The Voice of Military Communications and Computing
C4 Guide Lt. Gen. Mark S. Bowman Director, C4/Cyber CIO/J6 Joint Staff
Volume 17, Issue 4
Cloud Brokers O Industrial Control Security O Low-Cost SATCOM COMSATCOM Update O Serial to Packet Migration
PRSRT STD U.S. POSTAGE PAID LEBANON JCT., KY PERMIT # 805
ARM YOURSELF FOR OPPORTUNITY WITH A CYBERSECURITY DEGREE.
To win the battle in cyberspace, we need more cyber warriors. University of Maryland University College (UMUC) has answered the call, educating the next generation of cyber security specialists in the public and private sectors. Our accessible online degree programs have been recognized for excellence by NSA and DHS. And many of UMUC’s courses address industry-standard certifications, including many on the DoD 8570 list. UMUC is affordable, too, with scholarships for those who qualify, interest-free monthly payment plans and participation in the Yellow Ribbon Program. Because the nation’s battle for cyber security can’t afford to be without you.
© 2013 University of Maryland University College
AT YOUR SERVICE SINCE 1947
University of Maryland University College is the nation’s largest public university.
Learn more • 877-275-UMUC • military.umuc.edu/cuttingedge
military information technology Features
May 2013 Volume 17, Issue 4
Cover / Q&A
Spurred by the potential for cyber-attacks on military and civilian infrastructure, the Pentagon is emphasizing the security of industrial control systems. By Peter Buxbaum
16 Lieutenant General Mark S. Bowman
Director, C4/Cyber Chief Information Officer Joint Staff, J6/CIO
Saving on SATCOM
Gateways to the IP World
COMSATCOM Center update
In SATCOM as well as virtually every other area, driving down costs is the order of day, whether by reducing the initial investment, cutting usage costs or getting more output from current resources. By Adam Baddeley
The Defense Information Systems Agency is joining with the private sector in pondering the mission of cloud service brokers, who bring together the providers and users of cloud computing services. By Karen E. Thuermer
Departments 2 Editorâ€™s Perspective 3 program notes/People 14 data bytes 26 COTSacopia 27 Resource Center
As the military moves to everything over IP, a major issue for network designers has been what to do about the huge existing investment in systems that use earlier generations of networking methodologies. BY HARRISON DONNELLY
An update on the latest news from the Defense Information Systems Agencyâ€™s Commercial Satellite Communications (COMSATCOM) Center.
Industry Interview Diana Gowen
Senior Vice President and General Manager CenturyLink Public Sector
Military Information Technology Volume 17, Issue 4 • May 2013
The Voice of Military Communications and Computing Editorial Managing Editor Harrison Donnelly email@example.com Online Editorial Manager Laura Davis firstname.lastname@example.org Copy Editors Sean Carmichael email@example.com Laural Hobbes firstname.lastname@example.org Correspondents Adam Baddeley • Peter Buxbaum Cheryl Gerber • Karen E. Thuermer
Art & Design Art Director Jennifer Owers email@example.com Senior Graphic Designer Jittima Saiwongnuan firstname.lastname@example.org Graphic Designers Scott Morris email@example.com Eden Papineau firstname.lastname@example.org Amanda Paquette email@example.com Kailey Waring firstname.lastname@example.org
Advertising Account Executives Cheri Anderson email@example.com Jeffrey Cooper firstname.lastname@example.org
KMI Media Group Publisher Kirk Brown email@example.com Chief Executive Officer Jack Kerrigan firstname.lastname@example.org Chief Financial Officer Constance Kerrigan email@example.com Executive Vice President David Leaf firstname.lastname@example.org Editor-In-Chief Jeff McKaughan email@example.com Controller Gigi Castro firstname.lastname@example.org Marketing & Communications Manager Holly Winzler email@example.com Operations Assistant Casandra Jones firstname.lastname@example.org Trade Show Coordinator Holly Foster email@example.com
EDITOR’S PERSPECTIVE This issue’s story on saving money on SATCOM serves as a good complement to a new Government Accountability Office (GAO) report that calls on the Department of Defense to adopt more practices from industry in creating and maintaining the ground networks used to control satellites in orbit. The report, entitled “Long-Term Planning and Adoption of Commercial Practices Could Improve DoD’s Operations” (GAO-13-315), examined the numerous ground stations, networks and other infrastructure created by the department over the years for communications, surveillance and other satellites. These satellite control networks monitor and manage the condition Harrison Donnelly and orbit of the satellite bus, rather than the sensors or transponders on Editor board. Despite the overall push for interoperability, even in recent years these satellite control systems have been built as dedicated, standalone networks, which have the advantage of being customized for the specific program, but the drawbacks of inefficiency and duplication. Moreover, the department is showing no signs of moving to a shared network, and current efforts to modernize the Air Force’s system are focusing more on sustainment than on adopting capability-increasing improvements. In search of a better way, GAO investigators turned to commercial practices, which they said would increase efficiency and cut costs. These included interoperability between systems, automation of routine functions, and greater use of COTS products. Another approach would be creation of a “hybrid” network, in which an operator can supplement its ground network by leasing antenna time on another company’s network. The report acknowledges, however, that the department faces obstacles in improving control networks, beginning with the lack of a long-term plan and a shortage of reliable data. It is with regret that I must inform MIT readers of the passing of Adam Baddeley, author of “Saving on SATCOM” and many other articles in KMI Media Group publications over the years. With his in-depth knowledge of communications technologies, as well as a host of other military fields, Adam was a good friend and a true professional, and we will miss him.
Operations, Circulation & Production Operations Administrator Bob Lesser firstname.lastname@example.org Circulation & Marketing Administrator Duane Ebanks email@example.com Circulation Barbara Gill firstname.lastname@example.org Data Specialists Raymer Villanueva email@example.com Summer Walker firstname.lastname@example.org
KMI MedIa Group LeadershIp MaGazInes and WebsItes Border & CBRNE Defense
Ground Combat Technology
Geospatial Intelligence Forum
Military Advanced Education
Military Information Technology
Border Threat Prevention and CBRNE Response
Integrated Fixed Towers
A Proud Member of Border Protector
Subscription Information Military Information Technology
ISSN 1097-1041 is published 11 times a year by KMI Media Group. All Rights Reserved. Reproduction without permission is strictly forbidden. © Copyright 2013. Military Information Technology is free to qualified members of the U.S. military, employees of the U.S. government and non-U.S. foreign service based in the U.S. All others: $65 per year. Foreign: $149 per year.
June 2012 Volume 1, Issue 1
Michael J. Fisher Chief U.S. Border Patrol U.S. Customs and Border Protection
Leadership Insight: Robert S. Bray Assistant Administrator for Law Enforcement Director of the Federal Air Marshal Service Transportation Security Administration
Wide Area Aerial Surveillance O Hazmat Disaster Response Tactical Communications O P-3 Program
Medical Military Training Military Logistics Military & Veterans Forum Technology Affairs Forum
Special Operations Technology
Tactical ISR Technology
U.S. Coast Guard Forum
Corporate Offices KMI Media Group 15800 Crabbs Branch Way, Suite 300 Rockville, MD 20855-2604 USA Telephone: (301) 670-5700 Fax: (301) 670-5701 Web: www.MIT-kmi.com www.MLF-kmi.com
Compiled by KMI Media Group staff
Tighter Security Sought for Army Mobile Devices Amid criticism from the Department of Defense inspector general about lax oversight, Army officials are working to strengthen the security of commercial mobile devices (CMD) used by Army personnel. In a March report, “Improvements Needed with Tracking and Configuring Army Commercial Mobile Devices,” the IG found that the Army chief information officer, currently Lieutenant General Susan Lawrence, had not implemented an effective cybersecurity program designed to identify and mitigate risks surrounding CMDs and removable media. Specifically, the report concluded that the Army CIO had not properly tracked some 14,000 devices used throughout the service, thus leaving networks potentially vulnerable to a variety of intrusions and malware attacks. IG inspectors visited two Army sites, the U.S. Military Academy and an Army Corps of Engineers (ACE) facility at Vicksburg, Miss., where a total of about 850 devices were assessed. There, they found that the CIO had not: • Ensured that the commands had used a mobile device management application to configure CMDs to protect data. • Required that CMDs be adequately sanitized, with the capacity to remotely remove data on devices that had been transferred, lost, stolen or damaged. • Controlled CMDs used as removable media, and barred users from storing sensitive data on CMDs used as such. • Required that users receive security training and sign user agreements promising to follow security procedures.
Eight Win NETCENTS-2 Deals The Air Force has awarded a set of contracts worth up to $6.9 billion that will make providing innovative IT products and capabilities covering the full spectrum of operations and missions to its warfighters quicker and easier. The Network Centric Solutions-2 (NETCENTS-2) team awarded the netcentric products contracts in April, with a three-year base ordering period and three 12-month options. The eight contract awardees are FedStore Corp., Intelligent Decisions, World Wide Technology, CDW Government, Ace Technology Partners, CounterTrade Products, General Dynamics IT and Iron Bow Technologies. The netcentric products contract provides the Air Force with a full range of innovative, competitively-priced, worldclass netcentric IT products to support the full spectrum of netcentric operations and missions. COTS products offered on the contract include: networking equipment, servers/storage peripherals, multimedia hardware, software, identity management/ biometric hardware and associated software.
“This occurred because the Army CIO did not develop clear and comprehensive policy for CMDs purchased under pilot and non-pilot programs,” the report said. “In addition, the Army CIO inappropriately concluded that CMDs were not connecting to Army networks and storing sensitive information, and therefore did not extend current IA requirements to the use of CMDs. Without an effective cybersecurity program specific to CMDs, critical IA controls necessary to safeguard the devices were not applied, and the Army increased its risk of cybersecurity attacks and leakage of sensitive data.” The Army responded strongly to the report, moving immediately to ensure that West Point and the ACE office remedied the issues and revised their controls. In addition, officials pointed to steps they have taken, including new policies established this year to make clear that no CMDs or other IT equipment can be purchased without approval through the CIO/G-6 process. In February, the Army published new information assurance and cybersecurity requirements that included improved accountability for unit commanders. Under the rules, commanders have to assess their IA posture and weaknesses using standardized tools, and quickly develop a plan of action to address problems. The Army is planning a servicewide IA/cybersecurity awareness program for this fall. Army officials also pointed to their ongoing efforts as part of a Defense Information Systems Agency (DISA) mobility pilot, which currently includes more than 500 mobile devices issued to the Army. Under the Army’s mobile solutions strategy, CMDs will be managed as a DISA enterprise service.
Col. Brian M. Killough
Air Force Colonel Brian M. Killough has been selected for the rank of brigadier general and assigned as director, warfighter systems integration, Office of Information Dominance, and chief information officer, Office of the Secretary of the Air Force. The list of Army brigadier generals nominated for
Compiled by KMI Media Group staff
appointment to the rank of major general includes Brigadier General Joseph A. Brendler, who is currently serving as director of architecture, operations, networks and space, Office of the Chief Information Officer/G-6, U.S. Army, and Brigadier General George J. Franz III, who is currently serving as director, current operations, J-33, U.S. Cyber Command. Army Major General James Chambers (Ret.) has been promoted to president and chief operating officer of McLane Advanced Technologies, a provider of information technology and logistics solutions.
ITT Exelis has named Rich Sorelle corporate vice president and president of its Electronic Systems division. Joe Rambala assumes the role of vice president and general manager of the division’s integrated electronic warfare systems business area, a position previously held by Sorelle. In addition, Dave Prater has been named vice president and general manager for the division’s radar, reconnaissance and undersea systems business, and Mark Adams has been named vice president and general manager of specialty applications for Exelis Electronic Systems.
MIT 17.4 | 3
In a cost-constrained world, the complexity of the SATCOM supply chain offers opportunities and challenges for cost reduction.
By Adam Baddeley MIT Correspondent
In satellite communications as well as virtually every other area, driving down costs is the order of day for the Department of Defense, whether that is reducing the initial capital investment, cutting usage costs or getting more output from current contracts and resources. The complexity of the SATCOM supply chain—the space segment, earth stations, terminals and the way in which satellite bandwidth is acquired, leased and operated—offers both multiple challenges and opportunities in decreasing costs and increasing value for warfighters as well as back office functions.
4 | MIT 17.4
In response, key players in the field are developing and emphasizing offerings designed to provide essential SATCOM capabilities in a cost-constrained environment. Last fall, for example, TeleCommunication Systems Inc., Northrop Grumman and Lockheed Martin unveiled a program called the Low Cost Terminal solution, which addresses the military’s need for lower-cost technologies and systems to enable protected and secure communications for tactical warfighters in theater. Another important entry is GNOMAD, an on-the-move (OTM) SATCOM system from ITT Exelis that addresses
the capabilities gaps for wide-band OTM communications in low-cost offerings, while ensuring that the ability to meet tight battlefield requirements has not been lost. Rob Semple, manager, business development, explained the genesis of GNOMAD: “We talked to the users in the Army and Marine Corps and found out that what they wanted was something that was small and modular, allowing them to configure it for the mission, and that didn’t require extensive modification on the host platform, so it was easy to reinstall if the vehicles broke down. Finally, they wanted a low-profile antenna so the
vehicles didn’t stick out as a commandand-control vehicle.” To meet these needs, Semple explained, Exelis went out and found partners to supply and integrate standardized COTS equipment in a low-volume package. “One cost saving is from not having to do extensive integration work, so you are not changing the power requirements. That is a lot of engineering money saved. Nor do you have the high overhead cost of taking that commercial COTS equipment and ‘MILSPEC-ing’ it. “We looked for best of breed and because of that, you can reach the size, weight and power levels that you previously saw only in bespoke systems,” he continued. “So we are not doing extensive integration to the vehicle platform. Therefore, if the vehicle goes down for automotive maintenance, you can go ahead and dismount the system and put it on another vehicle. That saves money.” Hughes is another company that has been working with DoD and allied militaries to showcase the cost-saving capabilities of bandwidth-efficient technologies. “Commercial companies are continually advancing their technologies to provide cutting-edge solutions at lower costs,” said Rick Lober, vice president and general manager of Hughes Defense and Intelligence Systems Division. “Our globally available SATCOM solutions employ extensive bandwidth-efficient technologies, resulting in greater capacity and throughput while reducing the need for more dedicated bandwidth, which reduces costs for our military partners in this austere budget environment.”
Security Classification Nevertheless, there are certain things that can’t be repackaged due to security classification or environmental specifics. One example was the installation of GNOMAD on the M1 Abrams, where a lack of space within the vehicles meant that the modem had to be located outside the vehicles, which necessitated that the modem have MILSPEC protection. The encryption is the GFE KG-175, powered off the GNOMAD itself. Some analysts have called for cost reductions through doing everything inhouse. But Semple argues against this, in
part due to GNOMAD using standard OTM products for which the integration issues are well established. “What we have with our partners is a great working relationship,” he said. “If we have an idea for something that the customer wants, then I go back to my teaming partners for a new module. They can go ahead and turn it around in 30-60 days and have the module ready to go.” An example of this has been the addition of a new antenna to support operation of the Wideband Global SATCOM (WGS) satellite. A key element of the approach is the absence of an exclusivity agreement for the GNOMAD components, Semple explained. “I talk to our suppliers two or three times a day every day. We have a very good working relationship with partners and we felt that with this particular product, the best way to go was not to try to own everything inhouse. It’s a gentleman’s agreement that has stuck well.” While GNOMAD is an OTM solution today, it won’t be limited to that tomorrow. The changes will be a source of further cost savings as it becomes a system of systems, building a family of products around base components to support all the disadvantaged users all the way up to a command post battalion and brigade size. To do that, it will use the same component across the product line, cutting down training costs and introducing common logistics. “Whether it is on the move, manpack, stationary or supporting a command post, the only thing that is going to change across the product line is your antenna,” Semple said. “If the company commander has a GNOMAD in his vehicle and they move to an observation point, they can dismount, grab a Ku-, Ka- or X-band antenna, a couple of mission modules and the modem put them together. Now you can have a wideband SATCOM system, saving money in the long run.” “Supporting WGS is critical to bridging the forecasted SATCOM gap for the U.S. military,” said Lober, pointing to the Hughes HX system as a proven, global solution to support WGS requirements.
Improving Value XTAR, the first commercial satellite operator providing services in the X-band
frequency, is also supporting government procurement officers and users in helping reduce their costs for SATCOM services. But the equation is not a simple one, suggests Andrew Ruszkowski, vice president of global sales and marketing for XTAR. “We believe that the best outcome results from not just focusing on lowering costs, but on controlling costs and creating efficiencies. In other words, improving value for money. “With this focus, users will minimize the compromises they need to make in creating effective solutions with their lower budgets. As an example, users can focus on getting more throughput out of the same equipment or reduce the amount of capacity needed for achieving the same mission requirement,” he said. Over the past few years, the availability of X-band space segment has been increasing. Systems developers have responded to this trend and have been aggressive in developing new technology that leverages the unique features of the frequency band and the constellation of MILSATCOM and commercial satellites available today. “While innovation may initially result in some increase in capital expenditures, very quickly these are offset by significant reductions in recurring costs—from lower BW costs, for example—and often improved performance or capabilities for the user,” Ruszkowski noted. When users deploy small antennas (for example, 0.45m or less for manpacks), especially for mobile applications, the amount of satellite capacity needed will vary based on whether the frequency is Kuor X-band. For Ku-band, spread spectrum carriers are often needed to close the links. This typically means more space segment capacity and higher recurring costs. X-band, on the other hand, is the ideal environment for small and mobile terminals, because rarely does a successful link require spread-spectrum technology. As a result, less capacity is needed, and therefore costs are lower. Satellite operators—for example, Squire Tech Solutions, a provider of first responder and mobile response network— have offered pooled resources for many years, but some government users have hesitated to use them because of a false perception that they are less secure than dedicated systems. As a result, they haven’t
MIT 17.4 | 5
taken advantage of the cost savings offered by shared platforms. “Recently, there has been a shift in awareness that shared TDMA and managed networks can be as secure as legacy SCPC networks. Over the past seven or eight years, Squire Tech has supplied federal and state operations with high bandwidth solutions, achieving great performance at a fraction of the cost with all the security they demand,” said Michael B. Zalle, vice president, Squire Tech Solutions. With commercial X-band, this model should be more attractive. This frequency can only be used by government users, so the security concern of sharing resources with an unknown commercial entity does not exist.
Space Segment The biggest source of cost, and therefore of potential cost savings, lies with the space segment, according to Tim Shroyer, chief technology officer for General Dynamics SATCOM Technologies. Terminal costs are almost insignificant in comparison, even for larger earth station antennas, given the long-term space segment use, he noted. The use of larger antennas, where possible, usually results in increased efficiency and reduced total cost of ownership. If larger antennas cannot be used, then good modem operation is a necessity. Suppliers like General Dynamics SATCOM Technologies can help by providing tightly integrated earth stations, with efficient antennas, tracking systems, uplink amplifiers, preferably high-efficiency solidstate power amplifiers, and state-of-the-art modems with good performance. Cheaper terminals rarely provide reduced total cost of ownership, he added, for the space segment reason described above. Decreased earth terminal tracking performance is even more of a problem because reduced efficiency actually increases costs for transmission much more than any potential reduction in tracking or pointing system cost might achieve. It makes good sense to use the most cost-effective subsystems in earth stations, such as right-sized solid-state power amplifiers and the right antenna for the job, analysts say. But saving a few dollars in subsystem cost, if it also results in decreased efficiency, actually increases the overall cost of ownership. 6 | MIT 17.4
Spacecraft Savings with Electric Propulsion Electric propulsion (EP) has long held the promise to enable huge cost savings for communication satellites, and that promise is now becoming a reality. According to Boeing executives, four satellites will be built for the Asia Broadcast Satellite of Hong Kong and Mexico’s Satmex. These satellites feature a design that uses electric propulsion not only for maintaining position once in geostationary orbit (known as station keeping) but also for raising the satellite into geostationary orbit from their launch vehicle drop-off point. The result, Boeing has said, is a 6-kilowatt satellite that, while it would normally would weigh 4,000 kilograms at launch, will weigh around 2,000 kilograms, meaning they can be launched two at a time aboard a launch vehicle. This new class of satellite does not utilize traditional chemical fueled rockets, but instead converts solar power to produce propulsion by ionizing and accelerating an inert xenon gas. These solar-powered EP systems produce propulsion very efficiently, as much as 10 times more efficiently than chemical propulsion systems presently used on spacecraft. There are two types of ion thrusters that have been used for on-orbit stationkeeping: gridded ion and Hall thrusters. Hall thrusters are the preferred electric
“Although per satellite unit costs dwarf those of user terminals, our military customers have increasingly become concerned with total ownership costs for space systems,” added Lober. “The total cost to procure terminals, integrate and install the terminals on platforms and then operate those terminals is far greater in terms of total ownership costs than the space segment—and that’s why Hughes is working to reduce costs by designing terminals, modems and networks for affordability, such as ease of integration and open standard waveforms.” Another consideration, which is becoming critical, is the actual uplink antenna radiation pattern. In the commercial SATCOM world, there have been several cases of low-cost VSAT antennas being offered to the
thruster technology for orbit-raising, however, due to their higher thrust to power compared to gridded ion thrusters. Recently, the U.S. military experienced the advantages of electric propulsion. After being launched in August 2010, the first Advanced EHF spacecraft suffered a serious setback when the spacecraft’s main propulsion subsystem failed. The Lockheed Martin lead team saved the $2 billion military communications satellite by utilizing the Hall thrusters on-board to complete the push to GEO. There are two U.S. companies that produce Hall thrusters: Buseak Co. and Aerojet, a GenCorp Inc. company. The first U.S. Hall thruster to be operational on-orbit was launched in November 2006 on the Air Force TacSat-2 spacecraft using a Busek Co. BHT-200 thruster. The Hall thruster that saved AEHF from loss was manufactured by Aerojet under the designation BPT-4000, which stands for Busek-Primex Thruster. Aerojet manufactures the device under a technology license to Busek Co.
Provided by W. Dan Williams, director of business development, and Bruce Pote, director of Hall thrusters, for Busek Co. Inc., Natick, Mass..
market that do not meet previous radiation pattern performance standards. When used, many of these antennas caused interference on adjacent satellites, and so had to be operated at lower power levels or completely replaced to ensure acceptable levels of Adjacent Satellite Interference performance.
L-Band Architecture Further innovative schemes to reduce the cost of ownership are also being sought, not least in the area of earth terminals. Here, a good architecture that supports current needs also provides flexibility to meet future link requirements. Today, that means the use of L-Band IF systems. GD Satcom came up with L-Band IF architecture a few years ago, Shroyer noted, www.MIT-kmi.com
Collaboration for Affordability The Low Cost Terminal (LCT) program developed jointly with TeleCommunication Systems (TCS), Lockheed Martin and Northrop Grumman seeks to produce highly affordable satellite terminals for protected communications on the move and at the halt, addressing the military’s need for lower cost technologies and systems to enable protected and secure communications for tactical warfighters in theater. The three companies are operating under a collaborative agreement for TCS to manufacture, market and sell LCT products under license from Northrop Grumman and Lockheed Martin. The LCT solution takes advantage of Northrop Grumman’s and Lockheed Martin’s proven knowledge and engineering experience in protected military satellite communications through Milstar and Advanced Extremely High Frequency (AEHF) anti-jam satellites. In addition, it builds on TCS’ highly secure, deployable satellite communications systems, based on a modular architecture with plug-andplay interfaces and integrated logistics support. As the next generation of AEHF satellites launches, the LCT solution will allow warfighters to quickly and affordably take full advantage of the satellites’ improved capability and expanded capacity. Developed entirely with company investment, the LCT solution includes
protected communication two variants of equipment: alternatives, and the coma Protected Communicaplete system comes packtions on the Move (P-COTM) aged in three transit cases. terminal and a Protected Two people can easily set up SIPRNet/NIPRNet Access the system within 30 minPoint (P-SNAP) terminal for utes. communications at the halt. All three companies are Developed jointly by currently operating under Northrop Grumman and the terms of a collaboraLockheed Martin, the baseAl Green tion agreement. Northrop line P-COTM terminal is Grumman and Lockheed interoperable with Milstar email@example.com Martin shared costs equally and AEHF systems currently in the development of the P-COTM, and in orbit. Electronics transmit at 256 Kbps TCS funded the P-SNAP development. and receive at 1.544 Mbps, with an uplink TCS leads the integration, manufacturing, performance of 256 Kbps in rain or jamcustomer support and marketing/sales of ming environments. the terminals. All three members contribThe solution achieves affordability by ute to the product line extensions, which leveraging existing designs, technology and could potentially be expanded to include government and commercial investments airborne, shipborne and portable configuwhile implementing commercial best pracrations. tices for procurement and production. The “Given the current budget environment hardware and software are extensible to today and in the foreseeable future, the other form factor terminals, such as small, LCT solution is a prime example of how the fixed terminals that can be packed in transit private sector has utilized their own indecases, shipboard terminals for small deck pendent research and development funds ships, and low-cost airborne terminals for to deliver affordable SATCOM systems to unmanned aerial vehicles and piloted airDoD,” said Al Green, vice president, busicraft. ness development, TCS Government SoluDeveloped in collaboration with tions Group. “The LCT employs advanced, Northrop Grumman and Lockheed Marproduction-ready technologies that enable tin, P-SNAP incorporates both SNAP and SATCOM further down the chain than what P-COTM components. It is significantly is currently occurring.” smaller and lighter than currently available
to replace synthesized up- and down-converters with block converters that provide higher reliability at lower cost. Long term, this pays dividends as well, Shroyer explained. “As future modems are incorporated, the use of L-Band IF modems eliminates all need for more costly and complex synthesized converters. Monitor and control [M&C] systems are another area where significant enhancements are being seen. Modern M&C systems are cost-effective for even small terminals, and can provide features like uplink power control and flexible reconfiguration at no additional expense. “Higher effective isotropic radiated power and better G/T on modern satellite transponders permit the use of higher orders of modulation on the modem
systems, and this results in better overall efficiency—more bits in the same or less transponder power and bandwidth,” he continued. “It is now fairly easy to see how upgrading to a true state-of-theart modem can provide pay-back in two months or less, with future space segment savings resulting in continued lower costs per bit.” Other cost benefits will naturally accrue from the inherent nature of the new SATCOM systems being used, Shroyer said. “As higher satellite frequency bands are used, like modern Ka-band satellites, higher orders of modulation can be used with adaptive modulation to dynamically fit the most bits possible into the links.” Sophisticated VSAT systems take advantage of these adaptive modulation techniques, but there
are many links still on the air that do not incorporate those features. “The biggest use of satellite transponders all over the world is video. Even DoD transmits a large amount of realtime video from various sources. Modern video compression systems and modulation approaches, like DVB-S2, can provide more video with fewer bits and less transponder power and bandwidth. Use of these upgraded technologies is being considered by large video users, but legacy systems are difficult to displace,” he said. O
For more information, contact MIT Editor Harrison Donnelly at firstname.lastname@example.org or search our online archives for related stories at www.mit-kmi.com.
MIT 17.4 | 7
Cloud Brokerage As official DoD cloud service broker, DISA is pondering the
mission of these vital intermediaries between providers and users.
By Karen E. Thuermer, MIT Correspondent Tabbed since last year as the “enterprise cloud service broker” for the Department of Defense, the Defense Information Systems Agency (DISA) is joining with the private sector in pondering the mission and strategies of these vital intermediaries between providers of cloud computing services and those who need them. The activity in this field comes as both government and industry increasingly recognize that cloud computing and cloud services offer unprecedented opportunities for cost savings, enhanced information sharing and mission effectiveness. As a result, the number, type and capability of cloud computing services are rapidly expanding, and their adoption is accelerating. Setting up cloud services with third-party assistance, or cloud service brokers, is becoming increasingly common both within private industry and the federal government. IT research firm Gartner predicts that within a couple of years, most cloud computing customers will rely on a broker to handle a diverse range of services internally or externally. That’s because the ever-increasing demand for cloud services and their proper delivery requires organizations to have a firm grasp on provisioning, integration, migration, application programming interfaces, support, billing and security among other functions. Military and other federal agencies have been eyeing the benefits and challenges of cloud computing at least since the Obama administration released its cloud computing strategy in 2011. The report estimated that $20 billion of the federal government’s $80 billion in annual IT spending could be a potential target for migration to cloud computing solutions. It also outlined a “Cloud First” initiative to couple with a “Shared First” policy aimed at shifting the government to leveraging technology, procurement, and best practices across the whole government, and building on existing investments rather than re-inventing the wheel. According to Kevin Jackson, vice president and general manager at NJVC and a 8 | MIT 17.4
prominent advocate of cloud computing, the providing for diversity across the network. new big-data approach for processing, delivThis would, in essence, turn the cloud’s netering and consuming information via cloud working capabilities into a security tool. computing is also revolutionizing the mili“The fact there is extensive research going tary and intelligence approach to information on to support future architectures, with those technology. “From a policy point of view, the architectures being the cloud, speaks volumes Cloud First, Shared First and data as to how much weight center consolidation directives are cloud computing has in dramatically reshaping the military the future,” commented IT environment,” he commented. Brown. The concept of cloud computNevertheless, there ing in the military is escalating are many aspects that still because of its advantages for basic need to be considered in or specialty services, observed Steve DoD’s adoption of those Crawford, vice president of marketservices, according to ing and business development for Julie Mintz, DoD entercloud services broker Jamcracker. prise cloud service broker Steve Crawford “It’s a much more economic project manager at DISA. delivery model than buying softOne of those aspects ware, learning how to operate and will be the ability to intesupport that software yourself, then grate smoothly multiple rolling it out,” he said. “What it clouds and with existing means is there are good solutions networks, applications out there, but you don’t have to pay and systems operating at an arm and a leg for them.” different classification levels, observed Pat Motola, chief executive officer of Mission Resiliency BlueSpace Federal. “The DoD computing environDoD is already rolling out ment is incredibly comcloud implementations. The Greg Mullin plex, and will be a hybrid Defense Advanced Research Projects Agency (DARPA), for example, email@example.com of cloud, legacy and mission specific tactical archihas adopted cloud computing techtectures operating at different classification nology and provided a sophisticated level of levels. Embracing innovative and flexible intecybersecurity around a virtual cloud platform, gration strategies will be key to adoption and according to Joe Brown, president of Accelera, achieving the potential of cloud computing a virtualization solutions provider. “I am very within DoD.” encouraged by their effort. They could not Both DISA and the General Services have done this in the old world of computing Administration (GSA) put out requests for that focuses on physical infrastructure.” information (RFIs) last fall asking for feedback DARPA has spearheaded an initiative on the role of industry and government in the called Mission-oriented Resilient Clouds, cloud computing concept, and what it takes to which aims to develop cloud services that be a cloud service broker. would continue to operate and support mili“There are similarities in the RFIs, but tary functioning despite being hit by a cyberwith DISA being more focused on the security attack. The effort involves exploring the use of aspects of what it takes to run a cloud broker,” providing redundant hosts, correlating attack commented Crawford. information from across the ensemble, and www.MIT-kmi.com
DISA Ready for cloud Broker Mission The Defense Information Systems Agency has achieved initial operational capability (IOC) in its mission as the cloud broker for the Department of Defense. Reaching IOC means the agency has the framework in place for executing this mission. To date, DISA has established a process for gathering and assessing mission partner requirements, evaluation criteria for service offerings to include recommended contract requirements, criteria for matching mission partner requirements to the appropriate offerings, an enterprise cloud service A number of companies have catalog, and a cloud security model. responded to the RFI. Leveraging the cloud security model, DISA has performed cybersecurity assessments “Companies exist today that of the two commercial cloud services that have been granted Federal Risk and Authorization already provide similar services to Management Program Joint Authorization Board Provisional Authorizations, and continues commercial customers, so the questo conduct security assessments to expand alternatives for future cloud service offerings. tion becomes how do you build those An important element of the cloud broker effort is to facilitate contracting and lessons learned into the cloud computacquisition by developing model contract language that supports implementation ing services that DISA offers the military,” of the cloud security model and appropriate use of commercial cloud services. remarked Greg Mullin, director of public This work is ongoing and will make it easier for mission partners to ensure sector for Cloud Sherpas. “Private firms could they have considered all the appropriate areas when they contract for assist with services that range from assessment cloud services. and advisory, to on-boarding and exit, from projectIn the coming months, DISA officials plan to evolve and further based implementation and integration, to ongoing automate the cloud service request process, incorporate support and enhancement of cloud services.” new offerings into the service catalog, and enhance the One of the companies that responded to the RFI security model in order to further accommodate is Lockheed Martin, which has been providing brokermission partner requirements. ing services to government customers for several years,
including the U.S. Mint and NASA Jet Propulsion Laboratory. They began developing their Full Life Cycle Cloud Broker process in response to customer requirements to leverage both public and private clouds. A key element of their process is the Cloud Suitability Matrix, which helps users select the appropriate computing environment based on security, privacy, performance and other requirements. In designating DISA as cloud broker last year, DoD Chief Information Officer Teri M. Takai predicted that having an enterprise cloud broker “will enable the department to best leverage cloud services to increase secure information sharing and collaboration, enhance mission effectiveness, and decrease costs. “As the DoD Enterprise Cloud Service Broker, DISA is tasked with making it easier, safer and more productive to navigate, integrate, consume, extend and maintain cloud services, within the department, from other federal and commercial cloud service providers,” Takai wrote. One of the reasons DISA was designated the official DoD cloud service broker, Mintz suggested, was to gain efficiencies by having a single organization focused on the effort, rather than having duplicative efforts across the department. “This activity is in line with DISA’s mission of providing, operating and assuring command and control, information sharing capabilities, and a globally accessible enterprise information infrastructure in direct support to joint warfighters, national level leaders, and other mission and coalition partners across the full spectrum of operations,” she stated. www.MIT-kmi.com
Single Entry Point As cloud service broker, DISA is the single entry point for DoD components’ requests for cloud services. “DISA has dedicated subject matter experts who are able to work issues on behalf of the department, rather than each organization duplicating effort,” Mintz said. “DoD programs are then able to focus on their unique mission, rather than needing to address broad information assurance and contracting issues.” In a multiple cloud service provider environment, it’s natural for DISA to take the lead in helping DoD manage its cloud services IT supply chain, Jackson observed. “We saw the same thing happen with global telecommunications,” he said. “Private firms will play the same role that they always have by providing the needed technical and operational infrastructure under DoD management.” For now, DISA is examining what role it will play in cloud computing and as a cloud service broker. “They are concerned and have accepted the fact that the [current computing environment] will not be able to provide the vast number of services that their customer community will want to consume by themselves at a price point that is reasonable,” Brown said. “They believe they will have to make changes to what they have been in past. Due to the complexities that the agencies would normally have to go through to be able to secure a cloud computing provider, I believe there is a lot of value in this.” MIT 17.4 | 9
DISA released its RFI last August, seeking industry feedback on available business models and/or deployment solutions to facilitate the agency’s ability to perform cloud broker functions to achieve IT improvements. The RFI invited industry to submit information, comments, capabilities and recommendations for potential development and implementation of acquisition vehicles and corresponding business models to facilitate the brokerage function. “By becoming a cloud broker, DISA can validate cloud service providers and the security model they have, and broker the relationship between the user and the cloud service provider. I believe that is the appropriate role for DISA,” Brown said. “They are both a standards and service organization. What better group to introduce computer cloud services?” “DISA has already introduced pay-for-use business models, which can help lower costs and provide users with more direct control over their costs than traditional IT models,” observed Motola. “Billing systems can be a nightmare. The key with the cloud is to keep these simple. No one wants to get surprised with a bill that looks like a cell phone bill.” To support the matching of customers’ requests with appropriate offerings, DISA called for a security model with appropriate standards, identification of appropriate terms and conditions, review of the Federal Risk and Authorization Management Program provisional authorizations for services of interest to DoD customers, and coordination of reporting and incident handling.
Service Aggregator NJVC’s Jackson defines brokers as intermediaries between buyers and sellers of cloud services. “For example, a buyer may go to a single broker to buy virtual machines from three different providers,” Jackson explained. “The broker’s bulk buying power may also reduce the cost of consuming individual services. If you buy many cloud services, then brokers can make your job a lot easier because you only need to deal with one seller for everything you buy.” Crawford refers to cloud service brokers as being akin to a supermarket. “It used to be that to buy dry goods, you’d go to a dry goods store, or for meat, to a butcher,” he said. “As any market matures, you start to see aggregators come into play.” Today, cloud services are in that same stage of growth. “You, as the consumer, don’t 10 | MIT 17.4
have time to go buy services from 15 or so cloud providers,” he commented. “So you go to an aggregator, or a cloud service broker. It’s the same concept.” As cloud services increase in both quantity and complexity, brokers will become increasingly important to enterprises that need to efficiently manage their IT supply chain. In fact, Crawford contends that cloud computing will be the next level for COTS products. Jackson stressed that a value-added broker may also do more than aggregate and resell services. “They may also offer shared services such as a single sign-on, or provider-to-provider migration services,” he said. “Cloud services brokers are really the systems integrators of the cloud computing age.” In other words, cloud service brokers are one-stop shops for acquisition, deployment and management of cloud technology. “Without it, you might need four or five vendors to complete a cloud migration or modernization project,” said Mullin. “Cloud Sherpas, for example, is an aggregator because we have a curated portfolio of offerings built on products like Google Apps, Salesforce and ServiceNow. We also have deep experience in integration and customization for these platforms that has allowed us to be recognized as a two-time Google enterprise partner of the year for Google Apps, a platinum salesforce.com partner and the first ServiceNow partner to reach preferred partner status globally.” Overall, Mullin maintained, many of the challenges between industry and the military are actually very similar. “And the military is starting to benefit from technologies that were initially created with consumers in mind,” he said. “Think about how important it is for families to stay in touch with servicemembers on deployment. Have cloud computing and consumer technology like instant messaging and video chat already had an impact on the military? I think so.” Executives at Cloud Sherpas have found that the first benefit its customers typically find is efficiency in the form of hard dollar cost savings. “Money savings is easy to quantify and track, and every dollar saved is a dollar that can be put back towards the agency’s mission and warfighter support,” Mullin said. Being able to use cloud computing strategies to be more innovative and agile will have an impact on the military as well. “Innovation can even trump cost savings because it pays dividends two ways—not only
do you get to take advantage of new features that get released by the cloud provider, but you can also find new ways to communicate and interact together,” Mullin added.
Security Challenges Despite the federal government’s focus today on budget cuts and cost savings, security remains the predominant issue within the military when discussing cloud computing and cloud service brokerage. “We are having many discussions with military organizations that are looking at the cloud. Many are challenged with their security posture,” Brown stated, adding that most look at the cloud as a place to provide commodity-type services to the user community, such as email and unclassified websites. “Beyond that, there is not a lot of acceptance for more sensitive services to be moved there,” he said. “The big challenge for the military is the tendency to want to protect information not only from commercial customers or other foreign governments, but also from sharing data across various organizational boundaries. The unique nature of their security requirements forces them to move to the extreme—the most secure environment. This eliminates their ability to harness the economic structure that the cloud brings to them.” But DISA’s position as a cloud service broker may open up an outlet for many DoD organizations to move more sensitive applications and services to cloud service providers outside their firewall, Brown said. Consequently, he contended, DoD will have to have its own cloud, a DoD community cloud, with the ability to segment user populations onto non-shared, dedicated resources to support security requirements in the short term. “They have big privacy and security concerns that they cannot overcome easily,” Brown added. “So a community-based cloud—a group of like-minded organizations that have similar constraints around security and the way they do business—would be a perfect way to go.” New technologies will also be the key to working securely with sensitive data within and across cloud environments. “We are seeing next-generation trusted workstations capable of securely accessing different classification levels on a single display, smart-data initiatives that tag data to provide secure and flexible access, and new multi-domain application architectures that leverage cloud www.MIT-kmi.com
services,” noted Motola. “These technologies can simplify certification and provide the flexibility to work with sensitive information securely within cloud architectures.” While Amazon, Google, Salesforce and other cloud computing companies focus on delivering advanced cloud services and technologies, cloud service brokers have come a long way when dealing with barriers to adoption of cloud technology. A number of them are working hard to apply cloud services and technologies to the unique DoD mission. Lockheed Martin, for example, has designed its solution to help DoD meet mission and security requirements. The company uses what it calls Intelligence-Driven Defense and the Cyber Kill Chain to protect the broker service and its customers from the continuous, persistent and aggressive threats they face on a daily basis. Company executives say their experience and leadership in cloud security help customers feel more comfortable moving their critical applications into the cloud. “The goal is to deliver the economic and operational value of cloud computing to our global military forces,” Jackson said. Security is always a primary focus, but mission agility is a very close second. It is also important to understand when and where cloud computing is appropriate. “Cloud is not a panacea and should not be used for all things,” he said. Mullin concurs. “It helps to recognize that these projects aren’t about technology change, but rather about serving the military’s mission,” he observed. “People may want new tools and capabilities like ‘bring your own device,’ but they also want to know they can stay productive using the tools they have.” Those in the business can help in answering the questions that arise, he said. “Many of the unique challenges that must be overcome in order for the military to adopt cloud computing, for example compliance with federal or DoD-specific requirements, have been addressed in the past by integrated project teams consisting of private-sector companies, public-sector contractors and government employees.”
Innovation on Top of Innovation The ranks of companies in the cloud business are growing rapidly. “Jamcracker is based in Silicon Valley, and we see start-ups every day,” commented Crawford. “Ninety percent of all startups happening here are in www.MIT-kmi.com
cloud computing, with most building their cloud services on top of other cloud services.” Organizations across the globe are embracing cloud solutions like Google Apps, Salesforce and ServiceNow to streamline IT, reduce costs and to improve the efficiency, effectiveness and mobility of the workforce. “It means innovation is happening on top of innovation,” Crawford added. “And it means people in government agencies now have the tools to create innovative solutions to government or defense problems, just like we are seeing in industry.” Agency and department IT infrastructures that have traditionally operated under customized platforms will meld together over time, Jackson predicted. “Although the [old model] may have been effective in meeting mission needs, this approach is not economically sustainable,” Jackson stated. “Cloud computing represents the initial transitions towards an assemblyline approach for IT. Like when Henry Ford applied standardization and interoperability to the automobile industry, cloud computing will bring standardization and interoperability to the IT world. This will reduce cost, improve performance and deliver sustainable efficiency across global IT platforms.” Crawford is convinced that the world of IT and computing is heading toward a renaissance. “We will one day look back on how we traditionally think of IT today and think of it as the Stone Age,” he said.
Different Perspective on Cloud Brokers While cloud brokers contend that they offer ample expertise to assist the Defense Information Systems Agency (DISA) and General Services Administration (GSA) in determining their cloud computing and cloud services needs, Diana Gowen, senior vice president and general manager for CenturyLink, sees things differently. For one, she believes communications and IT companies that have been around for some time and are well established in their relationships with government buyers are well poised to play that role. “We cloud service providers have the ability and tools to help government customers navigate the complexity of cloud services and configure the appropriate service components,” Gowen said. CenturyLink, for example, has an entire ecosystem capable of performing workload configurations such as disaster recovery, stor-
age, application performance and development tools. “These are all an inherent part of cloud products,” she noted. Gowen is also critical about the government’s potential use of third-party cloud brokers as consultants in its request for information, particularly when some of these same companies might be bidding on the same work. She contends that a new group of cloud brokerage firms have sprung up specifically to play that role. “Someone looked and thought: Wow, government agencies and commercial customers will have a hard time figuring out this cloud stuff,” she remarked. “This is a niche there where we can profit from helping them.” The more important questions, she suggested, are what role should a cloud broker play, and what value do they add? While acknowledging that cloud brokers may have some value, Gowen argues that the staff within DISA itself has the skill sets to understand cloud computing concepts, since the agency has been running data centers and has been at the forefront of developing cloud-like technologies for some years. “I don’t think they need to hire a cloud broker or a systems integrator to do this work for them,” she said. From her perspective, DISA and GSA should move forward and put out a request for proposals, so that a cadre of cloud service providers that are already vetted and under contract with GSA are made available to military and civilian agencies as they move forward into cloud computing. Or DISA could opt for its own cadre of cloud service providers, and then it would just need to get the procurement underway, similar to what GSA had already done. The need for data storage is dramatically increasing, thereby leading to the call for cloud storage, as data that is not missioncritical could be outsourced, she said. “I think DISA understands this. I also think that DISA will work with departments to figure out how to consolidate cloud services at the enterprise level and how agencies can negotiate the best usage rates across the enterprise.” However, military departments have immediate needs and if DISA doesn’t provide the resources, the military departments will be forced to act on their own, Gowen added. O
For more information, contact MIT Editor Harrison Donnelly at firstname.lastname@example.org or search our online archives for related stories at www.mit-kmi.com.
MIT 17.4 | 11
Military looks to devices designed to bridge the gap between serial and circuit-based applications and packet-based IP networks.
By Harrison Donnelly MIT Editor
Another major factor, he noted, is that DISA has made a treAs the military continues its slow but steady march toward the mendous investment in a pure optical network, the GIG-Bandwidth world of everything over IP, a major issue for network designers has Expansion (BE). Each part of the military pays a percentage as been what to do about the huge existing investment in equipment and overhead to support the GIG-BE, even if it’s not using the network. systems that use earlier generations of networking methodologies. “Today, you often have two networks overlaid on each other— From the automated testing and patching system on a still-flying the GIG-BE, a pure optical network, which was costly Cold War communications platform to the telemetto develop and deploy, and a legacy T-1/E-1 network ric systems tracking missile launches, these serial connecting to it. The user has to pay for every line used and circuit-based networks are continuing to fulfill on that network, as well as overhead on the GIG-BE. their missions, and represent billions of dollars in So agencies using T-1/E-1 lines as well as the GIG-BE, accumulated capital. Yet they are unable to comthey’re wasting money to the degree that they are not municate directly across the new networks that are using the GIG-BE,” Siira said. transforming military operations, and in particular At the same time, it’s not feasible to convert the the fiber optic backbone of the Global Information legacy applications to IP compatibility, noted Jim Kelly, Grid (GIG) established by the Defense Information product line manager for Juniper Networks. “The issue Systems Agency (DISA). is that they are trying to evolve their networks from In response to this dilemma, a number of comlegacy TDM [time-division multiplexing] and pointpanies have entered the military market offering Ed Siira to-point networks, and to figure out how to take that gateway systems, developed over the past 15 years email@example.com technology and transition those legacy networks to an to address similar issues facing the telecommuall IP and MPLS network. nications and other industries, that are designed “You can go to every end application and make to bridge the gap between serial and circuit-based it IP aware, but that’s really cost-prohibitive,” Kelly applications and packet-based IP networks. continued. “That’s a challenge for any organization, With products from companies such as Cornet especially one as large as the U.S. military, to be able Technology, Juniper Networks and RT Logic, users to go to every end application. They’re able to take can combine serial data and voice streams into IP this technology and transition to an IP/MPLS network packets, send them seamlessly and with very little without going to every end device in the world that latency over an IP network, and then have the inforthey manage and making it aware of IP.” mation translated back at the other end into the To be sure, the gateways are an explicitly transilegacy application. Jim Kelly tional type of product, which will no longer be needed Ed Siira, vice president of sales for Cornet once the legacy systems are gone. “This is a product Technology, described the dilemma this way: “The firstname.lastname@example.org that will eventually reach end of life, as the other problem for the military and government is that they systems migrate eventually to IP and obsolescence takes its toll. have a huge legacy network that has been built up over many years. It But this provides a bridge and lets them not have to touch the end covers every ship, airplane and vehicle, and as much as we might like points. They already have the big piece in the middle, the GIG-BE, to, we can’t wave a wand and change it overnight.” 12 | MIT 17.4
so they just need these tiny pieces at either end to make the jump,” said Siira. But the investment is worth it, manufacturers say. “Being able to use an IP access gateway to preserve your current investment and how you do things today, yet still take advantage of an IP network, is a good thing,” said Joe Merritt, director of strategic business development for RTLogic, a Kratos company.
Interoperability Testing While all addressing the goal of linking serial and circuit-based legacy systems to packet-based IP networks, the gateway products on the market reflect a variety of technological approaches. Cornet Technology’s entry, the IPGate-AC and IPGate-AC HD family of serial-to-packet transport and migration solutions, has been tested and certified by the DISA Joint Interoperability Test Command (JITC) for both system interoperability and security. By passing JITC testing, Cornet Technology’s IPGate serial-to-packet solutions offer industry technologically advanced appliances that use the latest emulation technology to encapsulate the TDM traffic into packets as it enters the network and restoring them at the exit point suitable for use on military networks. IPGate-AC solutions fulfill desired feature requests by offering near-continuous operation through total system redundancy, including controller, power supply and power input. The appliance never has to be turned off to replace or add cards or rebooted to upgrade software configurations. To satisfy monitoring and testing requirements of the legacy interfaces, the IPGate-AC offers both circuit monitoring and testing along with detailed statistics for the IP portion of the network. The IPGate-AC also offers any-to-any connectivity anywhere on the network where there is an IPGate-AC appliance through a drag-and-drop approach via IntelView, Cornet Technology’s network management product. The products are currently being installed on the Air Force E4B-National Airborne Operations Center, an aircraft that provides a highly survivable C3 center to direct U.S. forces, execute emergency war orders and coordinate actions by civil authorities. The IPGates, which take up a third of the space of the previous equipment, offer a modern, highly redundant communication solution that fulfills SWaP requirements by freeing up space for additional equipment, reducing power requirements and weight by going all fiber. In addition, the Army is planning to use IPGates when it upgrades the infrastructures of seven Standardized Tactical Entry Points SATCOM antenna sites. The Navy is deploying IPGate-AC for fixed site applications support Secure Radio Over IP.
Cornet Technology’s entry, the IPGate-AC and IPGate-AC HD family of serial-to-packet transport and migration solutions, has been tested and certified for both system interoperability and security. [Photo courtesy of Cornet Technology]
The military is paying close attention to the interoperability of these gateways and planning further interoperability testing, according to executives. “The military is looking to see what it can do to create a multi-vendor environment. They want to guarantee that they’re not stuck with a single vendor, because competition means lower costs. They are currently in the early stages of doing interoperability testing between us and others,” Siira said. Juniper offers the CTP series circuit-to-packet platforms, which enable customers to connect circuit-based applications easily and reliably across the IP network. The products, which range from lowend units designed for the network edge to high-end products for the network core, are designed for government agencies, enterprises and service providers running circuit-based applications. Kelly summed up the CTP approach this way: “It takes the legacy serial and TDM interfaces, puts the data across an IP network, and manages the connection across the network. In IP, everything is packetized, so what this technology is doing is making sure it acts like a wire across the IP network, so that the end applications that are out there have no idea that they are going across an IP network. “The challenge is that it’s not just that technology, or the ability to turn the legacy into IP. It’s really about the network itself,” Kelly said. “The thing that is unique about Juniper’s approach is that we don’t just provide the IP routing or switching in the network. Juniper focuses on security, switching and routing, and we’re able to take the legacy traffic across the IP network. We understand IP really well, and to be able to take this legacy traffic and understand it well over an IP network gives us an advantage over our competitors.”
Transparent Delivery RT Logic’s product entry, ioPLEX, powers transparent delivery of critical data circuits and services over packet-switched networks via industry-standard pseudowire emulation end-to-end encapsulation. That approach has found a home in the missile launch community, where the Department of Defense, NOAA and NASA share a common problem, Merritt explained. “Since the early 1960s, as they have deployed systems for satellite launches, communications and other systems that gather telemetry sensor information, for example off of UAVs, they have used the technology that was available at the time. That technology centered around serial and analog interfaces, which served well because it allowed them to handle data and clock,” he said. “They used the information in the analysis and operation of their terminals, and over a period of decades, they bought billions of dollars worth of gear, which is still supporting missions today,” Merritt continued. “As technology has improved and delivered systems beyond TDM, which is what they used at the time for moving data across the network, they then moved to asynchronous transfer mode, and now to an IP-based core. “They need a way to be able to take advantage of current investments in the network, such as the GIG-BE, and other changes, such as the intelligence community moving to an IP/MPLS backbone, and not have to spend billions more to replace the end terminals,” he said. The pseudowire standard is used across the DoD range community in collecting telemetry data, as well as for all DoD satellite launches. O For more information, contact MIT Editor Harrison Donnelly at email@example.com or search our online archives for related stories at www.mit-kmi.com.
MIT 17.4 | 13
DATA BYTES Shipboard System Replaces Peripherals Sabtech, which designs, manufactures and supports tactical data communications solutions for military and government agencies, has announced that its Shipboard Peripheral Replacement System (SPRS) for the Navy has received its official nomenclature: OJ-839(V)/U. Giving SPRS an official nomenclature indicates that the system is unique from systems in the existing U.S. inventory. As part of the Navy’s Aegis midlife extension program, the SPRS will replace existing legacy peripherals for the Shipboard Gridlock System, Gun Weapon System and Vertical Launching System. Sabtech’s SPRS will be installed on 22 Aegis destroyers by fiscal year 2018. SPRS replaces legacy peripheral (data storage) equipment that is difficult and expensive to maintain. It combines the advantages of modern off-the-shelf technology with a robust mechanical design that allows it to meet the environmental specifications required for naval shipboard applications. The SPRS is configured to achieve the right balance of cost and ruggedization. With an intuitive graphical user interface, SPRS operates exactly like the peripheral device being replaced, so no program changes are required on the host computer.
Web Signature Solution Speeds Document Processing Carahsoft Technology Corp., a government IT solutions provider, has announced the addition of Adobe EchoSign, a web-based eSignature and web contracting automation solution, to its General Services Administration schedule. A key component of Adobe’s document solutions platform, Adobe EchoSign provides government agencies and the citizens they serve with a simple, secure and compliant option for sending, tracking and signing documents. By reducing the time and costs of having documents signed with traditional methods, such as fax, overnight envelopes or in-person signings, the Adobe EchoSign solution can enable agencies to significantly accelerate digital document processing, improve tracking, and centralize the management of signed agreements through a simple to use cloud service. Adobe EchoSign is integrated seamlessly into the new release of Adobe Acrobat XI, enabling electronic signing and sending of documents directly from the Acrobat interface. EchoSign is additionally integrated with Adobe Reader XI, making the eSignature capabilities available to millions of Reader users.
Mobile Device Rollout Separates Personal and Official Data Good Technology, a provider of secure enterprise mobility, has announced support for the Air Force mobile device rollout, deploying an initial operational capability based on Good for Enterprise, which allows airmen to access their personal applications, while keeping official Air Force data separate and secure using a container approach. With this approach, Air Force personnel can comply with all Department of Defense guidelines for mobile device security, while using the Apple operating system and Android tools to access email, calendar, contacts, documents and certain applications. This step is part of a multi-phased program to ramp up Air Force mobile capabilities, and is focused on delivering approximately 10,000 devices, including smartphones and tablets. During the initial phase, which took place over the past year, Good Technology supported the Air Force Space Command’s mobile solutions for smartphone and tablet program. Official data is encrypted and secured at all times, even when the device is used for personal applications.
Air Force Seeks Upgrade for Joint Force C2 System Lockheed Martin is upgrading the command and control system that allows joint force air component commanders to deploy air assets, execute air tasking orders and synchronize management of air operations. The Air Force selected Lockheed Martin to modernize the air tasking order capabilities within the Theater Battle Management Core System (TBMCS). As the “engine of the Air Operations Center,” TBMCS directs flying operations for all airborne assets, including fighters, bombers, tankers, unmanned aerial vehicles, helicopters and cruise missiles. This Air Tasking Order Management System (ATOMS) delivery order was awarded under the Command and Control Applications and Information Services Development contract, a five-year, $249 million, multiple-award indefinite delivery/indefinite quantity program. This ATOMS order is valued at $12 million, with a base period of performance through March 2015, followed by three one-year options. Under this contract, Lockheed Martin will update the software that drives air tasking capabilities that combined air component commanders use to plan, organize and direct joint U.S. air operations. An updated command and control air operations applications suite will allow warfighters to perform 14 | MIT 17.4
Photo courtesy of U.S. Air Force
mission planning and re-planning quickly and efficiently within a fully netcentric environment, with significant improvement over legacy applications. www.MIT-kmi.com
Compiled by KMI Media Group staff
Programmable Switch Boosts Network Agility Juniper Networks has unveiled three new products designed to boost business agility and simplify network management. Many enterprises use single purpose legacy infrastructures, built in silos and defined by their location in the enterprise, that can’t keep pace with rapid changes in compute, storage and application requirements and often inhibit service delivery. In order to maximize delivery and availability of next-generation cloud services, server virtualization and rich media applications, Juniper introduces a new agile, “programmable” network. This will enable network operators to respond to business changes and monitor and react to how the network meets application service level agreement requirements. The new EX9200 Programmable Switch enables accelerated
response to changing business needs, while its built-in ability to support a virtual WLAN controller, the JunosV Wireless LAN Controller, will deliver high levels of reliability and flexibility across the enterprise to lower capital expense. The Junos Space Network Director provides a single-pane-of-glass network management solution for wired and wireless LANs and data centers, consolidating multiple management tools to simplify network operations and deliver a comprehensive advanced platform that prepares enterprises for tomorrow’s applications, services and workload demands.
Contract Covers Voice, Data, Converged and Telecom Services The General Services Administration (GSA) has awarded Level 3 Communications a multiple-year competitive contract known as GSA Region 4 Integrated Telecommunications Services II, which allows Level 3 to bid on and provide communications services to all federal agencies and organizations authorized to use GSA sources of supply and services in the region. The fixed price with economic price adjustment contract has a total estimated potential value of up to approximately $285 million, which includes the four-year base term with
six additional option years. Level 3 was named as a provider in all four categories, including voice, data, converged services and other wired telecom services, allowing it to bid on business issued by all federal government agencies and organizations within the Southeast Sunbelt Region, where GSA supports over 2,000 civilian, defense and intelligence federal agencies. The states in GSA Region 4’s Southeast Sunbelt Region are Alabama, Florida, Georgia, Kentucky, Mississippi, North Carolina, South Carolina and Tennessee.
Cybersecurity Group Receives Air Force License Kratos Defense & Security Solutions has announced that Kratos SecureInfo, the company’s dedicated business group of cybersecurity experts, has been awarded a license as a Special Agent of the Certifying Authority from Air Force Space Command. Kratos SecureInfo will leverage its satellite and cybersecurity subject matter expertise to provide comprehensive information security assessments in support of space systems. Kratos SecureInfo will serve as an independent and trusted agent, conduct system security assessments, and make certification determination recommendations to the Space Certifying Authority in direct support of program managers and system owners. Recently, Kratos SecureInfo also introduced its new SATCOM Cybersecurity Assessment service, which addresses the increasing threats and unique requirements for the commercial satellite industry. The assessment delivers a detailed view of satellite network preparedness along with recommended steps to mitigate risks and ensure compliance with applicable regulations, standards and guidelines.
Launch Completes Near-Global X-Band Coverage Astrium will soon be able to offer near-global coverage in X-band with the successful entry into service of Skynet 5D and the launch of its hosted payload on Telesat’s Anik G1 satellite. According to company executives, it is now the only operator in the world providing near-global coverage reserved exclusively for government and military usage. Astrium Services has a 15-year contract with Telesat for the exclusive use of the X-Band hosted payload. The Anik G1 satellite launched in April from Baikonur is due to be positioned at 107.3 degrees West. It will provide the first commercial X-band coverage across North and Latin America, with substantial coverage of the Pacific Ocean reaching out to Hawaii and Easter Island. Earlier, Astrium successfully brought its Skynet 5D satellite into service following its launch on an Ariane 5 in December 2012. It has been positioned over the Middle East at 53 degrees East—taking the place of Skynet 5B—becoming Astrium Services’ most active MILSATCOM satellite. Its larger fuel tanks will enable it to be repositioned more frequently to meet operational needs. The Skynet fleet now comprises eight satellites: Skynet 5A, 5B, 5C and 5D, combined with three Skynet 4 satellites (C, E and F) and one NATO IV satellite. The 10 UHF channels on Skynet 5D have already been fully sold to customers that include Harris CapRock and the Netherlands defense ministry.
MIT 17.4 | 15
Deploying Reliable, Secure, Sustainable and Affordable IT
Lieutenant General Mark S. Bowman Director, C4/Cyber CIO/J6 Joint Staff
Lieutenant General Mark S. Bowman is the director for command, control, communications and computers (C4) / cyber, chief information officer, Joint Staff, J6/CIO, the Pentagon, Washington, D.C. He develops C4 capabilities; conducts analysis and assessments; provides joint and combined force C4 guidance, and evaluates C4 requirements, plans, programs and strategies for the chairman of the Joint Chiefs of Staff. Q: In the last year, since the J6 was re-established, what has it been up to and what is on the horizon? A: Here is what we are doing. In the last year we have been moving forward with the way ahead for the department’s information technology effectiveness of the DoD IT Enterprise Strategy and Roadmap. It has been a huge undertaking. Our partnership with Ms. Teri Takai, DoD chief information officer, for enterprise service governance and with Lieutenant General Ronnie Hawkins, director, Defense Information Systems Agency [DISA], for enterprise services has never been stronger. In order to get started, we broke the problem into pieces. Internal to the J6, we changed how we do business. By being more frugal, we consolidated assets, getting rid of items not being used such as copiers, printers and deactivated unused phone lines. In partnership with DISA, the Joint Staff migrated 100 percent of users to Defense Enterprise Email on NIPRNet by late 2012 and SIPRNet by early 2013. As of March 2013, DISA had more than 1 million customers on NIPRNet enterprise email across DoD. We are also making enterprise collaboration tools 16 | MIT 17.4
more accessible and shifting the mindset toward the cloud. The Joint Staff has over 4,000 thin client terminals operating on NIPRNet and SIPRNet, and we are on track to migrate about 80 percent of the Joint Staff to thin client by December 2014. The old way of doing business meant a laptop or hard drive was tucked away in a safe that was seldom opened, and the software was never updated. With thin client, one image per network is “pushed” to devices that are always on the network. This increases network security by reducing the cyber-attack surfaces and streamlining software updates, in addition to saving on power and environmental heating and cooling. Recently, we had an incident where controlled information was inadvertently sent to an unauthorized thin client. Within five minutes, the situation was fixed when the session was restarted and the information was removed on the thin client. This corrective action would have been significantly more painful six months ago; someone would have taken that user’s computer, it would have been gone for weeks, the hard drive would have been reformatted, and significant productivity and data would have been lost before the machine would have been returned. We are also doing what was previously thought to be unthinkable by replacing the Joint Staff Action Processing software. This coordination tool has been cumbersome and not interoperable with other DoD agencies since day one. Some thought it was a www.MIT-kmi.com
Understanding the Joint Information Environment (Editor’s Note: Following are excerpts from the Joint Information Environment white paper released in January by Chairman of the Joint Chiefs of Staff General Martin E. Dempsey, which is available at http://www.jcs.mil/content/files/201303/031813153411_JIE_-_CJCS_White_Paper.pdf.) Benefits of the Joint Information Environment will include: •
Mission Effectiveness: improved mission effectiveness that will enable the warfighters to rapidly and dynamically respond to cyber-incidents and events. Optimize effectiveness for the joint force commander and optimize command and control of DoD Global Information Grid operations and defensive cyber-operations.
IT Efficiencies: improved IT efficiencies that will enable a rapid agile insertion of new technologies. Increased Security: increased security and improved visibility of a jointly shared DoD IT network infrastructure through a single security architecture. Provide situational awareness of operational and cybersecurity status of the JIE and optimize security/ cyber defensibility of DoD information networks.
The Joint Information Environment enabling characteristics provide for: • • •
A transition from network-centric to data-centric solutions. Rapid delivery and use of integrated cloud services accessible by all means from anywhere. An interdependent information environment providing realtime cyber-situational awareness.
fool’s errand to change this antiquated and expensive system. Well, you are looking at the fool. We have taken on this task to make it supportive and interoperable for coordination across the Joint Staff and externally with the services, DoD and agencies. We cannot afford to continue to use systems that are proprietary and nearly impossible to maintain. On the Joint Staff, the J6 runs a pilot program of a new system, service or device—after we have eaten our own dog food— the chairman and vice chairman are among the early adopters of each of these technologies. This allows the Joint Staff to make the initial investments and use the lessons learned to roll out a better service, system or device. The result enables us to rapidly provide a more mature and effective product so the person at the pointy end of the spear is not the one to figure it out for the first time for the department. These introductions of new technology are the fuel for the larger information technology strategy that allows us to capitalize on the efficiencies of IT and provide significantly better enabling capabilities to the joint force. Here is why we are doing what we are doing. Today, the computer is a weapon system along with platforms such as the aircraft carrier or fighter aircraft. There is not one senior leader who does not get and understand the value of information technology. As the capabilities of information technology multiply and proliferate, our advantage narrows. Budget cuts are here, with more on the way. We know the budget will be less, and we are looking for better ways to do business effectively in a costconstrained environment. However, cutting costs by itself is not a strategy. We have realized efficiencies by reducing unique applications and duplicative infrastructure, and continue to assess what we have in the inventory. We must have capabilities that remain effective and secure while also being affordable. We www.MIT-kmi.com
Scalable platform allowing flexibility and mission partnering. Security where needed, resiliency throughout, and appropriate consolidation.
will leverage open standards and use COTS solutions as much as possible. We need 60-80 percent solutions now. If we wait for the 100 percent solution, it will be too late; it will not meet the requirements, which will have changed by the time of delivery, or we may never see it. The majority of the day-to-day applications used are common across the department. For example, it no longer makes sense to run our own email anymore. DISA has the core competency to operate the common enterprise services, and the technology exists to let the experts do what they do best—and we are letting them do just that. We understand the risks, benefits and trade-offs, and we adapt as we go. We have to continue to find smarter, more efficient ways of doing business effectively. Q: How will future joint forces, with constrained resources, have more efficient ways of doing business effectively? A: First, we have an immediate and lasting operational need for a DoD-wide enterprise IT environment that is reliable, secure, sustainable and affordable to achieve national objectives. Our networks and systems have never been more important to DoD than they are today, and our networks and systems have never been attacked more than they are today. Cyberspace is a contested domain every day. We must move past our vision of IT as an array of business systems that function like a utility, and begin to assemble, train and operate them as a core war fighting capability. The Joint Information Environment [JIE] is a concrete step toward Joint Force 2020 that achieves information superiority by improving mission effectiveness, increasing cybersecurity and realizing IT efficiencies. These goals are accomplished by establishing a shared IT infrastructure, providing common MIT 17.4 | 17
enterprise services, protected by a single security architecture and increased end-to-end visibility and awareness of the network. The chairman is fully supportive of JIE and authored a white paper that describes his vision. Responsibility for JIE implementation is a collaborative effort. The JIE governance process comprises two major functions. The JIE Executive Committee is tri-chaired by the DoD CIO Office, Joint Staff J6, and U.S. Cyber Command J6, with combatant command, military department services, and agency membership participants, and the JIE Planning Coordination Cell [PCC], which is responsible for the planning and implementation of JIE. Combatant command J6s have significant roles in the implementation of JIE. The JIE PCC collaborates regularly with the European Command [EUCOM] and Africa Command J6 staffs in defining operational requirements for supporting JIE Increment 1 implementation in Europe. The JIE PCC is also in preliminary discussions with Pacific Command [PACOM] in preparation for JIE Increment 2 implementation within the Pacific area. We are also considering aspects of JIE that can be implemented globally and near-simultaneously across the force. Why wait if Increment 1 has broader applicability across the force? For example, the combatant commands are already taking steps that posture them to execute JIE. They are consolidating networks, reducing redundancy and reducing parochial applications. These actions are enabling DoD enterprisewide ability to see and defend in cyberspace, and streamlining operations and security functions. The combatant commands’ continued alignment and synchronization with JIE is benefitting them now, as it is crucial to future war fighting capability of the joint force. Second, JIE will enable the joint force to operate with allies and partners in our combatant command areas of responsibility via the Mission Partner Environment [MPE]. Although many efforts have attempted to solve the multi-national information sharing problem, MPE breaks the problem into two separately solvable problems. The first problem focused on the timesensitive and open release characteristics of a mission execution network, while the second problem focused on the not-so-timesensitive and need for strong data segregation characteristics of a mission planning network. The solutions to be implemented address the problem set in Phase 0 [shaping operations] and Phases 1-5 [deterrence to enabling civil authority]. Segregating mission execution from mission planning allows the integration of today’s imperfect technologies and application of the stringent information assurance capabilities where needed to meet the operational imperatives to share information and national requirements to protect non-releasable information and technologies. By limiting the mission execution networks to a core set of enterprise services and previously validated C4ISR and mission support applications, it is possible to have a reasonable expectation of mission partner access to a trusted operational network capable of supporting operations on Day 1 of Phase 1. Additionally, recent collaboration between the Office of the Undersecretary of Defense for Intelligence and the J2, J3 and J6s from PACOM, EUCOM and Central Command has led to the fielding of strategic operations and intelligence information broker capability. This has the potential to support all combatant command pre-crisis coordination and a transition to mission 18 | MIT 17.4
planning, while coalition forces deploy and rapidly federate their pre-configured mission execution networks. Leveraging these capabilities lays the foundation for speeding DoD towards a data-centric environment, reducing the cost and duplication to support legacy applications in separate stovepipes of data, and achieving the operational integration of allies and partners into the JIE. MPE has marginal material integration and transition costs. However, the cost ramifications to realize an enterprisewide, enduring mission partner operating environment for both material and non-material requirements are almost negligible when compared to the cost to support those same operational requirements with current Combined Enterprise Regional Information Exchange System and Afghan Mission Network networks. Third, we have focused on interoperability with the United Kingdom, Australia, Canada, and New Zealand—our FVEY partner nations. We coordinate this effort through collective participation in the Combined Communications and Electronics Board [CCEB]. Currently the CCEB is focusing on improving collaborative services at the National Secret Network level, in an effort named Pegasus. Pegasus connects information technology services resident on national secret networks, such as mail, web, chat, voice and VTC, so that authorized subscribers can collaborate from any National Secret workstation. This is a significant improvement over today’s static current capability, which allows FVEY partner access to U.S.-releasable information only at specific standalone Secret-Releasable kiosk workstations. Pegasus is improving security through cross-certification of public key infrastructures, which delivers needed capabilities that improve our ability to share information. I cannot overemphasize the need to sustain our effort in this area. Q: What issues keep you awake at night? A: There is increased competition in broader IT enablers such as spectrum, cyber and talent. Spectrum is the enabler of all communications. All military communications systems require spectrum to transmit information. Spectrum is a finite resource and is highly regulated, nationally and internationally. Industry demand for spectrum globally has put intense pressure on military spectrum as telecommunications companies seek more access to spectrum for broadband cellular communications. In 2010, a presidential memorandum directed the secretary of commerce to make available 500 MHz of federal and non-federal spectrum over a 10-year period. This would nearly double the amount of commercial spectrum to spur investment, economic growth and job creation, while supporting the growing demand for wireless broadband services. The old way of doing business by vacating federal spectrum is not the only answer to enabling industry use of spectrum. The federal sharing of spectrum with industry may be possible through the use of technology and policy. DoD is exploring the feasibility of sharing in the 17551850MHz, 3.5 GHz, and 5 GHz bands. The President’s Council of Advisors on Science and Technology [PCAST], an independent council of experts from industry and academia, concluded that the traditional practice of clearing and reallocating spectrum used by federal agencies is not a sustainable model for spectrum policy. The PCAST recommended leveraging new technologies, including dynamic access, low power cells, and transmitter/receiver enhancements that enable www.MIT-kmi.com
sharing—that is, the use of the same spectrum with interference de-conflicted by geographical or temporal separation, or through technology. Spectrum sharing can be accomplished through implementation of new technology as well as governmental policy. Another area that has captured everyone’s attention right now is cyberspace. Cyber is everywhere. The cyber-threat to the joint force is greater than ever before, and even bigger tomorrow as cyber is evolving at the speed of light. We are in an opposed environment today, and every warfighter with an ITenabled device is a target for adversaries. With traditional kinetic operations, the physical damage is known immediately. Cyberincidents go global in nanoseconds, and the virtual damage in the cyber-domain is much more difficult to assess. We have a long-term interest in cyber-defense in order to preserve the joint force’s freedom of action in cyber. Cyber-defense must be built into IT-enabled capabilities from the beginning, along with the ability to upgrade and integrate new capabilities after systems are in operation. Cyber-defense is more than technology, however. It requires growing a robust, capable cyber-force, and it takes time to develop the advanced skill sets needed for this highly technical field to address the threat. This underscores the fact that people are always our most valuable asset. Today’s IT environment is different from the dawn of computing. Today’s workforce must replace the analog mindset with a digital persona in order to quickly make the right
decision in this environment. The requirement to recruit and retain the best talent is growing. A world-class IT workforce is vital to stay ahead of those who would do us harm. Q: How is the joint warfighter of the future going to maintain the advantage over potential aggressors? A: We will remain ever vigilant as we operate and defend our networks. Adversary anti-access and area denial threats, the proliferation and availability of information, increasing competition in space and cyber, accelerating rates of change, and narrowing U.S. capability advantage encompass the current and future security environment where we must be able to maintain superiority. It used to be true that effectiveness and efficiency were mutually exclusive. That is no longer the case with the technology that exists today and the capabilities of tomorrow. We are capitalizing on existing investments and infrastructure to take it in a new direction to be effective and efficient. We are looking for the best ideas for the future. In order to implement the best ideas for the future we have a demand for action and a mission to overcome organizational cultural barriers. The enemy is time; there is always a good reason not to do something or wait. The bad guys are already moving faster than we are; we cannot have them ahead of us. The joint force must be able to evolve, shift, adapt and respond dynamically to ensure mission success, and our IT has to do the same. O
MIT 17.4 | 19
COMSATCOM Center Update (Editor’s Note: Following is an update on the latest news from the Defense Information Systems Agency’s Commercial Satellite Communications [COMSATCOM] Center, based on the center’s newsletter, “COMSATCOM Scoop,” available at: www.disa.mil/services/satcom/ comsatcom-services/scoop-newsletter).
2012 DoD Commercial SATCOM Users’ Workshop The Department of Defense Commercial SATCOM Users’ Workshop is an annual event co-sponsored by the Satellite Industry Association and U.S. Strategic Command. The 2012 workshop, held in December, brought together DoD and the commercial satellite industry to discuss the following theme: “Innovative Commercial SATCOM Technologies and Business Models in an Austere Budget Environment.” The Defense Information Systems Agency (DISA) COMSATCOM Center presented six briefings to the group: EMSS/DTCS update; fiscal year 2010 and FY11 annual report; Mobile Subscription Services transition; customer awareness; BGAN RAS Overview; and Future COMSATCOM Services Acquisition (FCSA) update. The top five issues relative to the COMSATCOM community affecting DoD are: • Services are highly encouraged to discontinue all inactive Communication Service Authorizations not used in the last five years. • Blanket purchase agreements will reflect services’ requirements and request for single vendor to manage airtime. • Transition of services from current contract to GSA Schedule 70 is highly customer dependent. • FY13 DISA COMSATCOM fee is 2.21 percent; FY13 DITCO fee is 2 percent. • FCSA leverages the government’s buying power by consolidating DISA and General Services Administration service offerings into one mechanism. Emerging industry activities include commercial satellite owner/ operators preparing for seven new satellite launches over the next three years, industry explaining increased airborne communications on the move, new mission assurance and communications monitoring, and a new medium earth orbit Ka-band constellations. Emerging activities for DoD include working with Congress on exploring options for authorizing multi-year contracts for information technology services in order to leverage cost benefits, as seen in procuring of vehicles or munitions within DoD. This, along with all of the 20 | MIT 17.4
new potential commercial offerings, should result in increased choices, increased competition and lower costs for DoD. The workshop was a success in bringing government decisionmakers together with commercial satellite operators, service providers, integrators, and manufacturers to foster discussions on future possibilities for DoD commercial SATCOM. For more information on the 2012 conference, visit https://www. dodsatcom.com. For more information on the Satellite Industry Association, visit www.sia.org.
Emerging Technologies Corner Ku- vs. Ka-Bandwidth—A User Perspective While many have likened the comparison of Ku-band and Ka-band to the well-known Blu-ray versus HD DVD or VHS versus Betamax format wars of the past, our situation is not a frequency band duel to the death, and we should not even assume the winner will be one or the other. In this situation, the winner will ultimately be the consumer. The recent emergence of commercial Ka-band as a serious challenger to commercial Ku-band is not due to a specific advantage one has over another. It is actually tied more closely to the fact that the consumer’s requirements are changing, and thus drawing attention to throughput limitations of existing satellite systems. For instance, typical existing Ku-band systems were designed with wider spot beams for widely dispersed VSAT networks that primarily focused on simplicity, video teleconferencing and reliability. These lower Ku-band frequencies required smaller margins to overcome rain fade and thus wider spot beams provided regional service at lower costs. On the other hand, wider spot beams limit frequency reutilization. This, combined with limited throughput, made these Ku-band payloads less desirable to modern high-throughput users with an increased focus on mobility. Due to these existing satellite systems, consumers have developed associations with suitability of frequency bands that are not truly characteristic of the frequency band, but rather the satellite business progression. The new Ka-band systems such as Inmarsat-5 coming onto the market promise to deliver substantially greater throughput than current Ku-band offerings. This fact has led some in the industry to conclude that Ka-band capacity is a superior evolution of Ku-band capacity. However, the reality is that there are high-throughput Ku-band satellite systems also being developed that offer similar throughputs with smaller spot beams. With the investment in both bands, today’s debate to determine whether Ku-band or Ka-band is better continues. One thing is certain: www.MIT-kmi.com
We will continue to experience more technological advances, and satellite manufacturers will continue to launch newer, faster, stronger and more flexible satellites. Who knows what will be “best” tomorrow? In the next issue, we will compare MILSATCOM Ka and COMSATCOM Ka capabilities, expectations and hardware comparisons.
Host Nation Agreements and Licensing for Military Users of COMSATCOM: Why are they needed? When a mission partner is planning on using satellite bandwidth or equipment in foreign countries, it is required to follow the laws of the host nation when operating in the commercial spectrum. DoD or U.S. policy does not supersede the laws of the host nation. The term host nation agreement (HNA) is often used as a blanket term to describe all of the different licenses that may be required of the terminal user, and sometimes the names of individual agreements are used interchangeably. There are five points of reference that DoD COMSATCOM users need to remember: • Policy—Memorandum MCEB-M-008-03, dated August 18, 2003, provides DoD spectrum procedural guidance for DoD users with requirements for commercial satellite services utilizing fixed earth terminals outside of the U.S. and its possessions (OUS&P). • Financial—Fees and financial charges for commercial satellite communications use, operation, licensing and appropriate
spectrum analysis that are required are the responsibility of the user or program manager. • Equipment Certification—Commercial-leased equipment cannot be certified through DoD channels; therefore, the commercial provider must ensure any equipment certification required for use outside of OUS&P is accomplished. The user must ensure the requirement for equipment certification to include host nation approval is included in the lease contract. • HNAs—U.S. government entities are obligated to secure HNAs and/or specific transmit licenses for their in-country earth stations prior to commencing operations. Failure to get HNA equates to no protection from interference, possible interception and potential violation of international and local laws. This includes fines of up to $500,000, seizure of equipment and creation of an “international incident.” A key point is that DISA will not release satellite capacity until an HNA is in hand. • Users need to remember that an HNA does not automatically provide the right to transmit usually there is a requirement for typical licensing procedures. Often the issue is what entity can hold license: the third party vendor, U.S. government or local operator. Fees are associated with this action. A host country may exempt the U.S. government from regulatory fees, although that is not commonly done. Fees range from about $300 a year to $5,000 a month.
ARI ZONA . N E W M E X ICO
PEN N SY L VA N I A . M A R Y L A N D
SHAREPOINT • ITIL • CYBER SECURITY • NETWORK OPS • COMPREHENSIVE DATA CENTER SOLUTIONS The Navajo Code Talkers of WWII proved communication solutions to be mission critical. Nearly 70 years later, the storied tradition of Navajos providing mission critical solutions to our warfighters lives on through NOVA Corporation, a Navajo Nation Tribally-Owned 8(a) Small Disadvantaged Business. From CENTRIXS ISAF support to DISA DECC and TECC support, NOVA plays just as important a role as our predecessors did many years ago.
For more information on NOVA’s capabilities please contact Augie Ponturiero at 717.262.9758 or via email at Augustine.Ponturiero@nova-dine.com
• GSA 8(a) STARS II PRIME: GS-06F-1098Z • EXCELLENT PPIRS/CPARS RATINGS • CONUS & OCONUS PAST PERFORMANCE • FINANCIALLY SOLVENT COMPANY • SOLID PRIME CONTRACT EXPERIENCE
Scan to visit our website
MIT 17.4 | 21
• In Iraq and Afghanistan, for example, no HNA is required for U.S. and NATO military users. In Germany, frequency clearance/assignment comes from a local regulator, while in Australia and New Zealand, no HNA is required for Ku-band (14.0 GHz-14.5 GHz) VSATs. • Frequency Clearances—Most COMSATCOM users only require a frequency clearance (sometimes called a frequency license), but other international agreements include landing rights and terminal license/certification. Frequency clearances are very important for the COMSATCOM Center mission partner. They are required for operations in most foreign nations and must be included in the service contract and coordinated by the service provider. Service providers typically hire consulting firms that specialize in commercial spectrum HNAs and terminal licensing to secure licensing. A frequency clearance is very specific and grants the user permission to operate a particular terminal, in a particular location, on a particular satellite, at a particular frequency. If any of these elements change, the frequency clearance must be amended. Time to obtain frequency clearances can vary from days to months, depending on the host nation; therefore, it is critical to plan COMSATCOM requirements well in advance to ensure a frequency clearance can be in place prior to the required service start date. Frequency clearance is beneficial to the host nation as it allows management of the radio frequency spectrum. It is also beneficial to the user as it offers protection from radio frequency interference. Without a valid frequency clearance, the user is potentially in violation of international laws and is subject to fines of up to $500,000 and seizure of equipment. The COMSATCOM Center has knowledgeable experts to assist in defining your individual COMSATCOM needs. If that includes an international agreement, your COMSATCOM Center representative will work with you to gather all the details needed to obtain the right licenses for your satellite requirements. Following are definitions of common host nation agreements and licenses: • Host Nation Agreement—Permission for a foreign government to “use” the resources needed in a country, granted at sole discretion of host country. • Terminal Licenses/Certifications—These are licenses or certifications for satellite terminals to operate in the host nation. Certification of DoD-owned terminals is accomplished through military channels using a DD Form 1494. Certification of leased terminals must be accomplished through the service contract provider; military channels cannot be used. Terminal licenses/certifications do not grant a right to transmit; a frequency clearance is still required. Satellite service providers may also have terminal certification requirements in addition to the host nation. • Landing Rights—This is an agreement between the International Telecommunications Union, host nation and satellite owner to land a space-based signal into their nation. This is coordinated when a satellite provider applies for an orbital slot. There is no fee or contracting requirement for landing rights; it is solely the responsibility of the satellite owner. • Frequency Clearance—This is a license allowing a specific terminal in a specific location to transmit to a specific satellite 22 | MIT 17.4
on a specific frequency. There is a cost associated with obtaining frequency clearance and it is purchased through the same contract as the bandwidth. Cost and time to obtain frequency clearance varies between countries.
New Information Assurance Requirements Improve OPSEC In February 2013, the COMSATCOM Center began requiring commercial satellite contractors to digitally sign and encrypt all post-award contract related documents exchanged with the government using Medium Assurance External Certificate Authority Public Key Infrastructure (PKI) certificates. These certificates are interoperable with DoD PKI certificates and provide the same level of security. Currently this action only applies to new contract awards; however, the center is working to modify current contracts to include the requirement. In conjunction with the General Services Administration, DISA is also modifying the GSA Schedule 70 and Custom Solution (CS2 and CS2SB) contract vehicles so that pre-award documentation, such as contractor quote submissions, will be included in the requirement. These measures will bring COMSATCOM acquisitions into compliance with DoD regulations on the use of PKI while improving the operational security protection provided to our customers and their services. Customers can be assured that this will not increase the cost of their services or associated fees, now or in the future. The COMSATCOM Center is committed to continually improving the security of provided services without impacting the cost and quality afforded to our customers. Questions on the implementation of the vendor PKI requirement can be addressed through your regular COMSATCOM Center point of contact.
Quick Tips—Avoid Paying Twice For Mobile Services Over the past year, the COMSATCOM Center has been facilitating the Mobile Satellite Services (MSS) transition from the legacy Inmarsat contracts to new service- or agency-specific blanket purchase agreements being awarded through DISA’s partnership with the General Services Administration. Through the transition process, the COMSATCOM Center has noticed a trend of old services continuing to be billed after new services are established. The COMSATCOM Center would like to remind MSS users that as new orders are approved and new SIM cards are received, users must then discontinue the old service or billing will occur for both the old and new services. For any questions or concerns, contact the MSS help desk at 301-225-2600.
Satellite Support Centers— New Name, Same Mission The Global Satellite Support Center in Colorado Springs, Colo., and the Regional Satellite Support Center-CONUS have been re-designated as RSSC-West and RSSC-East, respectively. At this time, the mission and personnel have not changed. Please continue using your servicing SSC as you normally would. O For more information, contact MIT Editor Harrison Donnelly at firstname.lastname@example.org or search our online archives for related stories at www.mit-kmi.com.
Industrial Defense Potential of cyber-attacks on military and civilian infrastructure underscores the importance of security for industrial control systems.
By Peter Buxbaum MIT Correspondent
The Stuxnet worm was a game changer when it came to perceptions of the security of industrial control systems (ICS). The virus, reportedly designed by Ameriwithin the can and Israeli cyber-warriors to attack year. nuclear facilities in Iran and first identi“DoD is the fied in 2010, spotlighted the vulnerabilities owner and operator of supervisory control and data acquisition of lots of infrastructure (SCADA) systems, which monitor and control parallel to that in the civilian processes at power plants, oil refineries, water world,” said David McIntosh, vice supplies, fuel management systems, pipelines president for government affairs at Siemens and other infrastructure installations. Industry, a maker of SCADA systems. “It runs Moreover, analysts warn, it also provided a utilities where DoD personnel work and live. road map for bad actors interested in attackIt also runs transportation systems and water ing those same industrial control systems. treatment facilities and other types of infraSCADA vulnerability impacts national structure, all of which security on two fronts. The Departare characterized as ment of Defense, as well as other critical and all of which federal agencies, owns and operates have electronic indusinstallations—including water and trial control systems.” fuel operations—that use SCADA “Before Stuxnet, few networks. It is also a customer of in industry took SCADA numerous electric and other utilisecurity seriously,” said ties; compromising those could Eric Byres, chief techimpact military operations. nology officer at Tofino More broadly, public utilities Security. “An earlier and other enterprises that use Eric Byres worm impacted some SCADA represent critical compopower companies and nents of the nation’s infrastructure. email@example.com oil platforms but wasn’t A successful attack could result in designed to do damage. Out comes Stuxnet, economic and social catastrophe and could and all of a sudden there is a worm meant to endanger the safety and livelihood of millions destroy an industrial process.” of citizens. Stuxnet was directed at a Siemens sysDoD is reportedly working on security tem installed at an Iranian nuclear facility certification requirements for public utilities at Natanz. The system was not provided by with which it does business, to take effect www.MIT-kmi.com
Siemens, noted McIntosh, but was acquired on a secondary market.
Malicious Malware Stuxnet was by no means the first attack on critical infrastructure components. In 2001, a disgruntled former employee, using radio frequency communications, hacked into the SCADA system that controlled an Australian sewage treatment plant, releasing over 200,000 gallons of raw sewage into nearby waterways. In 2006, a foreign hacker penetrated the security of a water filtering plant in Harrisburg, Pa., over the Internet, planting malicious software that was capable of affecting the plant’s operations. Late last year, malicious malware known as Shamoon removed and overwrote the information on the hard drives of as many of 55,000 workstations at the oil company Saudi Aramco. “The good news is that Stuxnet got boardroom attention,” said Byres. “The bad news is MIT 17.4 | 23
that it also got the attention of every hacker and terrorist group around the world. After Stuxnet, hackers on the prowl for new targets to exploit shifted their efforts to critical industrial infrastructure.” According to a February 2013 report from NSS Labs, the “increased interest in ICS product security has also resulted in a significant increase in product vulnerability reports. ICS/SCADA vulnerability disclosures increased more than 600 percent since 2010 and almost doubled from 72 in 2011 to 124 in 2012.” According to reports, a Russian cybercrime group sells SCADA attack kits on the Internet for $2,500. “SCADA has gone from being invisible to the center of the bull’s-eye,” said Byres. “There has been a horse race between makers of better malware and better defenses. But the SCADA world is not used to being attacked and they are up against those who have 20 years of hacking experience. This is absolutely a massacre right now. SCADA and ICS applications are sitting ducks.” One reason this is the case is that SCADA systems are meant to last 20 to 30 years, so that many of those in operation today are quite old. “The older systems were made to be low maintenance and durable,” said McIntosh. “Some of the makers of the very old systems might not even know where they are today and some of the original vendors are out of business by now. The products being sold today are more advanced than just a few years ago when it comes to basic software and hardware cyber-protections. The outdated models cannot be protected with patches, and really need to be replaced.” One disturbing twist to the issue of SCADA security is that the systems don’t need to be connected to the Internet to be vulnerable, and in fact they are often not connected. Malicious code can be introduced through internal machine-to-machine connections by insiders or by outsiders who physically break into the network in the field. “The problem is much bigger and much broader than whether or not a system is connected to the internet,” said Eyal Udassin, founder and chief technology officer of Israelbased C4 Security. “All you need is a hammer and a laptop to hack into the SCADA network. You don’t have to penetrate firewalls.”
Dispersed Vulnerabilities Because of the way SCADA networks are deployed, people who want to hack into 24 | MIT 17.4
them have the opportunity to do so in any number of geographically dispersed locations. “The most critical parts of SCADA networks are out in the field,” said Udassin. “Anyone can find an electrical pole with a controller on it. All you have to do is climb the pole and break the lock and you will have access to a connection on a most critical network. “What we call field-to-field or field-tocontrol center attacks have nothing to do with the Internet,” he continued. “It has to do with the basic design of a network that must be deployed in the field.” “SCADA systems don’t need to be connected to the Internet and are usually not connected,” said McIntosh. “But that doesn’t mean they are never connected to the Internet even when there is no business purpose for that to happen.” SCADA security is a “subset of cybersecurity,” he said. “We have been recommending that our customers deploy defenses in depth and run virus scanning for 10 or 12 years now, but many people thought they didn’t have to worry about those things. Now maybe they’ll pay more attention.” The SCADA defense starting point is “maintaining basic cyber-hygiene,” McIntosh continued. “The most important things have nothing to do with hardware and software but in the routines and practices of managers and workers.” These include periodic changes of passwords, making sure passwords are not left out in the open, training personnel to defend against social engineering schemes, and ensuring that only key personnel have access to sensitive portions of systems. McIntosh predicted that President Obama’s recent executive order on cybersecurity and the guidance now being formulated by the National Institute of Technology and Standards (NIST) will go a long way toward greater acceptance of these basic practices. “The idea is to make much more widespread the utilization of good practices, not to push the boundaries of the state of the art,” he said. “The ubiquity of the actual use of these well-known baseline cyber-hygiene practices could be a major accomplishment of the NIST process.” There is already more than one set of standards in place for the security of SCADA systems. The North American Electric Reliability Corp. (NERC) is a quasi-governmental organization that has been delegated the duty of regulating the bulk power system as well as companies that operate the main
transmission systems and lines that distribute electricity nationally. DoD participates in NERC working groups. NERC’s Critical Infrastructure Protection (CIP) program includes 11 standards that cover system reliability and security, including identification of critical assets, security management controls, personnel training, perimeter security, physical security of cyber-assets, systems security management, response planning, recovery plans, vulnerability assessments, information protection, and sabotage reporting. “These standards were developed by the industry and are mandatory and enforceable,” said Brian Harrell, associate director of NERC’s CIP programs. “The CIP standards are focused on both cyber and physical security. Standards for perimeter security include the deployment of firewalls around cyberassets so that those on the outside would have extreme difficulty getting in. Physical security of cyber-assets includes protections to make sure that no one can walk into a room, place a bomb, and walk out.” Under CIP, utilities are required to report discovered vulnerabilities to regulators and to have plans in place to get back up and running in case the worst happens. “The standards represent a baseline of security,” said Harrell. “Our enforcement arm audits companies to make sure that they are in compliance.” NERC convenes a Critical Infrastructure Protection Committee (CIPC) four times a year in which DoD participates. “Within CIPC we have a cyber-attack task force that tackles threats and vulnerabilities, and provides guidance to operators of infrastructure systems,” Harrell said. There is also a separate working group dedicated to highlighting potential threats to DoD facilities and to private-sector installations that feed electricity to military bases. “To date there are no boots on the ground or deliverables to report,” said Harrell. “We want to be a resource for each other in case the need ever arises.”
SCADA Standards There are also standards which have been issued by the International Society for Automation (ISA) and the International Electrotechnical Commission (IEC) and released by the American National Standards Institute. ISA/IEC 62443, which covers industrial network and system security, contains key concepts that are incorporated into the products www.MIT-kmi.com
release a patch,” said Alan Come, a offered by Tofino Security to secure older Siemens marketing manager. “We SCADA systems, according to Byres. make the information available “What they say is, ‘Let’s protect the crown on our website and leave it to jewels,’” said Byres. “There are some compoour customers to install the nents that will be identified as critical to the patches when they see fit. Our whole. Trying to secure entire system end to customers evaluate the patches end with same amount of security will kill as they come out to see if it is any budget.” something they need to do now ISA/IEC 62443 advocates dividing indusor wait until their next maintetrial systems into zones—so that an attack nance cycle.” on one portion will not bring down the entire system—and protecting the key conduits to the most critical components of a system. Turning the Tables “We make a safety firewall that inspects all traffic coming into a zone to make sure it is Future enhancements to SCADA appropriate traffic,” said Byres. “The firewall security could come from research already creates a whitelist that only allows predefined performed by LGS Innovations, a subsidiary safe commands to get through.” of Alcatel-Lucent. One idea explored by LGS C-4’s SCADA security offerings have the is to turn the tables against malicious worms non-cyber-attack in mind. “One of our prodby incorporating some of the more pernicious ucts hovers above the control network and attributes of that virus in network defenses. has knowledge of which elements within the “Some viruses are able to restructure network are supposed to be communicating their attack code on the fly to create multiple with other elements,” explained Udassin. “The versions of the same virus that vary in sigcontrol center is allowed to communicate nature but perform identically,” said Kevin with devices, and some devices are allowed to Kelly, chief executive officer of LGS Innovasend instructions to other devices because of tions. “Once polymorphism is discovered, the relationship set up in the system defenses can better network. Whenever an anomdetect the malicious code in aly from these policies appear, its various guises.” our system immediately genLGS’s idea was to deploy erates an alert to let the operapolymorphism as part of nettor know that something fishy work defenses through a conis going on and to investigate.” cept called software diversity. C4 also provides products The idea is that an operatthat allow for after-the-fact ing system could morph itself forensics inspections. A supwhile continuing to operate in posed 2011 cyber-attack from order to confuse the attacking Kevin Kelly Russia on an Illinois water code. installation required the util“In the case of SCADA, the ity to call in the FBI and the Department of code that runs all data switching and routing Homeland Security to investigate. It turned will have different executable code at each out the incident was completely innocent—a node even though they function identically,” utility contractor, on a personal trip to Russia, said Kelly. “If someone found a vulnerability was checking the system. in the system, they would have a hard time “The fact that the government had to be finding it in the code because the code had involved showed that the utility itself couldn’t been rewritten and its structure was differfigure out what was happening on its own sysent. None of the variants are identical to the tem,” said Udassin. “They could have solved original copy.” the issue in five minutes if they had the capaSoftware diversity is accomplished with bility of inspecting the logs of commands to the help of patented algorithms. the water pump, figure out where the suspiAnother of LGS’s research projects cious commands were coming from, and who addresses SCADA systems that use GPS had the authority to send those commands. It for distribution controls. “GPS jamming is showed that the ability to do effective forenoccurring in the U.S. all the time,” said Kelly. sics was a function that was lacking.” “It could be accidental or intentional. We just Siemens periodically issues patches for don’t know.” its SCADA systems as vulnerabilities become LGS is researching the development known. “Whenever we find a vulnerability, we of a capability that would use the cellular www.MIT-kmi.com
infrastructure to determine when and where the jamming is taking place. The company is currently seeking funding to continue this research. NERC is currently organizing a security exercise for the bulk power industry to take place in November. “It’s an opportunity for industry, government and academia to come together and work through cyber and physical security scenarios,” said Harrell. “DoD was highly involved in our 2011 exercise. They participated in many of the planning and coordination calls for that exercise and they are doing the same this year. When we test the bulk power system during the exercise, DoD will be a participant trying to bring the system back to normal,” he added. Although Harrell is holding the precise exercise scenario close to the vest, he confirmed that it will focus on both cyber and physical security issues in the bulk power system, and that it will involve a prolonged outage. “In our task force work, we have been looking at what the U.S. would look like if a power outage lasts for weeks instead of days,” said Kelly. “During the coming exercise, we will test information sharing mechanisms to see how utility operators communicate with federal regulators and local and state governments to activate policy triggers and initiate conversations to make educated decisions.” O For more information, contact MIT Editor Harrison Donnelly at firstname.lastname@example.org or search our online archives for related stories at www.mit-kmi.com.
MIT 17.4 | 25
Commercial Off-the-Shelf Technology
Wideband Radio Designed to Meet Army Needs The Falcon Wideband Team Radio from Harris is the first true non-developmental solution to address requirements of the Army’s Rifleman Radio and NettWarrior programs. The new Falcon RF-330E delivers voice, data and situational awareness to the squad member and is the smallest and lightest soldier radio addressing the requirements of these key programs. The RF-330E is a lightweight, wireless radio for connecting front-line soldiers to the tactical Internet to facilitate command and control. The radio delivers real-time position location information and multiple talk groups while also supporting additional combat applications. The RF-330E is a non-cryptographically controlled item that meets Type-1 Secret and Below information security requirements. The radio hosts the Soldier Radio Waveform, which delivers simultaneous voice, high-speed data and real-time position location information. Harris developed the RF-330E-TR under its commercial business model in response to the Army’s request for non-developmental Rifleman Radio and NettWarrior solutions.
New Smartphone Powered by Redesigned Mobile Platform The new BlackBerry Z10 smartphone is now available in the United States. The (all touch) BlackBerry Z10 is the first smartphone powered by BlackBerry 10, the redesigned, re-engineered and re-invented BlackBerry platform that creates a new and unique mobile computing experience. The BlackBerry Z10 smartphone features a 1.5 GHz dual core processor with 2GB of RAM, 16GB of internal storage, and an expandable memory card slot that supports up to 64GB cards. The smartphone also includes the latest enhancements in high-density pixel and screen technology to display clear, sharp and incredibly vivid images. It features a micro HDMI out port for presentations, and advanced sensors to support mobile payments and the exchange of information with a tap of the smartphone.
Integrated Service Suite Offers Mission-Critical Cloud Computing TSE Communications has announced the availability of CloudView24 as a real-time integrated cloud infrastructure suite of services from TSE Communications. An integrated suite of services that includes the major elements required for mission-critical cloud computing, CloudView24 is a unique and nextgeneration offering for organizations with the most demanding performance requirements. TSE’s comprehensive portfolio of solutions offers an unprecedented level of integration in the cloud services landscape. The company’s CloudView24 suite of service
Compiled by KMI Media Group staff
offerings include: data center services hosted in a diverse set of facilities that offer the highest degree of reliability and availability in the industry as well as geographic redundancy; virtual enterprise IT services such as desktop virtualization, disaster recovery and a network and security service architected for cloud scale and performance; wired and wireless broadband and dedicated connections via a private secure network; hosted telephony, communications, and collaboration via Avaya; and a predictive analytics hardware and software platform.
Encryptors Protect Fiber Optic Networks Technical Communications Corp. has released an interoperable family of DSD 72B-SP SONET/SDH path encryptors, providing global, strategic-level security to prevent interception of all types of communications transmitted over fiber optic networks, while being easy and cost-effective to implement and manage. SDH/SONET headers are transparently processed, allowing the DSD 72B-SP to interoperate with any standard SDH or SONET network element such as multiplexors. Individual path virtual container data payloads are encrypted, leaving the path overhead unencrypted for unrestricted network switching of each VC with no plaintext exposure of the path-encrypted data payload. The DSD 72B-SP secure network is centrally deployed, configured and managed by TCC’s advanced online KEYNET Optical Manager. Network policies are supported, and automated key management, logs, alerts and polls provide trusted secure communications.
Cyber Audit Solution Adds Insider Threat Detection Features Raytheon has released SureView Version 6.7 to aid federal agencies in complying with President Obama’s 2012 directive aimed at implementing an insider threat detection program to address national security threats while protecting privacy rights. The latest version of Raytheon’s SureView offers simplified policy creation through a new “policy wizard” 26 | MIT 17.4
that allows users to specify what information to collect and what information not to collect to protect civil liberties and personal privacy. It also enables integration of collected data in a central place, such as a security information and event management system. The data can then be analyzed with other types of collected data to further improve security policies and
procedures. As a policy-based cyber audit solution, SureView monitors employees’ activities, including classified networks, while safeguarding privacy and legally protected whistleblower communications. It provides irrefutable and unambiguous attribution of end-user activity with full context to rapidly discern malicious from benign actions. www.MIT-kmi.com
The advertisers index is provided as a service to our readers. KMI cannot be held responsible for discrepancies due to last-minute changes or alterations.
MIT RESOURCE CENTER Advertisers Index BlueSpace. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . www.bluespace.com Busek . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . www.busek.com Capitol College. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . www.capitol-college.edu/mit Carahsoft. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . http://events.carahsoft.com/event-detail/2474/mit Cornet Technology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . www.cornet.com/ipgate-whitepaper NOVA. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . www.nova-dine.com University of Maryland University College. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . http://military.umuc.edu/cuttingedge
A LEADER IN CYBERSECURITY EDUCATION SINCE 2001
27 27 27 C4 19 21 C2
Capitol College offers affordable, live, online master’s and doctorate programs in information assurance.
Calendar June 25-27, 2013 USCYBERCOM Symposium Baltimore, Md. www.afcea.org
October 29, 2013 SAP NS2 Solutions Summit Falls Church, Va. www.sapns2.com
June 2013, Volume 17, Issue 5
The Voice of Military Communications and Computing
Cover and In-Depth Interview with
Bruce T. Bennett Director Satellite Communications, Teleport and Services DISA
Features • • • •
Cross Domain Bonus Distribution Big-Data Analysis AFCEA International Cyber Symposium JTRS Bears Fruit Baltimore, Md., June 25-27, 2013 SATCOM Cybersecurity
Insertion Order Deadline: May 24, 2013 • Ad Materials Deadline: May 31, 2013
MIT 17.4 | 27
Military Information Technology
Diana Gowen Senior Vice President and General Manager CenturyLink Public Sector Q: What types of products and services are you offering to military and other government customers? A: CenturyLink Public Sector offers a full spectrum of communications and information technology services, with a focus on two areas in particular. First, we are a leading provider of secure data communications to the Department of Defense and federal government. With our global fiber network and international assets, we’re able to offer a complete array of data services, from dedicated private lines and advanced multi-protocol label switched networks to high-speed Internet services. Second, with our acquisition of Savvis, we own and operate more than 50 data centers worldwide. Through these centers, we’re able to offer seamlessly, globally and within a secure platform a wide range of services, from infrastructure as a service to fully managed security and cloud products. CenturyLink also provides dedicated federal data centers that meet DoD’s unique requirements and are not typically found in the commercial space. Q: What unique benefits does your company provide its customers in comparison with other companies in your field? A: CenturyLink is the third largest telecommunications company in the U.S. and is a global leader in cloud infrastructure and hosted IT solutions for enterprise customers. Our 230,000 miles of fiber-optic backbone and $18 billion in annual revenue make us a very strong competitor capable of bringing every facet of information technology solutions to our customers. We’re also a customer-focused organization that moves quickly to address customer needs as well as to adopt new technologies that benefit our customers. One of the significant benefits we offer is our focus on secure data communications, especially with our contracts supporting the backbone of the Defense Information Systems Network [DISN] and the Defense Research and Engineering Network [DREN]. We are in 28 | MIT 17.4
the initial phases of installing DREN III for DoD’s High Performance Computing Program. This advanced network will soon evolve to a backbone with speeds of 100 gigabits per second. CenturyLink is also working with DoD and the Department of Homeland Security on enhanced cybersecurity services and is one of only two companies authorized to provide these services to approved critical infrastructure sectors such as the defense industrial base, the banking and finance community, and the oil, gas and energy industries. The company will also soon be offering federal civilian agencies Internet Prevention Security Services. Q: What are some of the most significant programs your company is currently working on with the military? A: We are a major provider of data networking solutions to the Defense Information Systems Agency through a wide variety of contracts including DREN III, DISN Access Transmission Services and Networx. DREN III uses an all-Ethernet design with the latest routing and switching technologies and protocols, which allows for secure collaboration across DoD with researchers and scientists around the globe. DREN III will also help DoD meet its requirements for supporting both the mobile workforce and the warfighter as they use next-generation applications. Navy Reserve Forces Command, using WiFi equipment and Internet protocols provided by CenturyLink, won a 2012 Department of the Navy Information Management/ Information Technology Excellence Award.
The innovative project, which saved the Navy more than $2 million a year, was the first DoD-approved, wide-scale deployment of commercial WiFi to operational sites for the purpose of completing mission-related and readiness-related tasks. Currently, CenturyLink provides Internet service at more than 180 Navy Reserve Operational Support Centers around the country. This same WiFi solution was later adopted by the Navy’s Recruiting Command as well and is now in place at almost 500 Navy Recruiting offices from Maine to California. Q: How are you working to strengthen the security of your solutions? A: CenturyLink continually develops security solutions based on both known and unknown threats. Our solutions begin with a defense-in-depth design and carrier-grade network infrastructure that includes the use of firewalls, encryption devices, intrusion detection and proactive distributed denial of service mitigation. In addition, our network operations centers continuously monitor network health, availability, data integrity and security. A continuity of operations plan mitigates network failures through annual planning exercises that leverage diverse and redundant paths. Regular testing of our security boundaries and response mechanisms as well as implementing best practices also help ensure our services are secure and available when needed. Q: Are you currently developing new products and services relevant to military and government customers that you hope to bring to the market in the future? A: We believe the investments we’re making in cloud computing and the core infrastructure supporting DREN—advanced routing and switching techniques, protocols, cloud services and storage capabilities in our secure data centers—are the most relevant right now. CenturyLink’s value includes our ability to enable an increased level of connectedness while ensuring confidentiality, integrity and availability of data on a global basis. O www.MIT-kmi.com
E ! TL E T I UN TH J 12 IN R G U O MIN CO
The Navyâ€™s shift to the Pacific inspires our twelfth title and website...
OUR INAUGURAL ISSUE
will support the Navy with the latest program developments in air and sea for Congress, the executive branch, other services and industry.
Rear Adm. Thomas Moore, PEO Aircraft Carriers
Rear Adm. Donald Gaddis, PEO Tactical Air Programs
Rear Adm. David Lewis, PEO Ships
Rear Adm. Paul Grosklags, PEO Air ASW, Assault and Special Mission Programs
Carrier Onboard Delivery Replacement
USV/UUV Systems and Launch and Recovery Technologies
Shipboard Fire Alarms and Control Systems
Modeling & Simulation in Ship Design
Ship Self-Defense Riverine Patrol Craft Precision Guided Munitions Program Spotlight: Presidential Helicopter
Features: Vibration Control Ship Life Cycle Management Program Spotlight: LCS
Maritime ISR Capabilities Asia Focus Program Spotlight: F-35
Fleet At-Sea Replenishment Corrosion Control Program Spotlight: DDG1000
Contact Nikki James at email@example.com or 301-670-5700 to participate in the inaugural issue!
DCO for Large Meetings Original Photo Credit: Sgt. Ashley M. Outler, 28th Public Affairs Detachment from www.army.mil/media/ Posterized by Adobe Illustrator® for illustrative effect.
Leverage DCO for your All Hands, Conferences, and large virtual Meetings! Benefits of using DCO: • Interactive recordings • Robust audience participation through chat, status icons, polls • DCO mobile apps for tablets and phones • Available to guests without CACs on commercial networks • 24/7 helpdesk support for your big event
What we will cover: • Setting up the DCO room • Recording the session
• Using the helpdesk for event support
See how other DoD organizations have used DCO for their large events! Register Today >> http://events.carahsoft.com/event-detail/2474/mit/ Adobe, the Adobe logo, Connect, and Illustrator are either registered trademarks or trademarks of Adobe Systems Incorporated in the United States and/or other countries. All other trademarks are the property of their respective owners. © 2013 Adobe Systems Incorporated. All rights reserved. Printed in the USA. 04/13
https://www2.dco.dod.mil/ /DefenseConnectOnline @DCOGroup
Join our webinar, BEST PRACTICES FOR USING DCO FOR LARGE MEETINGS, on June 26 to discover how easy it is to use DCO for your next large event.
• Pre-event planning • Running the event
Powered by Adobe® Connect™