The Voice of Military Communications and Computing
Enterprise Architect Teri Takai Chief Information Officer DoD
Volume 15, Issue 10
Enterprise Storage O Mashup Tools O Army Decision Support Internet in Space O AFNet O Cyber-Response
PRSRT STD U.S. POSTAGE PAID LEBANON JCT., KY PERMIT # 805
Introducing the Harris AN/PRC-152A. Keeping the frontline connected.
Dismounted troops send data with secure wideband
Squad leaders network up and down the command chain
Company commanders connect on the move
The worldâ€™s first handheld radio with both Type-1 wideband networking and narrowband interoperability. The NSA-certified Harris AN/PRC-152A gives todayâ€™s warfighters secure access to voice, video, and data. Learn how Harris delivers the network to all echelons of the battlefield at Harris.com/Delivers
Battalion leaders assess in real time, clear to engage
Military Information Technology
November 2011 Volume 15 • Issue 10
Cover / Q&A Storage on Demand
As data storage needs grow, the Defense Information Systems Agency is seeking a new version of contract providing enterprise storage capacity as a service, which when initiated represented the first sizable storage project of its kind anywhere. By Peter Buxbaum
Balanced Cyber-Warfare Posture Integration should be a priority in all three pillars of a cybersecurity program—people, processes and technology. By Jason Mical
12 Air Force Builds “One Network”
With some three dozen bases and nearly 20 percent of all users having made the transition, the Air Force is well along in its campaign to implement a single, servicewide network, known as AFNet, by the end of next year. By Harrison Donnelly
IP Over Satellite
As international space assets become more prevalent and successful, will the international community leapfrog the U.S. in satellite capability by embracing a global approach to true IP over satellite first? By David Howgill
Mashups for Real-Time Awareness
DISA has implemented enterprise mashup technology, which dramatically reduces the time and effort required to combine disparate data and provide a mechanism to easily share, customize and apply to like situations. By Karen E. Thuermer
Teri Takai Chief Information Officer Department of Defense
Spearheading Change on Data Sharing
The Army Enterprise Management Decision Support system efficiently and automatically brings together data about unit readiness and training from a diverse array of information sources. By Harrison Donnelly
36 Rear Admiral Kenneth W. Deutsch (Ret.) Vice President and Lead Executive Next Generation Enterprise Network Program CSC
Military Information Technology
Volume 15, Issue 10
The Voice of Military Communications and Computing Editorial Managing Editor Harrison Donnelly firstname.lastname@example.org Online Editorial Manager Laura Davis email@example.com Correspondents Adam Baddeley • Peter Buxbaum • Cheryl Gerber Scott Gourley • Karen E. Thuermer
Art & Design Art Director Jennifer Owers firstname.lastname@example.org Senior Graphic Designer Jittima Saiwongnuan email@example.com Graphic Designers Amanda Kirsch firstname.lastname@example.org Scott Morris email@example.com Kailey Waring firstname.lastname@example.org Advertising Account Executives Cheri Anderson email@example.com Ashley Funk firstname.lastname@example.org Hubert Robinson email@example.com Elizabeth Schwartz firstname.lastname@example.org
KMI Media Group Publisher Kirk Brown email@example.com Chief Executive Officer Jack Kerrigan firstname.lastname@example.org Chief Financial Officer Constance Kerrigan email@example.com Executive Vice President David Leaf firstname.lastname@example.org Editor-In-Chief Jeff McKaughan email@example.com Controller Gigi Castro firstname.lastname@example.org Trade Show Coordinator Holly Foster email@example.com Operations, Circulation & Production Manager, Circulation and Operations Toye McLean firstname.lastname@example.org Distribution Coordinator Duane Ebanks email@example.com Data Specialists Rebecca Hunter firstname.lastname@example.org Tuesday Johnson email@example.com Cassandra Jones firstname.lastname@example.org Raymer Villanueva email@example.com Summer Walker firstname.lastname@example.org Donisha Winston email@example.com
As they look for greater efficiency and budget savings in the Department of Defense’s $38 billion IT budget, Chief Information Officer Teri Takai and other officials will no doubt be able to learn from the experiences of the nation’s intelligence agencies, which are embarking on a major restructuring of their IT systems. The CIOs of the largest members of the intelligence community are scheduled in December to present a plan for a consolidated information architecture that will lead to common systems and information throughout much of the intelligence community. While the catalyst for the transformation being embarked upon Harrison Donnelly is the nation’s budget situation, Al Tarasiuk, CIO of the Office of Editor the Director of National Intelligence, said at the GEOINT 2011 Symposium this fall that its developers also see it as an opportunity to achieve greater integration and efficiency in IT operations. The proposal calls for a new architecture with characteristics that include a single design back office and desktop; consolidation for infrastructures and provisioning of central services for all to use; a thin desktop for the majority of IC users, and thick client for a small number that will require the extra power; cloud technology implemented with a set of standards that will permit interoperability with other clouds; significant network consolidation; and widgetized applications. “In addition, our operating model has to change,” Tarasiuk said. “We have to move from agencies managing their own IT environments to an IC enterprise model, where we’re managing on behalf of all. Some agency functions are unique and will have to remain separate, but we have to ensure their interoperability. “Besides the cost reductions, the value proposition for the IC is that we can become more agile, and more able to stand up missions quickly. We will have capacity and ability to more easily search, and better integration. There will be improvements in information discovery, access and sharing, and a more defensible IT infrastructure,” he said.
KMI Media Group Magazines and Websites Geospatial Intelligence Forum
Military Advanced Education
Military Information Technology
Military Logistics Forum
Military Medical/CBRN Technology
Ground Combat Technology
Military Training Technology
Special Operations Technology
Tactical ISR Technology
U.S. Coast Guard Forum
A Proud Member of Subscription Information Military Information Technology ISSN 1097-1041 is published 11 times a year by KMI Media Group. All Rights Reserved. Reproduction without permission is strictly forbidden. © Copyright 2011. Military Information Technology is free to qualified members of the U.S. military, employees of the U.S. government and non-U.S. foreign service based in the U.S. All others: $65 per year. Foreign: $149 per year. Corporate Offices KMI Media Group 15800 Crabbs Branch Way, Suite 300 Rockville, MD 20855-2604 USA Telephone: (301) 670-5700 Fax: (301) 670-5701 Web: www.MIT-kmi.com
We put it all together so you don’t have to. Perhaps you’ve heard about Harris CapRock, the new business from Harris Corporation. We’re the largest business focused specifically on providing remote communications — one reliable resource for everything satellite, wireless and terrestrial. That means you’ll never have to manage multiple vendors again, saving you operational costs. Also, having one source means all your communications components will work in concert together to significantly lower network complexity and save you time and money. Finally, as the largest purchaser of satellite capacity, Harris CapRock puts buying power on your side for lower bandwidth costs. When you stop to think about who’s best equipped to handle your remote communications, it all adds up to one. Harris CapRock.
© 2011 Harris CapRock Communications, Inc. All rights reserved.
ReliAbiliT y NeveR ReACHed So FAR ™
Compiled by KMI Media Group staff
P R OG R AM NO TES
pe o ple
Search for Alternatives to Follow Ground Mobile Radio’s End The Department of Defense has decided to cancel the Joint Tactical Radio System’s ( JTRS) Ground Mobile Radio (GMR) program and establish a new program that manages the evaluation, testing and delivery of affordable nondevelopmental item products fielded to operational units. The decision represents a significant scaling back of the overall JTRS program, which had been dogged by development delays and targeted by Congress for spending reductions. The GMR program was intended to develop a softwareprogrammable radio system providing secure, reliable, multi-channel voice, data, imagery and video communications for mobile military users. James J. Mercer, spokesman for the JTRS Joint Program Executive Office ( JPEO), offered this statement in response to the action: “The Army and JPEO welcome this opportunity to pursue a new strategy to meet GMR requirements. Prior investment in software defined radios through the GMR and JTRS program has fostered competitive alternatives. “The Army intends to conduct a full and open competition in early 2012, leveraging mature technologies to provide soldiers with essential communications on the battlefield. The Army has committed to a new way of doing acquisition—an agile approach that emphasizes affordability, embraces innovation, supports competition and rewards technological maturity. The decision to cancel GMR is fully consistent with this approach. The existing GMR development contract, which expires in March 2012, will be closed out in a manner that supports a new strategy,” Mercer indicated. In a November press briefing, GMR Program Manager Colonel Gregory M. Fields outlined the process for the alternative program, a non-developmental item effort known as the Mid-Tier Networking Vehicular Radio (MNVR). The first step in the source-selection process was a recently released draft document outlining the operational requirements for the desired equipment. A final request for proposals will be issued in early 2012, with a subsequent competition throughout that year to select from the available radio market The system will be required to provide a minimum throughput of 2 mbps between a source/destination node pair operating in point-to-point mode, with a minimum line-of-sight range of 8 kilometers. The system will also have to offer a minimum aggregate network throughput of 200 kbps.
4 | MIT 15.10
Maj. Gen. Ronnie D. Hawkins Jr.
Air Force Major General Ronnie D. Hawkins Jr. has been nominated for appointment to the rank of lieutenant general and for assignment as director, Defense Information Systems Agency. Hawkins is currently serving as deputy director, J8, for command, control, communications and computer systems, Joint Staff.
Brig. Gen. Linda R. Medler
Air Force Brigadier General Linda R. Medler, who has been serving as assistant deputy director for net centric capabilities, J-8, Joint Staff, has been assigned as director of command, control, communications and computer systems (J6), U.S. Cyber Command. CSC has named Rear Admiral Kenneth W. Deutsch (Ret.) as vice president and lead executive for CSC’s pursuit of the Department of the Navy’s Next Generation Enterprise Network contract.
American Systems, a provider of federal IT and engineering solutions, has announced the appointment of James Scampavia as vice president of business development, and Edward Lussier as vice president and executive director of the Professional Services Federal Market. Harris has named Alex Heidt senior vice president of business development, reporting to John Heller, president, Harris IT Services. Heidt has served as vice president of Air Force programs at Harris IT Services since joining the company last year. In addition, George Helm has been named president of Harris RF-Communications’ Department of Defense business, succeeding Brendan O’Connell, who has been named president of Harris RF Communications’ international business. Z Microsystems, a provider of field-ready computer systems, has named Richard Schmidt as chief financial officer, Jason Wade as vice president of product marketing and sales, and Randy Millar as vice president of engineering.
BUILT TO THRIVE IN HARSH ENVIRONMENTS
Rugged Rack Mounted Servers from Z Microsystems The ZX Series Servers from Z Microsystems were designed from the ground up to meet the stringent operational demands of deployed military applications. With dual redundant AC/DC power supplies, a choice of 1U, 2U and 3U systems, and up to 12 removable hard drives, these rugged rack mounted systems offer solutions for mission-critical applications on the battleďŹ eld, and aboard aircrafts, ground-based vehicles, and ships.
For reliable computing power on the go, call us at 858.831.7000 or visit www.zmicro.com/zx
As data storage needs grow, DISA seeks new version of
contract providing enterprise storage capacity as a service. By Peter Buxbaum MIT Correspondent
6 | MIT 15.10
Less than a decade ago, the proportion of IT budgets spent on storage was in the single digits. Today, it’s around 30 percent. The reason is that military organizations, no less than their commercial counterparts, have an insatiable appetite for data. They want to slice, dice, crunch and analyze that data, and never have to discard it. In addition, data sets are growing exponentially, especially with the increased utilization of video and other imagery in military applications. The good news is that organizations have learned to manage storage more efficiently. “The consolidation and virtualization of servers means that you don’t need as many of them,” said Mark Weber, president of the U.S. public sector division at NetApp, a storage solutions company. “But with defense budget cuts coming, it is important that the military develop ways to get even more efficient with storage.” www.MIT-kmi.com
MIT 15.10 | 7
disaster recovery. “We use all storage modes as part of ESS,” said The Defense Information Systems Agency (DISA) was out Garing. “We do what the government wants. We are not locked ahead of the storage management curve when it awarded an into a particular vendor. We keep it as generic as possible.” Enterprise Storage Services (ESS) contract to ViON Corp. in Disks are currently DISA’s main storage mode, 2007. ESS provides storage capacity as a service, according to Garing. “They are moving more to and was the first sizable storage project of its kind solid state storage where necessary and where it anywhere, according to John Garing, a former makes sense,” he said. DISA chief information officer and now a ViON vice The drive toward storage efficiency has meant president. that IT experts have had to rethink their metrics. Garing added that DISA started the concept of “Storage used to be measured on the basis of dolcapacity on demand in 2001. The first competilars per terabyte of capacity,” said Weber. “That is tively awarded capacity-on-demand contract was not the answer for every application. We think more the Assured Computing Environment in 2003. about storage efficiency. We put 90 percent of our DISA issued a request for information over the research and development dollars into making betsummer, in anticipation of recompeting ESS next John Garing ter utilization of storage capacity.” year. The RFI makes clear that DISA will be conThis efficiency is achieved through software tinuing its “on-demand service approach.” that among other things automatically deletes data The ESS vendor will also be “required to produplicates. vide state-of-the-art storage capacity to meet new There is also the question of backup. All data and emerging customer requirements and have the needs to be backed up in order to be recovered ability to replace existing DISA storage capacity that in case of failure or disaster. “Different users and has exceeded its technical life.” applications have different restoration requireThe contract will cover 11 locations in the ments,” said John Pearring, manager of sales for continental United States as well as locations in STORServer. “Some need immediate access to lost Bahrain, Germany, Hawaii, Japan and South Korea. data. In other cases they need to bring an entire data ViON will be vying for a renewal of its contract. center back up within 48 hours of a disaster. Just “DISA was a pioneer in the on-demand model,” Mark Weber because data is stored doesn’t mean individual users said Garing. “It is not outsourcing, it is smart can all restore stuff the same way.” sourcing. DISA set the conditions and rules, and STORServer provides an appliance that autoindustry has caught on. ViON provides the capacmatically backs up data to specified media. ity services and uses technology from vendors that Storage capacity acquired under the next ESS provide storage. We provide storage as a service.” contact is likely to include more solid state and flash The storage service works and is billed much as storage media and less use of disks and tape. This is a utility. “We provide capacity on demand that DISA attributable to advances making solid state and flash can turn on and off at will in a matter of days rather more cost-effective. Solid state storage is the fastest than months or years,” Garing explained. “They pay storage medium, but provides low data density and for it like an electric bill. If they use more they pay results in a high cost per unit of storage. Flash stormore. If they use less the bill goes down.” age, although slower than solid state drives, offers Besides the operational flexibility that the sysJohn Pearring a high level of data storage density, at one-fifth the tem affords, configuring storage as a service also price per unit of storage. makes it quicker and easier to acquire capacity firstname.lastname@example.org Pure Storage provides flash memory for storage, from a regulatory standpoint, Garing added. It also which performs better than disk arrays and at a eliminates the practice of data center owners to lower cost, according to Matt Kixmoeller, the comoverprovision in order to ensure adequate capacity. pany’s vice president of products. Flash memory Garing believes that ESS shaved DISA’s overall storprovides 30 to 50 times the capacity of spinning disk age costs by at least 30 percent. arrays, but normally costs 10 times as much. “In my opinion the current ESS contract has “We do two things to drive down costs,” said been a huge success,” said Weber. “ViON has done Kixmoeller. “We use consumer grade flash memory a great job. The next contract will be even bigger instead of enterprise grade but we use a large pool and more important. DISA and its customers will of it. We also use in-line data reduction techniques be able to acquire storage capacity without having like compression and deduplication of data, which to commit capital to acquire equipment.” allow us to store anywhere from five to 20 times NetApp is a provider of disk storage capacity Matt Kixmoeller more data on the same amount of flash, thus reducunder the current ESS contract. ing its effective price.” Kixmoeller sees three key advantages of flash memory over Storage Modes disks: performance, size and power consumption. “With a flash array we can deliver 10 times higher performance than a disk Storage media comes in a number of different flavors, such array, while the size of the array is 10 times smaller,” he said. as hard drives—including solid state and flash media—online “A data center can reduce a storage disk array from the size of a storage, disks and off-line tape storage for archiving, backups and 8 | MIT 15.10
WHEN SECURITY IS CRITICAL. Securing information from point to point and throughout your network — when it’s critical, it’s QinetiQ North America. Your cybersecurity challenges require innovation to identify risks and eliminate threats. We have the capabilities, the credentials and the mission success to deliver it. Discover where innovation lives at www.QinetiQ-NA.com/GetSecure
WHEN IT’S CRITICAL, IT’S QINETIQ.
couple of refrigerators to the size of a microwave. Reducing the size makes the data center cheaper to operate. Flash also consumes much less power.” Global Discovery Inc. (GDI) is offering to provide solid state server and storage enhancements to government agencies, which the company claims will be deployed at one-third the cost of traditional server storage and will provide a saving of 65 percent on energy bills for IT data centers. “Solid state server and storage is a very well-kept secret,” said Glenn Ziccardi, the company’s chief executive officer. “But GDI and its teaming partners have been working with a number of companies on bringing this newest technology to government agencies. GDI appliances will be able to be shipped directly to military sites and self installed by local personnel.” GDI’s appliance can be overlaid on the existing network without degrading current network performance, according to Ziccardi. “GDI’s patented solutions can collect or process multiintelligence information across agency boundaries and keep the data and network secure while collecting petabytes of information and providing superior analytics performance,” he added. “GDI provides capabilities using vendor independent and recognized standard protocols that enable the edge appliance to interact with legacy drive appliances and servers.”
expensive than tape, but much faster. Deduplication allows you to reduce the amount of data stored.” The StoreOnce appliances can be configured in as few as five steps, according to Kinney. Earlier this year HP introduced the StoreOnce D2D4324, which contains up to 72 terabytes of usable storage with performance of up to four terabytes per hour. “The lower end of the line is generally used in small to mid-sized accounts and in remote offices,” said Kinney, “while the higher end products are generally used by enterprise accounts for their data centers.” Existing customers of HP management tools will probably not have to invest in or learn more software tools, he added. STORServer provides a storage backup appliance that seeks to remove the complexity from backing up different kinds of data stored at different locations and owned by different organizations. “It allows you to get a handle on buckets of storage located anywhere from private clouds to data centers to work stations,” said Pearring. “An appliance is an integrated composite of equipment and software that connects to an enterprise’s communications framework and allows everything on the network to be backed up and restored.”
Capacity and Cost
The alternative to the appliance approach is to deal with hardware and software in pieces and parts, leading to potential incompatibilities and difficulties with service and support contracts. Software can be leveraged to maximize the capacity and effi“Our appliance is agnostic to the type of storage,” said Pearciency of data stored on hard drives, noted Weber. While NetApp’s ring. “The backup can be assigned to any type of storage desired spinning disk storage arrays can provide capacity exceeding one and it allows for faster recovery. It also makes it easier to adapt to petabyte, the software that the company provides is what maxinew backup media as those media evolve.” mizes the efficiency of its disk storage space. STORServer’s appliance is sold through resellers and is “Without the software, the typical disk utilization is only 25 usually installed as part of a larger project, such as a server percent,” he said. “With NetApp software, we can get utilization reconfiguration. up to 70 percent to 80 percent on the disk.” Fundamentally, considerations of performance, capacity and One result is that an organization can invest in a lower level cost will continue to dominate the thinking about enterprise storof storage capacity. “With our technology, they are able to drive age and will be reflected in the renewal of DISA’s ESS contract. efficiencies in their storage systems and to lower their total cost “There are going to be budget cuts,” said Weber. “To of ownership,” said Weber. get the storage job done you need to take advantage The increased utilization of disks and the lower of efficiency. The approach taken by DISA has the investment necessary in storage capacity also yields effect of driving down costs.” savings in space, power and cooling requirements At the same time, the military is going to for storage apparatus, while providing environmenrequire an ever growing level of storage capacity, tal benefits, Weber noted. density and performance. “They are going to be NetApp also provides virtualization software continuing to ingest big data files like video,” said that limits the duplication of data by pointing users Weber. “This is going to require high performance, to an original stored copy of a data block. “This or otherwise they won’t be able to get the job done. also maximizes the utilization and efficiency of disk They need incredible levels of density. You can’t space,” said Weber, “and also makes disk storage maintain football fields full of this stuff.” more cost-effective.” Sean Kinney ViON will be competing for a renewal of its ESS Hewlett Packard offers a line of storage systems, contract with DISA. “As the incumbent we know the including the HP X9000 active-archive disk system customer very well and we believe we know what the customer and the ESL G3 tape library, which also includes its StoreOnce needs,” said Garing. “We intend to leverage that experience going Data Deduplication Software, an integrated disk-based backup forward.” O appliance, to help manage storage capacity. “Using disks for backup is changing the face of storage,” said Sean Kinney, director of product marketing at HP Storage. “DiskContact Editor Harrison Donnelly at email@example.com. based backup with deduplication is replacing tape as the preferred For more information related to this subject, search our archives at backup and disaster recovery medium. Specialized disks and tape www.MIT-kmi.com. are used for long-term storage and archiving. Disks are more 10 | MIT 15.10
What does your shirt say about you? I am in pursuit of
knowledGe I am Globally Recognized I am a leader I am a BICSI
Get the manual. take the courses. earn the credential. Market your knowledge in the design, implementation and integration of information technology systems (ITS) and related infrastructure by becoming a Registered Communications Distribution Designer (RCDD速). Learn more at www.bicsiorg/rcdd4 or with your smartphone.
Balanced Cyber-Warfare Posture The shift toward integrated response capabilities is critical. By Jason Mical
Despite increased regulation, oversight and spending, the federal government is experiencing increased security incidents. According to the October 2011 GAO Information Security report, federal security incidents have increased by 650 percent over the last five years. Federal agencies have placed great emphasis on preventative measures, while approaching incident response with a bag of disparate tools utilized by disparate teams. Yet, given the immeasurable increase in the number of attackers and exploits, it’s easy to argue that more attention should be paid to optimizing response. In a June 2010 article in a Department of Defense blog, “Armed with Science,” General Keith Alexander, head of U.S. Cyber Command, stated, “… we have been leaning forward and building an organization and a mission alignment that is more integrated, synchronized and effective ….” Integrated, synchronized and effective should extend beyond people and processes to include the technology deployed in facilitating incident response. The incident response infrastructure is an agency’s last line of defense, so having a few different teams, each juggling a bunch of tools, is not the most effective approach. We know that in order to identify and address security incidents, seven standard capabilities are required. As of yet, however, federal agencies accomplish these capabilities with a variety of tools, and correlating the intelligence gathered with these disparate tools is largely a manual process. These capabilities are network forensics, monitoring, host forensics, malware analysis, large-scale data auditing, collaboration and reporting, and remediation. AccessData is a provider of each of the above technologies and has integrated them into a single cyber-intelligence and response platform. It works within existing infrastructures to enable compliance with FISMA and NIST guidelines by achieving the following: Increased intrusion detection and decreased recovery time. Network or security operations centers (NOC/SOC) can more quickly validate alerts and make sense out of event logs with real-time visualization of network traffic, as well as integrated correlation of associated host data. Even when signature-based solutions fail, agencies can detect threats through automated enterprise scanning, as well as graphic illustration of network communication flows to identify anomalous behavior. When a potential threat is detected, personnel can drill down into suspect nodes to see what is happening in real time, along with automated threat scores of binaries. The platform will then do automated disassembly and data flow analysis of suspect binaries to determine behavioral intent. This allows for the detection and validation of malicious code without waiting for another 12 | MIT 15.10
team to perform heuristics or dynamic analysis. Finally, after scanning to identify all affected computers, batch remediation can be performed. Continuous monitoring, even when assets are not logged onto the network. Unlike other network monitoring solutions, the integrated platform is not blind when a laptop user leaves the network. A new host-based network forensics technology allows everything leaving from and coming onto a laptop (disconnected node) to be recorded. In addition, the platform monitors files being copied to or from removable media. Detection and remediation of PII and classified spillage. By performing regularly scheduled automated audits of the enterprise, agencies can detect spillage that DLP solutions routinely miss. Once spillage is detected, integrated network and host analysis allows information assurance teams to identify the origin of the spill, how it happened, as well as all other compromised assets. Finally, IA teams are able to perform batch wiping when policies allow. Proactive approach to addressing internal threats. NOC/SOC and IA teams can proactively scan for unauthorized applications and access. The ability to correlate data at rest with data in motion allows these teams to determine the behavior and intent of an employee, and built-in remediation allows unauthorized applications to be removed or disabled. Once a potentially malicious insider has been identified, personnel are able to monitor all the suspect’s actions on and off the network, including use of removable media. Achieving a collaborative, synchronized environment. Integrated cyber-intelligence and response technology creates a collaborative ecosystem, providing different views into the network environment, tailored to suit the needs of the various parties using the solution. Multiple responders and analysts can be permitted to log into the platform to work an incident simultaneously and to report real-time status and metrics up and down the chain of command. Integration should be a priority in all three pillars of a cybersecurity program—people, processes and technology. The right technology can facilitate an integrated, collaborative approach among the various teams and their processes, while facilitating a far more effective information security program. O Jason Mical is director of network forensics, AccessData Group. For more information, contact Erika Lee: firstname.lastname@example.org Contact Editor Harrison Donnelly at email@example.com. For more information related to this subject, search our archives at www.MIT-kmi.com.
DEFEND YOUR COUNTRY WITH A WHOLE DIFFERENT WEAPON. Today’s new battlefield is in cyberspace. And everyone needs trained cyber warriors immediately—from our nation’s new Cyber Command to banks, utilities and defense contractors. A bachelor’s or master’s degree in cybersecurity, or a master’s degree in cybersecurity policy from University of Maryland University College (UMUC) can help you be ready. Our cybersecurity courses are offered online, providing in-depth study of the theory and practice of preventing cyber attacks. Military or civilian, public or private sector, UMUC can help you advance your career and defend your homeland. • Designated as a National Center of Academic Excellence in Information Assurance Education by the NSA and the DHS • Earn undergraduate college credits for learning from work experience, military service or volunteer activities • Military scholarships, ﬁnancial aid and an interest-free monthly payment plan available for those who qualify
The Council of College and Military Educators (CCME) has awarded UMUC the 2011 Institution Award, which demonstrates dedication and leadership in providing quality voluntary off-duty education programs to the armed forces.
ENROLL NOW. 877-275-UMUC military.umuc.edu/cyberspace
Copyright © 2011 University of Maryland University College
Air Force Builds “One Network”
AFNet will consolidate separate Air Force base communications
networks into a single enterprise for web, email and security operations.
By Harrison Donnelly MIT Editor
With some three dozen bases and nearly 20 percent of all users having made the transition, the Air Force is well along in its campaign to implement a single, servicewide network, known as AFNet, by the end of next year. Reflecting the “one Air Force, one network” construct, AFNet will consolidate separate Air Force base communications networks into a single enterprise for web, email and security operations. Along with the Army’s current joint effort with the Defense Information Systems Agency to establish an enterprise email system, the AFNet program is part of the growing trend among the military services to increase efficiency and security by combining networks and services. The goal of the multiyear Air Force effort is to take all of the disparate networks that have grown up out of necessity from different organizations, major commands and centers, and bring them together into one standardized, cohesive network that can be commanded and controlled by a single entity. As of late October, the transition from local networks to AFNet had just been completed at Schriever Air Force Base, Colo., and was under way at the Peterson, Colo., Malmstrom, Mont., Buckley, Colo., and F.E. Warren, Wyo., bases. 14 | MIT 15.10
All told, the AFNet project will include migration and legacynetwork shutdown activities at more than 410 locations and 14 legacy major command/unit Active Directory environments, and an estimated 845,000 users. The number of independent Air Force NIPRNet connections has also fallen from more than 100 to 16, thus improving security. In addition, the many base data centers will be consolidated into three regional facilities, at Wright-Patterson AFB, Ohio, Andrews AFB, Md., and Scott AFB, Ill. The new network will offer many user benefits, developers say, including enabling personnel to work anywhere in the system, use a single sign-on and email address, and have immediate, round-the-clock access to collaborative tools. But the most important benefit, developers say, lies in the service’s ability to run a single, consistent, standards-based network environment, not many such environments across major commands. The transition is being overseen by the Air Force Network Integration Center (AFNIC), located at Scott AFB. Command of the network will reside with the 24th Air Force, the service’s recently established cyber command, which is under Air Force Space Command (AFSPC). General William L. Shelton, www.MIT-kmi.com
Transportable Communications “Micronized”
Micronize [mahy-kron-ahyz], verb The new definition: The art of making an existing product smaller, lighter, and more portable, while drawing less power and retaining the highly desirable characteristics of the original, such as reliability, ease of use, ruggedness, security from hackers, and flexibility.
Introducing SLICE® IP Micro: the full-featured SIP call manager the size of a hardcover book. Measuring just 26 x 15 x 5 cm (10.3 x 6 x 1.9 in) and weighing less than 1.3 kg (3 lbs), SLICE IP Micro is small enough to fit in the overhead compartments of commercial aircraft and light enough to carry in one hand. Powered by REDCOM’s TRANSip® IP technology suite, SLICE IP Micro supports up to 3,000 VoIP subscribers, AS-SIP, MLPP, dual-stack IPv4/IPv6, and configurable conferencing. The unit is powered by a regular laptop power supply.
Scan this QR code with your smartphone or visit redcom.com/micro to learn more
PROUDLY DESIGNED & MADE IN THE USA
standard acquisition process rules when we do our acquisitions. We try as best we can to meet a schedule, so we have to start acquisitions early on in the process. As we do the base by base analysis, we have found that it is very difficult, once you start an acquisition process, to go back in and say, now that we’ve figured out one thing at a particular base, we have to add something to our acquisition. But adding things to an acquisition is fairly difficult under the current process. So that is a challenge in itself—balancing the acquisition process with the speed that we need to move the migrations forward at.” To support migrations at each base, AFNIC relies on local contractors and a small team of people from the 690th Network Support Group, which goes on-site to help troubleshoot problems. While AFNet does not represent a full “tech refresh” of base equipment, hardware acquisitions are frequently necessary— new servers, for example, because the legacy network infrastructure has to be maintained until the transition is complete. Since the process involves both migration and consolidation, it is also gaining efficiencies in numbers of servers. “We generally have about 28 virtual servers that are deployed to a site, even when their exchange gets moved to a central location,” Davenport noted. “Those 28 servers reside on three physical servers in a virtual infrastructure, so we’re trying to leverage the new technologies that are out there to reduce the operations and maintenance footprint, as well as the sustainment footprint Migration Implementation in the out years.” For the future, AFNet planners are already thinking about Although the first efforts to move to a “single force, single potential links with the other military services. “The Army is domain” architecture in the Air Force began as early as 2000, the going through its email migration, and we have had some inforproject really got under way around 2005, when the Office of the mation interchanges, so that we can look at what Secretary of the Air Force called on AFNIC, then they have done. The next step we have with the known as the Air Force Communications Agency, other services is to sit down with the Army and to develop a single-network design, recalled Nick have our technical people talk together and do a Davenport, program manager for AFNet transisynch-up of lessons learned and issues they have tion. The implementation began in 2009 with a seen in their migrations, and what we have seen migration at Keesler AFB, Miss. in ours,” Davenport said. The migration has been a relatively lengthy “What we’re doing is posturing ourselves inside process because the array of legacy networks, the Air Force, through this migration and consoliequipment and mission is unique at nearly every dation, to be able to take advantage of offerings base or other facility. “Each location is pretty diffrom the DoD level for enterprise services, such ferent, in areas such as where their mail services Nick Davenport as email, a collaboration environment or any serare located, how they have set up their Active vices that would benefit greatly and are not solely Directory and what type of group policy they Air Force services. We want to make that transition have,” Davenport explained. “Each base is its own as easy as possible for Air Force users,” he noted, while adding, analysis each time, so it’s impossible to go in at this level to do “Obviously, there are certain things that will remain in the Air a migration of each domain without going into each subdomain Force for the long term.” and look at the unique aspects of it. That’s what we do base by base as we move through the migration.” While a goal of the project is to offer standardized, enterpriseIndustry Role level services that are needed by everyone, such as authentication, email and SharePoint, each location also has specialized In addition to local contractors, several companies with needs that may require a customized approach—for example, a national scope have been working with the Air Force on AFNET. medical unit that has to have certain group policy exemptions. General Dynamics, for example, first began supporting the “That is a life and limb type of situation, so we go in and ask, AFNet program in 2003, evaluating options for the Air Force to how do we make that work in the AFNet? It requires some engiimprove the security and operation of the enterprise network. neering and design expertise to go in and say, we need to enable To carry out the initiative, General Dynamics was selected reachback, and eventually to be able to bring this service from as a partner with a two-year contract valued at $35.7 million the legacy into the AFNet,” Davenport said. issued in 2009 by the Air Force for a redesign of the netThe other big challenge in the program as a whole is the work to include configuration, testing and deployment of the acquisition process, he added. “We continue to operate under the new intranet. General Dynamics consolidated more than 100 commander of AFSPC, told Congress this spring that consolidation into AFNet was a “top priority.” Along with AFNIC, the Air Force Electronic Systems Center (ESC) is also involved with AFNet, providing systems engineering and life cycle acquisition expertise, and exercising responsibility for the modernization, fielding and sustainment of AFNet capabilities. The way for full deployment of the network had been cleared earlier this year, when a report by the Air Force Operational Test and Evaluation Center report found that the first increment of the system was “suitable, effective and mission capable.” The gateways installed under the program have already been extremely effective in detecting and blocking malicious software and intrusion attempts, according to Michael Kaplan, chief, AFNet Systems Branch, Cyber Integration Division, ESC. “In an average quarter since they went operational, approximately 25,000 malicious intrusions are blocked, 130,000 viruses caught and more than 225 million pieces of spam detected and blocked.” Due to web enablement of mission applications and the decision to allow social media use on the Air Force network, the gateways are handling far more throughput than was originally planned and spurring efforts to increase the throughput capabilities of the gateways, Kaplan indicated.
16 | MIT 15.10
worldwide network interfaces to 16 gateways; integrated more than 80 new and existing components into the network; conducted developmental and integration testing to ensure functionality and introduced new security tools to protect and defend the network from intruders. These efforts improved security by blocking unauthorized incoming message traffic, which was more than 60 percent of the total incoming message traffic and was comprised mostly of malicious emails or spam. The program also enhanced situational awareness and intrusion prevention capabilities. Serco, meanwhile, is assisting the AFNIC in developing the AFNet roadmap, modeling operational mission threads on network management, security, cloud computing, and the interconnected transport layers of the air, space and terrestrial domains of cyber superiority. AFNIC uses Serco architectures as the baseline for decision briefings to the commander, AFSPC, provide program guidance to acquisition programs, and identify capability requirements for Cyberspace Command and Control and Situation Awareness that supports improvements for the 24th Air Force operations centers. Serco is also assisting the Air Force Command and Control Integration Center in developing future requirements for the airborne layer of the AFNet, and enabling them to build in interoperability with the other components of the Air Force and joint network environment. The AFNet architecture shows both a systems requirements and business process view of how the
Air Force will transform its information enterprise from being base-centric to becoming net-centric. A central component of the company’s approach to developing interoperable solutions is to leverage current architecture development work it is undertaking for AFNIC. In addition, NCI was recently awarded the AFNet Requisite Engineering Support (ARES) competitive task order, under which the company will provide engineering and subject matter expert implementation support services for critical programs within the Air Force Electronic Systems Center’s AFNet Support Branch. The 22-month task order, announced in September, represents an award value of approximately $23 million. The ARES task order provides technical and subject matter expertise across 13 separate support areas, including: engineering services support across the AFNet enterprise, vulnerability life cycle management system integration and operational support, and AFNet situational awareness operational and engineering support. NCI’s engineers and subject matter experts will provide mission-critical support at 15 key Air Force bases. O
Contact Editor Harrison Donnelly at firstname.lastname@example.org. For more information related to this subject, search our archives at www.MIT-kmi.com.
BB-2590 Military Batteries BB-2590 Battery Charger The Lind BB-2590 Battery Charger is designed to charge a single BB-2590 military battery, with or without the SMBUS (BB-2590 battery not included). • Compatible with BB-2590 military battery and BB-2590 military battery with SMBUS • Velcro strap secures the connector to the battery to ensure a solid connection with the battery contacts • Green LED on charger indicates charging state • Other input cable options available upon request (some options include NATO Slave connector, bare wire lead or solar panel connections) sOMe BB-2590 Battery Charger iNput CaBle OptiONs iNClude:
NatO slave CONNeCtOr
Bare Wire lead CONNeCtiON
sOlar ChargiNg systeM POWER SPECIALISTS FOR MOBILE COMPUTING
1.800.897.8994 • email@example.com • www.lindelectronics.com www.MIT-kmi.com
MIT 15.10 | 17
Compiled by KMI Media Group staff
Optical Networking Platform Withstands Rugged Conditions In field deployment locations such as runway radio and equipment huts, network hardware must be rugged enough to withstand extremes of temperature and humidity. The temperaturehardened Fujitsu Flashwave 4100 ES Micro Packet Optical Networking Platform offers industrial-grade components, making this system an ideal choice for locations where there is no environmental control. Already proven in tens of thousands of environmentally challenging locations all over North America, the Flashwave 4100 ES system is not just durable. It’s also compact, only 2 RU high, and highly flexible. The modular backplane provides 12 service slots per chassis, and the system can support multiple combinations of DS1-3, OC-3/12/48, as well as Ethernet over any access medium. The Flashwave 4100 ES is
Tactical Smartphone Network to Support Marine Exercises The Marine Corps will soon be using a tactical smartphone network developed by Lockheed Martin to support humanitarian assistance and disaster relief mission exercises. The Marine Corps Forces Pacific Experimentation Center has acquired the MONAX system, which the Office of Naval Research purchased, a portable private 4G network that provides voice, data and video services through commercial Smartphone technologies. MONAX provides users with a 4G private network they can operate anywhere. This secure broadband network system connects off-the-shelf smartphones to a cellular base station infrastructure, enabling users to securely send and receive data rich information to its users. By using a secure RF Link, communications are protected through strong exportable encryption enabling the transfer of pertinent and sensitive information. MONAX can connect hundreds of users to a single base station, which is more than normal commercial carrier limits of approximately 40 per sector.
18 | MIT 15.10
the optimal platform for delivering high concentrations of SONET or MEF-certified Ethernet services in a broad range of demanding applications. Overall, the Flahwave 4100 ES is a space-saving, scalable, flexible platform that’s simple to configure, deploy and operate. It’s also resilient and hardened enough to function reliably in the toughest deployment environments.
Interoperability Command Certifies SATCOM Integrated Waveform The AN/PRC-148 Joint Tactical Radio System Enhanced Multiband Inter/ Intra Team Radio ( JEM) from Thales Communications has received Joint Interoperability Test Command ( JITC) certification for the Ultra High Frequency (UHF) SATCOM Integrated Waveform (IW). Thales’ SATCOM IW capability eliminates the need for war-fighters to carry their existing heavy, manpack tactical radio systems, and enables each member of the team to deploy with a fully interoperable, beyond-lineof-sight (BLOS) capability. The JITC certification gives users access to SATCOM IW on their fielded AN/PRC-148 JEMs via software upgrade, producing minimal impact on deployed radios and requiring minimal operator intervention. The IW upgrade will provide both commanders and users with
increased voice quality, higher data throughput, improved user HMI, and increased command and control capability on the battlefield, all in a smaller, lighter package. As the demand for SATCOM has increased in current operations around the world, SATCOM IW offers a significant increase in capacity over legacy Demand Assigned Multiple Access SATCOM. SATCOM IW, developed by the Defense Information Systems Agency, doubles UHF SATCOM capacity of existing communications services employing Time Division Multiple Access methods. The AN/PRC-148 JEM, an evolution of the battle-proven AN/PRC-148 MBITR, is the smallest, lightest, and most powerefficient tactical handheld radio in use today covering the 30-512 MHz frequency range.
Army Procures Radios for Eight Brigade Combat Teams Expanding its fielding efforts, Product Manager Network Systems (PdM NS), which is assigned to the Army’s Program Executive Office Command, Control and Communications-Tactical, has awarded a $66 million contract to Harris for the procurement of eight brigade combat teams (BCTs) worth of AN/PRC-117G radios. These radios will support the modernization of brigade combat team tactical communications and the LandWarNet/Battle Command G3/5/7 validated requirement to field the AN/PRC-117G radios to eight infantry BCTs in the first quarter of FY13. The AN/PRC-117G radios are also playing a key role in the Army’s Network Integration Evaluation being held this fall. The wireless AN/PRC-117G radio can simultaneously transmit voice and data. It allows troops to exchange large amounts of tactical data, such as video and biometrics. The radio can support small unit operations and connect the tactical edge with forces at company level and above.
Web-Based Satellite Antenna Controller Supports Easy Configuration Cobham has introduced a mobile TracStar Live Remote Interface (TracLRI) product, a web-based satellite antenna terminal configuration accessory. Cobham’s TracLRI communicates with any TracStar antenna controller unit and allows the user to easily configure and remotely monitor satellite auto-acquisition operations using a standard web browser available on a variety of devices such as PCs, tablets and smartphones. In addition, the TracLRI incorporates the patent-pending TracPSD feature that automatically mitigates
certain types of satellite interference by managing the power spectral density input of the antenna. The TracLRI can store hundreds of custom antenna profiles for many combinations of modems, RF equipment and satellites. It also provides intuitive, web-based access to satellite alignment and performance data making it possible for users to globally manage their remote terminals. The TracLRI includes the following functionality: TracPSD—automated mitigation of satellite interference due to excessive power spectral density; Ethernet-based
(wired or wireless) access to the antenna controller; advanced modification of parameters including satellite setup, scan and mode settings and modem setup; custom profiles for major satellite modems and satellite networks; pre-stored parameters allow end-users simple one-button “Run/Deploy” and “Stop/Stow” for multiple satellites and networks; built-in display of antenna acquisition parameters, alert status, signalto-noise ratio, signal strength, azimuth, elevation and polarization; and local and remote system diagnostics.
Natural Interfaces Enable Faster Decision Making Adapx has announced a new contract with the Army Research Laboratory’s Simulation and Training Technology Center to build advanced speech and sketch interfaces for course-of-action simulators. The Capturx natural interfaces enable commanders of small units to model outcomes faster and improve decision-making without the distractions and data-capture obstacles of today’s complex C2 and C4ISR interfaces. The RDECOM contract covers Adapx technology, which commanders can use to create digital courses of action by speaking commands as they sketch on digital maps using touch-screen computers. Commanders will be able to enter data into computer simulators by using their standard operating procedures—speaking in natural military jargon and sketching plans and military symbols on maps. With the click of a button, the spoken and sketched commands become digital courses of action for immediate simulation. Warfighters can
easily capture the structured data required by simulators without the extra time and distractions of cumbersome menu- and keyboard-driven computer interfaces. Capturx Command and Control Solutions enable warfighters to quickly capture ISR data or create digital courses of action using speech and sketch with touch-screen computers in vehicles or Android handhelds when dismounted. With Capturx Forms and GIS solutions, warfighters can instantly capture and share data written on paper forms and maps using digital pens which integrate data directly into central databases, GIS, and C4ISR systems.
Alliance to Develop Military/Aerospace Router and Network Security Appliances
GE Intelligent Platforms and Juniper Networks have agreed to work together to develop a family of rugged, highly secure routing and network security appliances designed for military/aerospace deployment in harsh environments where security of data is paramount. The resulting solutions will be sold by GE Intelligent Platforms. The RTR8GE is the first product to be announced. A battleready, rugged and security-focused network router, it features the comprehensive field-tested Junos operating system from Juniper Networks. Juniper Networks’ Junos operating system offers a comprehensive list of dynamic, robust features that provide intrusion prevention and detection, firewalls, packet inspection, authentication and access control. Its firewall, intrusion prevention and detection, and extensive quality of service capabilities enable secure IPv4/IPv6 connectivity for military vehicles, aircraft and forward operating bases supporting net-centric operations. The RTR8GE has eight Gigabit Ethernet ports integrated in a SWaP-optimized enclosure that meets the demanding environmental requirements of military/aerospace applications. The RTR8GE router supports radio-aware router protocols that monitor network efficiency, available bandwidth and regulate traffic flow, choosing the most efficient network route in mobile, ad-hoc battlefield network environments. It also includes anti-tamper protection and information-assurance technologies in recognition of the sensitive nature of the data it is designed to transport.
MIT 15.10 | 19
Strengthening the Ability to Share Information Quickly and Securely Teri Takai Chief Information Officer Department of Defense Teri Takai is the Department of Defense chief information officer (DoD CIO). She serves as the principal adviser to the secretary of defense for information management/information technology and information assurance as well as non-intelligence space systems, critical satellite communications, navigation and timing programs, spectrum and telecommunications. She provides strategy, leadership and guidance to create a unified information management and technology vision for the department and to ensure the delivery of information technology based capabilities required to support the broad set of department missions. Takai previously served as CIO for the state of California. As a member of the governor’s cabinet, she advised on the strategic management and direction of information technology resources as the state worked to modernize and transform the way California does business with its citizens. As California’s CIO, she led more than 130 CIOs and 10,000 IT employees spread across the state’s different agencies, departments, boards, commissions and offices. Prior to her appointment in California, Takai served as director of the Michigan Department of Information Technology. In this position, she restructured and consolidated Michigan’s resources by merging the state’s information technology into one centralized department to service 19 agencies. Before serving in state government, Takai worked for the Ford Motor Co. for 30 years, where she led the development of the company’s information technology strategic plan. She also held positions in technology at EDS and Federal-Mogul Corp. She earned a Master of Arts degree in management and a Bachelor of Arts degree in mathematics from the University of Michigan. Takai was interviewed by MIT Editor Harrison Donnelly. Q: How would you describe your vision of your role as DoD CIO? A: The vision for the organization is really an interesting one, in that we have several roles to play within DoD. One of them is our role to represent the Secretary of Defense as it relates to information technology matters, for instance in international forums, particularly in working with NATO. We’re responsible for the position, navigation and timing [PNT] activity, and are a part of a committee that looks at PNT activities across the federal government. Another big role we play is as the Secretary’s representative in negotiations relating to spectrum. So these are some functions that are a critical part of what we do, and I like to talk about them because I think they sometimes get lost in the broader role that we have. The second area we’re focused on now is to look at how we use technology across DoD. Our current estimate of budget is $38 billion of IT spending. The challenge for us, with the increasing budget pressures, is that we’re going to need to take some efficiencies in terms of the way www.MIT-kmi.com
we use IT, and the way we spend on IT. Of course, we’re also getting pressure from OMB to be part of the overall savings. One challenge for us is to look at the way we’re spending money and ask whether we could spend it more effectively if we didn’t spend it in the stovepiped way we do today. The second thing that goes along with how DoD uses technology is for us to operate well as an enterprise [with] information sharing, and our ability to provide information to those in the organization who need it, and particularly being more able to easily share information closer and closer to the warfighter, and then finally getting it to the warfighter. Right now, many of our legacy systems and networks aren’t necessarily architected to be able to do that. We believe the enterprise approach is extremely important, so that moving forward, we can start to break down those barriers and really be able to do true information sharing. The third piece of this is that, when you’re going to be doing information sharing, you also have to make sure that it is well secured. So the challenge for us also is that because we architect our IT solutions differently now, it’s very difficult for us to assure security at all times— things like a uniform, standard way of getting our patches out there in a timely fashion. We get it done, but it’s different in different areas, and it’s difficult to track what’s getting done because we have so many different environments. So it’s really three different reasons, but it gets you to the point where we’re looking at IT much differently. Everyone asks if this means we’re going to have one standard way of doing it, or that this is going to be consolidation and people are going to be restricted by what they need to do. The answer is no. We’re so big, there’s no reason we have to do it only one way, but we certainly don’t need to be MIT 15.10 | 21
doing it the thousands of ways that we’re doing it today. There’s a happy medium in between. The vision that we’ve laid out is that we want to see the military services moving in this direction, and they are. Each of the services now has an efficiency plan that includes how they are going to operate as their own enterprise. What we need from my office is to be able to create the services they need from an overall technology perspective— things like email and identity management. Those things shouldn’t be created on a military service-by-service basis, but should be architected across them. Then each group can use those services and be able to architect them into their solutions. That still says that we have to be able to find and architect the technology solutions that allow us to do information sharing between the military services, because we have to make sure that the combatant commands have the information they need. While the services do their mandatory recruit, train and equip function, we have to make sure that the COCOMs also have the necessary information. It’s a piecing together of all those, to get to the point where we can share information very quickly when we need it, and be able to do it securely. That’s the bottom line that we’re trying to get to, and there’s a lot of intermediate steps along the way. Q: What is the current status of the reorganization of the former office of the assistant secretary of defense for networks and information integration (NII) structure? A: We’ve been through a reorganization process that started before I came on board, when Secretary Gates said he would like to see the office reorganized to be able to focus on many of the things we’ve talked about. Secretary Gates signed out direction to us before he left. The salient points of that direction are that DISA will remain a single combat-support organization, under the CIO. The CIO will be renamed from the NII/CIO to being just CIO. Having said that, many of the responsibilities that we have remain the same—we’re responsible for the overall architecture direction and the areas that I talked about earlier. One of the key areas that’s changing is that we are also doing some acquisition functions. Those functions will be going to AT&L. My role will still be a part of the acquisition process, in an advisory role, but we won’t have a governing role. That part of the overall process in the building is assigned to AT&L, and those governing functions I currently oversee will move to AT&L. The other piece of the reorganization is that it states that there will be a close relationship between the DoD CIO and CYBERCOM. There was recognition that, in working with CYBERCOM, USD Policy has a major role in terms of setting policy as it relates to any type of military operation. But there needed to be a technology group as well that partnered with CYBERCOM, because they’re looking at what type of technology solutions that they need to operate, protect and defend the network, and the technology is a big part of them being able to do that. We have a very close working relationship, so that as I’m looking at how to restructure the technology, it fits with what CYBERCOM needs in order to do their role. That was informal before, but will be more formal as we move forward in our relationship. Q: What do you see as the biggest challenges facing DoD in the field of information technology? A: Interestingly, I don’t think our major challenges are the technology itself. Our major challenge is to be able to protect, and also get better at deploying new technologies quickly. I know we tend to blame that on 22 | MIT 15.10
the acquisition process, which I think is a bit of a misnomer. It isn’t our acquisition process; it’s the full suite of processes that we use to bring on new technologies. They have grown up over time, and were built for very large IT implementations. The world is going to much faster, more agile deliveries, rather than the big projects that we were used to. We’re not equipped, from a process perspective or the way we’re organized, to take advantage of that. That’s one of the reasons we’re working with the military services and other CIOs to get a better governance model, so we know what we’re spending on, moving toward more standard approaches in the way we do things. We’re trying to take some of the areas I’ve talked about, such as enterprise services, and rather than everyone creating their own, have a service that people can use. That’s an efficiency, but it also impacts where we’re going. Our challenges are around the fact that we’re decentralized. We tend to create the same technology solutions over and over in our different areas. We have to understand the fine line between when we want a standard service that people use, and when we allow the flexibility so that everyone has the capability to do their job. That’s a challenge, not only at DoD but across all IT organizations. How do you put enough rigor in to allow people to go faster, but not so much that it inhibits innovation? Q: What has surprised you most that you have learned since taking the job about DoD information programs? A: It’s the standard thing that everyone says coming in from the outside. Clearly, the size, scope and complexity make it more difficult to utilize past experiences. The end game we’re shooting for is pretty similar. But here, because we’re so big and so dispersed, and we have the man, train and equip responsibilities with the services, as well as the COCOMs’ responsibility to drive execution, it’s an interesting dynamic as to how you set up the technology so you can satisfy both of those requirements. The other thing is that our issue here isn’t that we need to leverage more technology or think about why we need more technology. The demand for technology is already there. The challenge we have is how to do it effectively, securely and in a way that we can share across the organization. We have technology in everything—we just need to make sure it fits together. Also, it’s a learning experience to understand how senior leaders, who are largely appointees, work with the civilian staff and the military. That’s a dynamic that you can’t necessarily guess into, unless you were actually here. Q: What do you think will happen to DoD IT programs in the expected coming budget tightening, and what is your office doing to prepare for it? A: We know that we have to become more efficient. The secretary has asked us to do that even ahead of the most recent budget efforts. Each of the services has an aggressive plan for how they’re going to reduce their information technology spending. One part of that is data center consolidation, but that’s just the physical version of the need to virtualize, standardize and reduce duplication. All of those are part of what the military services are doing. They’ve tailored their plans to their unique requirements. But we also believe that DISA can come in and start to provide services that are much more uniform across the organization. The Army is making use of DISA services heavily, and all the military services have some pieces of that. What we’re trying to do is get DISA to the point where it can be a more ubiquitous services organization. General Pollett and his team have done a fabulous job already with www.MIT-kmi.com
things like enterprise email and standing up their data center services. We want to continue on the path that his team is working on now, to offer more flexibility, services and platforms, in order for that to be an option for the military services rather than doing it themselves. Q: How would you assess the current state of cybersecurity in DoD, and what is your overall strategy for addressing that issue? A: First of all, U.S. CYBERCOM has done an outstanding job of understanding the challenges and helping to mobilize us around the issues, and then expressing some of the things that we need to do as an organization. That’s been very helpful, because it brings it all together and gives us a way to address it. My role in that is, on the defense side, to look at how our networks are structured. We’ve built them up over time, and there’s a reason why they are the way they are. But in order for CYBERCOM to be able to continue to effectively do their job, there are some things that we need to do. We have to cut down on complexity, while also finding that fine line between less complexity and not increasing our vulnerability by standardizing too much. The second thing is that we have to build resiliency into the networks. It’s no longer a question of protecting the perimeter. We know that there are intrusions into our network, so how do we detect them quickly, react to them, and make sure our networks are resilient in the same way that any of our other planning would be? That’s my role—to look at what CYBERCOM’s needs are, and then work with DISA and the services to get the direction out that says this is how we need to look at an enterprise in order for CYBERCOM to be able to do what they are responsible for. We always have a discussion about whether if we spent more money we would get to 100 percent. No one is ever going to say it’s 100 percent, but I think the mechanisms we have in place, and the priority that all of us are putting on it, makes a big difference in terms of us being prepared. Q: What do you see as the opportunities and challenges in moving to greater use of cloud computing in the department? A: It’s interesting, because the concept of cloud computing is most effective after you look at standardization and moving to common platforms, and being able to use the services. That’s really what cloud is about—you use services, you don’t set up infrastructure. What we’re doing now is that the military services are moving to more standardization, consolidation of data centers and virtualization. They’re in some ways creating their own private clouds within their data centers today, and maybe multiple ones. We’re moving to a cloud structure by looking at how we’re going to do things from an enterprise perspective. The second thing is that we’re actively participating with the federal CIO in their efforts on the Federal Risk and Authorization Management Program, which is about how we set the criteria for commercial cloud providers in order to meet government security standards. We’re using the National Institute of Standards and Technology standards to come up with a certification process, and DoD will be one of three organizations that sits on a board. We’ll bring that into DoD to make sure that we’re getting clouds together, and getting ready to do cloud computing. We’re also looking at who would be the right commercial providers to work with us, and what would be the criteria to ensure that they were secure and that we could do the data sharing that we need. We’re focused initially around infrastructure as a service in the cloud, and we’re going to be moving to the area of platforms. There are also some 24 | MIT 15.10
enterprise services, like email. If you look at the email service that DISA has stood up, it’s pretty much the equivalent of what you would call an email cloud. We haven’t tended to call it that, but the concept of being able to plug in and buy the service as you need it is what we’re moving to. My office is working on an overall cloud strategy. It’s currently underway, and we’re working with the services. We hope to have that out in the next few months. Q: Are you pleased with the progress on data center consolidation? How will you know when the process has gone far enough? A: The progress is going well. It’s a difficult situation, particularly because we’re trying not to spend upfront money. That means that we’re trying to do it within the budgets we have. Some organizations, when they do data center consolidation, need to take money upfront to do that, but we’re trying to keep our spending contained. We’d like the process to go faster, but we’re doing it within the constraints that we have. I don’t know whether there will ever be an end state where the process has gone far enough. Right now we’re focused on virtualization and floor space, and data center consolidation within each of the military services, because that’s a great way to start. As we move to more and more cloud services, whether private or commercial, we’re going to be changing the way we provision. The number of data centers we think we need today, particularly with the way technology and sharing are going, may have to grow in the future if we decide to put more services into DISA Defense Enterprise Computing Centers. Or we might decide that it makes sense to bring the Army and Air Force together for particular applications. So I don’t know that there is a number that is the end game. I think that the concept of continuing to shrink our footprint, and offering more from the standpoint of services, as opposed to counting how many boxes are in data centers, is going to be the way to move forward, as a part of the way we architect the solution. Q: What are some of the other issues that you are spending a lot of time on? How do you prioritize what topics need more intensive attention by your office? A: Some of the topics that I have been spending a lot of time on now, and more than I originally anticipated, are in the area of spectrum. There are several areas that require attention now, including the need to have DoD be a part of the president’s plan to free up 500 megahertz of spectrum, and the recognition that we are going to continue to need more spectrum as we move to more and more wireless devices. Even for us, unmanned capability requires spectrum. I’m spending more time on the question of how we free up more spectrum to meet what the president has laid out. Secondly, spectrum has become a subject of great interest around the idea that there is an opportunity for revenue from a spectrum auction. We’re getting questions from Congress about what that could be. The third area concerns ongoing questions about companies that want to utilize spectrum differently. We have to represent national security concerns on that. It’s one of those things where if the topic comes up, you really have to spend a lot of time on it, because there are so many implications. The other topics that have been good opportunities include being integrated into what the other future needs of the organization are. There are acquisition programs that are looking at space, and we have a space council that looks at the future use of space. Those are things that we need to be involved in, because they are ultimately going to affect the way we lay out our information technologies. www.MIT-kmi.com
The prioritization question is a difficult one. I find that I have to work hard not to have my days run by my calendar. One of the things we’ve done in the organization is to make sure that we have some standard time slots during the week to focus on our long-term objectives. We set out time to be able to work through, at a fairly detailed level, the technical solutions that go with our long-term vision. For example, this week we looked at the way we think about our future network architecture, and how security would be built into the network. We spent an hour on that this week, just to make sure that while the calendar is running, we have our priorities straight. The second thing we’ve done, but haven’t released publicly, is to complete a campaign plan. We decided that it was important, since the organization is changing and people are going to be moving out, that we had written statements of things like the deliverables—some of them were the ongoing deliverables, and some were the more strategic deliverables. We have that for all of the work that we’re doing now, and are in the process of creating a summary, so that we can get it out publicly—so the corporate community, for example, can see what we’re working on. Then we’re going to take that as the springboard for our strategic planning for the following year. It’s also going to be the springboard for joint strategic planning between us and DISA, because DISA has developed a campaign plan as well. So now we have the specificity among the two groups, where we can look at where we have overlap, where do we have to work together, and where are some things that aren’t as well synchronized as we need them to be. That will then lay the plan to set the objectives for 2012, so that the organization can keep moving ahead. We’re working our way through the organizational change, and getting ourselves organized to stay on target, and make sure we’re delivering what the Secretary needs. Q: Could you point to some DoD IT programs and initiatives that have especially impressed you but perhaps have not received the attention they deserve? A: Every time I have an opportunity to get into the specifics of a particular program or what a particular group is doing, I’m impressed. My most recent example is that I had an opportunity to go out to Quantico, Va., and visit with the team there, which is managing cybersecurity. What a fabulous group of people! You can’t help but be impressed by the work that they are doing, the dedication they have, their understanding of the issues and their ability to work through them. I look at the work that the Army is doing around enterprise email, for example. They were the lead, and said they were going to do this. They did a cost justification, worked with DISA to make it happen, and took a very measured approach to the way they’re doing it. People in the private sector might say—enterprise email, that’s a no-brainer; why would you not do that? You can’t appreciate it until you see it in our context, with the size, scope and global reach of doing it. It’s not the same as even in a larger corporation. If you look at the Air Force, for example, they’re doing a tremendous amount of work in terms of establishing their architecture and deciding how they’re going to move forward into cloud computing. It’s very measured, and in fact we’ve used their documents as an example for others, to see how you architect what you’re doing. You can look at the work that the Navy has done around standardization, and how difficult it is for them to get a platform that works not only on a base, but also on a ship. They have a number of pilot projects now on mobile computing, which is another area that we’re focused on—how you use commercial mobile devices. We have so much good stuff going on, but we tend to look at just how big we are and how much money we spend. There’s a huge www.MIT-kmi.com
amount of good work going on, and we just want to be able to harness it, do more sharing, and get it out there more quickly. We think we can do that by working together as part of the enterprise. Q: How has your background in private industry and state government shaped your approach to your position? A: From a private industry standpoint—and this was also true when I went from the private sector to state government—the challenges of how to run IT and how to do it in a way that you have enough standardization to be able to run efficiently, but not so much as to cut down innovation, are something that the private sector does. I was talking with the CIO at Intel, and they are going through the same thing. They have gone through a data center consolidation, and they have used that as a forcing function to create their own private clouds, because they felt they had the capacity to do that. They are looking at how to introduce mobile devices. The difference at DoD is our heightened sense of cybersecurity. While it’s important for them to protect their proprietary information, it is a different context from protecting information that is vital to national security. Our focus from a security perspective is significantly greater than what any private sector company or state government would have. From a state government perspective, we were very concerned about privacy protection of individual’s data, because we held driver’s licenses, tax returns and other information about an individual. But we didn’t hold information that was vital to national security. It’s a very different focus. State government was a great preparation in many ways, even though there is nothing like having federal experience. State government helped me understand the dynamics between different government entities, and the relationship between the executive and legislative branches, although it’s different here in dealing with Congress. Nonetheless, my experience with some of the concerns that any legislative branch has about how money is being spent, and about accountability, has been very helpful. It was also helpful from the standpoint of understanding the level of media interest, and the kinds of information people are interested in. State government helped me with that, because I had no experience with it at Ford Motor Company. Also, even though I was with the largest state government with the largest budget, my IT budget in California was a tenth of what the technology budget is here. There are differences, and the politics are somewhat different, but there are many things in state government that were helpful. On the spectrum issue, for example, I looked at what the state needed, and what it took to get capability out. Now, I’m on the other side, seeing how defense uses spectrum, so that’s helped give me perspective on the challenges facing government on spectrum issues. Q: Is there anything else you would like to add? A: I had an opportunity to be with the Women in Defense group recently, and the thing I talked about was how enormously impressed I am with the quality, integrity and determination of everyone in this organization to do what is necessary for the warfighter. That is paramount in everyone’s mind. We have a role in that, even if it is not always a direct one. But the need for information to support is the thing that drives all of us in DoD who are working on technology. Sometimes, that’s kind of unsung. People may not realize how much time and dedication goes into making that happen. It’s been a great honor and privilege for me to have an opportunity to serve in this position. I’m very grateful for it. O MIT 15.10 | 25
IP Over Satellite Its role is changing, but will industry be the last to know? By David Howgill
26 | MIT 15.10
In the past few years, using satellites in a global IP network has continued to be seen as a necessary evil to allow the extension of communication services to the farthest reaches of the world, where no one but the military or extreme adventure seekers would ever wish to go. While this view has long extended the mystique of the satellite industry and the “magic” we use to perform the miracle of ubiquitous service to all corners of the globe, it has also served to perpetuate the industry as a thorn in the side of a wider, ever-more open-standards and commodity-based IT industry. The wider IT industry has long embraced IP as the central driver to increasingly productive networks, and optimization of that IP as the enabler for dramatic operating cost reductions, new platforms, network-hardening security tools and even the basic pleasures of “Angry Birds” on an IP-driven smartphone. The whole world now embraces IP, from smart refrigerators to smart weapons platforms, and from smart interoperable tactical communications systems to the latest smart automobiles. Now, after many years of IP bending to the will—and technology limitations—of the satellite industry, we are beginning to see a sea change in approach. The “big boys” of the IP world have finally realized the fact that space is the final frontier, and that there are myriad rewards awaiting the IT industry if they can get the satellite industry in line on IP-based platforms, finally enabling affordable, seamless managed networks around the globe. The early signs were seen in Hughes’ integrated Spaceway and Jupiter designs, and further complemented by ViaSat and Eutelsat’s long-expected Ka-band platforms. But the battle lines were really drawn with Cisco’s launch of a standards-based router on a hosted payload on Intelsat 14.
Exceeding Expectations Launched in 2009 and commercialized in 2011 after an extensive technology demonstration for the Department of Defense and coalition forces, Internet routing in space (IRIS) has far exceeded operational expectations and is now a reality. So, what did IRIS bring to the world? With just three initial transponders, IRIS (or OS-IRIS as it is known commercially on IS-14) is able to directly interconnect sites from the Baltic Sea to the tip of South America, from Oregon to Libya or from Washington to the capitals of Europe—all with dishes of 2.0 m and less. The platform offers multi-megabit duplex throughputs, single-hop latency and even meshed C- to Ku-band direct connectivity, for example tactical Ku-band in Africa to a C-band station in Los Angeles in a single hop. It also offers mesh networking without power balancing for new or removed sites and bandwidth efficiency gains of up to 50 percent, depending on traffic patterns.
MIT 15.10 | 27
IRIS technology manages all these improvements by replacing modem intelligence with router intelligence, reversing years of satellite industry-mandated proprietary systems with an open, globally embraced standard. The RF portion of the network reverts to what RF is good at: creating and maintaining a connection to the satellite. IP is then able to do what it is good at, which is running a network over any transport medium, now including satellite. All good things, one would think, so why have so few heard of it? Aside from the image of an industry well known to be cautious of and slow to adopt new technologies, IRIS has actually created a groundswell of activity in the satellite industry. Notably, government agencies are planning and implementing exercises to emulate the operational gains from IRIS by updating existing infrastructure for IP optimization. They are seeking to pool capacity together on satellite platforms to capitalize on statistical multiplexing gains and modern mesh, and looking for new technologies to help reduce the latency effects across continents that are inherent to satellites. They are also looking to attain better value for money with greater application compatibility for the future. All of these are features, functions and benefits ably proven by IRIS-enabled capacity, along with the Holy Grail of dynamic spectrum allocation between sites. The real question now is, “Why are they doing that?” These tests and exercises are looking to find ways to optimize bent-pipe infrastructure for the future—a laudable approach, especially since average satellite life spans are now more than 15 years,
and we need to get more out of them. However, it is a little scary to note that so far, no announcements have been made that any of these plans actually include another IRIS-hosted payload or fleet of enabled satellites that would truly allow seamless integration of the terrestrial telecommunications and wireless IT worlds with the “mystique of space.” Domestically, only a few are even taking advantage of IRIS’ proven architecture as a model to achieve these goals. There are signs that the international sector is moving quickly now to embrace—and indeed lock down—IRIS’ existing commercialized managed services bandwidth. Concurrent with this, there are signs that the telecommunications industry, government and leading industrial companies are once more on the search for network optimization and the ubiquitous availability of true, seamless IP networks that allow them to control all policy routing, bandwidth prioritization, security functions and network access from their standard procedures while not breaking down the network into satellite, wireless and terrestrial components.
IT Pays Attention This has clearly drawn investment and involvement from Cisco, which gave the industry IRIS. It has also clearly grabbed the interest of the competition, such as Juniper and others, as well as the attention of the IT world, as we see Citrix, SAP and others becoming more effective over satellite. But it still doesn’t really seem to have captivated the satellite industry. We continue to see more bent-pipe solutions without in-orbit optimization, optimization being shoehorned into proprietary products and waveforms, and government and industry saying they are looking to optimize in the future—but then choosing the proprietary path. All of this raises a dilemma. As international space assets become more prevalent and successful, will the international community leapfrog the U.S. in satellite capability by embracing a global approach to true IP over satellite first? Or are we finally at the turning point where the U.S.-dominated IT world has had enough and will dictate to the satellite industry to get it done via IRIS or another innovation? Time will tell, but I suspect that the decision is coming fast in a world where global IP throughput is expected to triple in five years, and IT departments need to keep pace with both bandwidth demand and tightening budgets. Wireless technologies are quickly showing us how older, stagnant technologies can be leapfrogged. So let’s not let it happen in satellite, as it has in ground infrastructure. My suggestion is to take a closer look at the latest generation of uninterrupted IP solutions over satellite, and judge for yourself today in order to make informed decisions for tomorrow. O David Howgill is the Government Solutions Group services product manager for TeleCommunication Systems Inc. (TCS). IRIS on Intelsat 14 is commercialized by TCS, an integrator of global IT end-to-end solutions, including satellite, cellular and wireless communications.
Contact Editor Harrison Donnelly at firstname.lastname@example.org. For more information related to this subject, search our archives at www.MIT-kmi.com.
28 | MIT 15.10
DISA uses data-melding technology to enable senior leaders to understand events and make decisions faster. By Karen E. Thuermer MIT Correspondent The Defense Information Systems Agency (DISA) was facing a challenge. It needed a secure real-time dashboard solution that would combine data in order to present situational information from hundreds of disparate services to commanders on secure Department of Defense networks. In meeting its goal of providing the network, computing infrastructure and enterprise services to support information sharing and decision making no matter where the information is located or sourced, DISA needs to facilitate a seamless exchange of information that can be consumed anywhere on secure networks globally.
MIT 15.10 | 29
dashboard solution supporting various mission threads and operational needs. The vision behind the NSLDSS is that senior leaders and watch officers will have real-time situational awareness directly tying into authoritative data and systems available across the various security domains that exist within the Department of Defense and intelligence community. “The JackBe technology enables users to evaluate information and make composite services dynamically,” Hazelwood explained. As part of this effort, Hazelwood noted, the DISA CTO, in concert with the vice chairman of the Joint Chiefs of Staff (VCJCS) and J36 in the Pentagon, was able to use the JackBe mashup technology to combine and orchestrate services (information and function services) based on the DoD operators’ need and requirements. “Also, this mashup technology allowed users to filter down the data based on a user preference so that only the information needed was provided by the available data services on the Global Information Grid (GIG),” he said. “In addition, the mashup capability enabled us to develop composite services by combining and orchestrating various services together while leveraging the NCES foundational services provided by the Program Executive Office-Global Information Grid Enterprise Services.” The goal of NSLDSS was to create an ondemand environment using Web 2.0 standards and practices to allow it to be portable and centralized, and follow the very stringent governance Secure Dashboard policies of the data enclave. “By reducing development time through DISA selected Presto because it works in mashup-driven connections to live authoritative conjunction with existing government off-thesystems and delivering dynamic visualizations shelf infrastructure to create a secure dashboard in real-time, the solution resulted in improved solution supporting various mission threads and Thomas F. Hazelwood military response times to mission critical events operational needs. of national significance,” commented Chris WarA key benefit of Presto is that the dashboard ner, vice president of marketing at JackBe. “This solution enables new insights in dynamic situextensible and modernized Web 2.0 situational ations through visually rich, secure enterprise awareness environment can be leveraged by all apps created from live data. According to JackBe, agencies within DoD.” Presto allows decision-makers the flexibility to In essence, the mashup technology is imporcombine data from any enterprise application tant to DISA in that it has provided military leadas well as data from the cloud regardless of its ers with tools for decision making and assisted location. Users can compose apps and dashboards the Joint Staff and the VCJCS in embarking on that are publishable to portals, the Web, spreadan approach to transform the way asymmetric sheets and mobile devices. and symmetric events are handled by senior DoD In 2008, the DISA Chief Technology Office Chris Warner leaders. (CTO), in collaboration with the Defense Intel“This mashup technology changed the way ligence Agency (DIA), made an investment in the email@example.com information is managed, evaluated and provided to JackBe Presto Enterprise Mashup Server software senior leaders during events occurring around the world,” said to meet a need to leverage exposed data through web service for Hazelwood. “It also allowed users to expose various information use by senior leaders. assets to GIG users.” “This capability was used in support of the Joint CapabilIn addition, the enterprise mashup technology provided the ity Technology Demonstrations (JCTD) effort called National ability to share information and collaborate with combatant Senior Leadership Decision Support Service (NSLDSS),” said commanders across the various mission spaces when events Thomas F. Hazelwood, chief engineer, Advanced Concepts required support by the National Military Command Center. Office, CTO, DISA. “This transformational effort leveraging the JackBe Presto By taking an enterprisewide approach, DISA could offer mashup tool enabled users to orchestrate services, combine the benefits of mashup technology to U.S. military personnel information and help operators make decisions based on critiworldwide. It selected JackBe’s Presto, in conjunction with cal data on the enterprise while reducing the amount of time to existing GOTS infrastructure, to create NSLDSS, a secure A particular challenge of aggregating disparate data sources across secure networks such as the NIPRNet, SIPRNet and the Joint Worldwide Intelligence Communications System involved the fact that the task required an extensive manual effort of gathering volumes of information from various departments and entities with varying security models. DISA needed a way to support senior decision-makers during events of national significance with a rapid situational awareness solution. Enterprise mashups—combinations of data from disparate systems that give decision-makers an actionable view of real-time operations—dramatically reduce the time and effort required to combine disparate data and provide a mechanism to easily share, customize and apply to like situations. A mashup is generally a web application that combines data or functionality from one source or more sources into a single, integrated application. The main characteristics of the mashup are combination, visualization and aggregations, which make existing data more useful. A number of vendors offer mashup capabilities. However, the ranks of providers of enterprise-level mashup software are more limited, including IBM, with its Lotus Mashup tools, Serena Software, with its Business Mashups offering, and JackBe. JackBe is a real-time intelligence technology firm, and its secure dashboard solution is called Presto.
30 | MIT 15.10
search for data in their individual commands,” he added. “This technology enabled senior leaders to leverage and reuse intellectual capital and intelligence collected across DoD. The mashup technology enabled us to support various missions like the Missile Events through Global Sensory Information Network at STRATCOM and the Operation Noble Eagle event out of NORTHCOM.”
Data Explosion Today enterprise mashups are solving important issues facing DISA. That’s because the data required for operational decisions is growing at an explosive rate, both in terms of volume, velocity and the number of sources. “As a result, operation decisions require today real-time access to data from many systems, and on an order of magnitude that we hadn’t seen just a few years ago,” Warner said. “Also, the time to make decisions is decreasing to the point where the only way to keep up with the demand is to have ‘self-service’ dashboard assembly and creation.” Warner sees the visual tools used for self-service mashup creation as a perfect solution to this multifaceted challenge. “Enterprises that embrace mashups, and the things that can be built from those mash- JackBe is a real-time intelligence technology firm that offers a secure dashboard solution called Presto. ups (such as rich decision-support dashboards “By making connectivity and data mashing to secure, authoritaand visual analytics), will have many significant advantages over organizations (and enemies) that do not,” he said. tive systems accessible to these tech-savvy, information-hungry people, we can radically increase productivity and reduce the Research has shown that a proactive, inclusive mashup solution time to value to just minutes and hours.” can improve operational efficiency, optimize the sales pipeline, This will provide analysts and knowledge workers at places enhance customer satisfaction and drive profitability by as such as DISA with the tools to better prepare and respond for much as 17 times, Warner said. “Within government, mashups unanticipated events, and help them make more effective decihave positively impacted strategic areas such as citizen engagesions in complex, dynamic situations. ment and satisfaction, financial transparency, project oversight, Meanwhile, the NSLDSS JCTD has been successfully comregulatory compliance and legislated reporting.” pleted and its technologies, including the mashup capability, Going forward, DISA is seeking the implementation of Straare now being transitioned to sustainment. tegicWatch, a mashup-driven situational awareness solution for “As such, we do not have a requirement for a follow-on DoD. According to JackBe’s Warner, the StrategicWatch project competition at this time,” Hazelwood said. “However, as part of is currently well underway. the DISA CTO task and mission, we continue to research and “JackBe has provided the StrategicWatch Program Manageevaluate new technology and capabilities available from the ment Office with its real-time intelligence engine, Presto, to commercial sector.” provide enterprise mashups to the StrategicWatch common The mashup capability is no different. The technology has operational picture,” he said. “Today Presto provides secure come a long way and different venders are making strides in the access to constantly changing data sources on military netmashup environment, which affords a robust future in DISA's works and allows operators to manipulate these data sources continuing competition of those requirements. in order to allow for self-service creation of user defined opera“We are planning to go out with an RFI to gauge the comtional picture.” mercial industry again in the next few months to evaluate how Based on demand from JackBe’s customers and partners, far the industry has come,” he indicated. O company executives expect to see four main areas of growth in mashups: self-service, collaboration, extreme dashboarding and analytics. “All of these are due to one simple megatrend: Technology Contact Editor Harrison Donnelly at firstname.lastname@example.org. and workers’ technical aptitudes have converged, which means For more information related to this subject, search our archives at they can now do things themselves that previously required a www.MIT-kmi.com. team of developers and months of effort,” Warner explained. www.MIT-kmi.com
MIT 15.10 | 31
Spearheading Change on Data Sharing Army Enterprise Management Decision Support system brings together data about unit readiness and resourcing from a diverse array of information sources.
By Harrison Donnelly MIT Editor
fallen to 40 to 60 hours per month with As the Army and the other services EMDS. move toward enterprisewide systems and As explained by Lieutenant Colonel information sharing across program boundBobby Saxon, EMDS program manager and aries, one initiative that is leading the way is division chief, and Chris Barnes, deputy prothe Army Enterprise Management Decision gram manager, the system evolved out of a Support (EMDS) system, which for the past desire to provide an enterprise information year has been efficiently and automatically baseline as it relates to manning, training, bringing together data about unit readiness equipping and stationing of and resourcing from a diverse soldiers, and to understand array of information sources. the second- and third-order EMDS is a SIPRNet effects of staffing and equipbased, web-enabled enterment decisions. prise solution that provides Barnes offered a concrete integrated data from 18 example of the kinds of issues authoritative data sources to the system was intended present a common operating to help with: “The main picture for units progressvignette that came out of the ing through the Army Force initial pilot was a unit at Fort Generation cycle. Lt. Col. Hood, Texas, which was short The goal of EMDS is Bobby Saxon a truck. We needed to know to sustain an enterprise what other units on Fort resourcing information baseHood might have a truck on line providing senior leaders inventory, or what was in the with unit and installationprocurement pipeline, all the based displays for units slated way up to the depot level. If to go overseas, so they can we were to take a truck out know whether these units of the depot, what would be meet the criteria for deploythe second and third order ment. effects of that—not only from The program, which a cost perspective, but also on reached full operating capathe rest of the units in Fort bility in December 2010, Chris Barnes Hood or the Army. If you took has already achieved drasomething out of the pipematic reductions in the line, that obviously was affecting delivery to amount of time needed to pull together some other unit.” needed information. While the group collecting this information previously took about 420 hours each month to manually Data Challenge retrieve the data needed from several different source systems and prepare briefThe process of developing EMDS was a ings for by senior leaders, that time has complicated one, Saxon acknowledged. “As 32 | MIT 15.10
the Army has developed needs and solutions over the years, they have many times gone through their own process using unique code, software, tools and ways of looking at data. When we’ve gone to the data owners of each of these systems in the past and asked for certain data elements, the output could come to us in a dozen different ways, depending on which system we’re talking to. “The challenge was not only to convince the data sources that we needed the data and that they should share the data—which was a battle in itself—but then also to get the data and understand it so we could use it all in one place,” Saxon said. Indeed, getting people to believe in sharing data hasn’t been easy. “People have done a great job in accumulating data, but when we go to them to ask if we could use that data and present it in a common picture, sometimes they are willing to do that, and sometimes it’s like pulling teeth,” he continued. “But we’ve got a lot of senior leadership on our side, who really believe in the enterprise approach to solving problems. It’s getting easier by the day, but sometimes it’s still a challenge.” That and other issues—for example, the way data is formatted—have implications well beyond the force generation process, the developers suggest. “The Army and Department of Defense are working on this in a much bigger picture than just EMDS, but we’re helping serve as a forcing function to this. We want to get data creators to standardize the data and how they process, share and expose it, so that consumers can use data from numerous sources in an easy and accurate way.” “We’ve been a spearhead of change in the Army community, and when you’re the www.MIT-kmi.com
focal point of being a change agent, it brings a lot of attention and hostility toward you,” Barnes added. “But in serving as a change agent, we’ve brought a lot of attention and focus to the governance issues and constraints that the Army’s been challenged with.” Another challenge is data quality, the program leaders observed, noting that if a thousand people put in data, but don’t do so consistently in the same way, data used in an automated fashion to create a report can create a skewed picture. “With most of the systems we’ve dealt with, they are aware of where their challenges are,” said Saxon. “When there is a request for data, the information is given to a local action officer, who massages it to give the picture that it’s supposed to paint. But in our case, when we’re asking for data from 18 sources, we don’t have the luxury of having that action officer massage the data to paint the correct picture. We’re very dependent on the quality of data that is coming out of the source systems.”
Outside Support A number of large and small IT companies have helped with creation of the system. Cisco offered demonstrations of how they use the enterprise approach to consolidate sales information, for example, while Oracle provided the database and analytic capability with its Oracle Business Intelligence Enterprise Edition. KPMG worked on many of the initial studies, and Booz Allen Hamilton, CSC and Enterprise Resource Performance Inc. currently play important role in the development and management of EMDS. In addition, the Software Engineering Center at Army CECOM has done a lot of work on resolving data integration and transformation issues. For the future, the office is helping automate other readiness and theaterrelated processes. “We are working closely with the headquarters staff in automation involving the Global Force Management Data Initiative, where the military services have developed their own organizational servers, and are going to
share that information with the joint community,” said Saxon. “The bottom line for us is to create a standardized enterprise solution that reaches out and grabs data from numerous sources, and then brings it into a repository or enterprise solution that enables people to take advantage of the data.” Saxon concluded with this observation: “You have to be patient. A lot of times, data owners may be quite comfortable with their solution, and when you come in with a new approach about how you’re going to use and share that data, there’s some reluctance. It’s not a bad thing, but they’re just not automatically accepting that the new thing is going to be better. So we’ve had to prove ourselves as we’ve gone along, and we see momentum building as a result.” O
Contact Editor Harrison Donnelly at email@example.com. For more information related to this subject, search our archives at www.MIT-kmi.com.
Trusted business partnerships, proven network solutions. Agencies that are upgrading vital network infrastructures count on Fujitsu for a lot more than technology leadership. We’re experts at crafting and implementing turnkey network solutions. Fujitsu packet optical networking solutions are bringing the power of standards-based Connection-Oriented Ethernet to US government departments and agencies. We’ll work with you to make highperformance networking a reality.
Fujitsu Network Communications • 2801 Telecom Parkway, Richardson, TX 75082 Tel: 800.777.FAST (3278) • us.fujitsu.com/telecom © Copyright 2011 Fujitsu Network Communications Inc. FUJITSU (and design)® and “shaping tomorrow with you” are trademarks of Fujitsu Limited in the United States and other countries. All Rights Reserved.
MIT 15.10 | 33
Compiled by KMI Media Group staff
Software Application Offers Smartphone Situational Awareness ITT has introduced the RO-Mobile Awareness Platform (RO-MAP), which delivers advanced situational awareness and text messaging capabilities. The RO-MAP is a software application that is designed to operate on a rugged PDA, smartphone or personal computer. The RO-MAP provides vital situational awareness information quickly and reliably. RO-MAP is the first software application to integrate regional position location information, text messaging and radio remote control into a single application. Designed as a general purpose dismounted warfighter situational awareness tool, the first application of the RO-MAP is for use with the Distributed Tactical Communications System (DTCS), which provides on-the move, beyond line-ofsight communications for dismounted users. When connected to the satellite-based RO Tactical Radio, RO-MAP allows users within 100-250 miles to have a common operating picture similar to the command center. RO-MAP automatically receives the position location information from other beyond-lineof-sight on-the-move users. The location information is then placed on a zoomable satellite image. Each position location mark can be selected for additional information such as: call sign, latitude, longitude, grid position, altitude, climb, speed and bearing. RO-MAP allows users to easily exchange text messages. Simply draw a box around the position location marks on the satellite image that you want to text, and the RO-MAP automatically addresses your text messages. Group broadcast text messages are also supported.
Mount Equips Vehicles with Tactical Radio Capability The new Sidewinder Vehicle Mount, built by General Dynamics C4 Systems, cost-effectively equips vehicles that do not have communications capability with tactical radios operating in the Soldier Radio Waveform network. An accessory for the networking AN/PRC-154 Rifleman radio, the Sidewinder quickly transitions the radio from a body-worn radio to a vehicle-mounted radio, augmenting its power and extending its range. Just as quickly, the Rifleman radio can be removed from the Sidewinder while maintaining connectivity with the tactical network. The Sidewinder’s hardware assembly includes the 20-watt power amplifier from another JTRS HMS radio, the AN/PRC-155 and connectors that work with the vehicles’ existing intercom systems and are compatible with standard mounting trays that most vehicles already have in place. The SidewinderRifleman radio combination has been selected by the Army for evaluation at the Network Integration Exercise 12.1 taking place this fall.
34 | MIT 15.10
Tactical Video Teleconferencing Links Remote Locations Panasonic Solutions Co. has unveiled the Panasonic Tactical Video Teleconferencing (VTC) solution, which combines the high-definition imaging of a Panasonic plasma display with Polycom’s HD videoconferencing and JELCO’s custom mobile lift case for a mobile product that has significant advantages over rolling cart or wall-mounted VTC installations. The Panasonic Tactical VTC solution, which is ideal for rapid-setup applications, provides a direct line of contact from remote locations with the use of highquality video and audio communications. The inclusion of Panasonic’s PF30 Series full-HD plasma displays within the Tactical VTC solution allows for clear and precise image quality with native
contrast ratio of 5,000,000:1. The solution offers a wide variety of uses, from the ability to roll it down a hall to taking it to the field for tactical videoconferencing. In addition to such versatility, the JELCO stabilizer plate protects against tipping over in outdoor environments, and field locking casters ensure the VTC solution stays securely in place. Additionally, the Panasonic display fits comfortably into the JELCO shock-mounted mobile lift case for maximum protection in transit, providing safe shipping to any environment. The camera also has quick release and protective interior storage in the case lid, while the mounted speakers eliminate the need for additional equipment, wires or setup, which saves customers both time and money.
Specialized Device Platform Leverages Mass Market Mobile Technology Elektrobit Corp. (EB), a developer of leading edge embedded technology solutions for automotive and wireless industries, has announced the EB Specialized Device Platform, an Android-based mobile device platform for specialized markets. Leveraging mass market mobile device hardware/software technologies and economies of scale, the platform enables vertical markets such as defense, public safety and security to roll out customized mobile devices that meet specific industry functional or performance requirements—faster and with lower development risks and costs. A versatile platform, the EB Specialized Device Platform allows EB’s customers to benefit from the commercial technologies driving the rapid growth of the consumer wireless device
market while giving market specific features and device type customization to specialized market organizations. As a smartphonetablet platform, organizations get a made-to-order mobile device that incorporates key design features desired for a particular mobile device with specific hardware and software features required by their market segment. For example, military vendors can specify MIL-STD-810G mechanics for a ruggedized Android handset, integration of a proprietary security engine or optimization of a proprietary software application to extend the device battery life. The platform comprises components specifically focused to extend product life cycle, deliver excellent performance and simplify the platform evolution. www.MIT-kmi.com
The advertisers index is provided as a service to our readers. KMI cannot be held responsible for discrepancies due to last-minute changes or alterations.
MI T CALEND A R & DI REC TO RY Advertisers Index AccessData. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23
Harris Corp. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . C2
Bicsi. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
Lind Electronics.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17
CSC . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . C4
Qinetiq North America. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
Cyberspace 2012 Symposium. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28
Redcom. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15
Fujitsu. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33
University of Maryland University College. . . . . . . . . . . . . . . . . . . . . . 13
General Dynamics C4 Systems Needham. . . . . . . . . . . . . . . . . . . . . . . C3
Vion. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20
Harris CapRock. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
Z Microsystems. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
Calendar January 20-27, 2012 DoD Cyber Crime Conference Atlanta, Ga. www.dodcybercrime.com/
January 23-25, 2012 Network Enabled Operations Washington, D.C., area www.ncwevent.com
January 24-26, 2012 West 2012 San Diego, Calif. www.afcea.org
February 7-9, 2012 Cyberspace Colorado Springs, Colo. www.afceacyberspace.com
December 2011 Volume 15, Issue 11
Cover and In-Depth Interview with:
Rear Admiral Charles E. “Grunt” Smith Program Executive Officer Enterprise Information Systems U.S. Navy
Special Report: Commercial SATCOM A guide to the commercial satellite communications services available through the Defense Information Systems Agency’s COMSATCOM Center.
Features • Navy Network Contracts • Radio Technology • SINCGARS Antennas
• Smartphone VoIP • Biometrics
Insertion Order Deadline: December 9, 2011 • Ad Materials Deadline: December 16, 2011 www.MIT-kmi.com
MIT 15.10 | 35
Military Information Technology
Rear Admiral Kenneth W. Deutsch (Ret.) Vice President and Lead Executive Next Generation Enterprise Network Program CSC Q: Could we start with a brief overview of CSC cybersecurity capabilities?
lessons learned and skills that come from that experience.
A: CSC employs nearly 100,000 people who deliver technology-enabled solutions, which stem from information technology, the central core of the cyber-domain. We are experts in the “basic blocking and tackling” of information assurance, identity management, secure systems design, cyber-forensics and overall IT systems management. At the leading edge of IT, we operate, manage and defend the most critical and secure networks for our Department of Defense customers, in all theaters of operations around the globe. We also have a deep understanding of computer network operations, including exploit and attack methods that our enemies would utilize to harm us and the technologies, tactics, techniques and procedures that our cyber-warriors would use to deliver war fighting effects in cyberspace.
Q: How will CSC position its cybersecurity solutions for the military with the expected budget constraints?
Q: From tactical to strategic environments, what are the biggest challenges in managing sensitive information while also allowing access? A: The biggest challenge in managing sensitive information while also allowing network access is striking the right balance of security for the right circumstances and being able to deliver it where and when it’s needed. Freedom and innovation are part of our national character and to maintain our military edge, we need to harvest the best ideas available, no matter where they originate. A freewheeling exchange of ideas, followed by investment and hard work, generates the innovations we need—especially during critical times. By the same token, we can’t surrender research and development investments through carelessness or inadequate security—and most importantly, we can’t jeopardize our men and women on missions at home and abroad. Ultimately, cyber-defense isn’t just the province of circuits and networks, it’s enterprisewide and needs 36 | MIT 15.10
to be addressed as such, with a hard look at return on investment and the war fighting impacts of loss of assured communications. Q: What can the commercial world teach the military about cybersecurity, and vice versa? A: That’s a really interesting question. I spent time this summer working with the U.S. Navy and CSC’s cyber-warriors in the Pacific Command and Australia on advanced technology related to cybersituational awareness. This program employed some of the best collaborative technologies and practices, of both commercial and military research entities in both countries, to develop solutions that meet the warfighter’s national and coalition command and control needs. In general, commercial companies work very hard to provide the right amount of security, in the right places at the right cost, to maximize intellectual and proprietary data at the lowest cost and risk factors. The analysis of this balance is constantly occurring and can definitely be assessed for use in the military environment. On the flip side, the commercial world needs to view cybersecurity as a core mission like the military does. In this view, profit and loss activities would start with the concept of trusted information and assured communications being the foundation of all subsequent activities. Another area that I think the commercial world could learn from DoD is the effective employment of cyber-forensics. CSC developed the courseware and provides the teachers for DoD Defense Cyber Investigative Training Academy at Fort Meade, Md., and there are a lot of valuable
A: Cybersecurity is a recognized priority for the military. The actual and potential effects of adversary action in the cyberdomain are well documented, and the consequences of a Stuxnet-like attack on U.S. interests are at the forefront of the national mindset. Amplified by the everincreasing pace of innovation, continued investment in cyber is critical for our future. CSC is well positioned to support our warfighters as a leader in information dominance solutions, military network management and operations, cloud technologies, data center consolidation and optimization and more. Basically, we’ll continue to use innovation to drive costs down while pushing security, accessibility and mobility to the highest levels. Q: What are your primary cyber-based initiatives in the coming 12 months? A: We’re on the cutting edge in several cyber-areas with selected customers and, where feasible, we’ll extend the combination of technologies, processes and expertise to a broader set of customers. In particular, we have an initiative called Dynamic Adaptive Defense, which addresses an enterprisewide network defense-in-depth at all levels of the architecture—with a coordinated and highly automated “machine speed” approach. We’re also focusing on the human element and have an interesting interactive gaming approach for sharpening the skills and capabilities of cyber-warriors. The third area we’re concentrating on is systems and network consolidation in a safe and secure manner, particularly using cloud technology. This has the potential to save a significant amount of DoD’s operating costs for our military in the long run, while providing a more flexible, responsive and resource-efficient infrastructure. O www.MIT-kmi.com
Entrusted with Securing Liberty?
SIP, JITC, and TSG Certified
Trust the Sectéra vIPer Universal Secure Phone. ®
Security is something that must never be compromised – whether it’s the security of a nation or the security of your voice communications.
Protect your information and your investment. • VoIP/PSTN Connectivity via Simple Menu Switch • Crypto Modernization Compliant – Fully Integrated Security for Top Secret and Below • Ideal Replacement for STU/STEs • Ships in 45 Days With the lowest overall cost of ownership, the Sectéra vIPer phone features flexibility for multiple networks, superior voice quality, and software upgradability. Let us show you why the Sectéra vIPer phone is a small price to pay for peace of mind.
781-455-2800 888-897-3148 (toll-free) Infosec@gdc4s.com www.gdc4s.com/secureproducts
©2011 General Dynamics. ®Reg. U.S. Pat. & Tm. Off. Sectéra and vIPer are registered trademarks of General Dynamics.
WHAT’S HARDER THAN FINDING A NEEDLE
IN A HAYSTACK?
Finding the mission critical cyber attack among hundreds of millions of threats each and every day. Whether it is preventing attacks at your enterprise permimeter or identifying an insider threat, CSC provides the solutions that give you the dynamic defense you need to enable mission success. At CSC, we monitor and defend some of the largest corporate and government networks in the world. We are experts at recognizing the threat that matters to you. And we can stop it. CSC understands the operational tempo of the DOD cyberspace and that for you, it’s not about network assurance, it’s about mission assurance.
For more information about CSC’s cybersecurity solutions, visit www.csc.com/cyber.