Status of the Network 2004 Strike, Land Attack & Air Defense Annual Symposium 29 Apr 2004 CAPT Kevin Uhrich NETWARCOM Special Assistant for Strategic Business Planning [email protected] (757) 417-6730

Download Report

Transcript Status of the Network 2004 Strike, Land Attack & Air Defense Annual Symposium 29 Apr 2004 CAPT Kevin Uhrich NETWARCOM Special Assistant for Strategic Business Planning [email protected] (757) 417-6730 

Status of the Network
2004 Strike, Land Attack &
Air Defense Annual
Symposium
29 Apr 2004
CAPT Kevin Uhrich
NETWARCOM Special Assistant for
Strategic Business Planning
[email protected]
(757) 417-6730
Mission Statement
Mission
People
Capability
“Naval Network Warfare Command
enables the Fleet to fight and win in
the information age. We deliver and
operate a reliable, secure and battleready global network. We lead the
development and integration of
Information Operations capabilities
into the Fleet"
1
Topics
Mission
People
Capability
• Mission/Priorities
• Enterprise View
• Operational Model
– Network
– Path
– Application
• Security
• Allied/Coalition Initiatives
2
Navy Enterprise View
Mission
• People:
People
Capability
377,459 Active duty
148,586 Ready Reserve
182,386 DON Civilians
• Networks:
290,000 seats NMCI (planned)
(172,506 seats rolled through 4/18/04)
60,000+/- seats IT21
35,000+/- seats BLII OCONUS
Goal: Reduce the number of Legacy Networks ASAP!
3
The Network
Mission
People
Capability
• Issue: The Navy must transform from a regional
Communications Command and Control (C3) structure into a
global C3 structure to most effectively support STRATCOM’s
Global NETOPS CONOPS
• Objectives:
– Develop a C3 structure that will better support the
emerging unified command structure.
– More efficiently manage/monitor/operate global Naval
voice, video, and communications systems.
– Capture manpower and budgetary savings by using
current and future communication technology.
• Way Ahead: Operate and monitor all navy C3 functions
from a single location under one overarching umbrella; the
Navy Global Networks and Security Operations Center
(NGNOSC).
4
The Path
Mission
People
Capability
• Upgrade to IP
• Reduce/eliminate legacy infrastructure
• Consolidate functions
• Make use of existing and future Joint solutions
5
BLII / IT-21 / NMCI
Network Topology
Mission
People
Capability
Rota, Spain
Local Network
Operations
and
Security Center
(LNOSC)
London, England
Local Network
Operations
and
Security Center
(LNOSC)
La Maddalena,
Sardinia
Local Network
Operations
and
Security Center
(LNOSC)
Naples, Italy
Theater Network
Operations and
Security Center
(TNOSC)
Electronics, servers,
Routers = 2,612
Bahrain
Information Technology
Security Center
(ITSC)
Naples, Italy
European Central
Region
Network Operations
Center
(ECRNOC)
IT-21
Bahrain
Indian Ocean Region
Network Operations
Center
(IORNOC)
IT-21
Sigonella, Sicily
Local Network
Operations
and
Security Center
(LNOSC)
Souda Bay, Greece
Local Network
Operations
and
Security Center
(LNOSC)
Norfolk, VA
Diego Garcia
Information Technology
Outreach Center
(ITOC)
Norfolk, VA
Navy/Marine Corps
Intranet
(NMCI)
Server Farms
San Diego, CA
Navy/Marine Corps
Intranet
(NMCI)
Server Farm
Pearl Harbor, HI
Navy/Marine Corps
Intranet
(NMCI)
Wahiawa, HI
Pacific Region
Network Operations
Center
(PRNOC)
IT-21
~ 42K NIPR/SIPR
drops
Sasebo, Japan
Information Technology
Outreach Center
(ITOC)
DISN
NIPR/SIPR
Connectivity
Unified Atlantic Region
Network Operations Center
(UARNOC)
IT-21
~ 850 buildings
Singapore
Information Technology
Outreach Center
(ITOC)
Yokosuka, Japan
Information Technology
Security Center
(ITSC)
Korea
Information Technology
Outreach Center
(ITOC)
Misawa, Japan
Information
Technology
Outreach Center
(ITOC)
Atsugi, Japan
Information
Technology
Outreach Center
(ITOC)
Okinawa
Information
Technology
Outreach Center
(ITOC)
Guam
Information
Technology
Outreach Center
(ITOC)
Server Farm
6
Applications
Mission
People
Capability
• Manage Applications Enterprise wide
– Echelon I FAM’s
• Reduce Legacy Applications/Dual Desktops
– NMCI first, IT-21 and BLII second
• Speed up testing process
8
Dual Desktop Progress Trends
Mission
Capability
People
180000
35.0%
170000
Seats Cutover
160000
Dual Desktops
% to Cutover
150000
30.0%
140000
130000
25.0%
120000
110000
20.0%
100000
90000
80000
15.0%
70000
60000
10.0%
50000
40000
30000
5.0%
20000
10000
6/
03
10
/3
0/
03
11
/1
3/
03
11
/2
7/
03
12
/1
1/
03
12
/2
5/
03
1/
8/
04
1/
22
/0
4
2/
5/
04
2/
19
/0
4
3/
4/
04
3/
18
/0
4
4/
1/
04
4/
15
/0
4
4/
29
/0
4
/0
3
10
/1
/0
3
10
/2
3
4/
0
18
9/
9/
/0
3
3
21
8/
/0
3
7/
0
8/
24
/0
3
7/
10
/0
3
7/
26
/0
3
6/
12
/0
3
6/
29
/0
3
5/
3
15
5/
1/
0
5/
17
4/
3/
0
3
/0
3
0.0%
4/
3/
20
/0
3
0
9
Core Mission…Network Security
Mission
People
Capability
• #1 and #3 NAVNETWARCOM Priority
– Secure Network Operations & Readiness
•
•
•
•
IT 21
NMCI
BLII OCONUS
Legacy (operational, Genser networks)
– Policy, Doctrine, Governance of Naval
Networks (to include DAA)~Provide
oversight & Guidance to Navy Enterprise
for IA/CND
10
Network System Security
Engineering Roadmap for the Future
Mission
Capability
People
Computer-Network Situational Awareness
Navy Enterprise View ITSC NAPLES/
GNOC/
UARNOC
NMCI RNOC/
!!!!!
PRNOC
San Diego
!!!!!
NMCI RNOC
ECRNOC
!!!!!
Mission Centric View
Command View
ITSC BAHRAIN/
IORNOC
!!!!!
!!!!!
!!!!!
Computer-Network
Defense Management
Configuration Management
Operation Performance
Policy Provisioning
Vulnerability Assessment
Threat Risk Assessment
Internet
ITSC FAR EAST
ComputerNetwork
NetworkDefense
DefenseininDepth
Depth
Computer
Network Intrusion
Detection Sensor
Embedded Firewalls
Host- Based
Intrusion Detection Sensors
Information Assurance
Security Tools
Modem
EFW
HIDS
User
Host
NIDS
IATK
Ship Router
Fleet Router
MALICIOUS
Insider
11
NETWARCOM plays leading role in
Allied/Coalition Networks
• Host to M2I2: Multinational Maritime IP Interoperability Conference
Coalition Players and Releasability Levels:
–GCTF – Global Counter Terrorism Force (REL GCTF)
–CNFC – Combined Naval Forces Central Command (REL CNFC)
–MCFI – Multinational Coalition Forces – Iraq (REL MCFI)
UNCLASS FOUO
Mission
CENTRIXS Overview
People
Capability
• CENTRIXS – Combined Enterprise
Regional Info Exchange System
– Different groups of coalition players &
releasability levels have resulted in multiple
CENTRIXS networks
– DoD established CENTRIXS PMO in 2002 to
coordinate coalition network efforts
– Although CENTRIXS PMO funds all coalition
networks, and all coalition networks now carry
CENTRIXS name labels:
• CENTCOM manages: CENTRIXS GCTF-1, CENTRIXS MCFI
• PACOM manages: CENTRIXS Four Eyes (formerly COWAN A),
CENTRIXS CNFC Virtual Private Network (VPN)
13
UNCLASS FOUO
Mission
CENTRIXS Overview
People
Capability
• CENTRIXS GCTF-1
– Designated as the maritime coalition network for CJFMCC
forces in Dec 03 (CJFMCC msg 141048Z DEC 2003)
• NAG MIO shifted from CENTRIXS Four Eyes to GCTF-1
• All US combatant ships are equipped for operation on INCHOP
• Coalition nations have been requested “to equip their maritime
forces with GCTF-1 capability for operation upon inchop” (nearly all
are doing this).
– Provides REL GCTF e-mail (w/attachments), web, and chat
capability to any GCTF nation willing to invest in
connectivity and equipment to connect to a node
– Network equipment is widely distributed, with nodes at:
• Pacific Region NOC in Hawaii (primary access point for ships)
14
UNCLASS FOUO
Mission
CENTRIXS Overview
People
Capability
• CENTRIXS CNFC Virtual Private Network
(CNFC VPN)
– Activated 29 Jan 04 (CJFMCC Msg DTG 260746Z JAN 04)
– Substantial amounts of REL CNFC information are not REL
GCTF, requiring a means to segregate CNFC info within
the CENTRIXS GCTF-1 network.
– CENTRIXS CNFC VPN provides REL CNFC web, e-mail &
chat services utilizing the global CENTRIXS GCTF-1
network infrastructure. Separate VPN protected domain.
– US and CNFC coalition ships now access the CENTRIXS
CNFC VPN only (i.e., no longer have CENTRIXS GCTF-1)
15
The Bottom Line…
Mission
People
Capability
• The Network = Weapons System
• Weapons system is only as good as your security
• Security is empowered by IA/CND and can be
achieved by technology and accountability
• Allied/Coalition Networks remain a
CRITICAL part of our warfighter
operations
Warfighter’s lives depend on the network being secure.
19
Mission
People
Capability
Questions?
Mission
People
Capability
BACK-UP SLIDES
NETWARCOM Priorities for 2004
Mission
People
Capability
• Network Ops & Readiness (Navy, Naval, Joint, Allied, Coalition)
• Operationalize IO in the Fleet
• Policy, Doctrine, Governance of Naval Networks (incl DAA)
• Fleet Training (Networks, IO)
• Enterprise Business Case (Plan, ROI, Metrics, Alignment, etc.)
• Sea Warrior Development, Implementation & Integration
• Joint Operational Architecture Dev & Coord (incl CONOPS)
• Operational Agent for Innovation & Experimentation (incl Fn, IO,
etc.)
• Fleet & Naval Enterprise Future Rqmts Integration & Assessment
• Joint Future Rqmts Integration & Assessments
• Internal Claimancy Business Integrity, Resource Efficiency &
Alignment
22
Strategic Business Planning
Mission
People
Capability
• Created O-6 special assistant for Strategic Business
Planning
– Single POC for NETWARCOM organizational matters
– Short term: manage re-alignment of FFC N6 and CPF N6
staffs into the NETWARCOM organization
– Mid-term: manage phase 2 of the re-alignment, looking at
other Fleet Commander N6 staffs and other TYCOM’s for
efficiencies
– Long-term: Establish key business processes and strategic
planning objectives over the next 2-3 years
• Think/decide/act to increase warfighting effectiveness and
efficiency
• Create a business plan and incorporate a human capital strategy
into that plan
23
SYNCHRONIZATION
Mission
CJTF
People
Capability
CJTF
Phase 2 All IP
Blk IP Core w/ATM
Red Core
w/NGM
Shooter/Amphib
Phase 2 All IP
Blk IP Core Transition
Standard
Phase 2 All IP
Black IP Core
Shooter/Amphib/Std
Phase 3 All IP
Black Core
Teleport Gen
Gen II
I
Teleport
Teleport Gen II
TeleportGen
GenIII
I
Teleport
NOSC
GNOSC
JNOSC
Combatant
Blk IP Core w/ATM
Standard
All IP
Blk IP Core Transition
SIM Near Term
STD Arch\
Automation
Remoting
Consolidation
M&C
Messaging
VOX
Video
BLII
DSCS
2 GNOSC
NCTAMS as
RF Gateway
Enterprise M/M
HAIPE(V)2
Teleport IP
IPV6
IP Term
DATMS
Ends
Black Core
TCA
JTRS CL1
JTRS AMF
WNW
WNW/MUOS
GNOSC
Joint//JTA
GNOSC
04
05
15%
35%
06
TCS
AEHF
WGS > 2Mbs
42 Sites
CJTF
Phase 3 All IP
Black Core
07
08
09
10
% Navy Integrated to GIG/GIG-BE
11
12
13
14
24
Will We Ever Be Secure
Mission
People
Capability
• Why are we vulnerable?
• Increased Threats?
• Attackers?
• Cyber Incident Trends?
25
Network Security Division
Mission
People
Capability
• NETWARCOM = NAVY DAA
• Functional alignment combining DAA, IA & CND
– Subordinate Activities performing IA/CND Mission
• Provides situational awareness of Enterprise.
–
–
–
–
Security Health
Readiness
IA Posture
Threats
26
IA/CND Responsibilities
Mission
People
Capability
• ISO Genser Networks (up to Secret)
–
–
–
–
–
Standard policy and guidance
Centralized Management/decentralized implementation
IATC/IATO/ATO Management
Boundary Security/Firewall/IP Block List Management
Direct DAA Compliance and CND Operational Testing
• SI Networks – TBD
27
IA/CND Strategy
Mission
People
Capability
• PDD-63, OSD IO Roadmap, CIP and JV2010
• CND (Computer Network Defense)
–
–
–
–
Protect, Detect, React and Recover
Industry Best Practices
Tactics, Techniques, and Procedures
Certification & Accreditation (C&A)
• DiD (Defense in Depth)
– CNDiD (Technology, Processes, People, Intel)
Tools, Situational Awareness, Training and I&W
28
IA/CND Strategy Actions
Mission
People
Capability
• Accountability = BECOME RUTHLESS
• Align Fleet IA/CND Requirements, Resources for
CNDiD Architecture
• Refine prioritized CNDiD Architecture
– Align with IO Roadmap
• Participate in IA/CND Solutions WG
29
IA/CND Strategy Actions (cont.)
Mission
People
Capability
• 5 VM for IA/CND
–
–
–
–
NETC - HP Center to identify training solutions
Civilian Equivalency
Inherently Governmental?
Knowledge Management
• SYSCOMs engineer security and training into
systems development
• Metrics for ROI analysis
• Risk Management
– Technology/Ops Capabilities vs Security vs $$$
30
Current FIWC IA/CND Role
Mission
People
Capability
• Navy Red Team Testing and Support
–
–
–
–
DONCIO CIP NIVA
NMCI DAA and SLA
IA technical expertise for OPTEVFOR
Fleet Battle Experiment (FBE)
• Fleet CND Training Team
– IA/CND FRP and IDRC
– CND deployer assigned to all CSG’s and ESG’s
31
Current NAVCIRT IA/CND Role
Mission
People
Capability
• NAVCIRT – Central authority for enforcement of Navy CND
policies
– Incident Handlers/Forensics
– Local and Onsite NCIS Agents (quick reaction)
• Intrusion Detection System (IDS) Monitoring
– Respond to Navy incidents worldwide
– Trend Analysis
• IAVM
• On Line Surveys (OLS)
• INFOSEC
32
Top Challenges
Mission
People
Capability
• Accountability - Compliance visibility insufficient for
risk assessment
• IDS
• IAVM
• PKI
• Newer technologies present vulnerabilities….
• STIGs break systems
• Education, Training and Certification
33
Top Challenges (cont.)
Mission
People
Capability
•
•
•
•
Web-based Issues – too much info
Poor Physical Security and Practices
Configuration Control/Account Management
Poorly secured external Connections/VPNs/
Backdoors
• Allied/Coalition Networks Interoperability
• CND actions within Navy Enterprise
• Testing and implementation unbalanced
34