKW WR PDNH FKDQJHV LQ LWV SURGXFWV DQG VSHFLÀFDWLRQV DW DQ\ WLPH DQG ZLWKRXW QRWLFH

The underlying strategy behind this interest lies in obtaining synergies with the commercial sector’s economies of scale. “The commercial world offers a wholly different cost point,” said Fennelly. “There are millions of subscribers out there and the technology moves very quickly. DoD is interested in riding the technology curve and getting the latest capabilities, whether it is bandwidth, applications or seamless databases.” The next generation of technology is 4G or LTE, which is being addressed via the initiatives with the research agreement with NSN and promoted in a range of defense forums. “We presented at the Army Science Board, looking at future technologies,” Fennelly said. “They are very familiar with the LTE technology, and we anticipate that they will make an investment in that in the near future. The flat architecture that 4G brings enables a simpler network with greater bandwidth data speeds. Also, a more compact architecture raises the chance of a tactical deployment of the technology which would have been difficult with commercial grade equipment in the past.”

Tom Liggett

Scott Totzke

device, so that anybody who didn’t have the appropriate access for that level of classification couldn’t access the data, either from the far end or by picking up the device and attempting to hack into it.” The advent of 4G, Liggett believes, represents further opportunities in terms of higher data rates so a lot of mission-critical requirements can now be met. “The other key technology going forward is the migration to VoIP. It has been a long time coming and it is still coming, but once 3G networks universally adopt VoIP, we will be able to take advantage of that technology, and the Edge will be able to offer some additional users efforts to use some of the secure voice services. “Currently, the secure voice capability runs over circuit switched data service technology, a legacy technology in the cellular world that is gradually being replaced. As that happens, we will migrate to VoIP, and that will provide additional features like a single phone number for different devices, potentially a higher voice quality and other capabilities like that,” Liggett added.

SECURITY IS PRIMARY

SMARTPHONE CAPABILITIES

For DoD or federal government business, security always comes first, said RIM’s Scott Totzke, vice presiGeneral Dynamics C4 Systems Sectéra product line dent for BlackBerry security. “DoD is comparable to comprises a family of secure voice and data products. a large enterprise customer that has centralized govSectéra begins with the secure wireless GSM phone ernance of their geographically dispersed personnel for 2G cellular networks. The new 3G wireless product around the world, but there are some baseline criteria is the Sectéra Edge smartphone, which provides the for wireless security that are required to even enter same secure voice capability of its predecessors. In into the discussion with that customer base.” addition to basic point-to-point data services, however, Totzke cited Homeland Security Presidential Dan Bigbie it also adds the capabilities of a modern smartphone, Directive 12 and DoD 8100—policy documents govincluding push e-mail, Web browsing, MS Office and erning the use of wireless devices—as well as the dbigbie@lgsinnovations.com additional applications. The Sectéra wireless GSM National Institute of Science and Technology’s Federal phone was based on a standard commercial Motorola cell phone Information Processing Standards 140, which independently validates to a commercial standard, while the Sectéra Edge is ruggedized to the design and implementation of an encryption module that is part of MILSTD-810F. a product. “RIM has been a longstanding participant in that program,” “The target market for the product is segmented. It is used par- he said. “At one point we were the first and only mobile solution and ticularly by Pentagon seniors and others in federal agencies and DoD a lot of our competitors have followed suit.” for their day-to-day communications. The products are also used in a To support its strength in encryption, RIM acquired Certicom tactical environment and run on the native network. It is also used in in 2006. Previously the National Security Agency obtained a govapplications where a unit will drop in a portable cell site and just use it ernmentwide license for the firm’s Elliptic Curve Cryptography for local communications,” said Tom Liggett, business area manager technology used in the NSA Suite B standard for secure government for end-user and voice products at General Dynamics C4 Systems. communications, which is now part of RIM’s portfolio of products. When a secure call or a data session is required, the devices RIM’s approach to DoD business has been to focus on enhancing automatically negotiate the highest appropriate security level, Liggett the security of COTS products. “BlackBerry has been [Type 1] Suite B explained. “One device might be keyed for Suite B only to protect sen- compliant for about seven years now, so we don’t build Type 1 [Suite sitive but unclassified information, while I might have a device keyed A] products. Our forte is secure but unclassified, and 80 percent to with Suite A for classified information and also with Suite B, so we 90 percent of day-to-day communications within DoD falls into that could go secure using Suite B. That is all done by virtue of the secu- realm. For Type 1 [Suite A], you are into purpose-built hardware with rity protocols used. There are two standard security protocols, and we customized requirements that only allow you to sell the product to a implement them both. One is called SCIP [Secure Communications subset of the U.S. federal government. That is where you end up with Interoperability Protocol] for secure voice communications. $3,000-plus phones, and that is not a COTS product.” “For data communications, we use the HAIPE [High Assurance RIM works closely with the DoD on the Wireless and Secure TechIP Encryption] protocol. When you exchange classified e-mails, there nical Implementation Guide (STIG), which establishes requirements is specific data-at-rest encryption technology in the device that uses for properly configuring and managing the security features that are NSA-certified technology. The Edge encrypts the classified data on the inherent in the BlackBerry platform. 14 | MIT 13.8

www.MIT-kmi.com

“We routinely meet with representatives of the For the last few years LGS has provided the Office of the Secretary of Defense and Defense InforTacBSR, a single box GSM cellular solution, to DoD mation Systems Agency (DISA) to talk about what customers. The TacBSR delivers the smallest form factheir needs are from a mobile device standpoint so that tor in the industry. It leverages VoIP for backhaul and we can accommodate that in our technology roadmap. allows multiple TacBSRs to inter-network in a simple, We have also worked with DISA to open up the STIG easy to deploy and manage, flat architecture employing to create guidance on how to safely allow third-party commodity IP networks, providing “cellular over IP” applications to be safely installed on DoD networks,” functionality. Totzke said. “Current network architectures tend to be hierar“Some of our large enterprise customers are also chical and centralized which limits communications Macy W. Summers starting to look at this model, so DoD is certainly a when cut off from the core,” said Wayne Eagleson, LGS thought leader in this space,” he noted, adding that issues for the general manager. “The advantage of a rapidly deployable technology is future include using BlackBerry smartphones on 3G and, in the future, that it can provide mobile, flexible and self sufficient broadband voice, 4G networks, as a communications modem for attached devices. video and data for deployments with company, brigades or battalions Looking beyond e-mail, RIM believes it has more to offer. “Having without having to rely on any existing network infrastructure. When a reliable device that provides a secure connection back to your mail commercially available, systems like the RDN can take advantage of server is certainly important. Now, however, DoD, like a lot of other commercial cellular network technology enabling the ability to build customers, is starting to look at how they can leverage that investment the network on the fly.” in mobile technology. We for example have seen Army recruiting have SOCIAL NETWORKING an application for signing up new recruits. We also have emergency contact lists for continuity of government and continuity of operaAt the Coalition Warfare Interoperability Demonstrations this tions, and this has been a fairly big initiative within DoD.” At the core of the offering, Totzke said, is RIM’s ability to manage summer, meanwhile, Lockheed Martin demonstrated what company scarcity of bandwidth in catastrophic or certainly high stress situa- executives see as the beginning of a new future of social networking and related technologies in a military context. tions, where a land line infrastructure has failed. Using the combination of legacy Defense Information Systems “I was in London when the 2005 subway bombing happened, and I was able to effectively communicate with my boss and family sending Agency network devices and commercial wireless infrastructure, the BlackBerry e-mail, but I couldn’t make a phone call,” he recalled. “It company and its partners demonstrated the ability to deliver media is that efficiency of network use that has allowed DoD to start looking rich data and applications with smartphones. Applications included at BlackBerry as a fallback if the mail server fails. If I can’t make a tactical maps, UAV tasking, integrated biometrics and an ISR Enterphone call, we are still able to get messages routed between BlackBerry prise. Combined with research and development programs, Lockheed devices. So continuity of government really comes into play.” Martin is rapidly enabling the irregular operator and warfighter with RAPIDLY DEPLOYABLE NETWORK faster and more collaborative tools that provide rich robust applications to the first mile and seamless connectivity for success in garBoth the use of 3G and 4G wireless communications technologies rison, on patrol or in disadvantaged positions. should be considered a strong addition to existing communication “Our young warfighters and operators come from a world where solutions in the battlefield, but not a replacement, according to execu- they can communicate at will,” said Macy W. Summers, vice president tives of LGS Innovations, the independent U.S. government subsidiary for strategic development with Lockheed Martin Information Systems of Alcatel-Lucent. These networks are typically deployed at higher fre- & Global Services-Defense. “The ‘first mile’ capabilities and mobility quencies (typically between 450MHz and 3.5GHz) and while they offer of the teenager hanging out at the mall easily outpace those provided significant bandwidth advantages, they do not yet offer all of the trans- today to our combatants and operators in the field. mission range advantages of the lower frequency legacy equipment. “That teenager has easy-to-use applications for provisioning, infor“The network needs to be both expandable and flexible enough mation sharing, situational awareness, course of action determination, that it is able to easily support every application the warfighter needs and imagery data,” Summers said. both now and in the future,” said Dan Bigbie, vice president business These fundamental shifts in computing, mobility and human development for LGS. “Leveraging our broad history of providing interaction mean there is a great opportunity for the warfighter operlong-term communications solutions, we look to deliver standards- ating in environments that encompass traditional, irregular, disrupbased networks so the ability to incorporate new applications is not tive and catastrophic threats. Lockheed Martin believes bold thinking only possible, but also easy.” and solution-creation using Web 2.0, smartphones and mobile comProbably the most critical component of a 3G/4G solution is the munications is the answer. creation of a proper network architecture that gives users the ability “We’re doing it today—changing the very nature of the interface to form ad hoc wireless mesh networks that can adapt to the needs of of the edge,” Summers said. “It’s beyond novelty; we’re innovating for various deployment scenarios on demand. the mission.” ✯ LGS is in the final phase of testing a rapidly deployable 4G solution. This innovative rapidly deployable network is a compact, self Contact Editor Harrison Donnelly at contained network in a box (less than 1 cubic foot) used for establishharrisond@kmimediagroup.com. For more information related to this subject, ing secure, real time, mission critical voice, video and sensor comsearch our archives at www.MIT-kmi.com. munications. www.MIT-kmi.com

MIT 13.8 | 15

Digital Technology for Small Unit Leaders

BY COLONEL BUDDY CARMAN AND MIKE KELLEY

IN ORDER TO LEVERAGE THE POTENTIAL OF NETWORKED INFORMATION, SMALL UNIT LEADERS NEED GREATER BANDWIDTH CONNECTING THEM TO A SECURE NETWORK. As the U.S. military enters the ninth year of overseas contingency operations against terrorist groups, doctrine writers, material developers, and capability managers are sprinting to keep up with the rapidly changing demands of the warfighter. This conflict features asymmetric threats within a disparate culture and language of a populace struggling for basic essential services and security. Complex, densely populated urban areas as well as huge expanses of rural, harsh terrain further complicate the mission. At the heart of all the challenges is maintaining effective command and control (C2). In order to adapt to the illusiveness of our adversary and the overwhelming scope of full spectrum operations, leaders at every level have demonstrated enormous creativity in adapting “legacy” doctrine and systems to accomplish the mission at hand. A traditional view of tactical military command and control is a centralized structure. At the battalion level and above, seasoned, experienced, centrally selected commanders lead a trained battle staff, leveraging robust intelligence resources, to plan and disseminate operations orders and intelligence updates for execution. Eager but less 16 | MIT 13.8

experienced company commanders execute those orders and report information higher to provide the higher headquarters situational awareness and refine the plan. These inputs from subordinate units feed refinements to the plan in the continuous planning and execution of the mission, resulting in fragmentary orders generated back to the subordinate smaller units. In simple terms, higher headquarters develop the plan, and company commanders do what they are told. Current operations in Iraq and Afghanistan have demonstrated a shift in that traditional centralized view. Although battalion and above headquarters continue to provide orders and updates, company-level units have established significantly more robust “command posts” at their level. Companies are developing home-grown intelligence: leveraging human intelligence assets taskorganized to them as well as intelligence developed from direct relationships with indigenous security force and improved relationships with the local populace. Often intelligence gathered on an objective, during a cordon and search for example, is rapidly exploited to conduct subsequent

operations within hours of the first objective. Junior leaders are operating on intent, adapting rapidly to the environment and working under the principle of asking for forgiveness rather than waste valuable time seeking permission.

DECENTRALIZED COUNTERINSURGENCY As a result of this shift in the C2 paradigm, the Army is struggling to adapt doctrine, organization structure and material requirements to resource the company commander with additional people, training and equipment to enable improved command and control. Why did this dramatic change to C2 occur? As the Army’s 2004 interim field manual on counterinsurgency operations states, “C2 during counterinsurgency requires greater decentralization to small unit leaders. Normal operating methods focused around a single commander’s approval often prove inefficient, untimely, and ineffective for the situation. Commanders must develop a level of trust communication with subordinates and foster their initiative well before www.MIT-kmi.com

arriving into the theater of operations. Commanders must empower their subordinates with clear authority for specific operations. The subordinate leaders must clearly understand orders, missions, and the commander’s intent down to the squad and fire team level. … If C2 and decision making become slow processes, the insurgents can exploit this. Additionally, commanders often coordinate with other agencies that will not be present on a conventional battlefield.” The nature of the counterinsurgency (COIN) environment demands decentralized C2. Small unit leaders must develop relationships with the local populace and hostnation security forces that share their area of operations. Intelligence often hinges on these relationships and is more commonly developed from the “bottom up” that from analysis form higher levels. Therefore, they have developed internal C2 structure to meet the demands of this fight. The current fight has dramatically increased the operational tempo for ground forces. In addition to repeated combat deployments, the nation is asking the force to accomplish an incredibly broad range of missions and skills, including training host nation security forces; assisting in nationbuilding and providing essential services; developing and improving cultural awareness and basic language skills; and conducting time-sensitive missions to capture or kill senior insurgent leaders by exploiting fleeting intelligence from national assets. Previously, these are missions or tasks that were associated with special operations forces, after undergoing highly specialized training. Now, these are routine lines of operations for conventional ground forces. These seasoned warriors understand the intricacies of counterinsurgency operations. They’ve developed relationships with the people, both security forces and the local populace. They have built trust and learned how to develop and exploit human intelligence sources at the lowest levels of leadership. They understand the second order effects of their actions. They’ve learned the fundamentals of COIN not from the schoolhouse, but the school of hard knocks. Today’s soldiers and Marines are the product of the information age—“digital natives” with no experience of a world that isn’t networked. Small unit leaders are very comfortable with multitasking—assimilating and leveraging enormous amounts of data from a variety of sources simultaneously. They are extremely comfortable with www.MIT-kmi.com

automation and information technology and often have made it an integral part of every aspect of their lives. Two notable examples of successful systems are Force XXI Battle Command Brigade and Below (FBCB2) and Tactical Ground Reporting (TIGR). Although originally developed in the mid-’90s for the Army’s Counterattack Corps, FBCB2 is a real-time situational awareness and C2 system that automatically updates friendly locations and displays reported enemy activity on georeferenced imagery. TIGR is a Defense Advanced Research Projects Agency (DARPA) initiative: a multimedia reporting system for soldiers at the patrol level, allowing users to collect and share information to improve situational awareness and to facilitate collaboration and information analysis. The digital-native leaders at the company level are able to exploit these systems to improve situational awareness, plan missions, and conduct more effective command and control. But a significant gap remains for C2 at the company and below. In addition to improvements to manning and training, small unit leaders need better connectivity to the network and a simplified interface.

INDUSTRY PARTNERSHIPS In order to leverage the potential of networked information, small unit leaders need greater bandwidth connecting them to a secure network. In order to keep pace with the growing demand, the military must find a more effective way to leveraging current and emerging wireless technology to push connectivity to the lowest level. Whatever bandwidth we will be able to provide will be rapidly consumed with a variety of critical data: photos, biometric data, streaming video, and a growing amount of other sensor data. In order to meet the demand, we must partner with industry to develop a variety of low-cost, redundant communications options for both terrestrial and celestial networks to provide a robust network capability. Leveraging the digital native’s inherent expertise with information technology is fundamental to any successful automation tool. Part of TIGR’s success as a small unit leaders’ operational tool is its ease of use. The software developers patterned the graphic user interface off of Web 2.0 applications like Facebook and Twitter. A variety of COTS systems have been developed and deployed, but they often

require “swivel chair” operations—taking data from one system and manually entering it into another, incompatible system. As we develop new software applications and improve existing systems, material developers and industry must make a concerted effort to create an intuitive user interface that allows the warfighter to access applications from a single work station. The development must include refinements from user juries that allow recently redeployed leaders to operate prototype systems and provide feedback on improvements to make them effective. Creating a more intuitive user interface also reduces the amount of training time required to operate the system since it more closely replicates the systems he uses every day. Although this article has focused on the need for improving the network and software applications for small unit leaders, these are merely tools needed by leaders to improve effectiveness. It is a dangerous assumption that improvements in information technology will solve the challenges of the current fight. Used inappropriately, they can actually become a distraction or lead to micromanagement from a command post. Improving information technology will be a critical enabler only when coupled with disciplined, realistic training and professional, engaging leaders. In order to bring about effective change in improving information technology for small unit leaders, the military must skillfully partner with industry. The current acquisition system is too cumbersome to keep pace with the rapid improvements in technology. We must become more agile to leverage emerging technology more effectively. Our industry partners, meanwhile, must develop a longer view in their relationship with the military, focused on modular, upgradeable systems, providing insight to promising emerging technology, and geared toward customer satisfaction and support to the warfighter instead of the “quick buck.” ✯ Colonel Buddy Carman is the TRADOC capability manager for platform battle command and combat identification, and Mike Kelley is his deputy.

Contact Editor Harrison Donnelly at harrisond@kmimediagroup.com. For more information related to this subject, search our archives at www.MIT-kmi.com.

MIT 13.8 | 17

Putting the IT in “Mobility” AIR MOBILITY COMMAND’S COMMUNICATIONS DIRECTORATE PROVIDES INTEGRATED, RESPONSIVE, RELIABLE AND SECURE COMMUNICATIONS AND INFORMATION. (Editor’s Note: This article, provided by the AMC/A6 Director’s Action Group, is one of a series of profiles of key commands in the information technology and communications fields.)

(TACC) Air Operations Center, and U.S. Transportation Command (USTRANSCOM). A6 is made up of four divisions: capabilities and integration; command and control mobility systems; operations; and plans, policy and resources. Through our directorate, we plan, design, develop, test, deploy, operate, and sustain numerous information technology systems/programs designed specifically for AMC. This article will discuss several of these systems/programs, including Senior Leader Command, Control and Communications System-Airborne (SLC3S-A), In-Transit Visibility (ITV), and Enterprise Information Management (EIM). It will then briefly discuss how A6 has creatively leveraged Air Force Smart Operations for the 21st Century (AFSO21) and developed several solutions to offset severe manning reductions across AMC.

SENIOR LEADER COMMS

Members of Multinational Corps-Iraq came together at the Joint Airspace Interoperability Synchronization Conference at Camp Victory, Iraq. Key players from the Army, Air Force and civilians from all over Iraq and the Combined Air Operations Center discuss the complexities of managing the joint air picture and how to improve joint tactics, techniques and procedures. [U.S. Air Force photo]

With a team comprising more than 132,000 active duty, Reserve, Guard and civilian personnel, Air Mobility Command (AMC) supports America’s national interests and the collective will of the American people through three core competencies: airlift, aerial refueling and aeromedical evacuation. Our mission is to provide global air mobility—right effects, right place, right time. AMC’s airmen are put in harm’s way every day to deliver troops, cargo and fuel with velocity and precision. On a typical day, we plan 900 sorties, move 2,000 tons of cargo and transport 6,000 passengers. This operations tempo equates to, on average, a mobility aircraft departure every 90 seconds, 24 hours a day, 365 days a year. In the past year, AMC flew 66 percent of the total missions in Iraq and Afghanistan. Within AMC, the Directorate of Communications (A6) community supports AMC by providing integrated, responsive, reliable, and secure communications and information; providing services and policy for managing information as a strategic resource for optimum customer support; and serving as AMC’s chief information officer, formulating policies and guidance on the strategic planning, implementation and sustainment of information systems. We provide this support not only to Headquarters AMC, but also to its 12 bases, the 618th Tanker Airlift Control Center 18 | MIT 13.8

The SLC3S-A program provides worldwide airborne communication capabilities for our nation’s top senior leaders, including the president, vice president, secretary of state, secretary of defense, director of national intelligence, secretary of the department of homeland security, chairman of the Joint Chiefs of Staff, and the combatant commanders. We also manage the ground network interface for these airborne assets, known as the Executive Airlift Communications Network, which provides connectivity to the Department of Defense’s Global Information Grid. Additionally, we’re pursuing related efforts to modernize our commercial and military satellite and line-of-sight systems to bring higher capacity connectivity for national command and control capability. AMC is leading the effort to keep our national senior leaders connected and protected, even while traveling in airborne assets. We also manage AMC’s command-unique C2, ITV, operations and business system programs. The C2 and ITV systems we plan, design, develop, test, deploy, operate and maintain provide support across the Mobility Air Forces (MAF) and the USTRANSCOM mission spectrum from initial planning through execution and completion. The C2 systems are responsible for all AMC mission planning, including identifying the appropriate aircraft and air crew and optimizing the flight path. The ITV systems track the people and cargo on these missions from origin to destination. Both the C2 and ITV systems are crucial to AMC’s airlift, aerial refueling and aeromedical evacuation missions, and used daily to fly our sorties. Our business systems provide for the contracting of the commercial reserve air fleet and accountability of airlift mission budget and costs between government entities. www.MIT-kmi.com

We provide the systems to integrate global mobility enterprise C2 and ITV capabilities, supporting an average of 900 sorties a day around the world; enhance the velocity and precision in AMC’s airlift capabilities and USTRANSCOM’s supply/delivery chain; and plan, execute, track and account for nearly 4,000 pallets, more than 2,000 loose pieces of cargo, and over 6,000 passengers daily. These systems improve the ability to estimate fuel and optimize the routes of flights to make the most efficient use of fuel; enhance the capability to contract with commercial airlift providers; and provide the means of accounting, budgeting and analysis for over $7 billion. These systems collectively support more than 34,000 users worldwide. They have been used and continue to be used by the 618th TACC Air Operations Center at Scott Air Force Base , Ill., to manage MAF operations, by planners and operators in both Afghanistan and Iraq, and by those responsible for planning and executing the day-to-day mobility missions, exercises and contingencies wherever they occur to support peacetime, humanitarian and wartime operations. Along with standard network and application technology, we leverage different technologies to constantly improve system capabilities. We use a multi-mastered replication scheme, across diverse locations, to synchronize enclaves, provide maximum performance, ensure data quality and integrity, and significantly enhance reliability and survivability. Our air cargo and passenger system is undergoing a major upgrade to extend and add new services and capabilities supporting the Worldwide Port System’s sealift capability. We have adapted network, wireless and automated information technology to extend capabilities directly to the air and water ports, flight lines and warehouses. This new capability enables USTRANSCOM and AMC to track passengers and cargo not only in the air but also on the ground, and extends our systems to our joint community. Our teams continue to improve on our initial development and fielding of a service-oriented architecture capability targeted at improving data exchange and reducing reliance on system-to-system interface.

throughout the command. To date, we’ve added over 70 solutions sets to our EIM catalog of services. Two of our most-used solutions are the task management tool and an electronic performance report system. These EIM services have totally revolutionized the way AMC does business. Building on our success, this year we are working to move all the Reserve wings on our network onto EIM, bringing the number of EIM users to over 100,000. Finally, the communications and information (C&I) community has experienced a decline in resources due to Air Force-wide manpower reductions. Our airmen and civilians have found ways to minimize a loss of nearly 9,000 Air Force C&I resources, of which 1,200 were within AMC, while experiencing a 6 percent increase in Air Force deployment requirements. Through IT initiatives like EIM, we’re leveraging AFSO21 to automate processes to help offset our reductions in force and increasing deployment tempo. We’ve developed two initiatives to help reduce and consolidate manning: client service administrators (CSAs) consolidation and a theater deployable communications (TDC) restructure. The CSA initiative targeted administrators working at every AMC unit and squadron and consolidated a number to the base communications squadrons, effectively reducing the number of CSAs in the command from roughly 1,600 to about 200, which represented nearly an 85 percent decrease and saved AMC $28.9 million annually. This action took workload away from the noncommunications units and better enabled the communications community to manage network requirements such as vulnerabilities and fixes. Our second initiative redirected our TDC to a contingency capability structure, reducing existing manpower requirements by approximately 80 percent and reapplying those positions to existing AMC priorities, a win-win for all parties. Both initiatives not only streamlined manpower resources, but reduced monetary requirements for training and equipment by nearly $1 million per year. WEB-BASED SERVICES The communications community plays a crucial role in supporting AMC’s overall mission. In Col. Bradley K. Ashley The HQ AMC deployment of EIM was one of the today’s very demanding, IT-intensive world, we largest IT enabling initiatives we’ve fielded. EIM is continually strive to meet and exceed AMC’s needs essentially a collection of Web-based services that use Microsoft through the very best in IT programs and systems such as the SharePoint as the underlying technology. Over the last two years, SLC3S-A program, ITV and implementation of EIM. Even while our team has stood up one of the largest SharePoint environfaced with resource reductions, we implemented several creative ments in the world. The result is a single, centralized enterprise initiatives to offset these losses and maintain the same level of environment hosting over 73,000 users and their data, enabling an service to AMC customers and continue to look for targets of unprecedented level of warfighter collaboration. opportunities to streamline our processes. We’ve established an EIM deployment team that reached out Colonel Bradley K. Ashley, director of communications, to 12 AMC bases to identify their unique organizational structure summed up the work of his organization this way: “AMC/A6 puts and data requirements and then built team sites for all their units. the IT in ‘mobility.’” ✯ We also expanded our services to support USTRANSCOM users at Scott AFB. EIM has become the cornerstone of our daily ops; comContact Editor Harrison Donnelly at manders live by it and users say they love it. harrisond@kmimediagroup.com. For more information related to this subject, Through our EIM deployment process, we’ve identified and search our archives at www.MIT-kmi.com. automated many EIM process workflows and benchmarked those www.MIT-kmi.com

MIT 13.8 | 19

First Responder Interoperability P25 WAVEFORM PORTING PROJECT SEEKS TO ENABLE MILITARY RADIOS TO COMMUNICATE WITH STATE AND LOCAL AGENCIES. Editor’s Note: This is another in a regular series of updates on the Joint Tactical Radio System (JTRS), as provided by the program’s Joint Program Executive Office (JPEO).

U.S. Air Force Staff Sgt. David Teague, left, performs first aid as Maj. Christopher Gamble radios in for accountability during an Operational Readiness Inspection at McEntire Air National Guard Station, S.C. Both Airmen are wearing mission-oriented protective posture gear and are both assigned to the 240th Combat Communications Squadron. [U.S. Air Force photo]

The JPEO JTRS has begun work on a Project 25 (P25) waveform porting project in conjunction with the University of California, San Diego (UCSD) California Institute for Telecommunications and Information Technology (Calit2) facility. The effort represents the first phase of a three-phased approach by the JPEO JTRS designed to allow military radios to interoperate with emergency and first responder agencies. Phase one of this project has the UCSD engineers utilizing the Software Communications Architecture (SCA) and JTRS application program interfaces to initially implement P25 in a software simulation. Next, they will port the waveform to a COTS development platform, which will then lead to a demonstration of RF end-to-end functionality. Finally, the team will demonstrate interoperability with commercial P25 radios, simulating military interoperability with COTS first responder radios running the P25 waveform. The Association of Public-Safety Communications Officials-International (APCO) is the world’s largest organization dedicated to public safety telecommunications. Formerly called APCO-25, P25 is now a joint effort between APCO, Telecommunications Industry Association, National Association of State Telecommunications Directors and various federal agencies. P25 concerns the development of standards for digital telecommunications technology, including an objective to determine consensus standards for digital radio equipment embracing elements of interoperability, spectrum efficiency and cost economies. 20 | MIT 13.8

“This is a crucial step towards making JTRS radios interoperable with first responders,” said Richard North, technical director for JPEO JTRS. “Phase two will be to port the UCSD-developed APCO-25 waveform onto a JTRS radio with additional modes, which may include encryption, trunking and analog FM. Both phase one and phase two are risk-mitigation efforts before moving to the third and final phase.” Phase three of the project will be the incorporation of the P25 into the JTRS program of record, which provides the management and funding mechanism required to deliver the radio to the military end-users. Interoperability for a first responder participant requires that public safety agencies (fire, police, medical) have direct communications when they operate with one another, across disciplines and jurisdictions. In order to facilitate this communication goal, agencies are looking at non-military waveform standards such as P25. Using a standardized suite of waveform standards allows radio sets manufactured by different vendors to communicate. Ultimately, porting the P25 waveform to JTRS radios will allow military organizations to interoperate with state and local agencies in time of an emergency such as a disaster relief scenario. “The JTRS radios will host the ported P25 waveform as well as JTRS networking and current force military waveforms such as SINCGARS, EPLRS, HF, Link-16 or UHF SATCOM,” North added. “With all these waveforms on the same radio, we can provide direct communications to P25-equipped first responders, as well as routing and retransmitting messages from the P25 net to current force radios. This provides a tremendous capability for unit commanders equipped with JTRS radios.” The UCSD division of Calit2 and Calit2’s division at UC Irvine together house more than 1,000 researchers across the two campuses, organized around more than 50 projects. With a focus on discovery and innovation at the intersection of science, engineering and the arts, Calit2 constitutes one of the largest multidisciplinary research centers in the nation. Research is conducted on the future of telecommunications and information technology and using these advancing technologies to transform a range of applications. The Calit2/JTRS Software Defined Radio (SDR) Project is a collaborative research effort supported by JPEO JTRS involving SCA SDR platforms for development and porting of SDR waveforms, creating a high-performance amplifier test-bed, and hosting the JTRS Open Information Repository. More information is available at http://jtrs. calit2.net. ✯ www.MIT-kmi.com

AUSA BOOTH 1439

The FALCON III® AN/VRC-110 Vehicular System:

Complete Interoperability One radio lets you do it all – National Guard Deployments, Medevac, Disaster Relief, Convoy Control—Now, multiple missions without the burdens of multiple radios.

Choose the JTRS-approved, interoperable radio that's just as versitle as you are. Our dismountable SINCGARS-capable radio meets your military and civilian operational needs.

www.harris.com assuredcommunications® RF Communications s Government Communications Systems s Broadcast Communications

Compiled by KMI Media Group staff

Highband Networking Radio Scores in WIN-T Testing Harris has received a contract update from Lockheed Martin to continue development work on wireless networking technology under Increment 3 of the Warfighter Information Network-Tactical (WIN-T) program. Harris successfully completed recent major testing and evaluation milestones on the Army’s WIN-T program and is continuing work on the next generation of military tactical communications systems. Harris is a member of the WIN-T team led by General Dynamics and Lockheed Martin. WIN-T Increment 3 significantly extends the capabilities of the current Increment 2 Line-Of-Sight (LOS) wireless networking technology. Harris is responsible for key LOS radio system components for Increment 3 that, once awarded, will extend the scope of the Harris work on WIN-T and bring the company’s total award value to more than $130 million from 2007 to 2012. The follow-on production program is expected to include hundreds of systems per year between 2012 and 2021. Harris successfully completed the development test and engineering field test with General Dynamics, Lockheed Martin and the WIN-T program office using the Highband Networking Radio (HNR) at Fort Huachuca, Ariz. This is a major milestone in the WIN-T Increment 2 program, which precedes Increment 3 in the successive technology deployment strategy of the WIN-T program. An order for low rate initial production using the HNR is projected to be placed by WIN-T later this year.

Mobile Computers Meet Tough New Environmental Standards Panasonic Computer Solutions, manufacturer of Toughbook mobile computers, has announced its fully rugged line and Toughbook U1 are the first to be certified by an independent third-party test lab to meet the newer and more demanding MIL-STD-810G standard for environmental conditions, which was issued in October 2008 and sup supersedes MIL-STD-810F. The Toughbook 30 laptop, Toughbook 19 convertible ta tablet and Toughbook U1 ultra mobile handheld replacement have passed 20 critical m MIL-STD-810G tests appliM ccable to mobile computers, aas well as IP65 ingress pprotection and ASTM D4169-04 vehicle vibration D ttests. Testing was conducted aand certified by an internnationally respected thirdpparty laboratory.

Enterprise Buy Includes Next-Generation Workstation The Air Force has selected HP to provide new HP workstation and desktop PCs as part of its enterprise IT purchase program. This latest award builds on the more than 400,000 units of HP client products deployed by the Air Force. The award is part of the desktop, laptop and servers Quarterly Enterprise Buy (QEB). In compliance with Air Force requirements, HP will include customized security configurations that meet strict specifications and tests. Air Force facilities worldwide will use an array of HP platforms, including HP workstations and mobile workstations that combine sleek style and energy efficiency with high-grade functionality. The QEB award will include the HP xw4600 workstation, which combines next-generation performance technologies into a powerful, flexible and reliable single processor socket workstation. Dual PCIe X16 Gen2 graphics interfaces provide up to four times the performance of previous graphics interfaces, along with the ability to power multiple displays without compromise. In addition, the HP EliteBook 8730w mobile workstation will be delivered in both standard and customized secure configurations that meet the Air Force’s secure product category requirements.

Voice Core Solutions Receive Security Accreditation The PacStar 6800 Small End Office (SMEO) and the PacStar 6300 Deployable Voice Exchange have received information assurance accreditation by the Defense IA/Security Accreditation Working Group. The solutions have also received interoperability certification by the Joint Interoperability Test Command, and consequently the Defense Information Systems Agency placed them on the Approved Product List. Both solutions are designed to be the voice core of the network infrastructure for the U.S. military around the world. The PacStar 6800 and 6300 solutions enable the military to connect to the Defense Switched Network (DSN), eliminating cumbersome two-step analog to IP network complexity. Also, the PacStar 6800 is the onlyy SMEO voice switch based on the Cisco Unified Communications platform that is accredited for the DSN. With proven Cisco hardware at its core, the PacStar 6800 and 6300 solutions were designed to meet the “everything over IP” mandate of the Office of the Secretary of Defense, which requires that the military shift to fully IP-capable solutions. These solutions provide a common IP communications platform from the military base to the battlefield. Jamie Finn: jfinn@pacstar.com

22 | MIT 13.8

www.MIT-kmi.com

Information Assurance Experts Support Afghanistan Security Trace Systems has won a contract with the Army’s 7th Theater Tactical Signal Brigade for information assurance subject matter experts in support of the Joint Network Operations Control Center-Afghanistan ( JNCC-A). The JNCC-A is the NETOPS execution arm of the U.S. Forces-Afghanistan J6 and is responsible for the operation and maintenance of communications and computer networks throughout the Afghanistan area of operations. Trace Systems will provide IA subject matter experts based at Bagram Airfield,

Afghanistan. Residing within the JNCC-A, Trace Systems will support network defense throughout the Combined Joint Operational Area-Afghanistan on a 24/7 basis, including the deployment and monitoring of host-based security systems, enterprise anti-virus management systems, intrusion prevention systems, and other applications that identify and counter unauthorized applications, rogue systems and malicious content.

Joint Forces Test New Encryption Technology Unisys has been awarded a task order to support the testing and evaluation of a new encryption and “bit-splitting” technology at the U.S. Joint Forces Command (USJFCOM) to ensure that data is secure and readily available to those authorized to view it. The project will test the Unisys Stealth Solution for Network, an innovative secure information-sharing solution for government and commercial organizations. Under the one-year task order, awarded through the Defense Information Systems Agency’s Encore II contract, Unisys will provide technical support at the USJFCOM site in Norfolk, Va., and at its subordinate Joint Transformation Command for Intelligence site in Suffolk, Va. The commands will test the ability of cryptographic bit-splitting technology to help converge various Department of Defense Global Information Grid networks operating at different security levels into a single network infrastructure where virtualized communities of interest can co-exist, while still maintaining complete isolation from each other. The technology would help protect each community’s data, allowing the controlled sharing of information between communities, while dramatically reducing infrastructure and associated costs.

Integrated Application Complements Multi-Directional Data Transfer

Jeff Barrows: jsb@tracesystems.com

Contract Funds Prophet Advanced SIGINT System The Linkabit division of L-3 Communications has been awarded a contract by General Dynamics C4 Systems in support of the Army’s Prophet Enhanced program. This initial contract is valued at $46.6 million and includes delivery order pricing for six years. The Prophet Enhanced system is a tactical signals intelligence system that provides battlefield commanders increased electronic intelligence and situational awareness. It is the Army’s ground-based sensor system to securely and accurately detect, identify, locate and direction find radio frequency emitters in the commander’s tactical area of interest. Under this contract, L-3 will produce, test and deliver Prophet Enhanced (PE) B-kits, PE A-kits and associated spares in support of the program. In addition to providing a technically advanced intelligence resource, the Prophet Enhanced kit will also utilize mature communications provided by L-3 Linkabit. This technology provides the Army a wideband beyond line-of-sight communications capability. Brian Domian: brian.domian@l-3com.com

The latest release of PuriFile, the file inspection application from ITT, has been successfully integrated with Trusted Computer Solutions’ (TCS) SecureOffice Trusted Gateway System product. The PuriFile technology allows for enhanced file inspection preceding the Trusted Gateway System’s rapid, multi-directional transfer of any data type between numerous security levels, such as unclassified, secret, secret releasable, and top secret/sensitive compartmented information networks. ITT’s PuriFile software performs deep analysis of various Microsoft Office file formats, and discovers information within and about files that would otherwise go unnoticed in typical review processes. TCS’ Trusted Gateway System product is the most recent in a continuing series of government and commercial systems to update to ITT’s latest PuriFile application for deep content inspection of files before transfer. The PuriFile inspection tool exists as a stand-alone product, but the availability of an application programming interface allows it to be easily incorporated into a wide variety of transfer and inspection systems. PuriFile also provides additional tools and mechanisms for easy integration into existing active directory systems for user identification. Stacey Winn: swinn@trustedcs.com www.MIT-kmi.com

MIT 13.8 | 23

TACTICAL SITUATIONAL AWARENESS

ROVER CAPABILITY IN YOUR HANDS. ROVER 5 is the newest product in the ROVER family. It was designed to be a lightweight portable transceiver, to provide real-time situational awareness and to shorten the kill-chain with two-way communication of target intelligence across Ku, C, L, S, and UHF frequency bands. With the ability to network between manned and unmanned ISR platforms, ROVER 5 gives warfighters a fast, secure way to collaborate on time-sensitive video imagery and targeting data. For more information, call 800-874-8178, visit L-3com.com/csw or email CSW.Products@L-3com.com.

C 3 ISR > GOVERNMENT SERVICES > AM&M > SPECIALIZED PRODUCTS

Comm unication Sy s t e m s – We s t

L-3com.com

Network Unifier

Q& A

Becoming the Army’s Single IT Service Provider

Major General Susan S. Lawrence Commanding General Army Network Enterprise Technology Command 9th Signal Command (Army) Major General Susan S. Lawrence enlisted in the Army in 1972 and received her commission as a second lieutenant in June 1979. Prior to assuming command of Army Network Enterprise Technology Command/9th Signal Command (Army) (NETCOM/9th SC (A)), she served as commanding general, 5th Signal Command, and U.S. Army, Europe and Seventh Army chief information officer/assistant chief of staff, G-6. Lawrence has served as a platoon leader in the 67th Signal Battalion, Fort Gordon, Ga.; aide-de-camp to the commanding general, Army Signal Center, Fort Gordon; military assistant at the Defense Communications Agency; platoon leader in Korea under Eighth U.S. Army, 122nd Battalion, 2nd Infantry Division; executive officer to the commanding general, Army Signal Center; company commander of B Company, 67th Signal Battalion; S-2 and S-3 officer of the 67th Signal Battalion; branch chief to the U.S. Army Information Systems Engineering Command-Europe; deputy G-6, 2nd Armor Division; executive officer,142nd Signal Battalion; force development action officer, Washington, D.C.; and chief, Signal Career Assignments Branch, Officer Personnel Management Directorate. In addition, Lawrence commanded the 123rd Signal Battalion, 3rd Infantry Division, Fort Stewart, Ga., which deployed in support of Operation Desert Thunder. She commanded the 7th Signal Brigade, 5th Signal Command, prior to serving as chief of staff and vice director, J-6, Joint Chiefs of Staff at the Pentagon. She also served as the director, command and control, communications and computer systems, J-6, U.S. Central Command. Lawrence received a bachelor’s degree from Campbell University in North Carolina, where she received her commission, and holds a master’s degree in information systems management from the University of Georgia. Lawrence was interviewed by MIT Editor Harrison Donnelly. Q: What are the goals of the Global Network Enterprise Construct (GNEC)? A: As you know, the Army is facing a wide range of threats. They are synchronous, asynchronous, worldwide and persistent. The GNEC is our Army’s strategy for aligning and transforming our network assets—our people, equipment and policies—to meet these challenges. The GNEC will deliver a global, standardized, protected and effective network enterprise that supports the needs of the warfighter in joint, international, intergovernmental and multinational operations. www.MIT-kmi.com

The reason for transforming to the GNEC is obvious: We live in a different world than we did in the 1980s and 1990s. When I was a young signal officer, the focus was on the forward deployment of forces. The new reality is that 80 percent of Army forces are CONUS-based. This means that our soldiers are called to deploy with little to no notice, and the Army’s relevance in these conflicts will be judged by its responsiveness and expeditionary capability. The Army must be ready to fight upon arrival. The key to that is ensuring that we can provide reliable network services to our soldiers anytime, anywhere. The GNEC will allow us to do that by providing a seamless network that is universally available and accessible to the warfighter from home station, to the area of operations and back again. Q: What is the role of 9th Signal Command (Army) in implementing the Army’s GNEC? A: The 9th SC (A), in partnership with the CIO/G6, the PEO community and the CIOs of the Army’s various commands and agencies, is leading the march to make the GNEC a reality. Our job is to use the GNEC strategy to deliver a global network enterprise from the desktop to the foxhole, improving defensive capabilities and effectiveness while at the same time gaining resource efficiencies through a set of common standards and configurations. Once implementation is MIT 13.8 | 25

complete, we will serve as the Army’s single information technology service provider. We already started working on this: Right now, we are in the process of obtaining full visibility—or aggregating—of our network assets. Once that is complete, we will move to federate and ultimately consolidate, where it makes sense, these assets into a single network. We’ll make the best use of collected data and systems by way of a federation that employs common standards that will allow organizations to manage their own systems and networks. This is a big job. The collection of disparate networks we have to consolidate consists of a variety of new, nearly-new and legacy systems. Another part of our role is to improve overall network security. One way we will do this is through the consolidation of points of access. We currently have 400-plus points of access to the network in CONUS alone. We plan to reduce that to between 12 and 15 entry points and, over time, to apply this same model to the worldwide network. This will immediately enhance our network defense posture. At the same time we’re operating in this federation, we are going to standardize our assets and achieve a common technical and operational picture to ensure that universal capabilities and services are delivered seamlessly across the enterprise network, and if juggling all that isn’t enough, we’re going to modernize our systems and operations while doing everything else. So these activities are not necessarily going to be performed sequentially. As a matter of fact, we expect them to happen in parallel. At the end of the day, while the job is hard, our goal is simple: to bring about a unified network enterprise that provides soldiers with a single identity from home station to AOR and back, manage the network so that our forces have the capability to access data from anywhere, at anytime, and provide our warfighters the information superiority they need to accomplish their mission. Q: How will the creation of Network Service Centers [NSC] and Area Processing Centers [APC] change the way the Army conducts its network operations? A: The NSCs will enable always-on, real-time access to the network and network services globally. The kind of network service I’m talking about is what you find in everyday life. You don’t even think twice when you make a call on your cell phone—you expect, and get, a connection. That is the type of access that the NSCs will provide. The APCs are key components of the larger NSC construct. We’ve already established them in the European and CONUS theaters, and are in the process of doing the same in the Pacific. They will enable us to provide better service in terms of data and applications, as well as reduce the number of access points on the network, ultimately reducing the cost of ownership for information technology. While we’re on the subject of centers, let’s not forget our Theater Network Operation Security Centers [TNOSC] or the Army Global Network Operations Security Center [AGNOSC]. These organizations are the focal point of network operations for the NSC. There are six TNOSCs, operating globally on a 24/7 basis. Along with the AGNOSC, they serve on the front line in detecting, analyzing and defusing threats to the network. Q: What do you see as the biggest challenges involved in implementing the GNEC? A: As it turns out, our biggest challenge hasn’t been technical; it is cultural. That’s understandable. The current architecture of having 26 | MIT 13.8

networks support single organizations or regions has been in place for years. That worked well for a time, but times have changed, and most importantly, our Army is now network dependent, requiring universal access and availability regardless of location or operational requirement. We have to be smarter, faster and better than we’ve been in the past if we hope to meet the operational and resources challenges of the 21st century. There are efficiencies and economies of GNEC implementation that will tremendously benefit any organization—not just providing information superiority, but also saving time and money spent due to outdated processes and redundancies. We’ve done the math, and these savings increase as time goes on, so that as expenditures for maintenance and repair of networks infrastructure dissipate, that money can be spent elsewhere, addressing the specific needs and mission of an organization. Our challenge is in getting that word out—helping our community see both the necessity and the benefits of transforming to a true network enterprise. Q: How will the GNEC enable or directly support the warfighters’ expeditionary tenants? A: In the past, warfighters were network enabled. The network was a force multiplier. Today those same warriors are network dependent; the enterprise has become part and parcel of how we fight. The GNEC will provide that network enterprise both at home station and in the area of operations. In previous conflicts, we would deploy an initial communications capability to the battlefield, and then plan for the network to catch up. We can’t do this anymore. Under the GNEC, the network will never leave the warfighter. It will remain with the soldier through all phases of operations, providing the single network identity I mentioned earlier, as well as the always-on access to intelligence, logistics, fires and other information necessary in today’s world. This will free up additional time for training and contingency planning while in transit, reduce disruptions in battle command, and provide units on the ground with always-on, real-time access to the network. When the warfighter is operationally engaged, he will be better prepared and informed, have greater situational awareness, be able to react within shorter decision cycles and as a result be more lethal than at any time in the past. GNEC makes that possible. Q: How will the GNEC change the way in which 9th SC (A) and the Army in general work with industry? A: GNEC is a once-in-a-generation opportunity for the Army to standardize our environment through secure hardware configurations and common toolsets. For example, the Army’s standard desktop configuration, the Army Golden Master, incorporates the federal, Department of Defense, and Army security configurations. Industry partners, both hardware vendors and software developers, must understand these configurations and build their products to work in our secure environment and, at the same time, with open standards to ensure interoperability. Federal and DoD acquisition regulations actually prevent the Army from purchasing hardware and software that cannot operate in the secure environment. The Army has always worked with industry on customizing solutions to meet our operational needs. However, the fast pace at which technology changes requires the Army and industry to work together so that we can influence changes to hardware and software www.MIT-kmi.com

capabilities before they are released to the public. In some cases, the Army leverages enterprise software agreements to achieve this capability. For example, our software agreement with Microsoft enabled us to collectively develop a Vista activation solution that ultimately saved the Army millions in hardware costs. DoD and other federal agencies now use this activation solution as well. We will also continue to increase our cooperation with industry in this area. The transformation of the network into a true global enterprise will also change our relationship with business. Over the years, industry has provided IT services to individual commands and organizations in an organic manner with proprietary solutions. This has sometimes resulted in duplicative and overlapping services that are not interoperable and are non-standard from an enterprise perspective. This limits our ability to share information, conduct joint operations, collaborate, and defend our networks. We will look to industry to view the Army in global terms and craft solutions that meet enterprise requirements. The relationship will be between the IT industry and the enterprise, not between industry and individual commands.

standard one-toolset-per-capability approach that is used today. This is extremely important for the GNEC, which incorporates the sustaining base and the tactical Army. A single solution must span that user base and provide equal capability. Industry can also benefit from understanding our environment and becoming a partner with us. We want industry to continue to innovate, with regard to solutions and services that we need in order for us to succeed. We want industry to identify savings and efficiencies that we can make as we go through our GNEC enterprise transformation. We also want to adopt best practices from industry on how large commercial enterprises manage their own IT infrastructure, and apply those principles to the Army. Another area that industry can help with is to ensure that the solutions they propose can scale to Army enterprise level. Often, we are finding that solutions do not scale to the Army’s large, complex environment and wide geographic base. Also, industry needs to understand that our tactical forces operate in austere environments and require special consideration when targeting solutions for this problem set.

Q: In what ways will industry need to change in order to achieve the greatest mutual benefits from GNEC?

Q: The role, and even name, of directorates of information management [DOIMs] will be changing under a re-organization currently under way. How will this change operations, and what benefits do you see as a result?

A: The GNEC is a paradigm shift from how the Army previously addressed our technical and user challenges. Industry can assist by forming more teaming arrangements to help us achieve greater capabilities. The Army needs integrated, end-to-end solutions, not the

A: The renaming of DOIMs to Network Enterprise Centers [NECs] is a direct function of GNEC implementation. NECs at each installation

)& I;9ED:I JE J>; :HEF$ - C?DKJ;I JE J>; I?=D7B$

ž (&&/ HeYam[bb 9ebb_di" ?dY$ 7bb h_]^ji h[i[hl[Z$

=[jj_d] Yedd[Yj[Z _d j^[ XWjjb[ifWY[ # WdZ ijWo_d] Yedd[Yj[Z # _i Yh_j_YWb \eh if[Y_Wb \ehY[i ef[hWj_edi$ J^[ c_I7J#N ioij[c" Wd N XWdZ j[hc_dWb j^Wj jhWdic_ji ed M=I" _i Z[i_]d[Z je gk_Yabo WdZ [Wi_bo cel[ \hec el[h^[WZ X_d je hkYaiWYa" j^hek]^ ikXcWh_d[ fehjWbi eh X[oedZ [d[co b_d[i$ Ekh ^_]^ ]W_d" i_cfb_\_[Z Z[i_]d \[[Zi W ijhed]" fh[Y_i[ WdZ i[Ykh[ i_]dWb je Yecfb[j[ oekh c_ii_ed$ <_dZ ekj ceh[ jeZWo Wj mmm$heYam[bbYebb_di$Yec%c_biWjYec$

www.MIT-kmi.com

MIT 13.8 | 27

are transforming their internal processes to align with this GNEC model. The advantages of the NEC transformation are eliminating network capability gaps for units preparing, deploying and transitioning, and dramatically improving our network defense posture by applying globally consistent network security policies and procedures. This yields economies and efficiencies while improving effectiveness and enhancing our ability to share information with joint forces and coalition partners. This transformation is occurring in all Army theaters. What’s ultimately behind the change to NECs is a new alignment of command and control responsibility and an enterprise approach to the security and management of the network, which improves capabilities and supports operations through all phases of the fight. Q: Since the annual LandWarNet conference has become one of the biggest technology-focused military conferences, and because of your command’s involvement in this conference each year, how do you feel this conference helps DoD and the Army? What came out of this year’s conference? A: Because of its focus on joint and coalition operations, the LandWarNet conference is DoD’s premier C4IT conference. It is an important opportunity for our community to anchor our successes, to share our lessons learned, and to chart out a course for the future. The conference puts leaders and operators, program managers, staff and industry in the same room to hear first-hand operator requirements, issues, concerns and timelines. Likewise, operators hear about what technologies are working their way to them. From the 9th SC (A) perspective, the annual conference is also an important opportunity to shape the discussion of critical operational subjects. Starting with the theme of the 2009 event, LandWarNet—A Global Network Enterprise Enabling Full Spectrum Operations for the Joint Warfighter, and through our after-action report, our entire focus continues to be on generating and capturing discussion on what matters to the operating and generating forces that better enables their mission. My expectations each year are to hear first-hand from conferees about what they need to fight the war, and from industry what they can bring to the table to meet our global interoperability and collaboration requirements more securely, effectively and efficiently. Q: What is your strategy for strengthening cybersecurity under GNEC? A: Ensuring a safe, secure network is fundamental to making the GNEC work. We’ve developed a comprehensive strategy that focuses on enhancing our defensive capabilities, improving the sustainment of programs, working with industry to develop more effective and rapid detection and response capabilities, and partnering with the military intelligence community to improve predictive intelligence. This strategy will allow us to win the Army’s cybersecurity fight. Q: What are the key cybersecurity initiatives of other parts of your command? How will your work in this area interact with the new U.S. Cyber Command? A: The cyberthreat is real, and the U.S. Cyber Command is an important step in confronting that threat. The Army is currently 28 | MIT 13.8

performing a mission analysis of how it will provide forces in support of the newly formed Cyber Command. 9th SC (A) will be a critical part of this solution. In the meantime, we remain involved in cyber-operations on a daily basis through our AGNOSC and TNOSCs, and the development of expanded network operations [NetOps] capabilities. I discussed our TNOSCs and the AGNOSC a bit earlier, but I can’t overstate their importance on the cyberfront. The TNOSCs and AGNOSC are the network’s guardians. The work they do on a daily basis to detect, analyze and overcome the threat to theater and global network operations is central to our maintaining information dominance. Additionally, the TNOSCs also provide NetOps and service desk functions—ensuring the seamless delivery of standardized enterprise services—while the AGNOSC serves as the Army’s operational arm into the world of the Joint Task Force-Global Network Operations. Together, they represent the Army’s key LandWarNet cyberdefense capability. Speaking of NetOps, and its role in the GNEC and cyberoperations, I should mention that the Army made an important initial investment in NetOps capabilities during the 2009 midyear review. This investment provides significant resources to close computer network defense gaps in the network and to standardize critical network management tools that facilitate the further federation and consolidation of the LandWarNet. These tools, together with our other efforts, will enhance our ability to see the network, know what’s happening on it, and rapidly respond to threats. Q: What are the elements of your command doing to support the stepped-up U.S. efforts in Afghanistan? A: We don’t anticipate a change in personnel requirements but do plan to increase our support of current mission requirements through commercialization and infrastructure improvements. The 9th SC (A) currently manages commercial satellite terminals, technical control facilities, and data network equipment at key strategic locations in Afghanistan. The program manager defensewide transmission systems/program manager defense communications systems-Southwest Asia has responsibility for Operation Enduring Freedom [OEF] and Operation Iraqi Freedom [OIF] commercialization implementation, as part of an ongoing commercialization effort aimed at relieving the requirement for tactical OEF rotational units and equipment. Operational control and direction is provided by 335th Theater Signal Command, with project oversight provided by 9th SC (A). The Total Army Communications-Southwest Asia Central Asia Africa [TAC-SWACAA] contract continues to provide operations and maintenance support for communications and information systems under the purview of the 160th Signal Brigade in the CENTCOM area of operations. Currently, the number of TAC-SWACAA contractors supporting OEF and OIF covers 51 sites. Several forward operating bases in Afghanistan were deemed enduring sites and are in the design and implementation stages to support strategic communications, releasing tactical elements for other missions. The new C4 facilities at International Security Assistance Forces and New Kabul Compound and scheduled upgrade of C4 facilities at Camp Phoenix and Kandahar Air Field in Afghanistan will give warfighters communications expansion capabilities for current and future growth. www.MIT-kmi.com

Meanwhile, the completion of the Fixed Regional Hub Node at Camp Arifjan, Kuwait, provides up to 48 links of Frequency Division Multiple Access and Time Division Multiplex Access satellite connectivity and 12 links of mounted battle command on the move and airborne command and control to support warfighter communications in Afghanistan. These significant changes will greatly enhance war fighting efforts. Q: What do you see as the most effective ways of responding to the growing bandwidth/spectrum crunch, especially related to UAV surveillance and imagery? A: Spectrum really has been a force multiplier/enabler. Due to technological advances, we are able to use spectrum-dependent systems to meet our mission goals and, at the same time, keep our warfighters out of harm’s way. Our challenge for the future is to ensure we have the proper requirements for our future spectrum-dependent systems. Let’s take our ISR systems on UAVs, for example. The warfighter wants streaming video in order to have real-time situational awareness. We must be smart in our methods for meeting that requirement. Capabilities exist to provide streaming video using systems with an 18 MHz bandwidth. When you compare this bandwidth to that of a typical broadcast television bandwidth, which is below 6 MHz wide, we see that smart design and efficient use of the spectrum can be achieved.

The key is understanding the requirements, and looking at spectrally efficient methods of meeting those requirements. We also need to question whether all requirements are valid and the best use of our limited spectrum. We must approach development of spectrum-dependent capabilities the same way we are approaching the construct of our network—on an enterprise level. We must prioritize our requirements to determine the smartest approach for an enterprise solution. In taking this approach, the Army will realize gains in spectrum efficiency while meeting our war fighting mission. We can’t develop spectrum-dependent systems without taking into consideration all of the other spectrum-dependent systems in its operational environment. By taking this approach, the Army is able to realize mission goals with far fewer interference issues. This is not to say we don’t need to continue our research for further advances in technologies. The Defense Advanced Research Projects Agency [DARPA] is studying and developing methods of spectrum-sharing technologies. The Army is very interested in a spectrum-sharing technology called dynamic spectrum access, which DARPA has shown great strides in developing. This technology has the potential of increasing our spectrum usage by at least sixfold. It is technological advances, smart requirement formation, and enterprise-level development that will get us to where we want to be in the future in our use of spectrum-dependent systems and our war fighting capabilities. ✯

PLAN YOU R MOBILE AD-HOC NETWO R KS— IN MINUTES. VISUALIZE. DESIGN. OPTIMIZE.

Introducing VisNet Defense, a new planning tool from Scalable Network Technologies that takes rapid prototyping of mobile networks to a whole new level of speed and productivity. VisNet combines the simulation engine that powers SNT’s industry-leading products QualNet and EXata with dramatic 3D GIS visualization and point-and-click device setup. Network planners can now quickly build and view realistic high-level simulations of network constructs with tens, hundreds, or thousands of devices. Want to know more? Visit www.scalable-networks.com/VisNet.

Planning tool for mobile networks from

MILCOM October 18-21, 2009, booth #528 I/ITSEC 2009 November 30-December 3, 2009, booth #2719

VisNet Defense incorporates the same simulation technology and runs seamlessly with QualNet® and EXata®, SNT's industry-leading simulation and emulation tools.

www.MIT-kmi.com

MIT 13.8 | 29

DEFENSE AGENCIES AND INDUSTRY MOVE TO PROTECT THE VITAL “TELEPHONE BOOK” THAT LOOKS UP THE IP ADDRESSES OF WEBSITES. BY PETER BUXBAUM MIT CORRESPONDENT BUXBAUMP@KMIMEDIAGROUP.COM

A new mandate for defense and other widespread vulnerability to cache poisoning federal agencies is focusing attention on the means the end of trust on the Internet.” security of the Internet’s Domain Name Sys“DNS is a hierarchical system with many tem (DNS)—the vital “telephone book” that redundant servers,” explained Victor Larlooks up the IP addresses of Websites. son, director of research and development at The DNS was compromised last year by VirnetX, a provider of Internet security techa “cache poisoning attack” in which somenologies. DNS also features caching servers one with permission to interact with a DNS to provide massive scale and redundancy for server succeeded in modifying the answers the critical service of responding to requests DNS provided for lookups of a domain name. for name lookups. The result was that lookup requests were Root DNS servers provide information directed to the attacker’s site rather than the on global top level domains (gTLDs) such legitimate site. as .com, .net, .org, .gov, and .mil. The DNS These kinds of attacks are servers for a gTLD provide perpetrated by criminals who information on servers for the lure Internet users to fake next level of domain names. sites where they can harvest For example, a .mil server procredentials for illicit use on vides information on where the real sites. Cyberwarfare is a server exists with informaalso a known venue for DNStion on darpa.mil. The owner related threats, and hackers of darpa.mil provides a server have launched denial-of-serwith name lookups in that vice attacks against DNS servdomain and, optionally, for ers. additional name servers for its Cricket Liu “The consequences of subdomains. a successful cache-poison“The reality today is that ing attack on DNS servers all these names in all those are so dire that describing databases are kept in an unsethem inevitably sounds like cure, unencrypted manner,” hyperbole,” commented said Ram Mohan, executive Cricket Liu, vice president vice president and chief techof architecture at Infoblox, nology officer at Afilias USA, a a provider of DNS appliprovider of Internet infrastrucances. “Virtually every nonture solutions. trivial transaction that takes That means that traditional place on the Internet relies network security mechanisms Victor Larson on DNS, so in a real sense, are of no avail when it comes 30 | MIT 13.8

to compromises of DNS. “You can put in a firewall or a packet inspector at the server level, and it wouldn’t mean anything because you never get to the site in the first place because DNS lied,” noted Joe Gersch, chief operating officer of Secure64 Software. “What is the point of putting in that kind of security if the basic addressing mechanism fails you?”

SECURITY EXTENSIONS There is a solution, however, called Domain Name System Security Extensions (DNSSEC). The Department of Defense and the rest of the federal government have been in the process of implementing DNSSEC in the months leading up to a September 30 deadline to secure the top level of their domain hierarchies. Worldwide, only a few thousand of the many millions of existing Websites have thus far been secured with DNSSEC, according to Mohan. “Experts agree that the best long-term approach for fixing the DNS system is to get a cryptographic solution like DNSSEC deployed,” said Larson. “In order for DNSSEC to provide complete protection of the transactions at all server levels, they need to be signed using DNSSEC.” DNSSEC is a protocol for DNS security extensions that provides a special cryptographic element to ensure that DNS traffic does not get hijacked. When an Internet user requests a particular entry in the global directory, the server first checks whether the requester has the correct key to open the lock for that particular record. If not, www.MIT-kmi.com

the system does not provide lower level domains can proan answer. vide DNSSEC integrity with“It is a fairly straightforout the higher level domains ward mechanism,” explained being DNSSEC compliant.” Gersch. “DNSSEC uses digital DNSSEC was originally cryptographic techniques to designed in the 1990s as an create a digital signature. It approach to protect DNS compares the signature to the information using public data sent. If it looks good, it key infrastructure. “It has will let the data through to the been an overnight sensation Ram Mohan user’s computer. If the server 15 years in the making,” gets a bogus response, it will quipped Mohan. “DNSSEC come back and tell the user it was created by the Internet can’t access the site because Engineering Task Force, a the signatures don’t match.” global standards body. The DNSSEC is designed so original idea was the DNS that a key for a domain is trusted everybody. But by the signed by the next level up the mid-1990s it became apparchain. For example, if disa. ent that the old model was mil has a key for signing its breaking because bad actors names, that key is signed by will try to exploit the inher.mil, and .mil’s key is signed ent trust built into the DNS Joe Gersch by the Internet root. architecture.” “However, since DNSSEC deployment A year and half ago, the standards were at all levels is going slowly,” Larson noted, finally agreed to and ratified. Afilias was one “DNSSEC can optionally be set up so that of the first companies to convert to those

www.MIT-kmi.com

standards. In June 2009, Afilias deployed DNSSEC to the .org domain, the world’s largest. “DNSSEC is important because once you click on a link, you want to be absolutely sure you will get there,” said Mohan. “If that does not happen you can get hijacked somewhere else. But a domain name that is signed with a secure key will guarantee that you will get where you said you want to go 100 percent of the time.”

IMPLEMENTATION TEAM The Defense Information Systems Agency (DISA) is one of the focal points within DoD for the implementation of DNSSEC. The DoD plan calls for a phased implementation of DNSSEC from the top down, based on guidance issued by the Office of the Secretary of Defense, the Joint Task Force for Global Network Operations (JTF-GNO), a unit of U.S. Strategic Command, and the National Institute of Standards and Technology (NIST). “Responsibility for implementation is shared across DoD,” said Fred Kopp, division

MIT 13.8 | 31

chief of the Program Executive Office Mission Assurance within DISA’s Computer Network Defense branch. “We are one member of the team in implementing DNSSEC for defense agencies and coordinating planning and actions necessary to execute implementation across the federal community.” The required September 30 implementation is for the top level domain only, Kopp noted, with the second level due by a date yet to be determined. In an interview this summer, Kopp predicted that DoD would meet the deadline for deploying DNSSEC at the .mil level. “We are proceeding with that implementation within DISA and are working with the services as well,” he said. The phased approach to the implementation of DNSSEC means that DoD will start applying the security extensions to the .mil domain and then proceed to army.mil, navy. mil, af.mil, and so on, and then to their subdomains. “We’ll be working our way through the hierarchy one level at a time,” said Kurt Biernick, the lead government engineer at DISA’s Computer Network Defense Branch. A program to ensure the secure availability of Websites to the population of authorized users requires three steps, according to Mohan. “First, add DNSSEC encryption to domain names—both Internet Websites as well as those domains running internally on private networks,” he said. “Second, upgrade the DNS hosting system in such a way as to provide a secure response to DNSSEC request. Third, work with technology providers to ensure that domain names with the DNSSEC key are widely available and propagated on machines around the world so that one or more sets of attacks on the infrastructure cannot take them down.” Gersch said he has been working with NIST to train and educate large numbers of government departments and personnel on how to make DNSSEC work. “There has been a huge educational effort in the last number of years among the many departments, agencies and bureaus on procedures and best practices,” he said. “Now they are starting with their deployment efforts.” DISA has reviewed some commercially available automated tools to help DoD with configuration management and the implementation of the DNSSEC protocol extensions. “Part of what is difficult in the implementation of DNSSEC is in deciding on the cryptographic keys as well as maintaining and modifying them,” said Kopp. “Manipulation of the keys is one of the areas in which industry has to provide 32 | MIT 13.8

tools to help make this a manageable process. Different keys have to be assigned to different network zones, and they must be changed periodically in order to maintain security when data is transferred from one portion of the network to another.” All of this is complex and requires expertise, Gersch said, adding, “It can be a pain in the neck if your staff turns over and you lose the recipe.” It can be a major undertaking, in other words, to be periodically reassigning keys to the various network zones.

AUTOMATED ASSIGNMENT Secure64 provides a technology aimed at alleviating two of the major challenges associated with maintaining DNSSEC standards: automating the assignment and reassignment of keys and securing the cryptography associated with them. “You want to prevent someone from stealing the cryptographic keys,” said Gersch. “In our solution the keys are locked tight in a cryptographic module. You can issue a single command, ‘Do DNSSEC,’ instead of an operator manually doing and redoing each zone. Implementing DNSSEC operations can be as simple as adding a single statement to the system configuration file.” The Secure64 product, known as Secure64 DNS Signer, rests on three enabling technologies: the SourceT micro operating system, the Secure64 DNS Authority server, and a hardware trusted platform module (TPM) device. The SourceT micro operating system was designed by Secure64 to be immune to malware and rootkits— programs designed to hide the fact that a system has been compromised. “Rather than relying on a general-purpose operating system that must be hardened,” Gersch said, “SourceT is designed specifically for security and performance.” The Secure64 DNS Authority server is a dedicated authoritative DNS name server that runs on the HP Integrity rx2660 hardware platform. The TPM executes secure cryptographic functions, including seeding the random number generator and generating a storage root key unique for each machine to protect subkeys and other encryption material. VirnetX takes a somewhat different approach. The VirnetX Gabriel product focuses on securing private and semi-private destinations on the Internet. “DNSSEC provides good security for large public and portal sites,” said Larson. “VirnetX Gabriel

secure name services provide a unified approach for providing DNS services to authenticated users where the response is dependent on the identity of the requester so your network location is only available to those that you want to reach you. One very useful attribute of the Gabriel design is that it is much harder for an attacker to attack what it cannot find.” The second major feature of Gabriel secure name services is that following the secure lookup of DNS information, it automatically forms a secure connection with the requested name, and provides services for this secure connection even if both parties are not directly on the Internet. A third Gabriel feature, secure name services, provides support for dynamic addresses. “Legacy DNS fundamentally has a ‘pull’ architecture,” said Larson. “You can force legacy DNS to support dynamic IP addresses, but legacy DNS wasn’t designed particularly well to handle them. VirnetX Gabriel secure name services has a ‘push’ architecture, where changes in information are pushed when they occur.” While the currently conceived timelines for implementing DNSSEC are achievable by DoD, as yet there is no specific timeline for implementing DNSSEC across the entire DoD network infrastructure, Kopp noted. The department will be looking to implement automated tools, he added, especially as the deployment proceeds down the network hierarchy. “We believe that the way we are attacking the problem is the way to go,” he said, “in terms of identifying mechanisms, tools and processes to try to make it easier for those who need to do this and also to avail training to them to provide an understanding of DNSSEC and to keep the learning curve up. “Deploying DNSSEC will make it much more difficult to hijack traffic meant for government domains,” Kopp added. “It will make our services more secure.” Infoblox also supports DNSSEC in its line of purpose-built, security-hardened appliances for secure, highly reliable and manageable DNS services, among others. The latest shipping version of Infoblox NIOS software has built-in support for DNSSEC. ✯ Contact Editor Harrison Donnelly at harrisond@kmimediagroup.com. For more information related to this subject, search our archives at www.MIT-kmi.com.

www.MIT-kmi.com

It’s your job to protect others, so missing a beat is not an option. Nextel Direct Connect

®

makes sure your entire team can be mobilized in under a second. And in a field like this, that second makes all the difference. Nextel Direct Connect. Only on the Now Network.™ 1-800-NEXTEL-9 sprint.com/nextel

BlackBerry® Curve™ 8350i

Direct Connect: Nextel and PowerSource devices operate on the Nextel National Network. International Direct Connect not included. Other Terms: “Fastest” claim based on initial call setup time. Coverage not available everywhere. The Nextel National Network reaches over 274 million people. ©2009 Sprint. Sprint and the logo are trademarks of Sprint. Other marks are the property of their respective owners.

Servingsof Software AS SOOFTWARE FTWA ARE A AS S A SERVICE E PO POPULARITY OPULARITY GROWS OWS, P PROVIDERS ROVIDERS T TAKE AKE IINNOVATIVE NNOVATIVE S STEPS TEPS T TO O ADDRESS THE MILITARY’S SECURITY CONCERNS. Information technology vendors providing software as a service (SaaS) are attracting growing revenues, as well as increasing interest from military organizations such as the Defense Information Systems Agency (DISA) and the Air Force Personnel Center. The fact that the SaaS market is expanding demonstrates two things, analysts say—that SaaS is a concept that has begun to catch on, and that IT buyers are attracted by its value proposition. At the same time, studies also make clear that SaaS is still attracting only a small sliver of total IT dollars. SaaS, like the broader and related concept of cloud computing, posits that users can access and run software applications—from enterprise resource planning to customer relationship management and even network security applications—remotely over the network, from someone else’s shared infrastructure. The same applies, under the umbrella of cloud computing, to other IT operations, such as database management and data storage. Organizations accessing applications from a remote, shared infrastructure enjoy some obvious advantages. They don’t have to invest in their own hardware to run the application nor devote IT resources to hiring personnel to manage it. The software is updated automatically and remotely by the service provider. The overall costs of such an arrangement are much lower than in a traditional, on-premise software implementation. On the other hand, using a remote infrastructure shared by other users presents some problems. The ability to customize software is gone. More important are the security questions: What assurances are there that an organization’s proprietary data will not be compromised? These security considerations apply all the more in the military environment, where organizations are legally obligated under statutes and regulations, to say nothing of national security considerations, to lock down their systems and data. For example, military networks must comply with the requirements of the Federal Information System Management Act and National Institute of Standards and Technology guidelines on data encryption and must receive certification and accreditation before they can go live.

SECURITY OBSTACLES These security considerations represent a major obstacle to the adoption of a SaaS model in both the commercial and government 34 | MIT 13.8

BY PET EETER TER BUX UXBAUM U XBA B UM M MIT CORR MIT MI ORRESPONDENT O RR RES ESP PO OND O ND DEN ENT BUXBAUMP@KMIMEDIAGROUP.COM

marketplaces. If SaaS has been a hard sell in the commercial world, it has been that much harder within the U.S. government and military. Some inroads have been made, however, and SaaS providers have taken some innovative approaches to address the U.S. military’s security requirements. “Cloud computing and SaaS provide a way to spill over from your resources and take advantage of the infrastructure provided by a professionally managed service,” said Manoj Apte, director of product management at Zscaler, an SaaS provider of Web security. “It turns IT from a cottage industry, where people have to manage every piece of a critical application themselves, to having professionals take care of the application for you.” SaaS allows organizations to rapidly launch applications, limit their financial exposure, and inexpensively update software. “There are lower upfront costs with SaaS,” said Donita Prakash, a marketing director with Acumen Solutions, a business and technology consulting firm. “You don’t have to build the infrastructure to run the application or hire the staff to manage it. You can run a pilot and, if it fails, you can simply turn it off and stop paying. That limits an organization’s financial exposure.” “New innovations come much more rapidly with SaaS,” added Rick Collison, director and solution owner at Ariba Services, a provider of automated procurement solutions. “The typical SaaS upgrade cycle is every six months. Upgrades are free and are included in the subscription price. With the traditional model it may take two or three years to get new features. With SaaS, you’re guaranteed the latest and greatest.” SaaS can also provide organizations with flexibility in allocating and paying for IT resources. “With traditional software implementations, organizations buy an enterprise license even though they don’t know how many seats they really need,” said Kevin Paschuck, vice president for public sector business at RightNow Technologies, a provider of customer relationship management software. “With SaaS, an organization can pay for 100 seats initially and if in a year from now they need another 50, they can order them and pay for them then.” “Some organizations have variable or seasonal requirements,” noted Vincent Spies, chief technology officer at Voltage Security, a provider of secure e-mail solutions. “SaaS can be dynamically provisioned to handle extreme requirements without having to build additional capacity within your organization.” www.MIT-kmi.com

For potential military SaaS customers, the security issue can be summed up in one word: control. “It is the biggest challenge the software community sai Spies. “It takes a fundamentally different faces,” said wher data is. Before, you could physically guard view where locatio the locati location where data is stored. Now it is stored in a place thatt people don’t understand anymore.” “Milit ta users like the idea of a commercial offer“Military con nf ing,” confirmed Apte, “but not the idea of sharing infrastrucct infrastructure such as data centers.”

“Defense organizations shy away from it,” sad Apte. “When you go into a shared infrastructure there is always the possibility of some sort of leak.”

ISOLATED CLOUDS

In response to these concerns, Zscaler developed the capability to create small isolated clouds that can be dedicated to military organizations. Zscaler provides Web security applications that scan requested Manoj Apte Websites and block access to those that are potenBEHIND THE FIREWALL tially dangerous, and maintains separate log management and policy management for these separate, RightNow Right tN Technologies set out a year and a dedicated clouds. On the other hand, Apte noted, half ago tto overcome the security objections among when new threat data becomes available, the entire t ti l military SaaS customers. “They need to potential cloud infrastructure, including the isolated military know their data is secure,” said Paschuck. “Some clouds, is automatically updated. systems need to run on a dot-mil network.” “It runs like a one-way street,” he said. “If we see a The answer for RightNow was to partner with threat evolving we notify the whole cloud about it and DISA to run its SaaS offering behind the Department proactively block access. But nothing inside comes of Defense firewall. “We fit our platform right on top out. The ability to create an isolated cloud makes it of DISA’s,” said Paschuck. “It takes the software out possible for military organizations to look at SaaS Rick Collison of the commercial environment, where it might be and cloud computing as a feasible way to run some of sitting next to Nike’s or Best Buy’s or Sony’s and their IT operations.” would create a whole bunch of issues as far as FISMA Apte also argued that the type of application is concerned.” Zscaler provides, blocking access to potentially danThe Air Force Personnel Center is planning on gerous Web content, is more appropriately handled going live with a self-service personnel Website based outside the military firewall, adding an additional on RightNow’s SaaS offering later this year. “It is risky, layer of security to the most sensitive and critical and that is why this has been a project that we’ve been systems. looking at for the past two years,” said Colonel Glenn The same argument applies with respect to the Rotelle, the center’s IT director. “We had to overcome provision of public key infrastructure (PKI) access a lot of security challenges.” authentication, according to Terence Spies of Voltage Rotelle was convinced that AFPC should no longer Security. PKI safeguards sensitive data by ensuring Donita Prakash own and host its own Website, even though “we were the authentication of the identities of application very good at it,” because that “was not the way indususers. try was going.” The key SaaS benefits, for Rotelle, “The military has a large PKI that allows them were guaranteed Website uptime of over 99 percent to send secure messages within its own system,” said and automatic failover of the system to an alternate Spies. “But in situations such as homeland security side if DISA’s primary hosting site in Oklahoma City operations, military units may want to send secure were compromised. messages to local police or fire department personnel, “That is critical to us because of all of the services but those people are not on the military PKI.” that we provide our airmen,” said Rotelle. “The WebVoltage has performed trials with the U.S. milisite has to be up at all times so that they can perform tary and the U.S. and Canadian border patrols that their HR functions.” show that internal security applications are properly DISA is “going to be the facility that actually hosts managed tightly within the confines of an organizaKevin Paschuck the Web servers,” he added. “They’ll make sure that tion, Spies said. But when cross-organizational interall the equipment is up and running. The software kevin.paschuck@rightnow.com changes are needed, it is useful to outsource PKI. application will be RightNow. It’s a hardware/software “This allows the military organization to exchange partnership between DISA and RightNow.” secure messages without having to enroll the non-military users on Apte noted that one challenge for SaaS providers is to “create the military PKI,” he said. “It all starts with your security model. If you applications in a totally different way. have a policy that says you only want members of your organization to “We know that thousands of organizations are going to be using have access to data or an application, you should have an internal key that infrastructure,” he explained. “We needed to figure out how to management system. But if your model is to exchange data then SaaS make sure we get economies of scale without allowing data to intercan work pretty well.” mingle. This has become the challenge for all cloud providers.” The key elements to making such an arrangement work, Spies At the same time, Apte acknowledged that the security added, is to employ a trusted, auditable third party who understands considerations involved in moving to a professionally managed the separation of duties involved with the internal and external secuservice within a commercial environment can be overwhelming. rity mechanisms. “There are also a lot of regulations to be complied www.MIT-kmi.com

MIT 13.8 | 35

with,” he said. “A number of service organizations have earned regulatory compliance certificates to perform these kinds of operations.”

VALUE PROPOSITION In the case of commercial SaaS offerings, users share a common infrastructure that contributes to the SaaS value proposition, a reduction in the total cost of ownership, according to Paschuck, of some 80 percent when compared to a traditional, on-premise software implementation. Apte argued that the SaaS value proposition holds true for the kind of isolated cloud infrastructure that Zscaler has developed. “As long as it has been architected properly, it doesn’t take away from the value of SaaS,” he said. “The value is in the ability to spill over into the cloud infrastructure and to be able to scale at the rate required without having to add hardware and software inside of your network. The hybrid model that we have devised gives the opportunity to organizations to take advantage of this evolving mechanism. The cost savings are comparable.” But Paschuck said that the kind of SaaS partnership that RightNow has forged with DISA, which is operated on military hardware inside the DoD firewall, shaves 50 percent off the cost savings of a comparable commercial, shared-infrastructure implementation. “They are still saving 40 percent on costs, and they also have the same speed of implementation as for a commercial installation,” he said.

KMI Media Group is seeking a full-time

MAGAZINE EDITOR RESPONSIBILITIES R RESP ESPON ONSI SIBI BILI LITIES ES INCLUDE:

• • • • •

Developing and producing multiple magazine titles Planning the editorial calendars Writing and assigning articles Working with public affairs officers, writers & others in defense industry Representing company at trade shows and conferences

QUALIFICATIONS:

• •

Background in or strong knowledge of military affairs & technology Journalism/English degree preferred but not required

SALARY AND BENEFITS:

• •

Salary commensurate with experience Health insurance and vacation

CONTACT:

36 | MIT 13.8

jeffm@kmimediagroup.com

“DISA has set up a private DoD cloud based on our architecture,” Paschuck added. “All of the hardware bought and installed has been according to NIST and FISMA guidelines. If they wanted to run the software in a commercial facility they could have avoided those costs, but that is not good enough for most DoD customers, especially those running mission critical, personnel or financial applications.” For all of the obstacles facing SaaS, Paschuck has noticed that “once people get educated, their reluctance to adopt this model goes down tremendously. Ten years from now, I doubt that any application on military systems, outside of weapons and intelligence systems, will not be in some form of cloud computing,” he said. Prakash was even more optimistic, saying that “in the next five years most commercial and government applications will be moving to the cloud.” But Apte added, “I don’t see the military adopting cloud computing for commercial data centers any time soon.” There are, however, reasons to believe that SaaS and cloud computing will grow among military users in coming years. Spies said that the concept of proof of retrievability, which is currently being developed, will provide assurances that encrypted data being stored in the cloud can be retrieved. “If I give my data to the cloud I need a way to make sure the service keeps all the data and allows it to be retrieved,” he said. Advances in “searchable encryption,” which allows authorized users to search encrypted, cloud-stored data, will also be important in encouraging users to move data to the cloud, according to Spies. “This is important to doing productive research,” he said. “By making data more secure, users can be provided with more functionality.” Apte sees SaaS growth in the increasing popularity, especially among young people in the armed services, of social networking, so-called Web 2.0, content such as YouTube, Facebook, and Myspace. “In the past, networks could secure themselves against vulnerabilities simply by denying access to those kinds of sites,” he said. “But as these sites become more popular, that approach is going to become more difficult. The more restrictions are placed in accessing them, the more ways will be found around them, and that increases risk. I believe the military will have to allow access to Web 2.0 sites while applying a security layer to them to mitigate risk.” That security layer, in turn, Apte believes, will be supplied increasingly by SaaS providers. All of which present enormous challenges to SaaS vendors. “SaaS is about managing success,” said Collison. “Traditional software implementations are project-oriented. An organization needs a fix. The vendor and consultants implement software to try and solve the problem and then go on their way. “SaaS has a different idea of success, which is tied to renewals,” he continued. “A vendor’s revenue stream is dependent on the customer’s success at every phase and milestone and on a continual basis. That means vendors must get much more involved with projects, whether that involves providing project management expertise or discussing security certifications. They need to be involved every step along the way to earn the renewal and the future business.” ✯

Contact Editor Harrison Donnelly at harrisond@kmimediagroup.com. For more information related to this subject, search our archives at www.MIT-kmi.com.

www.MIT-kmi.com

Outcome-Based Metrics

BY SCOTT CHARBO

IT IS VITAL THAT THE GOVERNMENT DEVELOP PROCESSES BY WHICH TO MEASURE PERFORMANCE AND OUTCOMES ASSOCIATED WITH ITS CYBERSECURITY EFFORTS. In late May, President Obama announced his intention to appoint a cybersecurity czar whose mission is to safeguard our national technology infrastructure. His announcement coincided with the release of a review of the U.S. federal government’s cybersecurity efforts and initiatives. While there has been significant speculation about what the czar would do, to whom he or she would report, and what level of authority the position would hold, there’s been little discussion about the effects of such a position on the structure and operations of the federal government’s security apparatus. To be effective, comprehensive cyber-initiatives will require wholesale change management efforts across the federal government and transformation at virtually every level of the various agencies and departments. The government must assess and address such components as security metrics, service delivery models, changes to procurement for trusted supply chain support, governance models and a host of other operational processes to ensure that they advance and support cybersecurity efforts. Perhaps most important, though, it’s vital that the government develop processes by which to measure performance and outcomes associated with its cybersecurity efforts. Organizations must ask what is important for risk mitigation and programmatic success in combating threats to the enterprise. This goes beyond the mere tracking of dollars spent to include measuring the effectiveness of those dollars in meeting defined outcomes for security operations. For instance, counting the number of firewalls installed and the funds to purchase them does not reflect the true effectiveness in preventing cyberterrorists from entering the network. Agencies should envision the key measurement outcomes they desire and “reverse plan” those events, milestones and details that will lead them to achieving cybersecurity success. Establishing metrics that weigh performance and outcomes isn’t just about counting things. For example, the level of penetration of a cybersecurity event is important, but level assignments tell a more meaningful story. Categorizing incidents by their depth of impact to the organization’s infrastructure and domain can help yield policy changes, show where investments are necessary, and uncover opportunities for training.

MORE MEANINGFUL ANALYSIS

•

•

traffic through the trusted Internet connection, or TIC, divided by the average volume of traffic through other agency gateways. The result is a more comprehensive view of the cyber landscape and can serve as an indicator both for program success and adversaries’ interest. • Measuring the effectiveness and efficiency of security monitoring services delivery. This metric speaks mostly to establishing a percentage of false positives and could be accomplished via analysis of false positives alerts issued to an agency divided by the total number of agency alerts created over the last 30 days. It’s also important to track the percentage of non-actionable alerts—or the number of alerts issued to an agency that the agency cannot verify, divided by the total number of alerts created over the last 30 days. Other key components of this metrics category include tracking the percentage of targeted incidents reported to the U.S. Computer Emergency Response Team (US-CERT) and weighing them against the number that US-CERT’s Einstein program did not detect, and recording sensors’ uptime percentage. Measuring business or mission impact of security monitoring activities and events. This metric considers total confirmed incident reports and alerts discovered or reported over the last 30 days that are not false positives and are actionable. Further categorizing these alerts in stages helps address them in a more timely and effective manner. For example, “stage one” alerts would be phishing e-mails and/or users visiting compromised Websites. Stage two would address Trojan or malware downloading after an initial infection. And stage three would cover command and control traffic.

While there are still many unknown details about Obama’s cybersecurity plans, it is encouraging that his administration is committed to protecting our national computer systems. But to be truly effective, the new cyberczar must move beyond traditional performance measurements and embrace a paradigm shift toward outcomes-based metrics. This, combined with an understanding of cybergovernance in a global borderless context, will go a long way toward meeting this administration’s strategic vision for cybersecurity. ✯

Metrics within the security operations center or computer incident response communities that could help provide more meaningful analysis and enhanced cybersecurity include: •

Measuring the effectiveness of security monitoring policy. Data flow and the network behaviors become increasingly important as we look for indicators to populate the needed metrics. In simplest terms, for instance, this means reconciling the average volume of

www.MIT-kmi.com

Scott Charbo

Scott Charbo, Accenture U.S. Federal’s director of cybersecurity, is former deputy undersecretary of the National Protection and Programs Directorate, where he managed the Cyber Security Initiative at the Department of Homeland Security, and former chief information officer at DHS. MIT 13.8 | 37

Network-Centric Consensus

INDUSTRY CONSORTIUM FOSTERS COMMON EFFORTS TO ACHIEVE INTEROPERABILITY AMONG ESSENTIAL GLOBAL MILITARY AND CIVIL FORCES. Established in 2004, member companies are trathe Network Centric Operaditional marketplace comtions Industry Consortium petitors, they dedicate more (NCOIC) is a global notthan 1,000 technical experts for-profit association dedito NCOIC’s quest for interopcated to the advancement of erability. Their work is the network-centric operations engine of the organization’s (NCO) and the benefits of achievement. interoperability that NCO “NCOIC’s delicate can deliver to governments, alchemy fosters true colNicolas Berthet non-governmental organizalaboration among global tions and the citizens they nicolas.berthet@ncoic.org companies that are often serve. fierce business competitors,” The more than 90 members of NCOIC according to Nicolas Berthet of Thales include 1,900 people from 19 nations. They Group, who chairs NCOIC’s Technical represent large and small defense companies, Council. “Their efforts to resolve customers’ system integrators, information technology interoperability issues recently resulted in and service providers, government agencies the publication of NCOIC’s Interoperability and academic institutions. Although many Framework, a set of guiding principles for 38 | MIT 13.8

NCOIC Goals • Increase interoperability within and among systems involved in interagency and multinational operations. • Lower development costs and increase design commonality in future systems; apply tailored standards and best practices. • Improve application readiness through more rapid fielding of network-centric systems; leverage technical lessons learned. • Reduce systems cost and sustainability through reuse and commonality; facilitate ease of integration; upgrade and support network-centric environment. • Reduce development risk by identifying the common components needed for the network-centric environment, and develop them where none exist. • Improve application effectiveness through new, more focused development on domain-specific capabilities.

www.MIT-kmi.com

developers of network-centric systems, products and services.” NCOIC’s deliverables—tools, frameworks, patterns and best practices—address customers’ key concerns and help them identify opportunities to:

advocate that net-centric systems can bring interoperability to allied and coalition forces. As a result, the U.S. government, several coalition governments and NATO have invited the NCOIC to prove the effectiveness of its tools and processes in military field exercises, demonstrations and training • Ensure that a new or emerging sessions. system will be interoperable “They want to see for themselves Hans Polzer Terry Morgan with other systems; how NCOIC’s deliverables work,” said • Determine how legacy systems Boeing’s Ken Cureton, vice chair of hans.w.polzer@lmco.com tmorgan@cisco.com can bridge the gap between the consortium’s Technical Council. current capability and a cus“They want answers to essential questomer’s desired level of nettions like how much NCO is enough centricity; and for my mission, will our current plans • Adapt systems to meet evolving get us there, how will I know when we mission requirements and to are there, and what will it take to make easily accept emerging techus interoperable with others?” nology. NCOIC listens to the needs of global defense departments and minCOLLABORATIVE ENVIRONMENT istries of defense. Its deliverables are designed to help leaders determine Lt. Gen. Harry Raduege Ken Cureton (Ret.) “People who operate in one marthe levels of network centricity they ket segment adopt a model about kenneth.l.cureton@ncoic.org require to meet their unique national hraduege@del.ittc.com how the world works, and that can missions; provide the tools to diagnose lead to a mental rut,” said Hans Polzer, a that the wisdom of talented and experienced current and planned systems’ capabilities; Lockheed Martin fellow and chair of NCOcollaborators can improve upon any idea.” and assess whether the systems do or can IC’s Network Centric Attributes Functional “Where else can we learn how to operate meet their required performance levels. In Team. “NCOIC members come from many better, faster and more securely?” asked Air this way it offers recommendations that sectors and have opinions that don’t always Force Lieutenant General Harry Raduege can remove potential barriers to success. agree with your own. Within the context of (Ret.), now chairman of Deloitte’s CenAgencies and governments have invited such a collaborative environment, diverse ter for Cyber Innovation. “Where else can NCOIC to assess their strategies, concepts thinking can be a catalyst for innovation.” we see how other companies address the of operation and major programs with an The path from innovation to consensus issues and collaborate on technology like eye toward their ability to support networkcan be thorny. Yet in NCOIC’s unique, nonservice-oriented architectures, cloud comcentric operations and interoperability. competitive environment, member technolputing and interoperability patterns? We ACQUISITION PROCESS ogists do share their ideas, knowledge, best are overwhelmed with opportunities in the practices, and even intellectual property. way network-centric operations can shape One recent example of how NCOIC is They attack the technical challenges, evaluthe future.” helping customers achieve interoperabilate alternatives and teach each other. Whether representing their own comity involves training military and industry Ultimately, they reach consensus and panies or the consortium, NCOIC leaders propose “voice of industry” recommendations that can leverage the power of netCustomer Collaboration work centricity to help customers achieve greater success in domains such as com• U.S. Defense Information Systems • NCOIC trains Australian defense mand, control and communications; mariAgency and NCOIC develop force and industry officials; nation time; aviation; cybersecurity; sense and Standards Management Framework may be first to apply consortium’s and Reference Implementation net-centric tools to acquisition respond logistics; and net-enabled emerModel, and also collaborate on IPv6 process. gency response. work. • FAA and NCOIC take unique path to “Many people think that consensus leads • NATO shares unclassified portion of NextGen; initiative represents to a lowest common denominator,” said its network enabled capability pioneering effort by FAA. Terry Morgan of Cisco, who serves as NCOfeasibility study report with NCOIC; • The U.S. Office of the Assistant the consortium evaluated Secretary of Defense for Networks IC’s executive chairman. “In fact, NCOIC’s operational concepts and and Information Integration and process frequently leads to agreements that requirements defined in the study. NCOIC collaborate to develop the are better than the piece parts of the dialog. • NCOIC leaders meet with Defense time-phasing assessment of DoD This happens because a forum of talented, Science Board to exchange NCO net-centric attributes. experienced and secure experts present and visions and strategies. defend their ideas and propositions, knowing www.MIT-kmi.com

MIT 13.8 | 39

officials in Australia, which may cycle, from research through disNCOIC Deliverables become the first country to apply position. the consortium’s net-centric The significance of implement• Systems, Capabilities, Operations, Programs and tools to the military acquisition ing a NextGen enterprise architecEnterprises (SCOPE): characterizes commercial, civil process. ture based on open standards—and and government requirements for interoperable In May, at Australia’s Candesigned to enable network-centric systems; identifies system gaps and strengths. berra Rapid Prototyping, Developerations—includes delivering • Net Centric Analysis Tool (NCAT): net-centric analysis of system architectures, including system-of-systems opment and Evaluation facility, a vital information to those who operand federation-of-systems models; prescribes ways team of NCOIC technical experts ate the NAS; speeding system develto close gaps and leverage system strengths. led officials from the Departopment and reducing procurement • NCOIC Interoperability Framework (NIF): recommends ment of Defence and the Auscost through reuse of software, patopen standards, provides patterns, guidance and tralian Defence Information and terns and best practices; effectively success metrics for developing interoperable systems. Electronic Systems Association bringing legacy systems into an • Net-centric Pattern: three categories of patterns (ADIESA) through a training sesinteroperable enterprise; and sup(mission-oriented, function-oriented and designsion designed to show how NCOporting the seamless integration of oriented) describe standard practices, methodologies IC’s interoperability tools might rapidly emerging technology into and technologies that can advance interoperability. meet the country’s unique needs. NextGen. • Building Blocks: catalog of open standards-based COTS and GOTS products that comply with NIF Their discussions also centered The resulting benefit could be a recommendations. on ways to apply the tools to technologically “evergreen” system • NCOIC Lexicon: glossary of terms and definitions that Australia’s defense capability that enhances controllers’ ability to lay the foundation for meaningful discussions. development and procurement manage traffic, increases passenger Provides a common language for disparate ideas processes. safety, reduces airport flight delays, concerning key terms, including “NCO.” • Systems engineering best practices and processes: “The Australian Departand advances the airlines’ drive to includes tools, process and maturity models, ment of Defence is a keen supachieve greener operations. modeling techniques, and collaborative environments porter of NCOIC, its principles The NCOIC-FAA collaboration for NCOIC integration. and tools,” said Air Commodore dates back several years. In 2008, • NCOIC deliverables are available free of charge at John McGarry. “During 2009 we the agency used the NCAT tool as www.ncoic.org. aim to apply NCOIC products to part of its Network Enabled Operathe acquisition process to better tions demonstrations. In addition, initiative that represents a pioneering effort define interoperability requirements and the consortium’s Aviation Integrated Project by FAA. On July 7, the agency and NCOIC improve through-life systems integration Team is developing two patterns for global entered a five-year agreement to advance the prospects.” application—one for weather data dissemiEnterprise Architecture of NextGen, FAA’s Although Australia’s population is relanation and another for flight object data national airspace (NAS) transformation protively small (23 million people), it has the dissemination. The goal is interoperability in gram. 14th largest defense budget in the world. joint endeavors. Under the agreement, NCOIC proposes to It employs military forces in 11 theaters With the cumulative knowledge of its FAA net-centric standards, best practices and overseas and at home to protect the counmember organizations, NCOIC serves as an patterns that can lead to the achievement of try and its national interests. Australia is a honest broker to provide broad industry perNextGen’s 2025 milestones. Among other middle power in global terms, meaning that spectives on products, systems, tools and proartifacts, NCOIC’s recommendations will utiit maintains complex relationships with cesses that could advance the major objective lize the Joint Program Development Office’s close allies, coalition partners and regional of network-centric operations: getting the concept of operations for 2025 NextGen. The nations. right information to the right people at the joint office’s Net-centric Task Force, which “Getting information across the ‘last right time and in the right format. In other informs the CONOPS, is led by the U.S. Air mile’ has always been the toughest chalwords, it is to achieve interoperability among Force. lenge, yet we must see to it that future essential global military and civil forces. “We anticipate that the standards, forces can access information as if they were More about NCOIC is available at www. recommendations, best practices and netin the middle of the network, rather than on ncoic.org. The NCOIC hosts plenary meetcentric pattern development derived from the edge,” said Brett Biddington, ADIESA ings three times a year, including one in our collaboration will strengthen NextGen’s chairman. “If we adopt globally accepted late September in Fairfax, Va. Each includes requirements,” said Morgan. “Our recomstandards and tools, then we can begin to a series of working sessions along with a mendations will be founded on the thoughts build all sorts of relationships—between general session in which government and of multi-national, multi-industry leaders in Asian, European, American and other forces industry leaders address topics germane to net-centricity.” —because we will all have the same glue.” NCO. ✯ Industry’s review of a major acquisition’s AIRSPACE TRANSFORMATION enterprise architecture—prior to developing proposal requirements—is a pioneering Contact Editor Harrison Donnelly at harrisond@kmimediagroup.com. The consortium and the U.S. Federal effort conceived by the FAA. Further, the For more information related to this subject, Aviation Administration (FAA), meanwhile, agreement encourages industry to provide search our archives at www.MIT-kmi.com. are taking a unique path to NextGen, in an expertise to FAA throughout NextGen’s life 40 | MIT 13.8

www.MIT-kmi.com

THE AN/PRC-148 HANDHELD RADIO: BUILDING FOR THE FUTURE Warfighters need to meet today’s critical battlefield communications needs and prepare for the net-centric future. With the AN/PRC-148 JTRS Enhanced Multiband Inter/Intra Team Radio, or JEM, the future of battlespace communications is in hand. The AN/PRC-148 is the smallest, lightest, and most power-efficient, tactical handheld radio in use today covering the 30 -- 512 MHz frequency range. It is the most widely-fielded multiband handheld radio in the world. The AN/PRC-148 JEM’s Software Communications Architecture (SCA)compliant platform hosts all of today’s key waveforms and enables the integration of program enhancements, future waveforms, and additional modes of operation, all via simple software upgrades. Waveforms can be loaded onto the JEM’s SCA platform, allowing the radio to be used for a wider variety of applications and providing maximum user flexibility and upgradeability.

rugged EBMP reduces the warfighter’s carry load by replacing two legacy radios at half of the combined weight, size, and cost with no loss of functionality. Trusted on the battlefield for years, Thales is fielding technology today that is ready for tomorrow.

Taking multiband capability to the next level!

Thales has fielded a full system of ancillary products built around the AN/PRC-148 that are providing warfighters with additional communications capabilities, for mounted and dismounted operations, in size-, weight-, and power-constrained environments,

Thales has combined the functionality of multiple radios into a single manpack that provides continuous coverage for HF, VHF, and UHF. The Extended Band Manpack (EBMP) weighs less than 15.5 pounds with the radio installed, providing more capability in a smaller package. The EBMP leverages the capabilities and certifications of the embedded AN/ PRC-148 JEM and adds over-thehorizon HF capabilities, including SSB, CW, and ALE. With internal GPS, ease of programming, a user friendly front-loading battery, and the ability to “hot swap” the main battery without rebooting the radio, the EBMP offers long-awaited capability for warfighters.

Thales’s vehicular systems offer flexible mobility for the JEM. The Thales Vehicle Adapters and Vehicle Adapter Amplifiers provide single and dual channel 50 Watt power amplification for range extension, recharge the radio’s battery, and support a wide range of secure and anti-jamming voice and data applications. Thales’s unique, cable free, rapid radio dismount capability enables warfighters to shift seamlessly from mounted to dismounted operation in less than two seconds with a fully-charged and immediately operational handheld radio.

For information on the complete product family, visit our website and download our AN/PRC-148 Product Catalog.

The new Extended Band Manpack (EBMP) supplies 20 Watts of extended band operation from 1.6 -- 512 MHz. With HF, VHF, and UHF in a single manpack, the

Lives Depend On Our Products -We Will Always Act Accordingly

22605 Gateway Center Drive | Clarksburg, Maryland 20871 | USA www.thalescomminc.com | solutions@thalescomminc.com | 240-864-7000

6001_19_001:090909:V1

Compiled KMI Media Group staff Compiled by by KMI Media Group staff

Multi-Viewer Provides High Fidelity Display The latest in the SuperView family of multi-viewers from RGB Spectrum, model 5000 offers real-time performance with up to 12 windows. The SV5000, housed within a 3RU enclosure, is ideal for any application requiring high fidelity display of multiple images on a monitor or projector. In keeping with RGB Spectrum’s standards of performance and value, the SV5000 delivers realtime performance regardless of the number of inputs and outputs, at any resolution. The model 5000 is based on a custom high performance architecture rather than a PC, with faster updates, more display flexibility, robustness and security. Real time display of inputs is guaranteed under all conditions, without any dropped frames. The SuperView 5000 offers a scalable system that can be expanded to as many as 12 inputs. Input alternatives include RGB/DVI, analog video and HD-SDI. Each input can be sized and positioned anywhere on the screen, as well as panned and zoomed to emphasize areas of particular interest. Display alternatives are virtually infinite, and include quad split, side-by-side, picture-in-picture, and overlapping windows.

Crowbar Attacks Digital Forensic Challenges Crowbar from ManTech Cyber Solutions International is a unique digital forensic tool designed to perform critical functions needed by the law enforcement and military digital forensics community. Crowbar deciphers personal identification numbers on multimedia flash memory cards typically used in mobile phones, personal digital assistants, digital cameras, and other devices. Crowbar addresses several forensics challenges. For example, many traditional forensics tools will identify a PIN-locked flash memory card as “corrupt” without indicating that the card may be PIN-locked. Crowbar is able to determine if a memory card is PIN-locked, corrupt or damaged. Before Crowbar, the only way a military, law enforcement or civilian government investigator could unlock these storage devices was to obtain the PIN from the owner, or manually guess at the PIN. Crowbar gives investigators access to data stored on PIN-locked secure digital or multimedia card flash memory cards by rapidly attempting to determine the PIN. Crowbar is a user-friendly, portable, handheld device that is designed for tactical field operations. Crowbar delivers results by saving precious fieldinvestigation time by attempting to crack PINs faster and more efficiently than could be done manually; creating forensically sound images of unlocked cards for further examination back at the lab; and serving as a write-blocked card reader for unlocked cards. 42 | MIT 13.8

New Gateway Platform Offers “Security That Thinks” The new eSafe SmartSuite Secure Gateway for Web and mail protection and control is now available from SafeNet. An entirely new gateway platform, eSafe SmartSuite offers “security that thinks”—the combination of intelligent protection, ease of use, and value-focused management and reporting that provides the insights today’s businesses require. Building on the foundation of eSafe’s real-time, intelligent technology platform, designed to protect organizations from current and future threats, eSafe SmartSuite offers real-time, intelligent inspection of all inbound and outbound Web and mail traffic while delivering unmatched performance and scalability. Additionally, eSafe SmartSuite now improves productivity and management visibility, and enhances security decision-making capabilities through simple, intelligent, and value-driven monitoring, trend analysis and reporting functionality. A component of SafeNet’s vision for comprehensive enterprise data protection, eSafe SmartSuite delivers the first fully integrated content security and data leakage prevention solution with data aware monitoring, enabling assessment and mitigation of threats originating from data leakage. eSafe allows organizations to detect, analyze and prevent mishandling of information, and will be fully aware of existing risks so that they can take preventive measures to protect sensitive data. Amanda Curtis: amanda.curtis@safenet-inc.com

Handheld Performs in Streamlined, Portable Form Factor Technology Advancement Group (TAG) has released the second generation of the TC-100 Commander. This latest device from TAG defines the cutting edge of fast, mobile handheld computers, featuring a sunlight readable display, a touch screen, unparalleled I/O flexibility, and customizable button configurations. TAG’s TC-100 sets the stage for mobile computers with w state-of-the-art technology, specifically hardened to resist the harshest environments of modern tactical field applications. The updated model provides the performance of a dedicated, lightweight (3.8 pounds) computer in a streamlined, portable form factor. The Commander is available with advanced features such as GPS, Bluetooth, Wi-Fi, video capture, hard-drive encryption, night vision compatible display, and cellular connectivity. Built-in expansion slots afford mobile users endless flexibility for field applications. Its ergonomic, handheld design is completely ruggedized and designed to meet MIL-STDs for shock and vibration. Matt Hederstrom: matt.hederstrom@tag.com www.MIT-kmi.com

The advertisers index is provided as a service to our readers. KMI cannot be held responsible for discrepancies due to last-minute changes or alterations.

MI T CALEND A R & DI REC TO RY ADVERTISERS INDEX AFCEA InfoTech 2009 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .7 www.afcea-infotech.org Cases2Go . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .43 www.cases2go.com Ericsson . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .C2 www.ericssonfederal.com GDC4 Needham . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .13 www.gdc4s.com/secureproducts GDC4 Taunton . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .C3 www.gdc4s.com Harris RF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .21 www.harris.com Hitachi. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .9 www.hds.com/go/discover ITT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .3 www.cs.itt.com/tough L-3 East . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .C4 www.l-3com.com/ste L-3 West . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .24 www. l-3com.com/csw McLane Advanced Technologies . . . . . . . . . . . . . . . . . . . . . . . . .5 www.mclaneat.com Rockwell Collins . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .27 www.rockwellcollins.com/milsatcom Scalable Network Technologies . . . . . . . . . . . . . . . . . . . . . . . .29 www.scalable-networks.com/visnet Smartronix . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .31 www.smartronix.com Sprint . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .33 www.sprint.com/nextel Thales . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .41 www.thalescomminc.com

September 21-25, 2009 NCOIC Plenary Meeting Fairfax, Va. www.ncoic.org

October 18-21, 2009 GEOINT Symposium San Antonio, Texas www.usgif.com

September 29-October 1, 2009 Modern Day Marine Quantico, Va. www.marinemilitaryexpos.com

October 27-29, 2009 DCGS Worldwide Conference and Expo Virginia Beach, Va. www.ncsi.com

October 18-21, 2009 MILCOM 2009 Boston, Mass. www.milcom.org

www.MIT-kmi.com

Cover and In-Depth Interview ew with:

Richard Williams Vice Principal Director GIG Enterprise Services Engineering ngineering DISA

DISA Speciall Section IA Executive Mark Orndorff, program executive officer, information on assurance and NetOps PEO O

CALENDAR

October 5-7, 2009 AUSA Annual Meeting and Exhibition Washington, D.C. www.ausa.org

NEXTISSUE

October 2009 Volume 13, Issue 9

October 29-30, 2009 TechNet International Brussels, Belgium www.afcea.org November 2-5, 2009 TechNet Asia-Pacific Honolulu, Hawaii www.afcea.org

Who’s Who in DISA Photos, biographies and contact information for keyy DISA officials

DISA Updates Reports on key DISA programs

Features: Expanded Cybersecurity Coverage

Video Teleconferencing

• Insider threat management • IA performance metrics • Military IA news updates

As the military expands reliance on video teleconferencing, vendors are offering a host of security and other enhancements.

Satellite Contract

Distributed Agents

New alliance between DISA and the General Services Administration could provide major benefits to military users of commercial SATCOM.

Distributed agent-based systems interoperability enables interoperability among existing systems and delivers high-order data processing and discovery capability.

MIT 13.8 | 43

INDUSTRY INTERVIEW

MILITARY INFORMATION TECHNOLOGY

Simon Lee President and Chief Executive Officer STG Simon Lee is president and chief executive officer of STG Inc., a leading provider of performance-based IT, homeland security, engineering, financial and scientific services with customers spanning government and industry. In 1986 he founded STG, which has since grown into a more than $200 million organization with more than 1,300 worldwide employees. Q: What does STG do to support the Army’s Global Network Enterprise Construct [GNEC]? A: The GNEC is a global enterprise capability that is enabled by Network Service Centers [NSC]. Currently, the Army is projecting five NSCs in its IT enterprise. Each NSC has three major capabilities: Fixed Regional Hub Node [FRHN], Area Processing Centers [APC] and Theater Network Operations and Security Centers [TNOSC]. By supporting the TNOSCs, we are also providing support to NETOPS, FRHNs and APCs. Our responsibilities include indirect support to other Army organizations requesting copies of our processes; ITIL best practices; lessons learned; and Army tactics, techniques, and procedures [ATTP], as well as those requesting subject matter expertise [SME] and reachback support to enable other Army organizations to meet their individual missions. STG is proud to be a part of the Army’s team. As a mid-sized business and partner in the collaborative efforts across 9th Signal Command (Army) [9th SC(A)], STG believes in sharing our expertise and knowledge across the enterprise to serve the greater good of the Army. We use our knowledge of Army initiatives to ensure other Army enterprises are using their scarce investment dollars to the greatest possible outcome. In the end, we all share one mission: to support the warfighter and keep our soldiers and our country safe. Q: How are the TNOSCs, with increasing mission and decreasing budgets, transforming to a modular-based, expeditionary force capable of full-spectrum operations? 44 | MIT 13.8

A: The key here is collaboration across the Army enterprise. In order to maximize available resources, the individual TNOSCs are sharing their processes, SME and lessons learned with one another. Sharing these best practices and tools across the entire Army enterprise allows 9th SC(A) to fully leverage the unique expertise and knowledge of common NETOPS tools available in the Army IT enterprise. This includes sharing and integrating their ATTPs, sharing lessons learned across the TNOSCs and working to integrate proven ITIL-based processes and procedures across all Army IT support service providers. Across the Army enterprise, this collaboration includes integrating all those individual processes developed across the TNOSCs and NECs, so that each organization understands its own responsibilities and how its services and procedures fit into the larger Army enterprise. Q: How does innovation play a part in the Army’s transformation and mission? A: It is important to take advantage of emerging commercial technologies and leverage their improved capabilities as they apply to an Army environment. In addition, the Army does an outstanding job of establishing forums where the Army’s leadership explains their IT mission needs to the government contractor community, which allows industry to focus its independent research and development investments on the Army’s actual current and future IT requirements. The Army has established IT enterprise leadership among the military com-

munity by tailoring commercial IT best practices in their mission-critical environment. They are generating an environment that concentrates on continuity of delivered services while greatly reducing the risk of unexpected service outages. Currently, in the Army’s rapidly changing tactical IT environment, it is important to be able to react quickly to unexpected issues. The Army is focused on establishing processes that support a more proactive, rather than reactive, approach to IT enterprise management. The war fight starts at the tactical edge with the world’s finest fighting force. Industry’s role is to develop innovative technology that will support the warfighter from the tactical edge back to the Army’s enterprise enablers. Q: What role does a contractor like STG play in supporting the Army’s mission? A: First, let me say again how honored STG is to play a role on the Army’s team. Every day our employees wake up proud and humbled by the sacrifices our warfighters make to keep our country safe. The Army is starting to fully embrace performance-based contracting and the idea of service delivery, and is focused on increasing situational awareness to make the warfighter more lethal and powerful. The Army is concerned about the overall impact of IT service delivery to the warfighter, the impact on the mission, and the impact to the Army. They shouldn’t have to focus on the small, individual components that help lead to the delivery of IT services. As a government contractor, it is STG’s job to worry about the bits and bytes, and let the Army focus on accomplishing their mission. In short, we help enable the Army to focus on the intended outcome, and not solely on how IT can support the accomplishment of the mission. They tell us what services are needed to support the mission, and we determine how best to deliver those services to the warfighter. That is what we do, and we do it well. The Army’s mission is important to national security and defense, and we are happy to play a small role in helping achieve that mission. ✯ www.MIT-kmi.com

WIN-T is… being fielded today. a self-forming and self-healing network. providing integrated network operations. a mobile, ad-hoc network. the U.S. Army’s current and future network. For more information please call 508-880-1759.

© 2007-09 General Dynamics. All rights reserved. Select photographs courtesy of the U.S. Department of Defense.

V o IP U p g ra d e K it N o w A v a il a b le

250,000 USERS WORLDWIDE CAN’T BE WRONG

NSA Certified Industry Standard for Secure Voice & Data Communications Join over 250,000 STE users by replacing your STU-IIIs with the industry standard for NSA certified secure voice and data communications. If you’re already a member of the STE Family, L-3 offers its users the ability to upgrade to Voice over Internet Protocol (VoIP) with our low-cost, easy-to-install kit. With the purchase of the VoIP Upgrade Kit users have the option to use ISDN, PSTN or VoIP with a simple software download. To order your STE or VoIP Backfit Kit, call 856-338-3437 or 856-338-3495 or visit L-3com.com/STE. C 3 IS R > G O V E RN M EN T S ER VI C E S > AM & M > SP E CI A LI ZE D P R OD U CTS Comm unication Systems-East

L-3com.com